CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,624 vulnerabilities with CWE-20
CVE-2016-5188 MEDIUM
Google Chrome < 54.0.2840.59 - UI Spoofing via Crafted HTML Pages
CVSS 4.3
CVE-2016-5187 MEDIUM
Google Chrome < 54.0.2840.85 for Android - URL Spoofing via Full Screen Mode Transition
CVSS 6.5
CVE-2016-9158 HIGH
SIMATIC S7-300 and S7-400 CPU Families - Denial of Service via Crafted Packets to Port 80
CVSS 7.5
CVE-2016-8822 HIGH
NVIDIA Windows GPU Display Driver - DoS/Privilege Escalation
CVSS 7.8
CVE-2016-8820 MEDIUM
NVIDIA Windows GPU Display Driver - Info Disclosure
CVSS 6.1
CVE-2016-8818 HIGH
NVIDIA Windows GPU Display - Privilege Escalation
CVSS 7.8
CVE-2016-9212 HIGH
Cisco Web Security Appliance - Unauthenticated SSL/TLS Connection Bypass via Decrypt for End-User Notification
CVSS 7.5
CVE-2016-9211 HIGH
Cisco ONS 15454 SDH Multiservice Platform Software - Unauthenticated Denial of Service via TCP Port Management
CVSS 7.5
CVE-2016-9207 MEDIUM
Cisco Expressway - Unauthenticated TCP Connection Initiation via HTTP Traffic Server
CVSS 6.5
CVE-2016-9201 HIGH
Cisco IOS and IOS XE - Unauthenticated Firewall Bypass via Zone-Based Firewall
CVSS 7.5
CVE-2016-9193 HIGH
Cisco Firepower Management Center and FireSIGHT System Software - Malware Detection Bypass via File Policy
CVSS 7.5
CVE-2016-6465 MEDIUM
Cisco Email Security Appliance - Unauthenticated Filter Bypass via Content Filtering
CVSS 4.3
CVE-2016-7952 HIGH
Fedora < 1.2.2 - Improper Access Control
CVSS 7.5
CVE-2016-7949 CRITICAL
X.org libXrender < 0.9.10 - Buffer Overflow in XvQueryAdaptors and XvQueryEncodings
CVSS 9.8
CVE-2016-6712 MEDIUM
Android libvpx - Remote Denial of Service via Specially Crafted File
CVSS 5.5
CVE-2016-6711 MEDIUM
Android < 4.4.4/5.0.2/5.1.1/2016-11-01 - Denial of Service via Crafted File in libvpx
CVSS 5.5
CVE-2016-5691 CRITICAL
ImageMagick <6.9.4.5 & <7.0.1.7 - Info Disclosure
CVSS 9.8
CVE-2016-9863 HIGH
phpMyAdmin 4.6.0-4.6.4 - Denial of Service via Table Partitioning Function
CVSS 7.5
CVE-2016-9860 MEDIUM
phpMyAdmin < 4.0.10.18, 4.4.15.9, 4.6.5 - Unauthenticated DoS via AllowArbitraryServer
CVSS 5.9
CVE-2016-9859 MEDIUM
phpMyAdmin < 4.6.5, < 4.4.15.9, < 4.0.10.18 - Denial of Service via Crafted Import Request Parameter
CVSS 5.3
CVE-2016-9858 MEDIUM
phpMyAdmin < 4.6.5, < 4.4.15.9, < 4.0.10.18 - Denial of Service via Saved Searches Feature
CVSS 5.3
CVE-2016-6630 MEDIUM
phpMyAdmin <4.6.4, <4.4.15.8, <4.0.10.17 - DoS
CVSS 6.5
CVE-2016-6623 MEDIUM
phpMyAdmin <4.6.4, <4.4.15.8, <4.0.10.17 - DoS
CVSS 6.5
CVE-2016-6501 CRITICAL
JFrog Artifactory < 4.10 - Remote Code Execution via LDAP Entry Poisoning
CVSS 9.8
CVE-2016-6496 CRITICAL
Atlassian Crowd <2.8.8 & <2.9.5 - RCE
CVSS 9.8
Details
Vulnerabilities 12,624
Exploit Likelihood High