The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,637 vulnerabilities with CWE-20
CVE-2013-7172
HIGH
Slackware - Local Privilege Escalation
CVSS 7.8
CVE-2013-7171
CRITICAL
Slackware <14.1 - Privilege Escalation
CVSS 9.8
CVE-2013-2093
CRITICAL
Dolibarr ERP/CRM 3.3.1 - Remote Code Execution via viewimage.php and barcode.lib.php
CVSS 9.8
CVE-2013-1816
HIGH
MediaWiki < 1.19.4 and 1.20.x < 1.20.3 - Denial of Service via Crafted Request
CVSS 7.5
CVE-2013-1889
HIGH
mod_ruid2 < 0.9.8 - Chroot Bypass via CGI Script File Descriptor Handling
CVSS 7.5
CVE-2013-1820
MEDIUM
tuned < 2.0.2 - Local Process Termination via Insecure ktune Service Permissions
CVSS 5.5
CVE-2013-1811
MEDIUM
MantisBT < 1.2.13 - Unauthenticated Issue Status Change via Reporter Permissions
CVSS 4.3
CVE-2013-1751
CRITICAL
TWiki < 5.1.4 - Remote Code Execution via MAKETEXT Parameter
CVSS 9.8
CVE-2013-4409
CRITICAL
Djblets < 0.6.30 and Review Board < 1.7.15 - Remote Code Execution via JSON Request Parsing
CVSS 9.8
CVE-2013-2259
CRITICAL
Cryptocat < 2.0.22 - Arbitrary Code Execution on Firefox Conversation Overview
CVSS 9.8
CVE-2013-4103
CRITICAL
Cryptocat < 2.0.22 - Remote Script Injection via Improper Input Sanitization
CVSS 9.8
CVE-2013-4101
MEDIUM
Cryptocat < 2.0.22 - HTML Injection via Link Markup Decorator
CVSS 5.3
CVE-2013-4100
HIGH
Cryptocat < 2.0.22 - Remote Denial of Service via Username
CVSS 7.5
CVE-2013-0180
MEDIUM
Redis 2.6 - Insecure Temporary File Handling in /tmp/redis.ds
CVSS 5.5
CVE-2013-0178
MEDIUM
Redis < 2.6.0 - Insecure Temporary File Handling in /tmp/redis-%p.vm
CVSS 5.5
CVE-2013-0165
HIGH
OpenShift - Arbitrary File Write via /tmp File Creation
CVSS 7.3
CVE-2013-2227
HIGH
GLPI 0.83.7 - Local File Inclusion via common.tabs.php
CVSS 7.5
CVE-2013-4751
HIGH
php-symfony2-Validator - Info Disclosure
CVSS 8.1
CVE-2013-3718
MEDIUM
Evince - Denial of Service via Missing Page Count Check
CVSS 5.5
CVE-2013-1930
MEDIUM
MantisBT 1.2.12-1.2.14 - Authenticated Workflow Bypass
CVSS 4.3
CVE-2013-1910
CRITICAL
yum - Denial of Service via Trojan Horse Metadata File
CVSS 9.8
CVE-2013-7333
HIGH
Open Floodlight SDN Controller 0.90 - Denial of Service via Switch Disconnection
CVSS 7.5
CVE-2013-7483
CRITICAL
WordPress slidedeck2 <2.3.5 - File Inclusion
CVSS 9.8
CVE-2013-0267
HIGH
Apache VCL 2.1-2.2.1, 2.3-2.3.1 - Privilege Escalation, DoS, and XSS via Improper Data Validation
CVSS 8.8
CVE-2013-4366
CRITICAL
Apache HttpClient 4.3.x < 4.3.1 - Improper Input Validation in HttpClientBuilder
CVSS 9.8
Details
Vulnerabilities
12,637
Exploit Likelihood
High