The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,634 vulnerabilities with CWE-20
CVE-2015-2472
Microsoft Windows - Remote Desktop Session Host Spoofing via Certificate Validation Bypass
CVE-2015-2466
Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 - Remote Code Execution via Crafted Template
CVE-2015-2464
Microsoft .NET Framework - Remote Code Execution via TrueType Font Parsing
CVE-2015-2463
Microsoft .NET Framework - Remote Code Execution via TrueType Font Parsing
CVE-2015-2462
.NET Framework - Remote Code Execution via Crafted OpenType Font
CVE-2015-2461
Windows Adobe Type Manager Library - Remote Code Execution via Crafted OpenType Font
CVE-2015-2460
.NET Framework - Remote Code Execution via Crafted OpenType Font
CVE-2015-2459
Windows Adobe Type Manager Library - Remote Code Execution via Crafted OpenType Font
CVE-2015-2458
Windows Adobe Type Manager Library - Remote Code Execution via Crafted OpenType Font
CVE-2015-2456
Microsoft Lync - Remote Code Execution via TrueType Font Parsing
CVE-2015-2455
Microsoft .NET Framework - Remote Code Execution via TrueType Font Parsing
CVE-2015-2435
Microsoft .NET Framework - Remote Code Execution via Crafted TrueType Font
CVE-2015-2431
Microsoft Office and Live Meeting - Remote Code Execution via Crafted OGL Font
CVE-2015-5696
Dell Netvault Backup < 10.0.1.24 - Denial of Service via Crafted Request
CVE-2015-5685
BitTorrent bootstrap-dht - Remote Code Execution via Crafted Packet
CVE-2015-5965
Fortinet FortiOS <4.3.13 - SSL Spoofing
CVE-2015-5369
Pulse Connect Secure <8.1r5-7.4r13.5 - Man-in-the-middle
CVE-2015-3245
libuser < 0.56.13-8 and 0.60 < 0.60-7 - Denial of Service via GECOS Field Newline Injection
CVE-2015-1492
Symantec Endpoint Protection <12.1-RU6-MP1 - Privilege Escalation
CVE-2015-1487
Symantec Endpoint Protection Manager <12.1-RU6-MP1 - Privilege Esca...
CVE-2015-4286
Cisco UCS Central Software 1.3(0.99) - Arbitrary File Read via Crafted HTTP Request
CVE-2015-2977
Webservice-DIC yoyaku_v41 - Arbitrary File Creation and Remote Code Execution
CVE-2015-2974
LEMON-S PHP Gazou BBS + <2.36 - XSS
CVE-2015-1284
Google Chrome < 44.0.2403.89 - Use-After-Free via IFRAME Element Creation
CVE-2015-4284
Cisco IOS XR 5.3.0 - Denial of Service via Malformed BGPv4 Packets
Details
Vulnerabilities
12,634
Exploit Likelihood
High