The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,638 vulnerabilities with CWE-20
CVE-2013-3221
Ruby on Rails 2.3.x-3.2.x - Data-Type Injection
CVE-2013-0122
avast! Mobile Security < 2.0.4304 - Denial of Service via Crafted Intent
CVE-2013-1176
Cisco TelePresence MCU 4500 and 4501 Series Software < 4.3(2.30) - Denial of Service via Crafted H.264 RTP Packets
CVE-2013-1197
Cisco Unified Presence - Denial of Service via XML Parser in XMPP Message
CVE-2013-1187
Cisco Jabber Extensible Communications Platform - DoS
CVE-2013-2779
Cisco IOS XE <3.4.5S, 3.5-3.7 - DoS
CVE-2013-1189
Cisco uBR10012 - Denial of Service via IPv4/IPv6 Dual-Stack Modem Address Changes
CVE-2013-1172
Cisco AnyConnect < - Privilege Escalation
CVE-2013-1166
Cisco IOS XE 3.2-3.4 < 3.4.5S and 3.5-3.7 < 3.7.1S - Denial of Service via SIP Packet Flood
CVE-2013-1165
Cisco IOS XE 2.x-3.x < 3.4.5S and 3.5-3.7 < 3.7.1S - Denial of Service via Crafted L2TP Packets
CVE-2013-1151
Cisco ASA Software DoS via Crafted Certificate
CVE-2013-1291
Windows 7 - Denial of Service via OpenType Font Parsing
CVE-2013-1282
Microsoft Active Directory - Denial of Service via Crafted LDAP Query
CVE-2013-0078
Windows Defender - Privilege Escalation via Incorrect MsMpEng.exe Pathname
CVE-2013-1821
Ruby < 1.9.3-p392 - Denial of Service via XML Entity Expansion
CVE-2013-0285
nori_gem 1.0.x < 1.0.3, 1.1.x < 1.1.4, 2.0.x < 2.0.2 - Remote Code Execution via String Cast Injection
CVE-2013-2770
Novell Kanaka <2.8 - Info Disclosure
CVE-2013-0681
Cogent DataHub <7.3.0-6.4.22 - DoS
CVE-2013-1911
ldoce 0.0.2 - Remote Code Execution via Shell Metacharacters in MP3 URL or File Name
CVE-2013-0926
Google Chrome <26.0.1410.43 - Info Disclosure
CVE-2013-1162
Cisco IOS XR - Denial of Service via Crafted Traffic Engineering Packets
CVE-2013-1161
Cisco Jabber IM for Android - Denial of Service via Crafted XMPP Presence Update
CVE-2013-1848
Linux Kernel < 3.8.3 - Local Privilege Escalation via Format String in ext3 Superblock Handling
CVE-2013-1828
Linux Kernel < 3.8.4 - Local Privilege Escalation via SCTP_GET_ASSOC_STATS Getsockopt
CVE-2013-1798
Linux Kernel < 3.8.4 - Information Disclosure and Denial of Service via IOAPIC Register Operations
Details
Vulnerabilities
12,638
Exploit Likelihood
High