The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,637 vulnerabilities with CWE-20
CVE-2014-0677
Cisco NX-OS - Denial of Service via Malformed LDP Hello Messages
CVE-2014-0662
Cisco TelePresence Video Communication Server < 8.1 - Denial of Service via Crafted SDP Message
CVE-2014-0660
Cisco TelePresence ISDN Gateway < 2.2(1.92) - Denial of Service via Crafted Q.931 STATUS Message
CVE-2014-0671
Cisco Mediasense - Improper Input Validation
CVE-2014-0650
Cisco Secure Access Control System < 5.4.0.46.2 - Remote Code Execution via Web Interface
CVE-2014-0261
Microsoft Dynamics AX DoS via Crafted Query Filter Data
CVE-2014-1406
Conceptronic C54APM Firmware - CRLF Injection via formWlSiteSurvey submit-url Parameter
CVE-2014-1405
Conceptronic C54APM Firmware 1.26 - Open Redirect via submit-url or wlan-url Parameter
CVE-2014-0658
Cisco Unified IP Phones 9900 Series Firmware - Denial of Service via Crafted SIP Header
CVE-2014-0656
Cisco Context Directory Agent - Authenticated Data Omission via Crafted Field Values
CVE-2014-0655
Cisco Adaptive Security Appliance - User Cache Manipulation via RADIUS CoA Replay
CVE-2014-0654
Cisco Context Directory Agent - Cache Modification via RADIUS Accounting Message Replay
CVE-2014-0653
Cisco Adaptive Security Appliance - Authentication State Manipulation via NetBIOS Logout Probe Response
CVE-2013-4144
CRITICAL
swfupload - Object Injection
CVSS 9.8
CVE-2013-3738
CRITICAL
Zabbix 2.0.6 - Remote Code Execution via CGI Script Request String
CVSS 9.8
CVE-2013-5106
HIGH
python-mode 2012-12-19 - Remote Code Execution in select.py
CVSS 8.8
CVE-2013-1607
CRITICAL
pdfkit < 0.5.3 - Remote Code Execution
CVSS 9.8
CVE-2013-4535
HIGH
QEMU < 1.7.2 - Remote Code Execution via Crafted Savevm Image
CVSS 8.8
CVE-2013-2571
CRITICAL
hcomm xpient_iris < 3.8 - Remote Code Execution via TCP Port 7510
CVSS 9.8
CVE-2013-3945
HIGH
MrSID < 4.37 - Remote Code Execution via nband Tag
CVSS 7.8
CVE-2013-4245
HIGH
Orca - Remote Code Execution via Insecure Python Module Load
CVSS 7.3
CVE-2013-1689
MEDIUM
Firefox < 19.0.2 - Denial of Service via Event Handling with Frames
CVSS 6.5
CVE-2013-0342
MEDIUM
pyrad < 2.1 - Predictable Packet ID Spoofing via Sequential ID Generation
CVSS 4.3
CVE-2013-0243
HIGH
haskell-tls < 0.6.1 - Man-in-the-Middle via Basic Constraints Attribute Mismanagement
CVSS 7.4
CVE-2013-2103
HIGH
OpenShift - Server-Side Request Forgery via Cartridge URL Retrieval
CVSS 8.1
Details
Vulnerabilities
12,637
Exploit Likelihood
High