CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,638 vulnerabilities with CWE-20
CVE-2013-3406
Cisco Services Portal 9.4(1) - Authenticated Arbitrary File Read via Files Available for Download
CVE-2013-3030
IBM Cognos Business Intelligence <10.2.1.1 - DoS
CVE-2013-4551
Xen 4.2.x-4.3.x - Denial of Service via Guest VMX Instruction Execution
CVE-2013-1057
MAAS <13.10 - Code Injection
CVE-2013-6684
Cisco Wireless LAN Controller - Denial of Service via Crafted HTTP Request
CVE-2013-6683
Cisco NX-OS - Denial of Service via Malformed IPv6 Neighbor Table Packets
CVE-2013-6682
Cisco Adaptive Security Appliance Software <= 9.0.3.6 - Denial of Service via Invalid X.509 Certificate
CVE-2013-5568
Cisco Adaptive Security Appliance Software <= 9.0.3.6 - Denial of Service via Auto-Update
CVE-2013-5560
Cisco Adaptive Security Appliance Software <= 9.1(3) - Denial of Service via Crafted IPv6 Packets
CVE-2013-3869
Microsoft Windows - Denial of Service via Crafted X.509 Certificate Validation
CVE-2013-2653
SilverStripe 3.0.3 - Phishing Attack via GET Request Login
CVE-2013-6122
Qualcomm QUIC Mobile Station Modem Kernel - Memory Corruption via Goodix gt915 Touchscreen Driver Procfs Handler
CVE-2013-3045
IBM Lotus Sametime <8.5.2.1 - Open Redirect
CVE-2013-6618
Juniper Junos Authenticated RCE via J-Web PHP rsargs Parameter
CVE-2013-4436
SaltStack Salt 0.17.0 - Man-in-the-Middle Attack via Unvalidated SSH Host Key
CVE-2013-6340
Wireshark 1.8.x < 1.8.11 and 1.10.x < 1.10.3 - Denial of Service in TCP Dissector
CVE-2013-6339
Wireshark 1.8.x-1.8.10 and 1.10.x-1.10.2 - Denial of Service via OpenWire Dissector Loop
CVE-2013-6338
Wireshark 1.8.x-1.8.10 and 1.10.x-1.10.2 - Denial of Service in SIP Dissector
CVE-2013-6336
Wireshark 1.8.x-1.8.10 and 1.10.x-1.10.2 - Denial of Service via IEEE 802.15.4 Dissector Pointer Chain
CVE-2013-5561
Cisco Adaptive Security Appliance CX Context-Aware Security Software - Policy Bypass via Safe Search Enforcement
CVE-2013-4494
Xen 4.1.0-4.1.6 - Denial of Service via Lock Ordering Deadlock
CVE-2013-5431
IBM Tivoli Federated Identity Manager <6.2.2 - Open Redirect
CVE-2013-5547
Cisco IOS XE 3.9 - Denial of Service via Malformed EoGRE Packets
CVE-2013-5546
Cisco IOS XE 3.7-3.8 - Denial of Service via TCP Reassembly in NAT or ALG Component
CVE-2013-5545
Cisco IOS XE < 3.9.2S - Denial of Service via PPTP ALG Packet Flood
Details
Vulnerabilities 12,638
Exploit Likelihood High