The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,628 vulnerabilities with CWE-20
CVE-2016-2477
HIGH
Android < 4.4.4, 5.0.x < 5.0.2, 5.1.x < 5.1.1, 6.x < 2016-06-01 - Privilege Escalation via Pointer Mishandling
CVSS 7.8
CVE-2016-2475
HIGH
Android < 6.0.1 - Privilege Escalation via Broadcom Wi-Fi Driver
CVSS 7.8
CVE-2016-2464
HIGH
Android libvpx < 2016-06-01 - Remote Code Execution via Crafted MKV File
CVSS 7.8
CVE-2016-3706
HIGH
GNU C Library - Buffer Overflow
CVSS 7.5
CVE-2016-2786
CRITICAL
Puppet Agent < 1.3.6 and Puppet Enterprise < 2015.3.3 - Remote Code Execution via Spoofed Broker Certificate
CVSS 9.8
CVE-2016-1419
HIGH
Cisco Access Point <8.2(102.43) - DoS
CVSS 8.1
CVE-2016-4449
HIGH
Debian Linux < 2.9.3 - Improper Input Validation
CVSS 7.1
CVE-2016-4368
CRITICAL
HPE Universal CMDB 10.0-10.21 - Remote Code Execution via Deserialization
CVSS 9.8
CVE-2016-1418
HIGH
Cisco Aironet Access Point Software <8.2(100.0) - Privilege Escalation
CVSS 7.8
CVE-2016-4545
HIGH
F5 BIG-IP 11.5.4 - Denial of Service via SSL Alert During Handshake
CVSS 7.5
CVE-2016-3093
MEDIUM
Apache Struts 2.0.0-2.3.24.1 - Denial of Service via OGNL Method Reference Caching
CVSS 5.3
CVE-2016-3087
CRITICAL
Apache Struts 2.3.19-2.3.20.2, 2.3.21-2.3.24.1, 2.3.25-2.3.28 - Remote Code Execution
CVSS 9.8
CVE-2016-1403
HIGH
CISCO IP 8800 <11.0.1 - Privilege Escalation
CVSS 7.8
CVE-2016-1391
HIGH
Cisco Prime Network Analysis Module < 6.1(1) patch.6.1-2-final and 6.2.x < 6.2(2) - Authenticated RCE via HTTP Request
CVSS 8.8
CVE-2016-1390
HIGH
Cisco Prime NAM <6.1.1 - Privilege Escalation
CVSS 7.8
CVE-2016-3944
HIGH
Lenovo Accelerator Application - Remote Code Execution via Spoofed Update Response
CVSS 7.5
CVE-2016-0363
HIGH
IBM SDK Java Technology Edition <6.0.16.25-8.0.3.0 - Remote Code Execution
CVSS 8.1
CVE-2016-1370
MEDIUM
Cisco Prime Network Analysis Module < 6.2(1-b) - Denial of Service via IPv6 Payload Length Miscalculations
CVSS 5.3
CVE-2016-3094
MEDIUM
Apache Qpid Broker-J < 6.0.2 and qpid-broker < 6.0.3 - Denial of Service via Crafted Authentication Attempt
CVSS 5.9
CVE-2016-1409
HIGH
Cisco IOS XE 2.1-3.17S, IOS XR 2.0.0-5.3.2, and NX-OS - Denial of Service via Crafted IPv6 Neighbor Discovery Messages
CVSS 7.5
CVE-2016-1407
HIGH
Cisco IOS XR through 5.3.2 - Denial of Service via LPTS Flow-Based Entry Exhaustion
CVSS 7.5
CVE-2016-1400
HIGH
Cisco TelePresence Video Communications Server - DoS
CVSS 7.5
CVE-2016-1382
HIGH
Cisco AsyncOS <8.5.3-069 & 8.6-8.8 - DoS
CVSS 7.5
CVE-2016-1380
HIGH
Cisco Web Security Appliance AsyncOS 8.0 - Denial of Service via Crafted HTTP POST Request
CVSS 7.5
CVE-2016-4782
HIGH
Lenovo SHAREit - Unspecified Impact via Intent Scheme URL Attack
CVSS 8.8
Details
Vulnerabilities
12,628
Exploit Likelihood
High