CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,628 vulnerabilities with CWE-20
CVE-2016-2201 MEDIUM
SIMATIC S7-1500 CPU Firmware - Replay Protection Bypass via TCP Port 102
CVSS 5.3
CVE-2016-2200 HIGH
SIMATIC S7-1500 CPU Firmware < 1.8.2 - Denial of Service via Crafted TCP Packets on Port 102
CVSS 7.5
CVE-2016-0802 HIGH
Broadcom Wi-Fi driver - Memory Corruption
CVSS 8.8
CVE-2016-0801 CRITICAL
Broadcom Wi-Fi driver - Memory Corruption
CVSS 9.8
CVE-2016-1284 MEDIUM
ISC BIND 9 Supported Preview Edition <9.9.8-S5 - DoS
CVSS 5.9
CVE-2016-1942 HIGH
Mozilla Firefox <44.0 - XSS
CVSS 7.4
CVE-2016-1303 HIGH
Cisco Small Business 500 <1.2.0.92 - DoS
CVSS 7.5
CVE-2016-0756 MEDIUM
prosody < 0.9.10 - Remote Domain Spoofing via Dialback Key Generation
CVSS 5.3
CVE-2016-0754 MEDIUM
curl < 7.46.0 - Arbitrary File Write via Colon in Remote File Name
CVSS 5.3
CVE-2016-1983 HIGH
Privoxy < 3.0.23 - Denial of Service via Empty HTTP Host Header
CVSS 7.5
CVE-2016-1982 HIGH
Privoxy < 3.0.23 - Denial of Service via Chunk-Encoded Content
CVSS 7.5
CVE-2016-1612 HIGH
Google Chrome < 47.0.2526.106 - Denial of Service via V8 LoadIC::UpdateCaches
CVSS 7.6
CVE-2016-1570 HIGH
Xen 3.4.0-4.6.x - Info Disclosure, Privilege Escalation, DoS
CVSS 8.5
CVE-2016-1929 CRITICAL
SAP HANA - Denial of Service via Log Spoofing in XS Engine
CVSS 9.3
CVE-2016-1262 MEDIUM
Juniper Junos OS <12.1X46-D45-15.1X49-D30 - DoS
CVSS 5.9
CVE-2016-1258 MEDIUM
Juniper Junos OS Multiple Versions - Denial of Service via J-Web
CVSS 5.3
CVE-2016-1257 MEDIUM
Juniper Junos OS Multiple Versions - Denial of Service via Crafted LDP Packet
CVSS 5.9
CVE-2016-1569 MEDIUM
Firebird 2.5.5 - Authenticated Denial of Service via gbak Utility Invalid Parameter
CVSS 6.5
CVE-2016-1494 MEDIUM
Python-RSA < 3.3 - Signature Spoofing via BERserk Padding Attack
CVSS 5.3
CVE-2016-0005 MEDIUM
Microsoft Internet Explorer 9-11 - Same Origin Policy Bypass
CVSS 4.3
CVE-2015-2202 HIGH
Aruba AirWave 7.0.0-7.7.14.1 and 8.0.0.0-8.0.6 - Authenticated Privilege Escalation to Root
CVSS 7.2
CVE-2015-9545 HIGH
xdLocalStorage < 2.0.5 - Unauthenticated Data Manipulation via Missing Origin Validation
CVSS 7.1
CVE-2015-9544 HIGH
xdLocalStorage < 2.0.5 - Unauthenticated Data Manipulation via Missing Origin Validation
CVSS 7.1
CVE-2015-4410 HIGH
Moped < 1.5.3 - Denial of Service and Cross-Site Scripting via ObjectId Validation
CVSS 7.5
CVE-2015-2923 MEDIUM
FreeBSD < 10.1 - Neighbor Discovery Hop-Limit Reconfiguration via Router Advertisement
CVSS 6.5
Details
Vulnerabilities 12,628
Exploit Likelihood High