The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,637 vulnerabilities with CWE-20
CVE-2014-1874
Linux Kernel < 3.13.4 - Denial of Service via Zero-Length Security Context
CVE-2014-2103
Cisco Intrusion Prevention System - Denial of Service via Malformed SNMP Packets
CVE-2014-0679
Cisco Prime Infrastructure 1.2-1.3.0.20-2 1.4-1.4.0.45-2 2.0-2.0.0.0.294-2 - Authenticated Remote Code Execution
CVE-2014-1255
Apple OS X < 10.9.2 - App Sandbox Bypass via ATS Free Function
CVE-2014-0747
Cisco Unified Communications Manager < 10.0(1) - Authenticated Command Injection via CAPF CLI
CVE-2014-0742
Cisco Unified Communications Manager < 10.0(1) - Arbitrary File Read and Write via CAPF CLI
CVE-2014-0033
Apache Tomcat 6.0.33-6.0.37 - Session Fixation
CVE-2014-0758
ICONICS GENESIS32 8.0 8.02 8.04 8.05 - Remote Code Execution via GenLaunch.htm ActiveX Control
CVE-2014-0819
Autodesk AutoCAD < 2013 - Untrusted Search Path DLL Hijacking
CVE-2014-0730
Cisco Unified Computing System Central Software <= 1.1 - Privilege Escalation via CLI Copy Command
CVE-2014-0720
Cisco IPS Sensor Software 7.1-7.1(8)E4 and 7.2-7.2(2)E4 - Denial of Service via Jumbo Frame Flood
CVE-2014-0718
Cisco IPS Sensor Software 7.1-7.2 - Denial of Service via Fragmented Packets
CVE-2014-0082
Ruby on Rails 3.x - Denial of Service via MIME Type String Conversion
CVE-2014-1861
Jetro COCKPIT Secure Browsing <4.3.3 - RCE
CVE-2014-0032
Apache Subversion <1.7.15, <1.8.6 - DoS
CVE-2014-1219
CA 2E Web Option r8.1.2 - Session Hijacking via Predictable Session Token Substring
CVE-2014-0724
Cisco Unified Communications Manager < 10.0(1) - Unauthenticated Arbitrary File Read via Bulk Administration Interface
CVE-2014-0257
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1 - Remote Code Execution via Type Traversal
CVE-2014-0254
Windows 8/Server 2012/RT DoS via Crafted ICMPv6 Router Advertisement
CVE-2014-0253
Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1 - Denial of Service via Crafted HTTP Requests
CVE-2014-0038
Linux Kernel recvmmsg Privilege Escalation
CVE-2014-0020
Pidgin < 2.10.8 - Denial of Service via IRC Protocol Plugin
CVE-2014-0834
IBM General Parallel File System 3.4-3.4.0.27 and 3.5-3.5.0.16 - Denial of Service via Setuid Program Arguments
CVE-2014-1610
MediaWiki <1.22.2/<1.21.5/<1.19.11 - RCE
CVE-2014-0022
yum < 3.4.3 - Unauthenticated RPM Package Signature Bypass via sigCheckPkg Return Value Mishandling
Details
Vulnerabilities
12,637
Exploit Likelihood
High