The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,635 vulnerabilities with CWE-20
CVE-2015-2177
HIGH
SIMATIC S7-300 CPU Firmware - Denial of Service via Crafted Packets on TCP Port 102 or Profibus
CVSS 7.5
CVE-2015-1483
Symantec NetBackup OpsCenter <7.6.1 - XSS
CVE-2015-0661
Cisco IOS XR - Authenticated Denial of Service via Malformed SNMPv2 Packet
CVE-2015-0657
Cisco IOS XR - Denial of Service via Malformed RSVP Packet
CVE-2015-0633
Cisco Unified Computing System <= 1.4(7h) - Unauthenticated Access Control Bypass via DHCP Response
CVE-2015-2055
Zhone GPON 2520 R4.0.2.566b - Denial of Service via Old Password Parameter
CVE-2015-2053
McAfee Agent < 4.8.0 Patch 3 and 5.0.0 - Clickjacking via Log Viewer
CVE-2015-0624
Cisco AsyncOS on ESA, SMA, and WSA - HTTP Header Injection
CVE-2015-0879
CREAR AL-Mail32 < 1.13c - Denial of Service via Device Name Attachment
CVE-2015-0584
Cisco Desktop Collaboration Experience DX650 - OS Command Injection via Image-Upgrade Parameter
CVE-2015-1604
Adminsystems CMS < 4.0.2 - Authenticated Arbitrary File Upload and Remote Code Execution via asys/site/files.php
CVE-2015-0626
Cisco Hosted Collaboration Solution - Unauthenticated Access to System-Management Tools via SOAP Challenge Call
CVE-2015-0622
Cisco Wireless LAN Controller - Denial of Service via Crafted Packets in WIDS Signature Events Summary
CVE-2015-0620
Cisco TelePresence Management Suite < 14.3(.2) - Authenticated Denial of Service via XML External Entity Injection
CVE-2015-0268
Xen 4.5.x - Denial of Service via Invalid GICD.SGIR Register Write
CVE-2015-0606
Cisco Ios - Improper Input Validation
CVE-2015-0600
Cisco Unified IP 9900 Series Firmware < 9.4(1) - Denial of Service via Mobility Extension
CVE-2015-0589
Cisco WebEx Meetings Server 1.0-1.5 - Authenticated Remote Code Execution via Administrative Web Interface
CVE-2015-0604
Cisco Unified IP 9900 Phones Firmware 9.4(.1) - Arbitrary File Write via HTTP Request
CVE-2015-0601
Cisco Unified IP 9900 Phones < 9.4(1) - Denial of Service via Crafted Commands
CVE-2015-1382
Privoxy <3.0.23 - DoS
CVE-2015-1380
Privoxy < 3.0.23 - Denial of Service via Crafted Chunk-Encoded Body
CVE-2015-1049
Siemens SCALANCE X-200IRT <5.2.0 - SSRF
CVE-2015-0597
Cisco WebEx Meetings Server < 1.5(.1.131) - Administrative Account Enumeration via Forgot Password Feature
CVE-2015-1043
VMware Workstation/Fusion/Player <10.0.5-7.0.1 - DoS
Details
Vulnerabilities
12,635
Exploit Likelihood
High