The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,628 vulnerabilities with CWE-20
CVE-2016-2201
MEDIUM
SIMATIC S7-1500 CPU Firmware - Replay Protection Bypass via TCP Port 102
CVSS 5.3
CVE-2016-2200
HIGH
SIMATIC S7-1500 CPU Firmware < 1.8.2 - Denial of Service via Crafted TCP Packets on Port 102
CVSS 7.5
CVE-2016-0802
HIGH
Broadcom Wi-Fi driver - Memory Corruption
CVSS 8.8
CVE-2016-0801
CRITICAL
Broadcom Wi-Fi driver - Memory Corruption
CVSS 9.8
CVE-2016-1284
MEDIUM
ISC BIND 9 Supported Preview Edition <9.9.8-S5 - DoS
CVSS 5.9
CVE-2016-1942
HIGH
Mozilla Firefox <44.0 - XSS
CVSS 7.4
CVE-2016-1303
HIGH
Cisco Small Business 500 <1.2.0.92 - DoS
CVSS 7.5
CVE-2016-0756
MEDIUM
prosody < 0.9.10 - Remote Domain Spoofing via Dialback Key Generation
CVSS 5.3
CVE-2016-0754
MEDIUM
curl < 7.46.0 - Arbitrary File Write via Colon in Remote File Name
CVSS 5.3
CVE-2016-1983
HIGH
Privoxy < 3.0.23 - Denial of Service via Empty HTTP Host Header
CVSS 7.5
CVE-2016-1982
HIGH
Privoxy < 3.0.23 - Denial of Service via Chunk-Encoded Content
CVSS 7.5
CVE-2016-1612
HIGH
Google Chrome < 47.0.2526.106 - Denial of Service via V8 LoadIC::UpdateCaches
CVSS 7.6
CVE-2016-1570
HIGH
Xen 3.4.0-4.6.x - Info Disclosure, Privilege Escalation, DoS
CVSS 8.5
CVE-2016-1929
CRITICAL
SAP HANA - Denial of Service via Log Spoofing in XS Engine
CVSS 9.3
CVE-2016-1262
MEDIUM
Juniper Junos OS <12.1X46-D45-15.1X49-D30 - DoS
CVSS 5.9
CVE-2016-1258
MEDIUM
Juniper Junos OS Multiple Versions - Denial of Service via J-Web
CVSS 5.3
CVE-2016-1257
MEDIUM
Juniper Junos OS Multiple Versions - Denial of Service via Crafted LDP Packet
CVSS 5.9
CVE-2016-1569
MEDIUM
Firebird 2.5.5 - Authenticated Denial of Service via gbak Utility Invalid Parameter
CVSS 6.5
CVE-2016-1494
MEDIUM
Python-RSA < 3.3 - Signature Spoofing via BERserk Padding Attack
CVSS 5.3
CVE-2016-0005
MEDIUM
Microsoft Internet Explorer 9-11 - Same Origin Policy Bypass
CVSS 4.3
CVE-2015-2202
HIGH
Aruba AirWave 7.0.0-7.7.14.1 and 8.0.0.0-8.0.6 - Authenticated Privilege Escalation to Root
CVSS 7.2
CVE-2015-9545
HIGH
xdLocalStorage < 2.0.5 - Unauthenticated Data Manipulation via Missing Origin Validation
CVSS 7.1
CVE-2015-9544
HIGH
xdLocalStorage < 2.0.5 - Unauthenticated Data Manipulation via Missing Origin Validation
CVSS 7.1
CVE-2015-4410
HIGH
Moped < 1.5.3 - Denial of Service and Cross-Site Scripting via ObjectId Validation
CVSS 7.5
CVE-2015-2923
MEDIUM
FreeBSD < 10.1 - Neighbor Discovery Hop-Limit Reconfiguration via Router Advertisement
CVSS 6.5
Details
Vulnerabilities
12,628
Exploit Likelihood
High