CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,637 vulnerabilities with CWE-20
CVE-2013-6049 HIGH
apt-listbugs - Insecure Temporary File Creation
CVSS 7.8
CVE-2013-0336
FreeIPA < 3.2.0 - Denial of Service via Missing Username in Connection Request
CVE-2013-0334
Bundler < 1.7.0 - Arbitrary Gem Installation via Duplicate Gem Name in Multiple Sources
CVE-2013-2598
codeaurora android-msm - Memory Corruption via Crafted Boot-Image Header
CVE-2013-2163
monkey-project/monkey < 1.2.2 - Denial of Service via Range HTTP Header
CVE-2013-2014
OpenStack Keystone < 2013.1 - Denial of Service via Long Requests
CVE-2013-5919
Suricata < 1.4.6 - Denial of Service via Malformed SSL Record
CVE-2013-2111
Dovecot < 2.2.2 - Denial of Service via Invalid IMAP APPEND Parameters
CVE-2013-1883
MantisBT 1.2.12-1.2.14 - Denial of Service via Filter Criteria Resource Consumption
CVE-2013-3980
IBM Sametime 8.x-8.5.2.1 and 9.x-9.0.0.1 - Denial of Service via Fictitious User Flood
CVE-2013-4250
TYPO3 6.0.0-6.0.7 and 6.1.0-6.1.2 - Authenticated Arbitrary PHP Code Execution via File Upload
CVE-2013-4427
pyxtrlock < 0.2 - Unauthenticated Screen Lock Bypass via XCB Grab Function Return Value Mismanagement
CVE-2013-6453
MediaWiki < 1.19.10, 1.2x < 1.21.4, 1.22.x < 1.22.1 - XML External Entity Injection in SVG File Sanitization
CVE-2013-4544
QEMU <2.0.0-rc0, 1.7.1 - RCE/DoS
CVE-2013-6444
PyWBEM < 0.7 - Man-in-the-Middle Attack via Unverified X.509 Certificate
CVE-2013-6418
pywbem < 0.7 - Man-in-the-Middle Certificate Spoofing via Separate Connection
CVE-2013-7110
Transifex <0.10 - Man-in-the-Middle
CVE-2013-2073
Transifex < 0.9 - Man-in-the-Middle Attack via Unvalidated X.509 Certificates
CVE-2013-7236
Simple Machines Forum <2.0.6-1.1.19 - XSS
CVE-2013-7235
Simple Machines Forum <1.1.19, 2.x <2.0.6 - Privilege Escalation
CVE-2013-7234
Simple Machines Forum <1.1.19, <2.0.6 - CSRF
CVE-2013-6053
OpenJPEG 1.5.1 - Heap-Based Out-of-Bounds Read
CVE-2013-6887
Uclouvain Openjpeg - Improper Input Validation
CVE-2013-4723
DDSN Interactive cm3 Acora CMS - Open Redirect
CVE-2013-7338
Python - Denial of Service via Zip File Size Handling
Details
Vulnerabilities 12,637
Exploit Likelihood High