The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,628 vulnerabilities with CWE-20
CVE-2016-4087
HIGH
Huawei S12700 <V200R008C00SPC500 & S5700 <V200R005SPH010 - RCE/DoS
CVSS 8.1
CVE-2016-4049
HIGH
Quagga - Denial of Service via Large BGP Packet in bgp_dump_routes_func
CVSS 7.5
CVE-2016-3959
HIGH
Go <1.5.4, 1.6.x <1.6.1 - DoS
CVSS 7.5
CVE-2016-4538
CRITICAL
PHP < 5.5.35, 5.6.x < 5.6.21, 7.x < 7.0.6 - Denial of Service via bcpowmod Function
CVSS 9.8
CVE-2016-4537
CRITICAL
PHP < 5.5.35, 5.6.x < 5.6.21, 7.x < 7.0.6 - Denial of Service via bcpowmod Negative Scale Argument
CVSS 9.8
CVE-2016-4348
HIGH
librsvg < 2.40.1 - Denial of Service via Circular Definitions in SVG Document
CVSS 7.5
CVE-2016-3739
MEDIUM
curl < 7.49.0 - Server Spoofing via Arbitrary Valid Certificate
CVSS 5.3
CVE-2016-4072
CRITICAL
PHP < 5.5.34, 5.6.x < 5.6.20, 7.x < 7.0.5 - Remote Code Execution via Phar Filename Handling
CVSS 9.8
CVE-2016-4071
CRITICAL
PHP < 5.5.34, 5.6.x < 5.6.20, 7.x < 7.0.5 - Remote Code Execution via SNMP::get Format String Specifiers
CVSS 9.8
CVE-2016-1843
HIGH
Apple OS X <10.11.5 - Info Disclosure
CVSS 7.5
CVE-2016-1800
HIGH
macOS < 10.11.5 - Remote Code Execution via Captive Network Assistant URL Scheme
CVSS 8.8
CVE-2016-4425
MEDIUM
jansson < 2.7 - Denial of Service via Deep Recursion in JSON Parser
CVSS 6.5
CVE-2016-3705
HIGH
libxml2 <2.9.3 - DoS
CVSS 7.5
CVE-2016-3185
HIGH
PHP < 5.4.44, 5.5.x < 5.5.28, 5.6.x < 5.6.12, 7.x < 7.0.4 - Denial of Service via Crafted Serialized _cookies Data
CVSS 7.1
CVE-2016-0381
MEDIUM
IBM Cognos TM1 < 10.2.2 FP5 - Authenticated Denial of Service via AdminGroups Setting
CVSS 4.3
CVE-2016-1665
MEDIUM
Google V8 <50.0.2661.94 - Info Disclosure
CVSS 6.5
CVE-2016-1661
HIGH
Google Chrome <50.0.2661.94 - Memory Corruption
CVSS 8.0
CVE-2016-1660
HIGH
Google Chrome <50.0.2661.94 - DoS
CVSS 8.8
CVE-2016-1209
CRITICAL
Ninja Forms <2.9.42.1 - Code Injection
CVSS 9.8
CVE-2016-2850
HIGH
Fedora - Improper Input Validation
CVSS 7.5
CVE-2016-2194
HIGH
Debian Linux < 1.10.10 - Improper Input Validation
CVSS 7.5
CVE-2016-4498
MEDIUM
Panasonic FPWIN Pro 5.x-7.x - Denial of Service via Uninitialized Pointer
CVSS 5.5
CVE-2016-4497
MEDIUM
Panasonic FPWIN Pro 5.x-7.x - Denial of Service via Type Confusion
CVSS 4.2
CVE-2016-1115
MEDIUM
Adobe ColdFusion Certificate Spoofing via Wildcard Name Field Mishandling
CVSS 5.9
CVE-2016-4555
HIGH
Squid 3.x < 3.5.18 and 4.x < 4.0.10 - Denial of Service via Crafted ESI Responses
CVSS 7.5
Details
Vulnerabilities
12,628
Exploit Likelihood
High