The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,636 vulnerabilities with CWE-20
CVE-2014-3880
FreeBSD 8.4 < p11, 9.1 < p14, 9.2 < p7, 10.0 < p4 - Denial of Service via Execve System Call
CVE-2014-3873
FreeBSD 8.4 < p11, 9.1 < p14, 9.2 < p7, 9.3-BETA1 < p1 - Information Disclosure via ktrace Page Fault Entry Size
CVE-2014-3216
GOM Media Player < 2.2.57.5189 - Denial of Service via Crafted OGG File
CVE-2014-3292
Cisco Unified Communications Manager - Authenticated Arbitrary File Read and Delete via RTMT URL
CVE-2014-3291
Cisco Wireless LAN Controller - Denial of Service via Zero Value in Cisco Discovery Protocol Packet
CVE-2014-2508
EMC Documentum Content Server <6.7 SP1 P28-7.1 P05 - SQL Injection
CVE-2014-2503
EMC Documentum DAM 6.5 - SQL Injection
CVE-2014-2346
COPA-DATA zenon <7.11 SP0 - DoS
CVE-2014-2345
COPA-DATA zenon <7.11 SP0 - DoS
CVE-2014-3941
TYPO3 <4.5.34-6.2.3 - Info Disclosure
CVE-2014-0095
Apache Tomcat 8.x < 8.0.4 - Denial of Service via AJP Content-Length Header
CVE-2014-2343
Triangle MicroWorks SCADA Data Gateway <3.00.0635 - DoS
CVE-2014-2342
Triangle MicroWorks SCADA Data Gateway <3.00.0635 - DoS
CVE-2014-3285
Cisco Wide Area Application Services < 5.3(5a) - Denial of Service via SharePoint Response Parsing
CVE-2014-3283
Cisco Unified Communications Domain Manager < 9.0(1) - Open Redirect via Self-Care Client Portal
CVE-2014-0239
Samba 4.0.0-4.0.17 - Denial of Service via Forged DNS Response Packet
CVE-2014-3272
Cisco Tidal Enterprise Scheduler < 6.1 - Privilege Escalation via Tidal Job Buffers Parameters
CVE-2014-3284
Cisco IOS XE on ASR1000 - Denial of Service via Malformed PPPoE Packet
CVE-2014-0943
IBM WebSphere Commerce 6.0 FP 2-5, 7.0.0.0-7.0.0.8, 7.0 FP 1-7 DoS via Malformed ID
CVE-2014-1346
Safari < 6.1.4 and 7.x < 7.0.4 - Origin Spoofing via Unicode URL Encoding
CVE-2014-3775
libgadu < 1.11.4 and 1.12.0-rc3 - Remote Code Execution via Crafted Message
CVE-2014-0959
IBM WebSphere Portal 6.1.0-6.1.0.6, 6.1.5-6.1.5.3, 7.0-7.0.0.2, and 8.0 < 8.0.0.1 - Authenticated DoS via Login Redirect
CVE-2014-0954
IBM Websphere Portal - Improper Input Validation
CVE-2014-3802
Microsoft Debug Interface Access SDK - Remote Code Execution via Crafted PDB File
CVE-2014-3739
Zenoss 4.2.5 - Open Redirect via came_from Parameter
Details
Vulnerabilities
12,636
Exploit Likelihood
High