CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,623 vulnerabilities with CWE-20
CVE-2016-4862 HIGH
CS-Cart < 4.3.9 - Authenticated Remote Code Execution via Twigmo
CVSS 8.8
CVE-2016-4868 MEDIUM
Cybozu Office 9.0.0-10.4.0 - Email Header Injection
CVSS 4.3
CVE-2016-4899 CRITICAL
NovaBACKUP DataCenter - Remote Code Execution in Datamover Module
CVSS 9.8
CVE-2016-4898 CRITICAL
NovaBACKUP DataCenter - Remote Code Execution in Datamover Module
CVSS 9.8
CVE-2016-2567 LOW
Samsung Galaxy S6 and Note 3 Firmware - URL Filter Bypass via Query String Exceptional URL
CVSS 3.3
CVE-2016-7958 HIGH
Wireshark 2.2.0 - Denial of Service in NCP Dissector
CVSS 7.5
CVE-2016-7957 HIGH
Wireshark 2.2.0 - Denial of Service in Bluetooth L2CAP Dissector
CVSS 7.5
CVE-2016-7467 MEDIUM
F5 BIG-IP APM 12.0.0-12.1.1, 11.6.0-11.6.1 HF1, 11.5.4-11.5.4 HF2 - DoS via Malformed SAML Auth Request
CVSS 5.3
CVE-2016-6878 CRITICAL
Botan < 1.11.30 - Undefined Behavior in Curve25519 on 32-bit ARM
CVSS 9.8
CVE-2016-1517 MEDIUM
OpenCV 3.0.0 - Denial of Service via Corrupt Chunks
CVSS 5.5
CVE-2016-9219 HIGH
Cisco Wireless LAN Controller - DoS
CVSS 7.5
CVE-2016-10222 HIGH
Safari - Denial of Service via JSON.stringify Type Confusion
CVSS 7.5
CVE-2016-8796 HIGH
Huawei USG9520, USG9560, USG9580 V300R001C01 - Unauthenticated Denial of Service via DHCP Request Packet
CVSS 7.5
CVE-2016-8773 HIGH
Huawei - Multiple Products - Path Traversal
CVSS 7.5
CVE-2016-8764 MEDIUM
Huawei P9 <EVA-AL10C00B352 - Memory Corruption
CVSS 6.4
CVE-2016-8762 MEDIUM
Huawei P9, P9 Lite, P8 Lite - Denial of Service via TrustZone Driver Input Validation
CVSS 5.0
CVE-2016-8758 MEDIUM
Huawei Mate8 Firmware <= NXT-AL10C00B561 - Denial of Service in ION Memory Management Module
CVSS 5.5
CVE-2016-8756 MEDIUM
Huawei Mate 8 Firmware <= NXT-AL10C00B197 - Denial of Service in ION Memory Management
CVSS 5.5
CVE-2016-8275 MEDIUM
Huawei AnyOffice V200R006C00 - Authenticated Denial of Service via XML Bomb Upload
CVSS 6.5
CVE-2016-8273 HIGH
Huawei PC client software HiSuite 4.0.5.300_OVE - Info Disclosure
CVSS 7.8
CVE-2016-6560 HIGH
illumos osnet-incorporation < 0.5.11,5.11-2016.0.1.15933 - DoS via Signed to Unsigned Conversion in bcopy() and bzero()
CVSS 8.6
CVE-2016-6206 CRITICAL
Huawei AR3200 <V200R007C00SPC600 - RCE/DoS
CVSS 9.8
CVE-2016-9395 MEDIUM
JasPer < 1.900.24 - Denial of Service via Crafted File in jas_seq2d_create
CVSS 5.5
CVE-2016-9394 MEDIUM
jasper < 1.900.16 - Denial of Service via Crafted File in jas_seq2d_create
CVSS 5.5
CVE-2016-9390 MEDIUM
jasper < 1.900.13 - Denial of Service via Crafted Image File
CVSS 5.5
Details
Vulnerabilities 12,623
Exploit Likelihood High