The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,638 vulnerabilities with CWE-20
CVE-2012-2562
Xelex MobileTrack < 2.3.7 - Unauthenticated Command Execution via SMS
CVE-2012-2321
ConnMan < 0.85 - Remote Code Execution via DHCP Reply Host or Domain Name
CVE-2012-2118
X.Org X11 1.11 - Format String Vulnerability in LogVHdrMessageVerb
CVE-2012-1589
Drupal 7.x < 7.13 - Open Redirect via Form API Destination URL
CVE-2012-1090
MEDIUM
Linux Kernel < 3.2.10 - Denial of Service via CIFS Special File Access
CVSS 5.5
CVE-2012-2611
SAP NetWeaver 7.0 EHP1 and EHP2 - Remote Code Execution via DiagTraceR3Info Function
CVE-2012-2336
PHP < 5.3.13 and 5.4.x < 5.4.3 - Denial of Service via Malformed CGI Query String
CVE-2012-0676
Apple Safari < 5.1.7 - Form Field Injection via State Tracking Issue
CVE-2012-1848
Windows Kernel win32k.sys - Local Privilege Escalation via Scrollbar Calculation
CVE-2012-0180
HIGH
Windows Kernel win32k.sys - Privilege Escalation via User-Mode Input Handling
CVSS 7.8
CVE-2012-0167
Microsoft Office - Remote Code Execution via Crafted EMF Image
CVE-2012-0165
Microsoft Office and Windows GDI+ - Remote Code Execution via EMF Image Record Type
CVE-2012-0161
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1, 3.5.1, 4 - Remote Code Execution via Serialization
CVE-2012-0160
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1, 3.5.1, 4 - Remote Code Execution via Serialization
CVE-2012-0018
Microsoft Visio Viewer 2010 Gold and SP1 - Remote Code Execution via Crafted VSD File
CVE-2012-0674
iPhone OS < 5.1.1 - URL Spoofing via Safari Location Bar
CVE-2012-0736
IBM Rational AppScan Enterprise <8.5.0.1 - RCE
CVE-2012-0735
IBM Rational AppScan Enterprise <8.5.0.1 - Info Disclosure
CVE-2012-2004
HP Insight Management Agents < 9.0.0.0 - Open Redirect
CVE-2012-2002
HP SNMP Agents for Linux < 9.0.0 - Open Redirect
CVE-2012-0339
Cisco IOS 12.2-12.4 and 15.0 - Unauthenticated TELNET Access Bypass via VRF-Also Keyword Mishandling
CVE-2012-0338
Cisco IOS 12.2-12.4 and 15.0 - Unauthenticated SSH Access Bypass via VRF-Also Keyword Misconfiguration
CVE-2012-2425
Intuit QuickBooks 2009-2012 - Denial of Service via Long URI in HelpAsyncPluggableProtocol Handler
CVE-2012-2270
owncloud < 3.0.3 - Open Redirect via Login Page redirect_url Parameter
CVE-2012-2268
RealNetworks Helix Server and Helix Mobile Server 14.x - Denial of Service via SNMP Open-PDU Request
Details
Vulnerabilities
12,638
Exploit Likelihood
High