CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,628 vulnerabilities with CWE-20
CVE-2016-4476 HIGH
hostapd and wpa_supplicant 0.6.7-2.5 - Denial of Service via WPS Passphrase Newline Injection
CVSS 7.5
CVE-2016-2454 MEDIUM
Android < 6.0.1 - Denial of Service via Qualcomm Hardware Video Codec
CVSS 5.5
CVE-2016-1541 HIGH
libarchive <3.2.0 - Buffer Overflow
CVSS 8.8
CVE-2016-4535 HIGH
McAfee LiveSafe 14.0 - Denial of Service via Crafted Packed Executable
CVSS 7.5
CVE-2016-3714 HIGH KEV
ImageMagick <6.9.3-10 & <7.0.1-1 - RCE
CVSS 8.4
CVE-2016-0895 MEDIUM
EMC RSA Data Loss Prevention <9.6 - CSRF
CVSS 4.3
CVE-2016-4421 MEDIUM
Wireshark 1.12.x < 1.12.10 and 2.x < 2.0.2 - Denial of Service via ASN.1 BER Dissector Deep Recursion
CVSS 5.9
CVE-2016-4420 MEDIUM
Wireshark 2.x - Denial of Service in NFS Dissector
CVSS 5.9
CVE-2016-0211 MEDIUM
IBM DB2 9.7-10.5 - Authenticated Denial of Service via Crafted DRDA Message
CVSS 4.3
CVE-2016-2549 MEDIUM
Linux Kernel < 4.4 - Denial of Service via Recursive Callback in hrtimer.c
CVSS 6.2
CVE-2016-2548 MEDIUM
Linux Kernel < 4.4 - Denial of Service via ioctl Call in Timer Subsystem
CVSS 6.2
CVE-2016-2143 HIGH
Linux Kernel < 4.5 - Denial of Service via Fork Implementation on s390 Platforms
CVSS 7.8
CVE-2016-0774 MEDIUM
Linux kernel <3.2.73-2+deb7u3 - DoS
CVSS 6.8
CVE-2016-3082 CRITICAL
Apache Struts 2.x Remote Code Execution via XSLTResult Stylesheet Location
CVSS 9.8
CVE-2016-4085 MEDIUM
Wireshark <1.12.11 - Buffer Overflow
CVSS 5.9
CVE-2016-4083 MEDIUM
Wireshark 2.0.x < 2.0.3 - Denial of Service in MS-WSP Dissector
CVSS 5.9
CVE-2016-4078 MEDIUM
Wireshark 1.12.x < 1.12.11 and 2.0.x < 2.0.3 - Denial of Service via IEEE 802.11 Dissector
CVSS 5.9
CVE-2016-4061 HIGH
Foxit Reader & PhantomPDF <7.3.4 - DoS
CVSS 7.5
CVE-2016-1364 HIGH
Cisco Wireless LAN Controller - DoS
CVSS 7.5
CVE-2016-2390 MEDIUM
Squid < 3.5.14 and 4.0.x < 4.0.6 - Denial of Service via SSL Handshake Error Handling
CVSS 5.9
CVE-2016-3950 MEDIUM
Huawei AR3200 <V200R006C10SPC300 - DoS
CVSS 6.5
CVE-2016-3071 HIGH
Libreswan 3.16 - Denial of Service via IKEv2 aes_xcbc Transform
CVSS 7.5
CVE-2016-1654 MEDIUM
Google Chrome <50.0.2661.75 - DoS
CVSS 6.5
CVE-2016-2424 MEDIUM
Android < 4.4.4/5.0.2/5.1.1/2016-04-01 DoS via SyncStorageEngine Mismanagement
CVSS 5.5
CVE-2016-2414 MEDIUM
Android Minikin Library < 5.0.2, 5.1.1, 2016-04-01 - Denial of Service via Crafted Font
CVSS 6.2
Details
Vulnerabilities 12,628
Exploit Likelihood High