The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,638 vulnerabilities with CWE-20
CVE-2012-6030
Xen 4.0-4.2 - Denial of Service via TMEM do_tmem_op Locking Error
CVE-2012-3515
Qemu < 1.2.0 - Privilege Escalation via VT100 Escape Sequence
CVE-2012-3498
Citrix XenServer < 6.0.2 - Denial of Service via PHYSDEVOP_map_pirq Index Range
CVE-2012-3497
Xen 4.0-4.2 - Denial of Service via TMEM NULL Client ID
CVE-2012-3495
Citrix XenServer <= 6.0.2 - Denial of Service via physdev_get_free_pirq Hypercall
CVE-2012-5703
VMware ESX and ESXi 4.1 - Denial of Service via Invalid SOAP Request Value
CVE-2012-4520
Django 1.3-1.3.4 and 1.4-1.4.2 - Arbitrary URL Generation via Host Header
CVE-2012-4945
Agile FleetCommander & FleetCommander Kiosk <4.08 - Command Injection
CVE-2012-2733
Apache Tomcat <6.0.36, <7.0.28 - DoS
CVE-2012-4850
IBM WebSphere App Server <8.5.0.1 - Privilege Escalation
CVE-2012-2619
Broadcom BCM4325 and BCM4329 - Denial of Service via RSN 802.11i Information Element
CVE-2012-4776
Microsoft .NET Framework <4.5 - XSS
CVE-2012-4023
Pebble < 2.6.4 - CRLF Injection via HTTP Header Manipulation
CVE-2012-5424
Cisco Secure Access Control System <5.2-5.3 - Auth Bypass
CVE-2012-5118
Google Chrome < 23.0.1271.64 - Denial of Service via GPU Command Buffer Integer Validation
CVE-2012-5825
tweepy - SSL Certificate Hostname Validation Bypass via Missing CN/subjectAltName Check
CVE-2012-5823
Opensourceclassifieds - Improper Input Validation
CVE-2012-5820
Google AdMob - Man-in-the-Middle Attack via Unverified SSL Certificate
CVE-2012-5818
ElephantDrive - Man-in-the-Middle Attack via Improper Certificate Validation
CVE-2012-5816
AOL Instant Messenger 1.0.1.2 - Man-in-the-Middle Attack via SSL Certificate Spoofing
CVE-2012-5815
Rackspace app 2.1.5 for iOS - Man-in-the-Middle Attack via Certificate Hostname Mismatch
CVE-2012-5814
GitHub Gaug.es - SSL Certificate Hostname Validation Bypass
CVE-2012-5813
Android_Pusher - Certificate Hostname Validation Bypass
CVE-2012-5812
ACRA Library - Improper Certificate Validation
CVE-2012-5808
Zen Cart LinkPoint Module - Man-in-the-Middle Attack via Improper Certificate Validation
Details
Vulnerabilities
12,638
Exploit Likelihood
High