The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,624 vulnerabilities with CWE-20
CVE-2016-6396
MEDIUM
Cisco FireSIGHT System Software < 6.1 - Malware Detection Bypass via HTTP Header Field Manipulation
CVSS 5.3
CVE-2016-4852
MEDIUM
YoruFukurou < 2.84 - Denial of Service via Emoji Skin-Tone Modifier
CVSS 6.5
CVE-2016-7129
CRITICAL
PHP < 5.6.25 and 7.x < 7.0.10 - Denial of Service via Invalid ISO 8601 Time in WDDX Deserialization
CVSS 9.8
CVE-2016-1277
MEDIUM
Juniper Junos OS DoS via Crafted ICMP Packet
CVSS 5.9
CVE-2016-1263
HIGH
Juniper Junos OS Multiple Versions - DoS via Crafted UDP Packet
CVSS 7.5
CVE-2016-1464
HIGH
Cisco WebEx Meetings Player T29.10 - RCE
CVSS 7.8
CVE-2016-5879
HIGH
IBM MQ Appliance M2000 and M2001 - OS Command Injection via MQCLI Disaster Recovery or High Availability Command
CVSS 8.8
CVE-2016-1472
HIGH
Cisco Small Business 220 <1.0.1.1 - DoS
CVSS 7.5
CVE-2016-5675
CRITICAL
NETGEAR ReadyNAS Surveillance 1.1.1-1.4.1 - Remote Code Execution via NTPServer Parameter
CVSS 9.8
CVE-2016-5674
CRITICAL
NETGEAR ReadyNAS Surveillance 1.1.1-1.4.1 & NUUO NVRmini2/NVRsolo 1.7.5-3.0.0 - RCE via __debugging_center_utils___.php
CVSS 9.8
CVE-2016-1484
HIGH
Cisco WebEx Meetings Server 2.6 - Auth Bypass
CVSS 7.5
CVE-2016-6361
MEDIUM
Cisco Aironet <8.2.121.0-8.3.102.0 - DoS
CVSS 6.5
CVE-2016-1479
HIGH
Cisco IP Phone 8800 <11.0(1) - Memory Corruption
CVSS 7.5
CVE-2016-1365
HIGH
Cisco APIC-EM <1.0 - Command Injection
CVSS 8.8
CVE-2016-3304
HIGH
Microsoft Windows and Office - Remote Code Execution via Crafted Embedded Font
CVSS 7.8
CVE-2016-3303
HIGH
Microsoft Windows and Office Products - Remote Code Execution via Crafted Embedded Font
CVSS 7.8
CVE-2016-3301
HIGH
Microsoft Windows and Office - Remote Code Execution via Crafted Embedded Font
CVSS 7.8
CVE-2016-0281
LOW
IBM AIX and VIOS - Denial of Service via Crafted Packets to mustendd Driver
CVSS 3.7
CVE-2016-1478
HIGH
Cisco IOS 15.5(3)S3 15.6(1)S2 15.6(2)S1 15.6(2)T1 - Denial of Service via NTP Packet Processing
CVSS 7.5
CVE-2016-1430
HIGH
Cisco RV180-Root - Command Injection
CVSS 8.8
CVE-2016-6515
HIGH
OpenSSH < 7.3 - Denial of Service via Long Password String
CVSS 7.5
CVE-2016-5340
HIGH
Android < 7.0 and Linux Kernel 3.0-3.19.8 - Improper Input Validation in ashmem File Handling
CVSS 7.8
CVE-2016-5141
HIGH
Google Chrome < 52.0.2743.82 - Address Bar Spoofing via Provisional URL Handling
CVSS 7.5
CVE-2016-5358
MEDIUM
Wireshark 2.x < 2.0.4 - Denial of Service via Crafted Ethernet Packet
CVSS 5.9
CVE-2016-5357
MEDIUM
Wireshark 1.12.x < 1.12.12 and 2.x < 2.0.4 - Denial of Service in NetScreen File Parser
CVSS 5.9
Details
Vulnerabilities
12,624
Exploit Likelihood
High