The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,623 vulnerabilities with CWE-20
CVE-2016-9168
MEDIUM
Novell eDirectory < 9.0.2 - Clickjacking via Missing X-Frame-Options Header
CVSS 6.5
CVE-2016-5755
MEDIUM
NetIQ Access Manager <4.1.2-4.2.2 - CSRF
CVSS 6.5
CVE-2016-4927
HIGH
Junos Space < 15.2 - Man-in-the-Middle via SSH Key Validation Bypass
CVSS 8.1
CVE-2016-6816
HIGH
Apache Tomcat 6.0.0-6.0.47, 7.0.0-7.0.72, 8.0.0.RC1-8.0.38, 8.5.0-8.5.6, 9.0.0.M1-9.0.0.M11 - HTTP Response Injection
CVSS 7.1
CVE-2016-10167
MEDIUM
libgd < 2.2.4 - Denial of Service via Crafted GD2 Image File
CVSS 5.5
CVE-2016-8017
MEDIUM
Intel Security VSEL <2.0.3 - Code Injection
CVSS 4.1
CVE-2016-9727
HIGH
IBM QRadar Incident Forensics - Authenticated Remote Command Execution
CVSS 8.5
CVE-2016-9726
HIGH
IBM QRadar Incident Forensics 7.2 - Authenticated Remote Command Execution
CVSS 8.8
CVE-2016-9693
MEDIUM
IBM Business Process Manager 7.5, 8.0, 8.5 - Unauthenticated Malicious File Download via File Type Restriction Bypass
CVSS 6.1
CVE-2016-6247
MEDIUM
OpenBSD 5.8-5.9 - Denial of Service via Unmount with Open Vnode
CVSS 5.5
CVE-2016-6246
MEDIUM
OpenBSD 5.8 and 5.9 - Denial of Service via tmpfs Mount with VNOVAL in Root Node Metadata
CVSS 4.4
CVE-2016-6243
MEDIUM
OpenBSD 5.8-5.9 - Denial of Service via __thrsleep System Call
CVSS 5.5
CVE-2016-6239
MEDIUM
OpenBSD 5.8-5.9 - Denial of Service via mmap __MAP_NOFAULT Size Handling
CVSS 5.5
CVE-2016-6244
HIGH
OpenBSD 5.9 - Denial of Service via Negative ts.tv_sec Value
CVSS 7.5
CVE-2016-7407
CRITICAL
dropbear_ssh < 2016.73 - Remote Code Execution via Crafted OpenSSH Key File
CVSS 9.8
CVE-2016-7406
CRITICAL
Dropbear SSH < 2016.73 - Remote Code Execution via Format String Specifiers
CVSS 9.8
CVE-2016-10069
MEDIUM
ImageMagick < 6.9.4-5 - Denial of Service via Invalid Number of Frames in MAT File
CVSS 5.5
CVE-2016-10068
MEDIUM
ImageMagick < 6.9.6-4 - Denial of Service via MSL Interpreter XML Parsing
CVSS 5.5
CVE-2016-10228
MEDIUM
glibc < 2.25 - Denial of Service via Iconv Invalid Multi-Byte Input
CVSS 5.9
CVE-2016-9830
MEDIUM
GraphicsMagick 1.3.25 - Denial of Service via Large JPEG Image Dimensions
CVSS 5.5
CVE-2016-5240
MEDIUM
GraphicsMagick < 1.3.23 - Denial of Service via Circularly Defined SVG File
CVSS 5.5
CVE-2016-9009
LOW
IBM WebSphere MQ 8.0 - Authenticated Denial of Service via Cluster Object Creation
CVSS 3.1
CVE-2016-7742
HIGH
macOS < 10.12.2 - Remote Code Execution in xar Component via Crafted Archive
CVSS 7.8
CVE-2016-7667
HIGH
Apple Iphone OS < 10.1.1 - Improper Input Validation
CVSS 7.5
CVE-2016-7665
MEDIUM
iPhone OS < 10.2 - Denial of Service via Crafted Video in Graphics Driver
CVSS 5.5
Details
Vulnerabilities
12,623
Exploit Likelihood
High