CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,635 vulnerabilities with CWE-20
CVE-2014-4994 MEDIUM
gyazo 1.0.0-2.0.0 - Arbitrary File Write via Symlink Attack on Temporary File
CVSS 5.5
CVE-2014-7222 MEDIUM
TeamSpeak Client <3.0.14 - Buffer Overflow
CVSS 6.5
CVE-2014-1858 MEDIUM
NumPy < 1.8.1 - Arbitrary File Write via Symlink Attack on Temporary File
CVSS 5.5
CVE-2014-8336 MEDIUM
WP-DBManager < 2.7.1 - Arbitrary File Read via SQL LOAD_FILE in Run Query Panel
CVSS 6.5
CVE-2014-8119 HIGH
Fedora < 0.2.6 - Improper Input Validation
CVSS 7.5
CVE-2014-0219 MEDIUM
Apache Karaf < 4.0.10 - Denial of Service via Shutdown Command
CVSS 5.5
CVE-2014-0072 HIGH
Apache Cordova File-Transfer < 0.4.1 and Cordova 2.4.0-2.9.0 - SSL Server Spoofing via Default trustAllHosts Setting
CVSS 7.5
CVE-2014-9733 CRITICAL
nw.js <0.11.5 - Remote Code Execution
CVSS 9.8
CVE-2014-9678 MEDIUM
Flexpaper < 2.3.0 - Content Spoofing via Swfile Parameter
CVSS 6.1
CVE-2014-8324 HIGH
aircrack-ng < 1.2 - Denial of Service via Crafted Length Parameter in network.c
CVSS 7.5
CVE-2014-8323 HIGH
aircrack-ng < 1.2 - Denial of Service via Crafted Length Parameter in buddy-ng.c
CVSS 7.5
CVE-2014-5362 HIGH
Landesk Management Suite < 9.6 - Remote File Inclusion via d or top Parameter
CVSS 7.2
CVE-2014-9971 CRITICAL
Google Android - Improper Input Validation
CVSS 9.8
CVE-2014-8149 HIGH
OpenDaylight defense4all < 1.1.0 - Authenticated Arbitrary File Write
CVSS 8.8
CVE-2014-9965 HIGH
Android - Improper Input Validation in SCM Call Parsing
CVSS 7.8
CVE-2014-9962 HIGH
Android - Improper Input Validation in DRM Provisioning Command Parsing
CVSS 7.8
CVE-2014-3498 HIGH
Ansible < 1.6.6 - Authenticated Remote Code Execution via User Module
CVSS 8.8
CVE-2014-9933 HIGH
Android - Unauthorized Fuse Write via Missing Input Validation
CVSS 7.8
CVE-2014-9907 MEDIUM
ImageMagick < 6.9.4-0 - Denial of Service via Crafted DDS File
CVSS 6.5
CVE-2014-8572 HIGH
Huawei AC6605 ACU S2300 S3300 S2700 S3700 S5300 S5700 S6300 S6700 S7700 S9300 S9300E S9700 - DoS via SSH
CVSS 7.5
CVE-2014-9815 MEDIUM
ImageMagick < 6.9.4-0 - Denial of Service via Crafted WPG File
CVSS 5.5
CVE-2014-9813 MEDIUM
ImageMagick < 6.9.4-0 - Denial of Service via Crafted VIFF File
CVSS 5.5
CVE-2014-9811 MEDIUM
ImageMagick < 6.9.4-0 - Denial of Service via Malformed XWD File
CVSS 5.5
CVE-2014-9810 MEDIUM
ImageMagick < 6.9.4-0 - Denial of Service via Malformed DPX File
CVSS 5.5
CVE-2014-9809 MEDIUM
ImageMagick < 6.9.4-0 - Denial of Service via Crafted XWD Image
CVSS 5.5
Details
Vulnerabilities 12,635
Exploit Likelihood High