The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,628 vulnerabilities with CWE-20
CVE-2016-1438
HIGH
Cisco AsyncOS 9.7.0-125 - Auth Bypass
CVSS 7.5
CVE-2016-1434
MEDIUM
Cisco 8800 <11.0(1) - File Deletion
CVSS 6.5
CVE-2016-4530
MEDIUM
OSIsoft PI SQL Data Access Server 2016 1.5 - Authenticated Denial of Service via Crafted Message
CVSS 6.5
CVE-2016-4518
MEDIUM
OSIsoft PI AF Server < 2.7.0 - Authenticated Denial of Service via Crafted Message
CVSS 6.5
CVE-2016-1395
CRITICAL
Cisco RV110W <1.2.1.7, RV130W <1.0.3.16, RV215W <1.3.0.8 - RCE
CVSS 9.8
CVE-2016-5433
MEDIUM
Citrix iOS Receiver < 6.1.5 - TLS Certificate Validation Bypass
CVSS 6.1
CVE-2016-2841
MEDIUM
QEMU < 2.5.1 - Denial of Service via NE2000 NIC Ring Buffer Control
CVSS 6.0
CVE-2016-5361
HIGH
libreswan < 3.16 - Denial of Service via Spoofed UDP Packet Retransmission
CVSS 7.5
CVE-2016-4165
CRITICAL
Adobe Brackets <1.7 - Info Disclosure
CVSS 9.8
CVE-2016-3230
MEDIUM
Windows Search Component - Denial of Service via Crafted Application
CVSS 5.0
CVE-2016-3228
HIGH
Windows Server 2008 SP2/R2 SP1 and 2012 Gold/R2 - Authenticated Remote Code Execution via NetLogon Request
CVSS 8.8
CVE-2016-3207
HIGH
Microsoft JScript and VBScript - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-3206
HIGH
Microsoft JScript and VBScript - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-3205
HIGH
Microsoft JScript and VBScript - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-3203
HIGH
Microsoft Edge and Windows - Remote Code Execution via Crafted PDF Document
CVSS 7.8
CVE-2016-3202
HIGH
Microsoft Chakra JavaScript, JScript, and VBScript - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-0025
HIGH
Microsoft Office - Remote Code Execution via Crafted Office Document
CVSS 7.3
CVE-2016-4579
HIGH
Libksba < 1.3.4 - Denial of Service via BER Parser Length Handling
CVSS 7.5
CVE-2016-4353
HIGH
Libksba < 1.3.3 - Denial of Service via Crafted BER Data
CVSS 7.5
CVE-2016-1542
HIGH
BMC BladeLogic Server Automation <8.7 - Auth Bypass
CVSS 7.5
CVE-2016-2495
MEDIUM
Android 4.x-5.1.x and 6.x < 2016-06-01 - Denial of Service via Crafted File in libstagefright
CVSS 5.5
CVE-2016-2487
HIGH
Android libstagefright - Privilege Escalation via Crafted Application
CVSS 7.8
CVE-2016-2486
HIGH
Android < 4.4.4/5.0.2/5.1.1/2016-06-01 Privilege Escalation via libstagefright MP3 Frame Size Mismatch
CVSS 7.8
CVE-2016-2480
HIGH
Android < 4.4.4, 5.0.x < 5.0.2, 5.1.x < 5.1.1, 6.x < 2016-06-01 - Privilege Escalation via OMX Parameter Data Structure
CVSS 7.8
CVE-2016-2478
HIGH
Android < 2016-06-01 - Privilege Escalation via Pointer Mishandling in mm-video-v4l2
CVSS 7.8
Details
Vulnerabilities
12,628
Exploit Likelihood
High