CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,622 vulnerabilities with CWE-20
CVE-2017-3283 MEDIUM
Oracle Partner Management 12.1.1-12.1.3 12.2.3-12.2.6 - Unauthenticated Data Manipulation via HTTP
CVSS 4.7
CVE-2017-3280 MEDIUM
Oracle Partner Management 12.1.1-12.1.3 12.2.3-12.2.6 - Unauthenticated Data Manipulation via HTTP
CVSS 4.7
CVE-2017-3273 MEDIUM
Oracle MySQL Server <= 5.6.34 and <= 5.7.16 - Denial of Service in Server DDL
CVSS 6.5
CVE-2017-3258 MEDIUM
Oracle MySQL Server <= 5.5.53, <= 5.6.34, <= 5.7.16 - Denial of Service in Server: DDL
CVSS 6.5
CVE-2017-3256 MEDIUM
Oracle MySQL Server <= 5.7.16 - Denial of Service in Server Replication
CVSS 6.5
CVE-2017-3242 MEDIUM
Oracle VM Server for Sparc 3.2 and 3.4 - Denial of Service via LDOM Manager
CVSS 5.9
CVE-2017-3241 CRITICAL
Oracle Java SE 6u131, 7u121, 8u112; Java SE Embedded 8u111; JRockit R28.3.12 - Remote Code Execution via RMI
CVSS 9.0
CVE-2017-3236 MEDIUM
Oracle FLEXCUBE Universal Banking 11.3.0 11.4.0 12.0.1-12.0.3 12.1.0 12.2.0 - Unauthenticated Data Manipulation via HTTP
CVSS 4.7
CVE-2017-3800 MEDIUM
Cisco Email Security Appliance - Unauthenticated Filter Bypass via Content Scanning Engine
CVSS 5.8
CVE-2017-5371 HIGH
SAP Adaptive Server Enterprise 16 - Denial of Service via OData Server Crafted Requests
CVSS 7.5
CVE-2017-2576 MEDIUM
Moodle < 2.7.17 and 2.7-2.7.18 - Improper Input Validation in Forum Attributes
CVSS 5.3
CVE-2017-0389 HIGH
Android 6.0 6.0.1 7.0 7.1 - Denial of Service via Network Packet
CVSS 7.5
CVE-2017-2947 MEDIUM
Adobe Acrobat and Reader < 11.0.18, 15.006.30244, 15.020.20042 - Security Bypass via Form Data Format Manipulation
CVSS 5.5
CVE-2017-0004 HIGH
Windows Vista SP2, Server 2008 SP2/R2 SP1, 7 SP1 - DoS via Crafted Auth Request
CVSS 7.5
CVE-2017-5217 MEDIUM
Samsung Mobile KK(4.4) L(5.0/5.1) M(6.0) - Denial of Service via Malicious APK Parsing
CVSS 5.5
CVE-2016-9026 CRITICAL
Exponent CMS <2.6.0 - Info Disclosure
CVSS 9.8
CVE-2016-9025 CRITICAL
Exponent CMS <2.6.0 - Info Disclosure
CVSS 9.8
CVE-2016-9023 CRITICAL
Exponent CMS <2.6.0 - Info Disclosure
CVSS 9.8
CVE-2016-9022 CRITICAL
Exponent CMS <2.6.0 - Info Disclosure
CVSS 9.8
CVE-2016-9021 CRITICAL
Exponent CMS <2.6.0 - Info Disclosure
CVSS 9.8
CVE-2016-11067 MEDIUM
Mattermost Server < 3.2.0 - Denial of Service via Crafted Posts
CVSS 5.3
CVE-2016-11040 MEDIUM
Android L - Factory Reset Protection Bypass via USB OTG MyFile
CVSS 4.6
CVE-2016-11032 MEDIUM
Samsung Android M(6.0) - Unauthenticated Denial of Service via Unprotected Intent Broadcast
CVSS 5.3
CVE-2016-11031 HIGH
Samsung Android KK(4.4) L(5.0/5.1) M(6.0) - Denial of Service via AntService
CVSS 7.5
CVE-2016-11053 MEDIUM
Android - Factory Reset Protection Bypass
CVSS 4.6
Details
Vulnerabilities 12,622
Exploit Likelihood High