CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,638 vulnerabilities with CWE-20
CVE-2013-2818
Alstom e-terracontrol 3.5-3.7 - Denial of Service via DNP Master Driver Serial Input
CVE-2013-6706
Cisco IOS XE - Denial of Service via Crafted MPLS Packets
CVE-2013-6700
Cisco IOS XR - Denial of Service via SNMP MIB Request
CVE-2013-6380
Linux Kernel <= 3.12.1 - Denial of Service via FSACTL_SEND_RAW_SRB Ioctl
CVE-2013-0867
FFmpeg < 1.1.2 - Remote Code Execution via H.264 Pixel Format Change
CVE-2013-0860
FFmpeg <1.0.4, <1.1.1 - Memory Corruption
CVE-2013-0221
Red Hat Enterprise Linux - Denial of Service via Long String to sort Command with -d or -M Switch
CVE-2013-4354
OpenStack Glance - Unauthenticated Image Injection via Tenant Manipulation
CVE-2013-0873
FFmpeg < 1.1.3 - Remote Code Execution via Invalid Channel Count in Shorten Decoder
CVE-2013-4485
Redhat Enterprise Linux < 8.2 - Improper Input Validation
CVE-2013-4474
Canonical Ubuntu Linux < 0.24.1 - Improper Input Validation
CVE-2013-6694
Cisco IOS - Denial of Service via Crafted ICMP Packets
CVE-2013-2823
GE Intelligent Platforms Proficy <7.20k - DoS
CVE-2013-2811
GE Intelligent Platforms Proficy <7.20k - DoS
CVE-2013-6834
FreeBSD < 10.0 - Information Disclosure via ql_eioctl ioctl Call
CVE-2013-6833
FreeBSD < 10.0 - Information Disclosure via qls_eioctl Size Parameter
CVE-2013-6174
EMC Document Sciences xPression - Open Redirect via xAdmin Parameters
CVE-2013-1417
MIT Kerberos 5 < 1.11.4 - Authenticated Denial of Service via TGS-REQ Cross-Realm Referral
CVE-2013-6814
SAP NetWeaver < 7.02 - Unvalidated Redirect
CVE-2013-6815
SAP NetWeaver < 7.31 - Denial of Service via XML External Entity Injection in SHSTI_UPLOAD_XML
CVE-2013-6282 HIGH KEV
Android get_user/put_user Exploit
CVSS 8.8
CVE-2013-5605
Mozilla Network Security Services 3.14-3.14.4 and 3.15-3.15.2 - Denial of Service via Invalid Handshake Packets
CVE-2013-6689
Cisco Unified Communications Manager < 9.1(1) - Arbitrary File Read/Modify/Create via CLI
CVE-2013-6686
Cisco IOS < 15.3(1)T2 - Authenticated Denial of Service via Crafted DTLS Packets
CVE-2013-3876
Microsoft Windows - Man-in-the-Middle Spoofing via Improper X.509 Certificate Validation
Details
Vulnerabilities 12,638
Exploit Likelihood High