The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,636 vulnerabilities with CWE-20
CVE-2014-2129
Cisco ASA 8.2-9.1 DoS via SIP Packet Processing
CVE-2014-2127
Cisco ASA <9.1.4.3 - Privilege Escalation
CVE-2014-1725
Google Chrome < 34.0.1847.116 - Denial of Service via Base64 Decode Out-of-Bounds Read
CVE-2014-1723
Google Chrome <34.0.1847.116 - Info Disclosure
CVE-2014-2144
Cisco IOS XR - Denial of Service via ICMPv6 Redirect Packet Flood
CVE-2014-2117
Cisco ER <8.6 - Open Redirect
CVE-2014-2116
Cisco ER <8.6 - XSS
CVE-2014-1297
Apple Safari < 6.1.3 and 7.x < 7.0.3 - Arbitrary File Read via WebProcess IPC Message Validation Bypass
CVE-2014-2138
Cisco Security Manager <4.2 - Code Injection
CVE-2014-2137
Cisco Web Security Appliance < 7.7 - CRLF Injection via Crafted URL
CVE-2014-2673
Linux Kernel < 3.13.7 - Denial of Service via Transactional Memory State Handling
CVE-2014-1896
Xen 4.2.x-4.4-RC - Denial of Service or Privilege Escalation via Crafted Xenstore Ring Indexes
CVE-2014-0634
EMC VPLEX GeoSynchrony 4.x-5.x - Information Disclosure via Missing HttpOnly Cookie Flag
CVE-2014-0633
EMC VPLEX GeoSynchrony 4.x-5.x - Remote Code Execution via Session Timeout Validation
CVE-2014-0086
JBoss RichFaces 4.3.4-4.3.5 and 5.x - Denial of Service via Malformed Atmosphere Push Requests
CVE-2014-0066
PostgreSQL < 8.4.20, 9.0.x < 9.0.16, 9.1.x < 9.1.12, 9.2.x < 9.2.7, 9.3.x < 9.3.3 - DoS via chkpass
CVE-2014-2668
Apache CouchDB < 1.5.0 - Denial of Service via /_uuids Count Parameter
CVE-2014-2599
Xen 4.1.x-4.4.x - Denial of Service via HVMOP_set_mem_access
CVE-2014-2113
Cisco IOS 15.1-15.3 and IOS XE 3.3-3.5.2E, 3.7-3.7.5S, 3.8-3.10.2S - Denial of Service via Malformed IPv6 Packet
CVE-2014-2112
Cisco IOS 15.1-15.4 - Denial of Service via Crafted HTTP Requests
CVE-2014-2111
Cisco IOS 12.2-12.4 15.0-15.4 - Denial of Service via Crafted DNS Packets
CVE-2014-2109
Cisco IOS 12.2-12.4 and 15.0-15.4 - Denial of Service via Crafted TCP Packets
CVE-2014-2108
Cisco IOS 12.2 and 15.0-15.3 and IOS XE 3.2-3.7 and 3.8-3.10 - Denial of Service via Malformed IKEv2 Packet
CVE-2014-2107
Cisco IOS 12.2, 15.0-15.3 - Denial of Service via Crafted IP Packets
CVE-2014-2106
Cisco IOS 15.3M and IOS XE 3.10.xS - Denial of Service via Crafted SIP Messages
Details
Vulnerabilities
12,636
Exploit Likelihood
High