The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,638 vulnerabilities with CWE-20
CVE-2013-1112
Cisco Carrier Routing System - Denial of Service via Malformed Packet Processing
CVE-2013-0964
Apple iOS <6.1 & Apple TV <5.2 - Info Disclosure
CVE-2013-0963
iPhone OS < 6.1 - Authentication Bypass via AppleID Certificate Validation Failure
CVE-2013-0654
GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01-8.0 - RCE
CVE-2013-0841
Google Chrome < 24.0.1312.56 - Denial of Service via Content-Blocking Array Index Error
CVE-2013-0655
Schneider Electric Software Update (SESU) Utility <1.0.x-1.1.x - RCE
CVE-2013-0837
Google Chrome <24.0.1312.52 - DoS
CVE-2013-0830
Google Chrome <24.0.1312.52 - Memory Corruption
CVE-2013-0156
Ruby on Rails JSON Processor YAML Deserialization Code Execution
CVE-2013-0757
Firefox 17.0.1 Flash Privileged Code Injection
CVE-2013-0747
Firefox < 18.0 - Clickjacking via Plugin Handler Mutation Event
CVE-2013-0005
Microsoft .NET Framework 3.5-4 - Denial of Service via WCF Replace Function
CVE-2013-0004
Microsoft .NET Framework Remote Code Execution via Crafted XAML Browser Application
CVE-2012-3338
MEDIUM
IBM InfoSphere Guardium 8.0, 8.01, 8.2 - Unauthenticated User Account Creation via Improper Input Validation
CVSS 5.3
CVE-2012-5699
CRITICAL
babygekko < 1.2.4 - PHP File Inclusion
CVSS 9.8
CVE-2012-1326
HIGH
Cisco IronPort Web Security Appliance <= 7.5 - Improper Certificate Validation
CVSS 7.4
CVE-2012-0334
MEDIUM
Cisco IronPort Web Security Appliance AsyncOS <7.5 - Info Disclosure
CVSS 6.4
CVE-2012-4603
HIGH
Citrix XenApp Online Plug-in <12.1 & Citrix Receiver <3.2 - RCE
CVSS 7.8
CVE-2012-4030
HIGH
Chamilo < 1.8.8.6 - Arbitrary File Deletion via index.php Input Handling
CVSS 7.5
CVE-2012-6111
HIGH
gnome-keyring - Improper Input Validation
CVSS 7.5
CVE-2012-3409
HIGH
ecryptfs-utils 86-98 - Privilege Escalation via Improper Filesystem Mount Restrictions
CVSS 7.8
CVE-2012-4576
HIGH
FreeBSD - Privilege Escalation via Input Validation Flaw
CVSS 7.8
CVE-2012-2248
HIGH
dhclient 4.3.1-6 - Remote Code Execution via Embedded Path Variable
CVSS 8.1
CVE-2012-5582
CRITICAL
OpenDNSSEC - Denial of Service via libcurl API Misuse
CVSS 9.8
CVE-2012-4524
HIGH
xlockmore < 5.43 - Security Bypass via dclock Improper Input Validation
CVSS 7.5
Details
Vulnerabilities
12,638
Exploit Likelihood
High