The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,636 vulnerabilities with CWE-20
CVE-2014-4417
macOS < 10.10 - Denial of Service via Crafted Push Notification
CVE-2014-3573
Red Hat Enterprise Virtualization Manager < 3.4.1 - XML External Entity Injection via Insecure DocumentBuilderFactory
CVE-2014-2278
SeedDMS < 4.3.3 - Unauthenticated Remote Code Execution via File Upload
CVE-2014-8755
Panasonic Network Camera View <4 - RCE
CVE-2014-8310
SAP BusinessObjects BI Edge 4.0 - Denial of Service via CORBA Listener
CVE-2014-3686
hostapd and wpa_supplicant 0.7.2-2.2 - Remote Code Execution via Crafted Frame
CVE-2014-4138
Microsoft Internet Explorer 11 - Memory Corruption
CVE-2014-4134
Microsoft Internet Explorer <9 - Code Injection
CVE-2014-4133
Microsoft Internet Explorer 6&7 - Code Injection
CVE-2014-4132
Microsoft Internet Explorer 11 - Memory Corruption
CVE-2014-4130
Microsoft Internet Explorer 11 - Memory Corruption
CVE-2014-4129
Microsoft Internet Explorer 8 - Memory Corruption
CVE-2014-4128
Microsoft Internet Explorer <11 - Code Injection
CVE-2014-4126
Microsoft Internet Explorer <11 - Code Injection
CVE-2014-4117
Microsoft Office/Word 2007/2010, Office for Mac 2011, SharePoint Server 2010 - RCE via Crafted Word Document
CVE-2014-3825
Juniper SRX Series Junos DoS via Crafted Packet
CVE-2014-3391
Cisco ASA 8.x < 8.4(3), 8.5, 8.7 < 8.7(1.13) Privilege Escalation via LD_LIBRARY_PATH
CVE-2014-3390
Cisco Adaptive Security Appliance Software 8.7-9.3 - Local Privilege Escalation via Crafted Script
CVE-2014-5376
Adaptive Computing Moab < 7.2.9 and 8 < 8.0.0 - Authenticated User Impersonation via Actor Field
CVE-2014-5375
Adaptive Computing Moab < 7.2.9 and 8 < 8.0.0 - Authenticated User Impersonation via UserId and Owner Tags
CVE-2014-4870
Brocade Vyatta 5400 <6.7R1 - Privilege Escalation
CVE-2014-7861
Apple macOS X - Remote Code Execution via IOHIDSecurePromptClient Pointer Validation
CVE-2014-2645
HP Systems Insight Manager <7.4 - CSRF
CVE-2014-7278
ZyXEL SBG-3300-N Firmware < 1.00(AADY.4)C0 - Denial of Service via Login Page Welcome Message
CVE-2014-5410
Rockwell Automation Allen-Bradley MicroLogix 1400 < Series B FRN 15.001 - Denial of Service via Malformed DNP3 Packets
Details
Vulnerabilities
12,636
Exploit Likelihood
High