CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,622 vulnerabilities with CWE-20
CVE-2017-0488 MEDIUM
Android 6.0 6.0.1 7.0 7.1.1 - Denial of Service via Mediaserver Crafted File
CVSS 5.5
CVE-2017-0484 MEDIUM
Android 6.0 6.0.1 7.0 7.1.1 - Denial of Service via Mediaserver Crafted File
CVSS 5.5
CVE-2017-0483 MEDIUM
Android 5.0.2 5.1.1 6.0 6.0.1 7.0 7.1.1 - Denial of Service via Mediaserver
CVSS 5.5
CVE-2017-0475 HIGH
Android 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 - Local Privilege Escalation via Recovery Verifier
CVSS 7.8
CVE-2017-0463 HIGH
Linux Kernel - Elevation of Privilege via Qualcomm Networking Driver
CVSS 7.0
CVE-2017-0458 HIGH
Linux Kernel >= 3.18 - Elevation of Privilege via Qualcomm Camera Driver
CVSS 7.0
CVE-2017-6504 MEDIUM
qBittorrent < 3.3.10 - Clickjacking via Missing X-Frame-Options Header
CVSS 6.1
CVE-2017-6498 MEDIUM
ImageMagick 6.9.7 - Denial of Service via Malformed TGA File
CVSS 5.5
CVE-2017-6473 HIGH
Wireshark 2.0.0-2.0.10 and 2.2.0-2.2.4 - Denial of Service in K12 File Parser
CVSS 7.5
CVE-2017-6471 HIGH
Wireshark 2.0.0-2.0.10 and 2.2.0-2.2.4 - Denial of Service via WSP Capability Length Validation
CVSS 7.5
CVE-2017-6469 HIGH
Wireshark 2.0.0-2.0.10 and 2.2.0-2.2.4 - Denial of Service in LDSS Dissector
CVSS 7.5
CVE-2017-6468 HIGH
Wireshark 2.0.0-2.0.10 and 2.2.0-2.2.4 - Denial of Service in NetScaler File Parser
CVSS 7.5
CVE-2017-3826 HIGH
Cisco NetFlow Generation Appliance <1.1(1a) - DoS
CVSS 7.5
CVE-2017-6345 HIGH
Linux Kernel < 4.9.13 - Denial of Service in LLC Subsystem
CVSS 7.8
CVE-2017-6188 MEDIUM
munin < 2.999.6 - Arbitrary File Write via CGI Graph Upper Limit Parameter
CVSS 5.5
CVE-2017-5586 CRITICAL
OpenText Documentum D2 4.x - Remote Code Execution via Deserialization
CVSS 9.8
CVE-2017-3844 MEDIUM
Cisco Prime Collaboration Assurance <11.0 - Info Disclosure
CVSS 4.3
CVE-2017-3843 MEDIUM
Cisco Prime Collaboration Assurance - Privilege Escalation
CVSS 4.3
CVE-2017-3837 HIGH
Cisco Meeting Server - Info Disclosure/DoS
CVSS 8.1
CVE-2017-3830 HIGH
Cisco Meeting Server 2.1 - Unauthenticated Denial of Service via Internal API
CVSS 7.5
CVE-2017-3827 MEDIUM
Cisco AsyncOS Software for Cisco ESA and WSA - Unauthenticated Filter Bypass via MIME Scanner
CVSS 5.8
CVE-2017-6078 MEDIUM
FastStone MaxView 3.0 and 3.1 - Denial of Service via Malformed BMP Image
CVSS 5.5
CVE-2017-2371 MEDIUM
iPhone OS < 10.2.1 - Remote Popup Launch via WebKit
CVSS 6.5
CVE-2017-2368 MEDIUM
iPhone OS < 10.2.1 - Denial of Service in Contacts Component via Crafted Contact Card
CVSS 5.5
CVE-2017-2351 LOW
iPhone OS < 10.2.1 - Activation-Lock Bypass via WiFi Component
CVSS 2.4
Details
Vulnerabilities 12,622
Exploit Likelihood High