The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,638 vulnerabilities with CWE-20
CVE-2012-5427
Cisco IOS < 15.3(2)T - Authenticated Denial of Service via RTCP Packet Input Queue Wedge
CVE-2012-5017
Cisco IOS < 15.1(1)SY1 - Authenticated Denial of Service via Malformed IKEv2 Packets
CVE-2012-3062
Cisco IOS - Denial of Service via MLD Packet Processing
CVE-2012-1366
Cisco IOS - Denial of Service via Crafted MLD Packets
CVE-2012-2095
WICD < 1.7.2 - Unauthenticated Privilege Escalation via D-Bus SetWiredProperty
CVE-2012-6619
MongoDB < 2.3.2 - Authenticated Denial of Service via Crafted BSON Object
CVE-2012-6637
Apache Cordova < 3.3.0 and Adobe PhoneGap < 2.9.0 - Whitelist Bypass via Domain Name Substring Matching
CVE-2012-0052
Red Hat JBoss Operations Network < 2.4.2 and 3.0.x < 3.0.1 - Agent Identity Spoofing via Missing Agent Key Check
CVE-2012-5524
Gajim < 0.15.3 - Man-in-the-Middle Attack via Improper SSL Certificate Verification
CVE-2012-6152
Pidgin < 2.10.8 - Denial of Service via Yahoo Protocol UTF-8 Validation
CVE-2012-6150
Samba < 4.1.2 - Authentication Bypass via Invalid Group Name Handling
CVE-2012-4117
Cisco Unified Computing System - Man-in-the-Middle Attack via Improper X.509 Certificate Validation
CVE-2012-4099
Cisco NX-OS - Denial of Service via Malformed BGP UPDATE Message
CVE-2012-4097
Cisco NX-OS - Denial of Service via Malformed BGP UPDATE Message
CVE-2012-4076
Cisco NX-OS - Local Privilege Escalation via Shell Metacharacter Injection in System Library Function
CVE-2012-4105
Cisco Unified Computing System - Denial of Service via Crafted Debug Hardware Parameters
CVE-2012-4122
Cisco NX-OS - Arbitrary File Write via CLI Parser Shell Output Redirection
CVE-2012-4098
Cisco NX-OS - Denial of Service via Malformed BGP UPDATE Message
CVE-2012-4091
Cisco NX-OS - Denial of Service via Malformed RIP Message
CVE-2012-4111
Cisco Unified Computing System - Privilege Escalation via Fabric-Interconnect Create Certreq Command
CVE-2012-4110
Cisco Unified Computing System - Privilege Escalation via Fabric-Interconnect run-script Parameter
CVE-2012-4109
Cisco Unified Computing System - Privilege Escalation via Fabric-Interconnect SSH Key Command Injection
CVE-2012-4103
Cisco Unified Computing System - Local Privilege Escalation via ethanalyzer Parameter Injection
CVE-2012-4102
Cisco Unified Computing System - Privilege Escalation via Fabric-Interconnect Firmware Command Parameter
CVE-2012-4095
Cisco Unified Computing System - Privilege Escalation and Arbitrary File Read/Write via Local File Editor Key Bindings
Details
Vulnerabilities
12,638
Exploit Likelihood
High