The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,638 vulnerabilities with CWE-20
CVE-2010-3762
ISC BIND < 9.7.2-P2 - Denial of Service via DNSSEC Validation with Multiple Trust Anchors
CVE-2010-3756
IBM Tivoli Storage Manager FastBack 5.5.0.0-5.5.6.0 & 6.1.0.0-6.1.0.1 DoS via _CalcHashValueWithLength
CVE-2010-3732
IBM DB2 UDB 9.5 - Authenticated Denial of Service via Prepared Statement with Large Parameter Markers
CVE-2010-2946
Linux kernel <2.6.35.2 - Privilege Escalation
CVE-2010-3283
HP System Management Homepage <6.2 - Open Redirect
CVE-2010-3476
OTRS 2.3.x < 2.3.6 and 2.4.x < 2.4.8 - Denial of Service via HTML Email Message
CVE-2010-3473
IBM FileNet P8 Application Engine <3.5.1.21 - Open Redirect
CVE-2010-3011
HP System Management Homepage < 6.1 - CRLF Injection via HTTP Header
CVE-2010-2738
Microsoft Windows and Office - Remote Code Execution via Malformed OpenType Font Parsing
CVE-2010-2729
Microsoft Windows Print Spooler - Arbitrary File Write and Remote Code Execution via Crafted RPC Print Request
CVE-2010-2580
MailEnable < 4.25 - Denial of Service via Long SMTP Command Parameters
CVE-2010-3320
IBM Records Manager <4.5.1.1 - Open Redirect
CVE-2010-2952
Apache Traffic Server <2.0.1-2.1.2 - Info Disclosure
CVE-2010-1807
Apple Safari 4.x-5.x - Remote Code Execution via Floating-Point Validation Flaw
CVE-2010-3247
Google Chrome < 6.0.472.53 - URL Spoofing via Homographic Sequences
CVE-2010-2248
Linux Kernel < 2.6.34 - Denial of Service via Invalid SMB Response CountHigh
CVE-2010-3186
IBM WAS <7.0.0.13 & WSP 6.1.0.9-32 - Unspecified Vuln
CVE-2010-2878
Adobe Shockwave Player <11.5.8.612 - Memory Corruption
CVE-2010-2877
Adobe Shockwave Player <11.5.8.612 - DoS/Code Injection
CVE-2010-2876
Adobe Shockwave Player <11.5.8.612 - Buffer Overflow
CVE-2010-2873
Adobe Shockwave Player <11.5.8.612 - DoS/Code Injection
CVE-2010-2872
Adobe Shockwave Player <11.5.8.612 - Memory Corruption
CVE-2010-2840
Cisco Unified Presence <6.0(7)-7.0(8) - DoS
CVE-2010-2362
Winny < 2.0b7.1 - Denial of Service via Node Information Processing
CVE-2010-2361
Winny < 2.0b7.1 - Improper Input Validation in BBS Information Processing
Details
Vulnerabilities
12,638
Exploit Likelihood
High