CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,628 vulnerabilities with CWE-20
CVE-2015-8879 HIGH
PHP < 5.5.38 - Denial of Service via odbc_bindcols SQL_WVARCHAR Handling
CVSS 7.5
CVE-2015-7558 HIGH
librsvg <2.40.12 - DoS
CVSS 7.5
CVE-2015-7557 HIGH
librsvg < 2.40.6 - Denial of Service via Odd Coordinate Pair in SVG Document
CVSS 7.5
CVE-2015-8873 HIGH
PHP < 5.4.44 - Denial of Service via Recursive Method Calls
CVSS 7.5
CVE-2015-5589 CRITICAL
PHP <5.4.43, 5.5.x <5.5.27, 5.6.x <5.6.11 - DoS
CVSS 9.8
CVE-2015-4605 HIGH
PHP < 5.4.40 - Denial of Service via Fileinfo mcopy Offset Mishandling
CVSS 7.5
CVE-2015-4604 HIGH
PHP < 5.4.40 - Denial of Service via Fileinfo Component
CVSS 7.5
CVE-2015-4598 MEDIUM
Redhat Enterprise Linux Desktop < 5.4.41 - Improper Input Validation
CVSS 6.5
CVE-2015-3411 MEDIUM
PHP <5.4.40, 5.5.x <5.5.24, 5.6.x <5.6.8 - Info Disclosure
CVSS 6.5
CVE-2015-8099 MEDIUM
F5 BIG-IP Software SYN Cookies - Denial of Service
CVSS 5.9
CVE-2015-5726 HIGH
Botan 0.10.x-1.10.9 and 1.11.x-1.11.18 - Denial of Service via Empty BIT STRING in ASN.1 BER Decoder
CVSS 7.5
CVE-2015-5208 MEDIUM
Apache Cordova iOS < 3.9.1 - Arbitrary Plugin Execution via Link
CVSS 4.4
CVE-2015-8019 HIGH
Linux kernel <3.14.54, <3.18.22 - DoS
CVSS 7.8
CVE-2015-2672 MEDIUM
Linux Kernel < 3.19.1 - Denial of Service via xsave/xrstor Instruction Faulting
CVSS 5.5
CVE-2015-8844 MEDIUM
Linux Kernel < 4.3.5 - Denial of Service via MSR Bit Validation Bypass
CVSS 5.5
CVE-2015-8552 MEDIUM
Xen - Denial of Service via PCI Backend Driver Missing Sanity Checks
CVSS 4.4
CVE-2015-7545 CRITICAL
Git < 2.3.10, 2.4.x < 2.4.10, 2.5.x < 2.5.4, 2.6.x < 2.6.1 - Remote Code Execution via Remote Helper Protocols
CVSS 9.8
CVE-2015-8682 MEDIUM
Huawei P8 and Mate S Firmware - Information Disclosure and Denial of Service via Video0 Driver
CVSS 6.1
CVE-2015-8702 HIGH
Debian Linux < 2.0.18 - Improper Input Validation
CVSS 8.6
CVE-2015-8305 MEDIUM
Huawei Sophia-L10 <P7-L10C900B852 - DoS
CVSS 5.5
CVE-2015-7551 HIGH
Ruby <2.0.0-p648, <2.1.8, <2.2.4 - Denial of Service
CVSS 8.4
CVE-2015-6260 HIGH
Zyxel Gs1900-10hp Firmware - Improper Input Validation
CVSS 7.5
CVE-2015-8489 MEDIUM
Cybozu Office 9.9.0-10.3.0 - Authenticated Denial of Service via Crafted CSV File
CVSS 6.5
CVE-2015-5042 HIGH
IBM Emptoris Contract Management RCE via Crafted Flash File
CVSS 7.5
CVE-2015-8360 CRITICAL
Atlassian Bamboo <5.9.9, <5.10.0 - RCE
CVSS 9.8
Details
Vulnerabilities 12,628
Exploit Likelihood High