CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,638 vulnerabilities with CWE-20
CVE-2011-4601
Pidgin < 2.10.1 - Denial of Service via Malformed AIM/ICQ Buddy-List Message
CVE-2011-4603
Pidgin < 2.10.1 - Denial of Service via SILC Protocol Message Handling
CVE-2011-4602
Pidgin < 2.10.1 - Denial of Service via Malformed XMPP Voice/Video Chat Stanzas
CVE-2011-4755
Parallels Plesk Small Business Panel 10.2.0 - XML External Entity Injection via Crafted Cookie
CVE-2011-4727
Parallels Plesk Panel 10.2.0_build1011110331.18 - Denial of Service via REST URL Parameter
CVE-2011-3410
Microsoft Publisher <2007 SP3 - RCE
CVE-2011-3907
Google Chrome < 16.0.912.63 - URL Spoofing via View-Source Feature
CVE-2011-4539
ISC DHCP 4.x < 4.2.3-P1 and 4.1-ESV < 4.1-ESV-R4 - Denial of Service via Crafted Request Packet
CVE-2011-4685
Opera Browser < 11.60 - Denial of Service via Dragonfly
CVE-2011-4554
One Click Orgs < 1.2.3 - Authenticated SMTP Injection via Org Name or Email Address
CVE-2011-4553
One Click Orgs < 1.2.3 - Open Redirect via Return_to Parameter
CVE-2011-2397
Iron Mountain Connected Backup 8.4 - Remote Code Execution via Opcode 13 Request
CVE-2011-4317
Apache HTTP Server 1.3.x-1.3.42, 2.0.x-2.0.64, 2.2.x-2.2.21 SSRF via Malformed URI
CVE-2011-3639
Apache HTTP Server <2.0.64, <2.2.18 - SSRF
CVE-2011-4405
Ubuntu Linux 11.04 and 11.10 - Remote Code Execution via Insecure OpenPrinting Database Connection
CVE-2011-3367
Arora - Certificate Common Name Spoofing via Rich Text Rendering
CVE-2011-3366
Rekonq < 0.7.0 - Certificate Common Name Spoofing via Rich Text Rendering
CVE-2011-3365
KDE SC 4.6.0-4.7.1 - Certificate Common Name Spoofing via Rich Text Rendering
CVE-2011-3150
Ubuntu Linux - Remote Code Execution via Man-in-the-Middle Attack
CVE-2011-4249
RealNetworks RealPlayer <15.0.0 - RCE
CVE-2011-4311
ResourceSpace <4.2.2833 - Info Disclosure
CVE-2011-3646
phpMyAdmin <3.4.6 - Info Disclosure
CVE-2011-2772
Mahara < 1.4.1 - Denial of Service via Invalid Image Upload
CVE-2011-3647
Mozilla Firefox <3.6.24 & Thunderbird <3.1.6 - XSS
CVE-2011-2004
Microsoft Windows Server <2008 R2 SP1 & 7 - DoS
Details
Vulnerabilities 12,638
Exploit Likelihood High