CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,638 vulnerabilities with CWE-20
CVE-2011-2150
SmarterStats 6.0 - Denial of Service via XML Injection in Admin and Client Pages
CVE-2011-1407
Exim 4.7x < 4.76 - Remote Code Execution via DKIM Identity Matching
CVE-2011-0633
libwww-perl < 6.00 - Man-in-the-Middle Attack via Incomplete SSL Certificate Validation
CVE-2011-0627 HIGH
Adobe Flash Player < 10.3.181.14 - Remote Code Execution via Crafted Flash Content
CVSS 8.8
CVE-2011-0626
Adobe Flash Player < 10.3.181.14 - Remote Code Execution via Bounds Checking Issue
CVE-2011-0625
Adobe Flash Player < 10.3.181.14 - Remote Code Execution via Bounds Checking Issue
CVE-2011-0624
Adobe Flash Player < 10.3.181.14 - Remote Code Execution via Bounds Checking Issue
CVE-2011-0623
Adobe Flash Player < 10.3.181.14 - Remote Code Execution via Bounds Checking Issue
CVE-2011-1853
HP Intelligent Management Center 5.0 - Remote Code Execution via TFTP Opcode Handling
CVE-2011-1849
HP Intelligent Management Center 5.0 - Remote Code Execution via TFTP WRQ Request
CVE-2011-1269
Microsoft PowerPoint 2002/2003/2007, Office 2004/2008 for Mac - RCE via Crafted Document
CVE-2011-1248
Windows Server 2003 SP2 and Server 2008 - Remote Code Execution via Crafted Packets
CVE-2011-2079
MediaCAST < 8 - XML Injection via CP_RIGHTSOURCE or bdclient_Inventive Cookie
CVE-2011-1824
Opera < 10.61 - Remote Code Execution via Large Integer SIZE Attribute in SELECT Element
CVE-2011-2022
Linux kernel <2.6.38.5 - Privilege Escalation
CVE-2011-1323
Yamaha RT100i - Denial of Service via IP Header Option Handling
CVE-2011-0073
Mozilla Firefox <3.5.19 & <3.6.17, SeaMonkey <2.0.14 - RCE
CVE-2011-0067
Mozilla Firefox <3.5.19 & <3.6.17 - Info Disclosure
CVE-2011-1826
CA Arcot WebFort VAS <6.2.5 - Open Redirect
CVE-2011-1456
Google Chrome < 11.0.696.57 - Denial of Service via PDF Form Handling
CVE-2011-1452
Google Chrome <11.0.696.57 - Open Redirect
CVE-2011-1451
Google Chrome < 11.0.696.57 - Denial of Service via DOM ID Map Handling
CVE-2011-1450
Google Chrome < 11.0.696.57 - Denial of Service via File Dialog Handling
CVE-2011-1448
Google Chrome < 11.0.696.57 - Denial of Service via Stale Pointer
CVE-2011-1447
Google Chrome < 11.0.696.57 - Denial of Service via Drop-Down List Handling
Details
Vulnerabilities 12,638
Exploit Likelihood High