CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,628 vulnerabilities with CWE-20
CVE-2016-1461 HIGH
Cisco AsyncOS <9.7.0-125 - Auth Bypass
CVSS 7.5
CVE-2016-1463 HIGH
Cisco FireSIGHT System Software - Auth Bypass
CVSS 7.5
CVE-2016-1374 HIGH
Cisco UCS Performance Manager <2.0.0 - Command Injection
CVSS 8.8
CVE-2016-5135 MEDIUM
Google Chrome < 51.0.2704.106 - Content Security Policy Bypass via Referrer Policy Mismatch
CVSS 6.5
CVE-2016-1707 MEDIUM
Google Chrome <52.0.2743.82 - Info Disclosure
CVSS 6.5
CVE-2016-1706 CRITICAL
Google Chrome < 51.0.2704.106 - Sandbox Bypass via PPAPI IPC Message Origin Spoofing
CVSS 9.6
CVE-2016-5874 HIGH
Siemens SIMATIC NET PC-Software <13 SP2 - DoS
CVSS 7.5
CVE-2016-5743 CRITICAL
Siemens SIMATIC WinCC < 7.3 U10/7.4 < U1, BATCH < 8.1 SP1 U9, OpenPCS 7 < 8.1 U3/8.2 < U1 - RCE via Crafted Packets
CVSS 9.8
CVE-2016-6224 LOW
ecryptfs-setup-swap - Info Disclosure
CVSS 3.3
CVE-2016-4641 HIGH
macOS < 10.11.6 - Remote Code Execution and Information Disclosure via Login Window Type Confusion
CVSS 7.3
CVE-2016-4594 HIGH
Apple iOS <9.3.3, macOS <10.11.6, tvOS <9.2.2, watchOS <2.2.2 - Unauthenticated Process List Access
CVSS 7.8
CVE-2016-4590 MEDIUM
Safari < 9.1.2 - Same Origin Policy Bypass via about: URL Mishandling
CVSS 5.4
CVE-2016-2775 MEDIUM
ISC BIND 9.x < 9.9.9-P2, 9.10.x < 9.10.4-P2, 9.11.x < 9.11.0b2 - Denial of Service via Lightweight Resolver Protocol
CVSS 5.9
CVE-2016-4372 CRITICAL
HPE iMC PLAT <7.2 - Remote Code Execution
CVSS 9.8
CVE-2016-1450 HIGH
Cisco WebEx Meetings Server 2.6 - Command Injection
CVSS 7.5
CVE-2016-4974 HIGH
Apache Qpid AMQP JMS Client < 6.0.4 & JMS (AMQP 1.0) < 0.10.0 - RCE via JMS ObjectMessage Deserialization
CVSS 7.5
CVE-2016-5009 MEDIUM
Ceph < 0.94.6 - Authenticated Denial of Service via Crafted Prefix in Monitor Command Handler
CVSS 6.5
CVE-2016-3766 HIGH
Android <4.4.4, <5.0.2, <5.1.1, <2016-07-01 - DoS
CVSS 7.5
CVE-2016-3764 MEDIUM
Android <4.4.4, <5.0.2, <5.1.1, <2016-07-01 - Info Disclosure
CVSS 4.0
CVE-2016-3763 LOW
Android <4.4.4, <5.0.2, <5.1.1, <2016-07-01 - Info Disclosure
CVSS 3.3
CVE-2016-3760 HIGH
Android <5.0.2, <5.1.1, <6 - Privilege Escalation
CVSS 7.5
CVE-2016-3757 HIGH
Android <4.4.4, <5.0.2, <5.1.1, <2016-07-01 - Privilege Escalation
CVSS 7.0
CVE-2016-3756 HIGH
Android <4.4.4, <5.0.2, <5.1.1, <2016-07-01 - DoS
CVSS 7.5
CVE-2016-3755 HIGH
Android 6.x - Denial of Service via Crafted Media File
CVSS 7.5
CVE-2016-3750 HIGH
Android <4.4.4, <5.0.2, <5.1.1, <2016-07-01 - Privilege Escalation
CVSS 7.8
Details
Vulnerabilities 12,628
Exploit Likelihood High