CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,638 vulnerabilities with CWE-20
CVE-2011-0027
Microsoft Data Access Components (MDAC) <2.8 SP1 & WDAC 6.0 - RCE
CVE-2011-0003
MediaWiki <1.16.1 - CSRF
CVE-2010-4815 CRITICAL
Coppermine gallery <1.4.26 - Code Injection
CVSS 9.8
CVE-2010-4660 CRITICAL
statusnet through 2010 - SQL Injection via addslashes Bypass
CVSS 9.8
CVE-2010-3439 MEDIUM
alien-arena 7.33 - Denial of Service via Invalid Download Command Parameters
CVSS 6.5
CVE-2010-3359 MEDIUM
Gargoyle-Free <2009-08-25 - Privilege Escalation
CVSS 4.8
CVE-2010-2476 CRITICAL
syscp 1.4.2.1 - Path Traversal via DocumentRoot Colon Bypass
CVSS 9.8
CVE-2010-2449 MEDIUM
gource < 0.26 - Arbitrary File Write via Symlink Attack
CVSS 6.5
CVE-2010-2447 CRITICAL
gitolite < 1.4.1 - Path Traversal via Unfiltered src/ and hooks/ Paths
CVSS 9.8
CVE-2010-2473 MEDIUM
Drupal 5.0-5.21 - Unauthenticated Session Persistence via Blocked User Bypass
CVSS 6.5
CVE-2010-2243 HIGH
Linux Kernel < 2.6.34 - Denial of Service via clocksource0 sysfs Access
CVSS 7.5
CVE-2010-2446 CRITICAL
rbot - Remote Code Execution via Reaction Plugin
CVSS 9.8
CVE-2010-3667 MEDIUM
TYPO3 < 4.1.14, 4.2.x < 4.2.13, 4.3.x < 4.3.4, 4.4.x < 4.4.1 - Spam Abuse via Native Form Content Element
CVSS 5.3
CVE-2010-2490 MEDIUM
Mumble - Denial of Service via Malformed Client Query
CVSS 6.5
CVE-2010-0748 CRITICAL
Transmission < 1.92 - Denial of Service via Magnet Link tr Arguments
CVSS 9.8
CVE-2010-2061 HIGH
rpcbind 0.2.0 - Unauthenticated Arbitrary File Write via /tmp/portmap.xdr and /tmp/rpcbind.xdr
CVSS 7.8
CVE-2010-1678 HIGH
Mapserver 5.2-5.6 < 5.6.5-2 - Improper Input Validation in Mapfile Symbol Index Parsing
CVSS 7.5
CVE-2010-3375 CRITICAL
qtparted - Remote Code Execution via Insecure Library Loading
CVSS 9.8
CVE-2010-3373 MEDIUM
paxtest - Insecure Temporary File Handling
CVSS 5.5
CVE-2010-4239 CRITICAL
Tiki Wiki CMS Groupware 5.2 - Local File Inclusion
CVSS 9.8
CVE-2010-3293 MEDIUM
MailScanner < 4.79.11-2 - Local Virus Signature Update Prevention via Improper Input Validation
CVSS 5.5
CVE-2010-3050 MEDIUM
Cisco IOS < 12.2(33)SXI - Authenticated Denial of Service
CVSS 6.5
CVE-2010-3049 MEDIUM
Cisco IOS < 12.2(33)SXI - Denial of Service
CVSS 5.5
CVE-2010-1821 HIGH
Mac OS X 10.6-10.6.3 and Mac OS X Server 10.6-10.6.3 - Local Privilege Escalation
CVSS 7.8
CVE-2010-5328 MEDIUM
Linux Kernel < 2.6.35 - Denial of Service via Swapper Process Signal Handling
CVSS 5.5
Details
Vulnerabilities 12,638
Exploit Likelihood High