The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,624 vulnerabilities with CWE-20
CVE-2016-5025
MEDIUM
NVIDIA GPU Driver < 341.96 - Denial of Service via NVAPI Parameter Sanitization
CVSS 6.6
CVE-2016-4961
MEDIUM
NVIDIA GeForce Experience - Denial of Service via NVStreamKMS.sys API Parameter
CVSS 5.5
CVE-2016-4960
HIGH
NVIDIA GeForce Experience - Privilege Escalation via NVStreamKMS.sys API
CVSS 7.3
CVE-2016-8870
HIGH
Joomla! < 3.6.3 - Unauthenticated User Account Creation via UsersModelRegistration
CVSS 8.1
CVE-2016-8869
CRITICAL
Joomla! <3.6.4 - Privilege Escalation
CVSS 9.8
CVE-2016-7965
MEDIUM
DokuWiki < 2016-06-26a - Unauthenticated Phishing via HTTP Host Header Manipulation
CVSS 6.5
CVE-2016-8579
MEDIUM
docker2aci <= 0.12.3 - Denial of Service via Cyclic Dependency Chain
CVSS 4.0
CVE-2016-6372
HIGH
Cisco Email Security Appliance - Unauthenticated Filter Bypass via Malformed MIME Headers
CVSS 7.5
CVE-2016-6360
HIGH
Cisco Email Security Appliance and Web Security Appliance - Partial Denial of Service via AMP Process Restart
CVSS 7.5
CVE-2016-6358
HIGH
Cisco Email Security Appliance <= 9.7.1-000 - Unauthenticated Partial Denial of Service via Local FTP
CVSS 7.5
CVE-2016-6356
HIGH
Cisco Email Security Appliance - Denial of Service via Email Message Filtering
CVSS 7.5
CVE-2016-1481
HIGH
Cisco Email Security Appliance < 9.1.1-038, < 9.7.1-066 - Unauthenticated Denial of Service via Message Filter Rules
CVSS 7.5
CVE-2016-6445
CRITICAL
Cisco Meeting Server <2.0.6 & Acano Server <1.8.18/1.9.x - Auth Bypass
CVSS 9.1
CVE-2016-6440
MEDIUM
Cisco Unified Communications Manager - Clickjacking
CVSS 6.5
CVE-2016-6431
HIGH
Cisco Adaptive Security Appliance Software - Denial of Service via Local CA Enrollment Request
CVSS 7.5
CVE-2016-2848
HIGH
ISC BIND 9.1.0-9.8.4-P2 and 9.9.0-9.9.2-P2 - Denial of Service via Malformed OPT Resource Record
CVSS 7.5
CVE-2016-7182
CRITICAL
Microsoft Windows Vista - Remote Code Execution via Crafted True Type Font
CVSS 9.8
CVE-2016-7796
MEDIUM
systemd - Denial of Service via Zero-Length Notify Socket Message
CVSS 5.5
CVE-2016-7795
MEDIUM
Canonical Ubuntu Linux < 231 - Improper Input Validation
CVSS 5.5
CVE-2016-8563
HIGH
Siemens Automation License Manager < 5.3 SP3 Update 1 - Denial of Service via Crafted TCP Packets to Port 4410
CVSS 7.5
CVE-2016-6696
CRITICAL
Android < 7.0 - Denial of Service via Large Negative Data Length in QDSP6v2 Driver
CVSS 9.8
CVE-2016-6694
CRITICAL
Android < 7.0 - Denial of Service via Qualcomm QDSP6v2 Driver Parameter Data
CVSS 9.8
CVE-2016-6693
CRITICAL
Android < 7.0 - Denial of Service via Invalid Data Length in QDSP6v2 Driver
CVSS 9.8
CVE-2016-6674
HIGH
Android < 7.0 - Privilege Escalation via Crafted Application
CVSS 7.8
CVE-2016-3937
HIGH
Android <2016-10-05 - Privilege Escalation
CVSS 7.8
Details
Vulnerabilities
12,624
Exploit Likelihood
High