The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,637 vulnerabilities with CWE-20
CVE-2013-2143
Red Hat Satellite and Katello < 1.5.0-14 - Authenticated Privilege Escalation via users/update_roles
CVE-2013-4768
Eucalyptus 2.0-3.4.1 - Denial of Service via Network Connection Cleanup
CVE-2013-2828
OSIsoft PI Interface <3.1.2.54 - DoS
CVE-2013-2809
OSIsoft PI Interface <3.1.2.54 - DoS
CVE-2013-0740
Dell OpenManage Server Administrator < 7.3.0 - Open Redirect via HelpViewer File Parameter
CVE-2013-1946
RESTful Web Services < 7.x-1.3 and 7.x-2.0-alpha5 - Denial of Service via HTTP Accept Header
CVE-2013-3588
Zyxel P-660H Series - Denial of Service via TCP SYN Flood
CVE-2013-1869
Red Hat Satellite and Spacewalk Java < 2.1.147-1 - CRLF Injection via Return URL Parameter
CVE-2013-6769
Koush Superuser 1.0.2.1 - Privilege Escalation via Shell Metacharacters in su -c Option
CVE-2013-2694
WP Symposium <13.04 - Open Redirect
CVE-2013-3997
IBM InfoSphere BigInsights 1.1 and 2.x < 2.1 FP2 - Authenticated Open Redirect
CVE-2013-2044
owncloud < 5.0.6 - Open Redirect via Login Page redirect_url Parameter
CVE-2013-1939
SabreDAV 1.6.0-1.6.8, 1.7.0-1.7.6 - Path Traversal via Backslash Character
CVE-2013-7335
DotNetNuke <6.2.9, <7.1.1 - Open Redirect
CVE-2013-4199
Plone 2.1-4.1 4.2.x-4.2.5 4.3.x-4.3.1 - Authenticated Denial of Service via Large Zip Archive Expansion
CVE-2013-4197
Plone 2.1-4.1, 4.2.x-4.2.5, 4.3.x-4.3.1 - Authenticated Arbitrary Portrait Modification
CVE-2013-4195
Plone 2.1-4.1, 4.2-4.2.5, 4.3-4.3.1 - Open Redirect via marmoset_patch.py, publish.py, and principiaredirect.py
CVE-2013-4192
Plone 2.1-4.1, 4.2-4.2.5, 4.3-4.3.1 - Authenticated Email Spoofing
CVE-2013-6315
IBM InfoSphere Enterprise Records 4.5.1-4.5.1.7 and 5.1.1-5.1.1.1 - Clickjacking via FRAME Element
CVE-2013-4710
Android 3.0-4.1.x - Remote Code Execution via WebView.addJavascriptInterface
CVE-2013-4322
Apache Tomcat < 6.0.39, 7.x < 7.0.50, 8.x < 8.0.0-RC10 - Denial of Service via Chunked Transfer Coding
CVE-2013-4286
Apache Tomcat < 6.0.39, 7.x < 7.0.47, 8.x < 8.0.0-RC3 - Request Smuggling via Inconsistent HTTP Headers
CVE-2013-6654
Google Chrome < 33.0.1750.117 - Denial of Service in SVGAnimateElement
CVE-2013-7327
PHP 5.5.x <5.5.9 - DoS
CVE-2013-3988
IBM Sametime 8.5.2-8.5.2.1 and 9.x-9.0.0.1 - Clickjacking
Details
Vulnerabilities
12,637
Exploit Likelihood
High