CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,628 vulnerabilities with CWE-20
CVE-2016-5340 HIGH
Android < 7.0 and Linux Kernel 3.0-3.19.8 - Improper Input Validation in ashmem File Handling
CVSS 7.8
CVE-2016-5141 HIGH
Google Chrome < 52.0.2743.82 - Address Bar Spoofing via Provisional URL Handling
CVSS 7.5
CVE-2016-5358 MEDIUM
Wireshark 2.x < 2.0.4 - Denial of Service via Crafted Ethernet Packet
CVSS 5.9
CVE-2016-5357 MEDIUM
Wireshark 1.12.x < 1.12.12 and 2.x < 2.0.4 - Denial of Service in NetScreen File Parser
CVSS 5.9
CVE-2016-5355 MEDIUM
Wireshark 1.12.x < 1.12.12 and 2.x < 2.0.4 - Denial of Service in Toshiba File Parser
CVSS 5.9
CVE-2016-5353 MEDIUM
Wireshark 1.12.x < 1.12.12 and 2.x < 2.0.4 - Denial of Service in UMTS FP Dissector
CVSS 5.9
CVE-2016-5351 MEDIUM
Wireshark 1.12.x < 1.12.12 and 2.x < 2.0.4 - Denial of Service via EAPOL_RSN_KEY Handling
CVSS 5.9
CVE-2016-6128 HIGH
GD Graphics Library <2.2.3 - DoS
CVSS 7.5
CVE-2016-6512 MEDIUM
Wireshark 2.x < 2.0.5 - Denial of Service via Crafted Packet in MMSE/WAP/WBXML/WSP Dissectors
CVSS 5.9
CVE-2016-6509 MEDIUM
Wireshark 1.12.x < 1.12.13 and 2.x < 2.0.5 - Denial of Service in LDSS Dissector
CVSS 5.9
CVE-2016-6503 MEDIUM
Wireshark 2.x < 2.0.5 - Denial of Service via CORBA IDL Dissector
CVSS 5.9
CVE-2016-6197 MEDIUM
Linux Kernel < 4.6 - Denial of Service via OverlayFS Rename Self-Hardlink
CVSS 5.5
CVE-2016-6162 HIGH
Linux Kernel 4.7-rc6 - Denial of Service via IPv6 Socket Operations
CVSS 7.8
CVE-2016-3831 HIGH
Android <4.4.4, <5.0.2, <5.1.1, <2016-08-01 - DoS
CVSS 7.5
CVE-2016-3830 MEDIUM
Android <4.4.4, <5.0.2, <5.1.1, <2016-08-01 - DoS
CVSS 5.5
CVE-2016-3826 HIGH
Android <4.4.4, <5.0.2, <5.1.1, <2016-08-01 - Privilege Escalation
CVSS 7.8
CVE-2016-6148 HIGH
SAP HANA DB <1.00.73.00.389160 - DoS/RCE
CVSS 7.5
CVE-2016-5267 MEDIUM
Firefox < 48.0 on Android - Address Bar Spoofing via Left-to-Right Character Injection
CVSS 5.3
CVE-2016-5251 MEDIUM
Firefox < 47.0.1 - Location Bar Spoofing via Crafted Media Type in data: URL
CVSS 4.3
CVE-2016-2839 MEDIUM
Firefox < 48.0 and Firefox ESR 45.x < 45.3 - Denial of Service via Crafted Video
CVSS 6.5
CVE-2016-6259 MEDIUM
Xen 4.5.x-4.7.x - Denial of Service via 32-bit Exception Event Delivery
CVSS 6.2
CVE-2016-6178 CRITICAL
Huawei NE40E/CX600 <V800R007SPH017, PTN 6900-2-M8 <V800R007SPH019, ...
CVSS 9.8
CVE-2016-1712 HIGH
Palo Alto Networks PAN-OS <7.0.8 - Privilege Escalation
CVSS 7.8
CVE-2016-3737 CRITICAL
Red Hat JBoss Operations Network <3.3.6 - Code Injection
CVSS 9.8
CVE-2016-5672 HIGH
Intel Crosswalk <22.51.549.0 - Info Disclosure
CVSS 8.1
Details
Vulnerabilities 12,628
Exploit Likelihood High