The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,628 vulnerabilities with CWE-20
CVE-2015-6568
HIGH
Wolf CMS < 0.8.3.1 - Authenticated Arbitrary File Upload and PHP Code Execution via File Manager
CVSS 8.8
CVE-2015-6567
HIGH
Wolf CMS < 0.8.3.1 - Authenticated Arbitrary File Upload and PHP Code Execution via File Manager
CVSS 8.8
CVE-2015-4646
HIGH
squashfs < 4.3 - Denial of Service via Crafted Input
CVSS 7.5
CVE-2015-7740
MEDIUM
Huawei P7 <P7-L00C17B851, P7-L05C00B851, P7-L09C92B851 - DoS
CVSS 5.5
CVE-2015-7893
HIGH
Samsung Galaxy S6 - Remote Code Execution via HTML Email Content
CVSS 8.8
CVE-2015-1612
HIGH
OpenDaylight OpenFlow Plugin < 0.0.6-Helium-SR3 - SDN Topology Spoofing via LLDP Packet Reuse
CVSS 7.5
CVE-2015-1611
HIGH
OpenDaylight OpenFlow Plugin < 0.0.6-Helium-SR3 - SDN Topology Spoofing via Fake LLDP Injection
CVSS 7.5
CVE-2015-8670
MEDIUM
Huawei LogCenter V100R001C10 - Authenticated Denial of Service via Log Collection Module
CVSS 6.5
CVE-2015-7847
MEDIUM
Huawei E3272s < E3272s-153TCPU-V200R002B491D09SP00C00 - Denial of Service via CGI Port Attribute
CVSS 5.5
CVE-2015-7844
HIGH
Huawei FusionAccess <V100R005C10,V100R005C20 - DoS
CVSS 7.5
CVE-2015-4556
HIGH
CHICKEN < 4.9.0 - Denial of Service in string-translate* Procedure
CVSS 7.5
CVE-2015-8678
MEDIUM
Huawei P8 and Mate S Firmware - Denial of Service via ION Driver
CVSS 5.5
CVE-2015-8138
MEDIUM
NTP <4.2.8p6, <4.3.90 - Auth Bypass
CVSS 5.3
CVE-2015-8212
CRITICAL
NetBSD bozohttpd CGI Handling - Remote Code Execution
CVSS 9.8
CVE-2015-8744
MEDIUM
QEMU < 2.4.1 - Denial of Service via VMXNET3 Layer-2 Packet Handling
CVSS 5.5
CVE-2015-8870
HIGH
libtiff < 4.0.3 - Integer Overflow via BMP RLE4/RLE8 Data
CVSS 7.4
CVE-2015-3288
HIGH
Linux kernel <4.1.4 - Privilege Escalation
CVSS 7.8
CVE-2015-1000002
HIGH
filedownload v1.4 - Open Proxy
CVSS 8.2
CVE-2015-8932
MEDIUM
Canonical Ubuntu Linux < 3.1.901a - Improper Input Validation
CVSS 5.5
CVE-2015-8930
HIGH
Suse Linux Enterprise Desktop < 3.1.901a - Improper Input Validation
CVSS 7.5
CVE-2015-8923
MEDIUM
libarchive < 3.2.0 - Denial of Service via Crafted Zip File
CVSS 6.5
CVE-2015-8946
LOW
Canonical Ubuntu Linux < 110 - Improper Input Validation
CVSS 3.3
CVE-2015-0899
HIGH
Apache Struts 1.1-1.3.10 - Remote Access Restriction Bypass via MultiPageValidator Page Parameter
CVSS 7.5
CVE-2015-8899
HIGH
Canonical Ubuntu Linux < 2.75 - Improper Input Validation
CVSS 7.5
CVE-2015-8853
HIGH
Fedora < 5.23.9 - Improper Input Validation
CVSS 7.5
Details
Vulnerabilities
12,628
Exploit Likelihood
High