CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,634 vulnerabilities with CWE-20
CVE-2015-6248
Oracle Linux - Improper Input Validation
CVE-2015-6247
Oracle Solaris - Improper Input Validation
CVE-2015-6246
Oracle Linux - Improper Input Validation
CVE-2015-6245
Wireshark 1.12.x < 1.12.7 - Denial of Service via GSM RLC/MAC Dissector Infinite Loop
CVE-2015-6244
Wireshark 1.12.x < 1.12.7 - Denial of Service via ZigBee Dissector Length Field
CVE-2015-6243
Oracle Linux - Improper Input Validation
CVE-2015-6242
Oracle Solaris - Improper Input Validation
CVE-2015-6241
Wireshark 1.12.x < 1.12.7 - Denial of Service via Crafted Packet in Protocol Tree
CVE-2015-6563 MEDIUM
OpenSSH < 6.9 - Local User Impersonation via MONITOR_REQ_PAM_INIT_CTX
CVSS 6.4
CVE-2015-6258
Cisco Wireless LAN Controller Software 8.1(104.37) - Traffic Forwarding Manipulation via IPv6 Packet Injection
CVE-2015-6256
Cisco ASR 5000 Series Software 19.0.M0.60828 - Denial of Service via OSPF Packet Length Field
CVE-2015-4534
EMC Documentum Content Server - Authenticated Remote Code Execution via Forged JMS Query String
CVE-2015-4329
Cisco TelePresence Video Communication Server X8.5.2 - Authenticated Remote Code Execution via HTTP Request
CVE-2015-4321
Cisco ASA 9.3/9.4 Unicast Reverse Path Forwarding Bypass via Spoofed Packets
CVE-2015-4316
Cisco TelePresence VCS Expressway X8.5.2 Authenticated Impersonation via MRA Bypass
CVE-2015-4328
Cisco TelePresence Video Communication Server Expressway X8.5.2 - Authenticated OS Command Injection via HTTP Request
CVE-2015-4327
Cisco TelePresence Video Communication Server Expressway X8.5.2 - Privilege Escalation via CLI Script Argument Injection
CVE-2015-4315
Cisco TelePresence Video Communication Server Expressway X8.5.3 - Authenticated XML External Entity Injection
CVE-2015-3805
Apple iOS <8.4.1 & OS X <10.10.5 - Auth Bypass
CVE-2015-3803
Apple iOS <8.4.1 & OS X <10.10.5 - Auth Bypass
CVE-2015-3802
Apple iOS <8.4.1 & OS X <10.10.5 - Auth Bypass
CVE-2015-3787
macOS < 10.10.5 - Denial of Service via Malformed Bluetooth ACL Packets
CVE-2015-3774
Apple OS X <10.10.5 - Info Disclosure
CVE-2015-3760
Apple OS X <10.10.5 - Privilege Escalation
CVE-2015-3758
iPhone OS < 8.4.1 - Unauthenticated FaceTime Call Initiation via WebView URL
Details
Vulnerabilities 12,634
Exploit Likelihood High