The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,638 vulnerabilities with CWE-20
CVE-2012-5646
Red Hat OpenShift Origin <1.0.5-3 - RCE
CVE-2012-2697
Red Hat Enterprise Linux (RHEL) 5 - DoS
CVE-2012-4704
3S CODESYS Gateway-Server <2.3.9.27 - RCE
CVE-2012-5536
Red Hat pam_ssh_agent_auth - Info Disclosure
CVE-2012-4398
Linux Kernel < 3.4 - Denial of Service via __request_module Memory Consumption
CVE-2012-6531
Zend Framework 1.x < 1.11.13 and 1.12.x < 1.12.0 - XML External Entity Injection via SimpleXMLElement Handling
CVE-2012-2294
RSA Archer SmartSuite Framework 4.x and RSA Archer GRC < 5.2SP1 - Clickjacking
CVE-2012-0705
IBM InfoSphere IS <8.5FP3, 8.7, 9.1 - Command Injection
CVE-2012-0703
IBM InfoSphere Information Server <8.7 - Open Redirect
CVE-2012-6101
Moodle 2.2.x < 2.2.7, 2.3.x < 2.3.4, 2.4.x < 2.4.1 - Open Redirect via Multiple Endpoints
CVE-2012-6099
Moodle 2.1-2.1.10 2.2-2.2.7 2.3-2.3.4 2.4-2.4.1 - Authenticated Arbitrary File Read via Backup Converter
CVE-2012-5689
ISC BIND 9.8.x-9.8.4-P1 and 9.9.x-9.9.2-P1 - Denial of Service via DNS64 AAAA Query
CVE-2012-6085
GnuPG 1.4.x < 1.4.13 and 2.0.x <= 2.0.19 - Denial of Service via Crafted OpenPGP Packet Length Field
CVE-2012-4918
Call of Duty Elite for iOS 2.0.1 - Info Disclosure
CVE-2012-6395
Cisco Adaptive Security Appliance Software - Denial of Service via UNC Share Pathname Input
CVE-2012-6392
Cisco Prime LAN Management Solution 4.1-4.2.2 - Remote Code Execution via Crafted TCP Session
CVE-2012-5148
Google Chrome <24.0.1312.52 - Info Disclosure
CVE-2012-6501
HP PKI ActiveX Control < 1.1.0.6 - Denial of Service via KillProcess Method
CVE-2012-6499
Age Verification < 0.4 - Open Redirect via redirect_to Parameter
CVE-2012-2251
rssh 2.3.2 - Restricted Shell Bypass via rsync Command Line Options
CVE-2012-4556
Red Hat Certificate System <8.1.3 - DoS
CVE-2012-5653
Drupal 6.x < 6.27 and 7.x < 7.18 - Authenticated Remote Code Execution via Null Byte in File Upload
CVE-2012-6461
Opera Browser < 12.10 - Improper Input Validation in X.509 Certificate Validation
CVE-2012-5445
Cisco Unified IP Phone <9.3.1-ES10 - RCE
CVE-2012-0741
IBM Security AppScan Enterprise < 8.6.0.2 & Rational Policy Tester < 8.5.0.3 - MITM via Unvalidated X.509 Certificates
Details
Vulnerabilities
12,638
Exploit Likelihood
High