CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,622 vulnerabilities with CWE-20
CVE-2017-0318 MEDIUM
NVIDIA Linux GPU Display Driver - Denial of Service via Kernel Mode Layer Handler
CVSS 5.5
CVE-2017-0312 HIGH
NVIDIA Windows GPU Display Driver - Denial of Service or Privilege Escalation via DxgkDdiEscapeID 0x100008b
CVSS 7.8
CVE-2017-3896 MEDIUM
Intel Security McAfee Agent <5.0.4.449 - Unvalidated Parameter
CVSS 5.9
CVE-2017-5858 MEDIUM
converse.js 0.8.0-1.0.6 2.0.0-2.0.4 - User Impersonation via XEP-0280 Message Carbons
CVSS 5.9
CVE-2017-5606 MEDIUM
Xabber < 1.0.30 - Unauthenticated User Impersonation via XEP-0280 Message Carbons
CVSS 5.9
CVE-2017-5605 MEDIUM
Movim 0.8-0.10 - Unauthenticated User Impersonation via XEP-0280 Message Carbons
CVSS 5.9
CVE-2017-5604 MEDIUM
mcabber 1.0.0-1.0.4 - Unauthenticated User Impersonation via XEP-0280 Message Carbons
CVSS 5.9
CVE-2017-5603 MEDIUM
Jitsi 2.5.5061-2.9.5544 - Remote User Impersonation via XEP-0280 Message Carbons
CVSS 5.9
CVE-2017-5602 MEDIUM
jappix 1.0.0-1.1.6 - Remote User Impersonation via XEP-0280 Message Carbons
CVSS 5.9
CVE-2017-5593 MEDIUM
Psi+ 0.16.563.580-0.16.571.627 - User Impersonation via XEP-0280 Message Carbons
CVSS 5.9
CVE-2017-5592 MEDIUM
profanity 0.4.7-0.5.0 - Remote User Impersonation via XEP-0280 Message Carbons
CVSS 5.9
CVE-2017-5591 MEDIUM
SleekXMPP < 1.3.1 and Slixmpp < 1.2.3 - Remote User Impersonation via XEP-0280 Message Carbons
CVSS 5.9
CVE-2017-5590 MEDIUM
ChatSecure 3.2.0-4.0.0 and Zom < 1.0.11 - User Impersonation via XEP-0280 Message Carbons
CVSS 5.9
CVE-2017-5589 MEDIUM
yaxim bruno 0.8.6-0.8.8 - Remote User Impersonation via XEP-0280 Message Carbons
CVSS 5.9
CVE-2017-0422 HIGH
Android 4.4.4 5.0.2 5.1.1 6.0 6.0.1 7.0 7.1.1 - Denial of Service via Bionic DNS
CVSS 7.5
CVE-2017-5880 MEDIUM
Splunk Enterprise 5.0.x-6.5.x and Splunk Light < 6.5.2 - Authenticated Denial of Service via Crafted GET Request
CVSS 6.5
CVE-2017-3822 MEDIUM
Cisco Firepower Threat Defense 6.1.x - Unauthenticated Arbitrary Audit Log Entry via Logging Subsystem
CVSS 5.3
CVE-2017-3818 MEDIUM
Cisco Email Security Appliance Firmware < 9.7.1-066 - Unauthenticated Malformed MIME Header Filtering Bypass
CVSS 5.8
CVE-2017-3814 MEDIUM
Cisco Firepower System Software - Auth Bypass
CVSS 5.8
CVE-2017-3809 MEDIUM
Cisco Firepower Management Center - DoS
CVSS 5.8
CVE-2017-3792 CRITICAL
Cisco TelePresence MCU Software - RCE/DoS
CVSS 9.8
CVE-2017-3790 HIGH
Cisco Expressway Series/Cisco VCS - DoS
CVSS 8.6
CVE-2017-3323 LOW
Oracle MySQL Cluster <= 7.2.25, <= 7.3.14, <= 7.4.12 - Unauthenticated Partial Denial of Service via Multiple Protocols
CVSS 3.7
CVE-2017-3321 LOW
Oracle MySQL Cluster <= 7.2.19, <= 7.3.8, <= 7.4.5 - Unauthenticated Partial Denial of Service
CVSS 3.7
CVE-2017-3316 HIGH
Oracle VM VirtualBox < 5.0.32 and < 5.1.14 - Remote Code Execution via GUI Subcomponent
CVSS 8.4
Details
Vulnerabilities 12,622
Exploit Likelihood High