The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,624 vulnerabilities with CWE-20
CVE-2016-3936
HIGH
Android <2016-10-05 - Privilege Escalation
CVSS 7.8
CVE-2016-3920
MEDIUM
Android <5.0.2, <5.1.1, <=2016-10-01 - DoS
CVSS 5.5
CVE-2016-6433
HIGH
Cisco Firepower Mgmt Cntr <6.0.1 - RCE
CVSS 8.8
CVE-2016-6422
HIGH
Cisco IOS 12.2(33)SXJ9 - Auth Bypass
CVSS 7.5
CVE-2016-1454
MEDIUM
Cisco NX-OS 4.0-7.3 and 11.0-11.2 - Denial of Service via Crafted BGP UPDATE Message
CVSS 6.5
CVE-2016-6426
HIGH
Cisco Unified Contact Center Express & Unified Intelligence Center - Unauthenticated Account Creation
CVSS 7.5
CVE-2016-6380
HIGH
Cisco IOS <12.4 & <15.6 - Info Disclosure/DoS
CVSS 8.1
CVE-2016-6379
HIGH
Cisco IOS 12.2 and IOS XE 3.14-3.16 and 16.1 - Denial of Service via Crafted IPDR Packets
CVSS 7.5
CVE-2016-6384
HIGH
Cisco IOS 12.2-12.4 and 15.0-15.6 and IOS XE 3.1-3.17 and 16.2 - Denial of Service via H.323 Message
CVSS 7.5
CVE-2016-7907
MEDIUM
QEMU < 2.8.1.1 - Denial of Service via Crafted Buffer Descriptor in imx_fec_do_tx
CVSS 4.4
CVE-2016-6646
CRITICAL
EMC Unisphere for VMAX Virtual Appliance <8.3.0 - RCE
CVSS 9.8
CVE-2016-6645
HIGH
EMC Unisphere for VMAX Virtual Appliance <8.3.0 - Authenticated RCE
CVSS 8.8
CVE-2016-0913
CRITICAL
EMC Replication Manager <5.5.3.0_01-PatchHotfix - Command Injection
CVSS 9.8
CVE-2016-8278
HIGH
Huawei USG9520-9580 - DoS
CVSS 7.5
CVE-2016-8277
MEDIUM
Huawei USG9520-9580 - DoS
CVSS 6.5
CVE-2016-1244
HIGH
unADF - Remote Code Execution via Shell Metacharacters in Directory Name
CVSS 8.8
CVE-2016-1240
HIGH
Apache Tomcat on Ubuntu Log Init Privilege Escalation
CVSS 7.8
CVE-2016-2776
HIGH
Oracle Linux < 9.9.9 - Improper Input Validation
CVSS 7.5
CVE-2016-6305
HIGH
OpenSSL 1.1.0 - Denial of Service via Zero-Length Record in SSL_peek
CVSS 7.5
CVE-2016-6901
MEDIUM
Huawei AR and NetEngine 16EX Firmware - Authenticated Denial of Service via Format String Specifiers
CVSS 6.5
CVE-2016-6153
MEDIUM
SQLite < 3.13.0 - Denial of Service via Temporary Directory Search Algorithm
CVSS 5.9
CVE-2016-4972
CRITICAL
OpenStack Murano < 1.0.3 and 2.x < 2.0.1 - Remote Code Execution via YAML Loader Inheritance
CVSS 9.8
CVE-2016-7162
HIGH
Canonical Ubuntu Linux - Improper Input Validation
CVSS 7.5
CVE-2016-3110
HIGH
Redhat Jboss Enterprise Application P... - Improper Input Validation
CVSS 7.5
CVE-2016-5947
MEDIUM
IBM Spectrum Control <5.2.11 - CSRF
CVSS 5.7
Details
Vulnerabilities
12,624
Exploit Likelihood
High