CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,638 vulnerabilities with CWE-20
CVE-2013-2168
Freedesktop Dbus - Improper Input Validation
CVE-2013-2116
GnuTLS 2.12.23 - Denial of Service via Crafted Padding Length
CVE-2013-3925
Atlassian Crowd 2.3.8, 2.4.9, 2.5.x < 2.5.4, 2.6.x < 2.6.3 - XML External Entity Injection via Services Endpoint
CVE-2013-4098
DS3 Authentication Server - Remote Code Execution via ErrorViewer.jsp Message Parameter
CVE-2013-4096
DS3 Authentication Server - Authenticated Remote Code Execution via HOST_NAME Field
CVE-2013-4095
Imperva SecureSphere 9.0.0.5 - Authenticated Remote Code Execution via Task Command Field
CVE-2013-4094
Imperva SecureSphere - Authenticated Arbitrary File Upload via Key Management Feature
CVE-2013-4660
nodeca/js-yaml < 2.0.5 - Remote Code Execution via Unsafe YAML Tag Parsing
CVE-2013-3393
Cisco Jabber and Virtualization Experience Media Engine - Denial of Service via Crafted RTP Packets
CVE-2013-3382
Cisco ASA NGFW Module <9.1.1.9/9.1.2.x<9.1.2.12 DoS via Fragmented IPv4/IPv6
CVE-2013-1694
Firefox < 22.0 and Firefox ESR < 17.0.7 - Remote Code Execution via PreserveWrapper Cache Handling
CVE-2013-4636
PHP Fileinfo Component - Denial of Service via MP3 MIME Type Detection
CVE-2013-4615
Canon MG3100 MG5300 MG6100 MP495 MX340 MX870 MX890 MX920 MX922 - Denial of Service via LAN_TXT24 Parameter
CVE-2013-2961
IBM Tivoli Monitoring <6.2.3 - Open Redirect
CVE-2013-0551
IBM Tivoli Monitoring 6.2.0-6.2.3 - Denial of Service via Crafted URL
CVE-2013-3035
IBM AIX 6.1/7.1 & VIOS 2.2.2.2-FP-26 SP-02 - DoS
CVE-2013-3378
Cisco TelePresence <6.1-4.1.3 - DoS
CVE-2013-4632
Huawei Access Router <V200R002SPC003 - DoS
CVE-2013-1203
Cisco ASA CX Context-Aware Security Software - Denial of Service via Crafted TCP Packets
CVE-2013-1093
Novell ZENworks Configuration Management <11.2.3a - Open Redirect
CVE-2013-1985
libXinerama < 1.1.2 - Buffer Overflow via XineramaQueryScreens Integer Overflow
CVE-2013-2783
IOServer DNP3 Driver 1.0.19.0 - Denial of Service via Crafted TCP Data
CVE-2013-3575
HP Insight Diagnostics 9.4.0.4710 - Remote File Inclusion via path Parameter
CVE-2013-3574
HP Insight Diagnostics 9.4.0.4710 - Path Traversal and Arbitrary File Write via devicePath Parameter
CVE-2013-3573
HP Insight Diagnostics - Improper Input Validation
Details
Vulnerabilities 12,638
Exploit Likelihood High