The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,638 vulnerabilities with CWE-20
CVE-2010-2337
RSA Federated Identity Manager 4.0-4.0.25 and 4.1-4.1.26 - Open Redirect
CVE-2010-2658
Opera < 10.60 - Unauthenticated Arbitrary File Upload via Clipboard Interaction
CVE-2010-2631
LibTIFF 3.9.0 - Denial of Service via Crafted TIFF File
CVE-2010-2630
libtiff - Denial of Service via Malformed TIFF File
CVE-2010-2629
Cisco Content Services Switch 11500 < 8.20.3.03 and ACE 4710 < A3(2.5) - HTTP Request Smuggling via LF Header Terminator
CVE-2010-2253
libwww-perl < 5.835 - Arbitrary File Write via lwp-download Filename Handling
CVE-2010-2252
GNU Wget < 1.12 - Arbitrary File Write via Server-Provided Filename in Redirect Chain
CVE-2010-2251
lftp < 4.0.6 - Arbitrary File Write via Content-Disposition Header
CVE-2010-1576
Cisco CSS 11500 <8.20.4.02 & ACE 4710 <A2(3.0) HTTP Request Smuggling
CVE-2010-2621
Digia QT < 4.6.3 - Improper Input Validation
CVE-2010-2598
Red Hat Enterprise Linux 3 x86_64 - Denial of Service via Crafted TIFF Image
CVE-2010-2597
libtiff 3.9.0 and 3.9.2 - Denial of Service via Crafted TIFF Image
CVE-2010-2596
libtiff 3.9.0 and 3.9.2 - Denial of Service via OJPEGPostDecode Function
CVE-2010-2595
libtiff 3.9.0 and 3.9.2 - Denial of Service via Invalid ReferenceBlackWhite Values in TIFFYCbCrtoRGB
CVE-2010-2233
LibTIFF 3.9.0 and 3.9.2 - Denial of Service or Remote Code Execution via Downsampled OJPEG Input
CVE-2010-1285
Adobe Reader/Acrobat <9.3.3/8.2.3 - RCE
CVE-2010-2505
SaschArt SasCAM Webcam Server <= 2.7 - Denial of Service via Long GET Request
CVE-2010-2435
Weborf HTTP Server <= 0.12.1 - Denial of Service via Unicode Characters in Connection Header
CVE-2010-1632
Apache Axis2 < 1.5.2 - XML External Entity Injection via SOAP DTD Processing
CVE-2010-2352
Content Construction Kit (CCK) 5.x < 1.11 and 6.x < 2.7 - Unauthenticated Node Reference Access Bypass
CVE-2010-2332
Impact PDF Reader - Denial of Service via Malformed POST Request Body
CVE-2010-2327
IBM WebSphere Application Server - Denial of Service via Large SSL Upload Request
CVE-2010-1379
Apple Mac OS X 10.6 - Denial of Service via Unicode in Printing-Service Name
CVE-2010-2310
SolarWinds TFTP Server 10.4.0.13 - Denial of Service via Long Write Request
CVE-2010-2074
w3m 0.5.2 - Certificate Domain Validation Bypass via Null Byte in X.509 Certificate
Details
Vulnerabilities
12,638
Exploit Likelihood
High