The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,638 vulnerabilities with CWE-20
CVE-2011-3844
Apple Safari 5.0.5 - Address Bar Spoofing via setInterval Function
CVE-2011-4890
IBM solidDB < 6.5.0.8 and 7.0 - Authenticated Denial of Service via SELECT ROWNUM Subquery
CVE-2011-5079
irfaq < 1.1.4 - Open Redirect via Return URL Parameter
CVE-2011-3964
Google Chrome <17.0.963.46 - Info Disclosure
CVE-2011-4879
Siemens WinCC flexible - Information Disclosure and Denial of Service via Crafted POST Request
CVE-2011-4877
Siemens WinCC flexible - Denial of Service via Crafted TCP Data
CVE-2011-4314
OpenID4Java <0.9.6 - Info Disclosure
CVE-2011-4132
Linux Kernel - Denial of Service via Invalid Log First Block Value in JBD
CVE-2011-1941
phpMyAdmin 3.4.0 - Open Redirect via Redirector Feature
CVE-2011-4153
PHP 5.3.8 - Denial of Service via zend_strndup Return Value Mismanagement
CVE-2011-3597
Digest < 1.17 - Eval Injection via new Constructor
CVE-2011-4531
Siemens Automation License Manager < 5.1 - DoS via Crafted Commands
CVE-2011-4530
Siemens Automation License Manager < 5.1 - Denial of Service via Long Field Input
CVE-2011-5055
MaraDNS 1.3.07.12 and 1.4.08 - Denial of Service via DNS Hash Collision
CVE-2011-5046
Microsoft Windows GDI - Remote Code Execution via IFRAME Height Attribute
CVE-2011-5043
TomatoSoft Free Mp3 Player 1.0 - Denial of Service via Long String in MP3 File
CVE-2011-5037
Google V8 - Denial of Service via Predictable Hash Collisions in Form Parameter Handling
CVE-2011-5035
Oracle Glassfish < 3.1.1 - Denial of Service via Predictable Hash Collisions
CVE-2011-5034
Apache Geronimo < 2.2.1 - Denial of Service via Predictable Hash Collisions
CVE-2011-4885
PHP < 5.3.9 - Denial of Service via Hash Collision in Form Parameter Handling
CVE-2011-4815
Ruby < 1.8.7-p357 - Denial of Service via Hash Collision
CVE-2011-4462
Plone < 4.1.3 - Denial of Service via Predictable Hash Collisions
CVE-2011-3415
Microsoft .NET Framework - Open Redirect
CVE-2011-4783
IDAPython < 1.5.2.3 - Remote Code Execution via Crafted IDB File
CVE-2011-4784
NVIDIA Stereoscopic 3D Driver < 7.17.12.7536 - Privilege Escalation via Named Pipe Command Handling
Details
Vulnerabilities
12,638
Exploit Likelihood
High