CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,636 vulnerabilities with CWE-20
CVE-2014-2653 MEDIUM
OpenSSH < 6.6 - SSHFP DNS RR Check Bypass via Unacceptable HostCertificate
CVSS 6.5
CVE-2014-1828
iThoughtsHD 4.19 - Denial of Service via Large File Upload
CVE-2014-1827
iThoughtsHD app <4.19 - File Upload
CVE-2014-0904
IBM Security AppScan Standard 7.9-8.8 - Remote Code Execution via Unsigned Update File
CVE-2014-1492
Mozilla Network Security Services < 3.16 - Certificate Hostname Validation Spoofing via Wildcard in U-label
CVE-2014-0628
RSA BSAFE Micro Edition Suite 4.0.x < 4.0.5 - Denial of Service via Certificate Chain Processing
CVE-2014-2284
Net-SNMP 5.5-5.5.2 5.6-5.6.2 5.7-5.7.2 - Denial of Service via ICMP-MIB Input Validation
CVE-2014-2523
Linux Kernel < 3.2.57 - Denial of Service or Remote Code Execution via DCCP Header Pointer Mismanagement
CVE-2014-2585
ownCloud <5.0.15 & <6.0.2 - Remote Authenticated Filesystem Mount
CVE-2014-2122
Cisco Hosted Collaboration Solution - Denial of Service via Memory Leak in GUI
CVE-2014-2121
Cisco Hosted Collaboration Solution - Denial of Service via TCP Port Closing
CVE-2014-2241
FreeType < 2.5.2 - Denial of Service via Crafted TTF File
CVE-2014-2532 MEDIUM
OpenSSH <6.6 - Privilege Escalation
CVSS 4.2
CVE-2014-1714
Google Chrome <33.0.1750.152-33.0.1750.154 - DoS
CVE-2014-1273
Apple tvOS < 6.0.2 and iOS < 7.0.6 - Code-Signing Bypass via Text-Relocation Instructions
CVE-2014-1271
Apple Iphone OS < 7.0.6 - Improper Input Validation
CVE-2014-1267
Apple iOS < 7.1 and Apple TV < 6.1 - Unauthenticated Access Restriction Bypass via Expired Configuration Profile
CVE-2014-0317
Microsoft Windows - Privilege Escalation
CVE-2014-0106
macOS X < 10.10.4 - Authenticated Command Restriction Bypass via Environment Variable
CVE-2014-2281
Wireshark 1.8.x-1.8.12 and 1.10.x-1.10.5 - Denial of Service via NFS Packet Length Validation
CVE-2014-2234
Apple macOS X < 10.9.2 - Improper Input Validation via TLS/SSL Handshake Bypass
CVE-2014-0845
IBM Rational Requirements Composer 3.x-3.0.1.6 and 4.x-4.0.6 - Authenticated Open Redirect
CVE-2014-2097
FFmpeg < 2.1.4 - Denial of Service via TAK Audio Decoder
CVE-2014-2039
Linux Kernel < 3.13.5 - Denial of Service via Linkage Stack Mishandling
CVE-2014-1874
Linux Kernel < 3.13.4 - Denial of Service via Zero-Length Security Context
Details
Vulnerabilities 12,636
Exploit Likelihood High