The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,638 vulnerabilities with CWE-20
CVE-2010-0431
Red Hat Enterprise Virtualization 2.2 and KVM 83 - Denial of Service via QXL Driver Pointer Validation
CVE-2010-0428
Red Hat Enterprise Virtualization 2.2 and qspice 0.3.0 - Denial of Service via Invalid QXL Driver Pointer
CVE-2010-3106
Novell iPrint < 5.42 - Remote Code Execution via ienipp.ocx Debug Parameter
CVE-2010-1645
Cacti < 0.8.7f - Authenticated Remote Code Execution via FQDN or Vertical Label Field
CVE-2010-2937
VLC media player 0.9.0-1.1.2 - Denial of Service via ID3v2 Tag Processing
CVE-2010-3053
FreeType < 2.4.2 - Denial of Service via Crafted BDF Font File
CVE-2010-2805
FreeType <2.4.2 - DoS/Code Injection
CVE-2010-2812
ZNC - Denial of Service via PING Command Without Argument
CVE-2010-2827
Cisco IOS 15.1(2)T - Denial of Service via Spoofed TCP Packets
CVE-2010-2993
Wireshark 1.2.0-1.2.9 - Denial of Service in IPMI Dissector
CVE-2010-2566
Windows XP SP2/SP3 and Windows Server 2003 SP2 - Remote Code Execution via Malformed SSL Certificate Request
CVE-2010-2551
Microsoft Windows Vista SP1/SP2, Windows Server 2008, Windows 7 - Denial of Service via SMB Packet
CVE-2010-2550
Microsoft Windows SMB Server - Remote Code Execution via Crafted SMB Packet
CVE-2010-1897
Windows Kernel win32k.sys - Privilege Escalation via Pseudo-Handle Validation Bypass
CVE-2010-1896
HIGH
Windows Kernel win32k.sys - Privilege Escalation via Improper User-Mode Input Validation
CVSS 8.4
CVE-2010-1890
Windows 7, Windows Server 2008, and Windows Vista - Denial of Service via Kernel Object ACL Validation
CVE-2010-1887
Microsoft Windows 2003 Server - Improper Input Validation
CVE-2010-2474
JBoss Enterprise Service Bus < 4.7 CP02 - Privilege Escalation via Security Domain Bypass
CVE-2010-2819
Cisco FWSM 3.1-4.1(1.1) DoS via SunRPC Inspection
CVE-2010-2795
phpCAS < 1.1.2 - Authenticated Session Hijacking via Crafted Ticket Value
CVE-2010-2725
BarnOwl < 1.6.2 - Denial of Service via ZPending and ZReceiveNotice Function Return Code Mismanagement
CVE-2010-1518
GIGABYTE Dldrv2 ActiveX <1.4.206.11 - RCE
CVE-2010-1517
GIGABYTE Dldrv2 ActiveX control 1.4.206.11 - RCE
CVE-2010-1213
Mozilla Firefox <3.5.11 & Thunderbird <3.0.6 & SeaMonkey <2.0.6 - SSRF
CVE-2010-1210
Mozilla Firefox <3.6.7 & Thunderbird <3.1.1 - XSS
Details
Vulnerabilities
12,638
Exploit Likelihood
High