The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,631 vulnerabilities with CWE-20
CVE-2015-6291
Cisco Email Security Appliance AsyncOS DoS via Malformed Attachment Fields
CVE-2015-8040
Samsung SmartViewer - Remote Code Execution via rtsp_getdlsendtime Index Value
CVE-2015-7835
Xen 3.4-4.6.x - Privilege Escalation
CVE-2015-6351
Cisco ASR 5000 Software 19.1.0.61559 and 19.2.0 - Denial of Service via Crafted BGP Packet Header
CVE-2015-7699
ownCloud Server <7.0.9, <8.0.x <8.0.7, <8.1.x <8.1.2 - RCE
CVE-2015-5014
IBM Cognos Disclosure Management 10.1.x and 10.2.x < 10.2.4 IF10 - Executable File Spoofing via Client Upload
CVE-2015-6987
macOS < 10.11.1 - Denial of Service via File Bookmark Metadata
CVE-2015-5945
Apple OS X <10.11.1 - Privilege Escalation
CVE-2015-7004
iPhone OS < 9.0.2 - Denial of Service via Crafted App
CVE-2015-7750
Juniper Netscreen <6.3.0r13-dnd1-6.3.0r19 - DoS
CVE-2015-7749
Juniper Junos < 15.1X49-D20 - Denial of Service via PFE Daemon Connection Request
CVE-2015-7748
Junos OS 13.3 < 13.3R8, 14.1 < 14.1R6, 14.2 < 14.2R5, 15.1 < 15.1R2 - Denial of Service via uBFD Packet
CVE-2015-1808
Jenkins < 1.600 and LTS < 1.596.1 - Authenticated Denial of Service via Crafted Update Center Data
CVE-2015-6334
Cisco ASR 5000 and 5500 Software - Denial of Service via Crafted TACACS Packet Header
CVE-2015-7838
SolarWinds Storage Manager <6.2 - RCE
CVE-2015-6318
Cisco TelePresence Video Communication Server Expressway X8.5.1 and X8.5.2 - Arbitrary File Write via Symlink Attack
CVE-2015-1047
VMware vCenter Server <5.0u3e, <5.1u3, <5.5u2 - DoS
CVE-2015-1303
Google Chrome < 45.0.2454.93 - Same Origin Policy Bypass via IFRAME Exception Handling
CVE-2015-5235
IcedTea-Web <1.5.3 & <1.6.1 - Open Redirect
CVE-2015-5234
IcedTea-Web <1.5.3 & 1.6.x <1.6.1 - XSS
CVE-2015-1337
Simple Streams - Info Disclosure
CVE-2015-5883
Apple OS X <10.11 - Info Disclosure
CVE-2015-5828
Apple Safari <9 - Open Redirect
CVE-2015-5780
Safari < 8.0.8 - Unauthenticated Extension Replacement via Missing User Confirmation
CVE-2015-6598
Android < 5.1.1 - Remote Code Execution via Crafted Media File
Details
Vulnerabilities
12,631
Exploit Likelihood
High