CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,638 vulnerabilities with CWE-20
CVE-2011-0040
Microsoft Active Directory on Windows Server 2003 SP2 - DoS
CVE-2011-0912
IBM Lotus Notes 8.0.x-8.0.2 FP6 and 8.5.x-8.5.1 FP5 - Remote Code Execution via CAI URL Launcher Library Option
CVE-2011-0908
Vanilla Forums < 2.0.17.6 - Open Redirect via Target Parameter
CVE-2011-0531
VLC media player < 1.1.6.1 - Remote Code Execution via Crafted MKV File
CVE-2011-0025
IcedTea <1.7.8, <1.8.5, <1.9.5 - Code Injection
CVE-2011-0781
Google Chrome < 9.0.597.84 - Improper Input Validation in Autofill Profile Merging
CVE-2011-0779
Google Chrome < 9.0.597.84 - Denial of Service via Crafted Extension
CVE-2011-0771
Janrain RPX - Authenticated Cross-Site Scripting and Arbitrary PHP Execution via Profile Image Upload
CVE-2011-0752
PHP < 5.2.15 - Variable Overwrite via EXTR_OVERWRITE Parameter
CVE-2011-0739
Ruby Mail gem < 2.2.14 - Remote Code Execution via Shell Metacharacters in Email Address
CVE-2011-0738
MyProxy 5.0-5.2 - Certificate Hostname and Identity Validation Bypass
CVE-2011-0017
Exim <4.72 - Local Privilege Escalation
CVE-2011-0687
Opera < 11.01 - Denial of Service via WAP Dropdown List
CVE-2011-0685
Opera < 11.01 - Unauthenticated Email Account Password Exposure via Delete Private Data Feature
CVE-2011-0684
Opera < 11.01 - Information Disclosure via HTTP Response Manipulation
CVE-2011-0413
ISC DHCP 4.0.x-4.1.x - Denial of Service via DHCPv6 Declined Address Message
CVE-2011-0652
Look 'n' Stop Firewall 2.06p4 and 2.07 - Denial of Service via Crafted IOCTL Request
CVE-2011-0018
OpenVAS Manager <2.0rc2 - Command Injection
CVE-2011-0513
SecurStar DriveCrypt <= 5.4 - Local Privilege Escalation via DCR.sys IOCTL 0x00073800
CVE-2011-0491
Tor < 0.2.1.28 - Denial of Service via Memory Allocation Underflow
CVE-2011-0015
Tor <0.2.1.29 & <0.2.2.21-alpha - DoS
CVE-2011-0485
Google Chrome < 8.0.552.237 and Chrome OS < 8.0.552.344 - Remote Code Execution via Speech Data Handling
CVE-2011-0484
Google Chrome < 8.0.552.237 and Chrome OS < 8.0.552.344 - Denial of Service via Stale Rendering Node
CVE-2011-0478
Google Chrome < 8.0.552.237 and Chrome OS < 8.0.552.344 - Denial of Service via SVG Use Element Handling
CVE-2011-0471
Google Chrome < 8.0.552.237 and Chrome OS < 8.0.552.344 - Denial of Service via Node Iteration Pointer Handling
Details
Vulnerabilities 12,638
Exploit Likelihood High