CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,628 vulnerabilities with CWE-20
CVE-2015-6568 HIGH
Wolf CMS < 0.8.3.1 - Authenticated Arbitrary File Upload and PHP Code Execution via File Manager
CVSS 8.8
CVE-2015-6567 HIGH
Wolf CMS < 0.8.3.1 - Authenticated Arbitrary File Upload and PHP Code Execution via File Manager
CVSS 8.8
CVE-2015-4646 HIGH
squashfs < 4.3 - Denial of Service via Crafted Input
CVSS 7.5
CVE-2015-7740 MEDIUM
Huawei P7 <P7-L00C17B851, P7-L05C00B851, P7-L09C92B851 - DoS
CVSS 5.5
CVE-2015-7893 HIGH
Samsung Galaxy S6 - Remote Code Execution via HTML Email Content
CVSS 8.8
CVE-2015-1612 HIGH
OpenDaylight OpenFlow Plugin < 0.0.6-Helium-SR3 - SDN Topology Spoofing via LLDP Packet Reuse
CVSS 7.5
CVE-2015-1611 HIGH
OpenDaylight OpenFlow Plugin < 0.0.6-Helium-SR3 - SDN Topology Spoofing via Fake LLDP Injection
CVSS 7.5
CVE-2015-8670 MEDIUM
Huawei LogCenter V100R001C10 - Authenticated Denial of Service via Log Collection Module
CVSS 6.5
CVE-2015-7847 MEDIUM
Huawei E3272s < E3272s-153TCPU-V200R002B491D09SP00C00 - Denial of Service via CGI Port Attribute
CVSS 5.5
CVE-2015-7844 HIGH
Huawei FusionAccess <V100R005C10,V100R005C20 - DoS
CVSS 7.5
CVE-2015-4556 HIGH
CHICKEN < 4.9.0 - Denial of Service in string-translate* Procedure
CVSS 7.5
CVE-2015-8678 MEDIUM
Huawei P8 and Mate S Firmware - Denial of Service via ION Driver
CVSS 5.5
CVE-2015-8138 MEDIUM
NTP <4.2.8p6, <4.3.90 - Auth Bypass
CVSS 5.3
CVE-2015-8212 CRITICAL
NetBSD bozohttpd CGI Handling - Remote Code Execution
CVSS 9.8
CVE-2015-8744 MEDIUM
QEMU < 2.4.1 - Denial of Service via VMXNET3 Layer-2 Packet Handling
CVSS 5.5
CVE-2015-8870 HIGH
libtiff < 4.0.3 - Integer Overflow via BMP RLE4/RLE8 Data
CVSS 7.4
CVE-2015-3288 HIGH
Linux kernel <4.1.4 - Privilege Escalation
CVSS 7.8
CVE-2015-1000002 HIGH
filedownload v1.4 - Open Proxy
CVSS 8.2
CVE-2015-8932 MEDIUM
Canonical Ubuntu Linux < 3.1.901a - Improper Input Validation
CVSS 5.5
CVE-2015-8930 HIGH
Suse Linux Enterprise Desktop < 3.1.901a - Improper Input Validation
CVSS 7.5
CVE-2015-8923 MEDIUM
libarchive < 3.2.0 - Denial of Service via Crafted Zip File
CVSS 6.5
CVE-2015-8946 LOW
Canonical Ubuntu Linux < 110 - Improper Input Validation
CVSS 3.3
CVE-2015-0899 HIGH
Apache Struts 1.1-1.3.10 - Remote Access Restriction Bypass via MultiPageValidator Page Parameter
CVSS 7.5
CVE-2015-8899 HIGH
Canonical Ubuntu Linux < 2.75 - Improper Input Validation
CVSS 7.5
CVE-2015-8853 HIGH
Fedora < 5.23.9 - Improper Input Validation
CVSS 7.5
Details
Vulnerabilities 12,628
Exploit Likelihood High