The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,623 vulnerabilities with CWE-20
CVE-2016-9278
MEDIUM
Samsung Exynos fimg2d Driver - Denial of Service via Crafted ioctl Command
CVSS 5.5
CVE-2016-7998
HIGH
SPIP < 3.1.2 - Authenticated Remote Code Execution via Crafted INCLUDE/INCLURE Tag
CVSS 8.8
CVE-2016-7434
HIGH
NTP 4.3.0-4.3.94 - Denial of Service via Crafted MRU List Query
CVSS 7.5
CVE-2016-7431
MEDIUM
NTP - Origin Timestamp Protection Mechanism Bypass via Zero Timestamp
CVSS 5.3
CVE-2016-7791
CRITICAL
Exponent CMS 2.3.9 - Remote Code Execution via Install Sample Extraction
CVSS 9.8
CVE-2016-7790
CRITICAL
Exponent CMS 2.3.9 - Remote Code Execution via File Upload and Config Overwrite
CVSS 9.8
CVE-2016-8442
HIGH
Android Kernel 3.18 - Memory Corruption
CVSS 7.8
CVE-2016-8437
CRITICAL
Android Kernel <3.18 - Info Disclosure
CVSS 9.8
CVE-2016-9444
HIGH
ISC BIND 9.x < 9.9.9-P5, 9.10.x < 9.10.4-P5, 9.11.x < 9.11.0-P2 - Denial of Service via Crafted DS Resource Record
CVSS 7.5
CVE-2016-9147
HIGH
ISC BIND 9.9.9-P4 9.9.9-S6 9.10.4-P4 9.11.0-P1 - Denial of Service via DNSSEC RRset Inconsistency
CVSS 7.5
CVE-2016-9131
HIGH
ISC BIND <9.9.9-P5, 9.10.x <9.10.4-P5, 9.11.x <9.11.0-P2 - DoS
CVSS 7.5
CVE-2016-9247
MEDIUM
F5 BIG-IP - Denial of Service via Malformed Packet Sequence in FastL4 and TCP Analytics
CVSS 5.9
CVE-2016-8106
MEDIUM
Intel Ethernet Controller <5.05 - DoS
CVSS 5.9
CVE-2016-4329
MEDIUM
Kaspersky Anti-Virus - Local Denial of Service via Window Broadcast Message Handling
CVSS 5.5
CVE-2016-1547
MEDIUM
NTP < 4.2.8p4 / NTPSec < a5fb34b - DoS via Spoofed Crypto NAK
CVSS 5.3
CVE-2016-5024
MEDIUM
F5 BIG-IP 11.6.1-12.1.x - Denial of Service via RADIUS Message Parsing
CVSS 5.9
CVE-2016-10100
MEDIUM
Borg < 1.0.8 - Archive Overwrite via Manifest Recovery
CVSS 5.3
CVE-2016-9224
MEDIUM
Cisco Jabber Guest Server 10.6(9) - Unauthenticated Server-Side Request Forgery
CVSS 6.5
CVE-2016-8595
MEDIUM
FFmpeg < 3.1.5 - Denial of Service via Crafted AVI File
CVSS 5.5
CVE-2016-7785
MEDIUM
FFmpeg < 3.1.3 - Denial of Service via Crafted AVI File
CVSS 5.5
CVE-2016-9179
HIGH
lynx - Server-Side Request Forgery via URL Authority Parsing
CVSS 7.5
CVE-2016-7267
MEDIUM
Microsoft Excel 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 - Remote Code Execution via Crafted Document
CVSS 5.5
CVE-2016-7266
HIGH
Microsoft Excel 2007-2016 & Compatibility Pack - Remote Code Execution via Embedded Content
CVSS 7.8
CVE-2016-5193
MEDIUM
Google Chrome < 54.0 for iOS - URL Validation Bypass via DOM Window Navigation
CVSS 4.3
CVE-2016-5188
MEDIUM
Google Chrome < 54.0.2840.59 - UI Spoofing via Crafted HTML Pages
CVSS 4.3
Details
Vulnerabilities
12,623
Exploit Likelihood
High