The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,622 vulnerabilities with CWE-20
CVE-2016-10542
HIGH
WS < 1.1.0 - Denial of Service
CVSS 7.5
CVE-2016-10540
HIGH
minimatch < 3.0.1 - Regular Expression Denial of Service via Pattern Parameter
CVSS 7.5
CVE-2016-10539
HIGH
negotiator < 0.6.0 - Regular Expression Denial of Service via Accept-Language Header
CVSS 7.5
CVE-2016-10521
HIGH
jshamcrest 0.6.7-0.7.0 - Regular Expression Denial of Service in Email Address Validator
CVSS 7.5
CVE-2016-10520
HIGH
jadedown < 0.0.3 - Regular Expression Denial of Service
CVSS 7.5
CVE-2016-9587
HIGH
Ansible < 2.1.4 and < 2.2.1 - Remote Code Execution via Client Fact Data
CVSS 8.1
CVE-2016-10501
CRITICAL
Qualcomm Snapdragon Mobile Wear and Small Cell SoC Firmware - Improper Input Validation in Image Parser
CVSS 9.8
CVE-2016-10492
CRITICAL
Qualcomm Snapdragon Mobile and Wear Firmware - Improper Ciphersuite Validation in SecSSL
CVSS 9.1
CVE-2016-10483
HIGH
Qualcomm Snapdragon Mobile SD 410/12, SD 615/16/SD 415, SD 808, and SD 810 - Unauthorized Memory Access via SCM Command
CVSS 7.5
CVE-2016-10482
CRITICAL
Qualcomm Snapdragon Mobile and Wear Firmware - Denial of Service via Downlink Information Processing
CVSS 9.8
CVE-2016-10469
HIGH
Qualcomm MDM9206 and related firmware - Improper Input Validation in RSA Padding Functions
CVSS 7.5
CVE-2016-10464
HIGH
Qualcomm MDM9206 and Snapdragon Firmware - Denial of Service via HCI H4 UART Packet ID
CVSS 7.5
CVE-2016-10456
CRITICAL
Qualcomm Snapdragon Mobile and Wear Firmware - OS Command Injection via Radish Invalid Interface Name
CVSS 9.8
CVE-2016-10452
CRITICAL
Qualcomm Snapdragon Automobile and Mobile Firmware - Memory Protection Bypass via Out-of-Order TA Termination
CVSS 9.8
CVE-2016-10445
CRITICAL
Qualcomm Snapdragon Firmware - Improper Input Validation in QTEE API Function
CVSS 9.8
CVE-2016-10431
CRITICAL
Qualcomm Mdm9206 Firmware - Improper Input Validation
CVSS 9.8
CVE-2016-9094
HIGH
Symantec Endpoint Protection <14.0 MP1-12.1 RU6 MP7 - Info Disclosure
CVSS 7.8
CVE-2016-9093
HIGH
SymEvent Driver <14.0 - Code Injection
CVSS 7.0
CVE-2016-10235
HIGH
Android - Denial of Service in Qualcomm WiFi Driver
CVSS 7.5
CVE-2016-10718
HIGH
Brave Browser < 0.13.0 - Denial of Service via Tab Closure
CVSS 7.5
CVE-2016-7472
HIGH
F5 BIG-IP ASM 12.1.0-12.1.1 - Denial of Service via Crafted HTTP Request
CVSS 7.5
CVE-2016-8786
HIGH
Huawei S12700 S5700 S6700 S7700 S9700 Firmware - Denial of Service via Malformed RSVP Packet
CVSS 7.5
CVE-2016-8785
MEDIUM
Huawei S12700 V200R007C00-0.8 - Info Disclosure
CVSS 4.3
CVE-2016-9606
HIGH
JBoss RESTEasy < 3.1.2 - Remote Code Execution via YamlProvider Unmarshalling
CVSS 8.1
CVE-2016-8612
MEDIUM
Apache HTTP Server mod_cluster <httpd 2.4.23 - Memory Corruption
CVSS 4.3
Details
Vulnerabilities
12,622
Exploit Likelihood
High