CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,622 vulnerabilities with CWE-20
CVE-2016-10542 HIGH
WS < 1.1.0 - Denial of Service
CVSS 7.5
CVE-2016-10540 HIGH
minimatch < 3.0.1 - Regular Expression Denial of Service via Pattern Parameter
CVSS 7.5
CVE-2016-10539 HIGH
negotiator < 0.6.0 - Regular Expression Denial of Service via Accept-Language Header
CVSS 7.5
CVE-2016-10521 HIGH
jshamcrest 0.6.7-0.7.0 - Regular Expression Denial of Service in Email Address Validator
CVSS 7.5
CVE-2016-10520 HIGH
jadedown < 0.0.3 - Regular Expression Denial of Service
CVSS 7.5
CVE-2016-9587 HIGH
Ansible < 2.1.4 and < 2.2.1 - Remote Code Execution via Client Fact Data
CVSS 8.1
CVE-2016-10501 CRITICAL
Qualcomm Snapdragon Mobile Wear and Small Cell SoC Firmware - Improper Input Validation in Image Parser
CVSS 9.8
CVE-2016-10492 CRITICAL
Qualcomm Snapdragon Mobile and Wear Firmware - Improper Ciphersuite Validation in SecSSL
CVSS 9.1
CVE-2016-10483 HIGH
Qualcomm Snapdragon Mobile SD 410/12, SD 615/16/SD 415, SD 808, and SD 810 - Unauthorized Memory Access via SCM Command
CVSS 7.5
CVE-2016-10482 CRITICAL
Qualcomm Snapdragon Mobile and Wear Firmware - Denial of Service via Downlink Information Processing
CVSS 9.8
CVE-2016-10469 HIGH
Qualcomm MDM9206 and related firmware - Improper Input Validation in RSA Padding Functions
CVSS 7.5
CVE-2016-10464 HIGH
Qualcomm MDM9206 and Snapdragon Firmware - Denial of Service via HCI H4 UART Packet ID
CVSS 7.5
CVE-2016-10456 CRITICAL
Qualcomm Snapdragon Mobile and Wear Firmware - OS Command Injection via Radish Invalid Interface Name
CVSS 9.8
CVE-2016-10452 CRITICAL
Qualcomm Snapdragon Automobile and Mobile Firmware - Memory Protection Bypass via Out-of-Order TA Termination
CVSS 9.8
CVE-2016-10445 CRITICAL
Qualcomm Snapdragon Firmware - Improper Input Validation in QTEE API Function
CVSS 9.8
CVE-2016-10431 CRITICAL
Qualcomm Mdm9206 Firmware - Improper Input Validation
CVSS 9.8
CVE-2016-9094 HIGH
Symantec Endpoint Protection <14.0 MP1-12.1 RU6 MP7 - Info Disclosure
CVSS 7.8
CVE-2016-9093 HIGH
SymEvent Driver <14.0 - Code Injection
CVSS 7.0
CVE-2016-10235 HIGH
Android - Denial of Service in Qualcomm WiFi Driver
CVSS 7.5
CVE-2016-10718 HIGH
Brave Browser < 0.13.0 - Denial of Service via Tab Closure
CVSS 7.5
CVE-2016-7472 HIGH
F5 BIG-IP ASM 12.1.0-12.1.1 - Denial of Service via Crafted HTTP Request
CVSS 7.5
CVE-2016-8786 HIGH
Huawei S12700 S5700 S6700 S7700 S9700 Firmware - Denial of Service via Malformed RSVP Packet
CVSS 7.5
CVE-2016-8785 MEDIUM
Huawei S12700 V200R007C00-0.8 - Info Disclosure
CVSS 4.3
CVE-2016-9606 HIGH
JBoss RESTEasy < 3.1.2 - Remote Code Execution via YamlProvider Unmarshalling
CVSS 8.1
CVE-2016-8612 MEDIUM
Apache HTTP Server mod_cluster <httpd 2.4.23 - Memory Corruption
CVSS 4.3
Details
Vulnerabilities 12,622
Exploit Likelihood High