CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,641 vulnerabilities with CWE-20
CVE-2010-1379
Apple Mac OS X 10.6 - Denial of Service via Unicode in Printing-Service Name
CVE-2010-2310
SolarWinds TFTP Server 10.4.0.13 - Denial of Service via Long Write Request
CVE-2010-2074
w3m 0.5.2 - Certificate Domain Validation Bypass via Null Byte in X.509 Certificate
CVE-2010-2298
Google Chrome < 5.0.375.70 - Sandbox Restriction Bypass via ViewHostMsg_DatabaseOpenFile Message Handling
CVE-2010-2295
Google Chrome < 5.0.375.70 - Keystroke Redirection via Focused Frame Change
CVE-2010-2293
D-Link DI-604 - Authenticated Denial of Service via Ping Tools IP Textfield
CVE-2010-2289
Juniper Secure Access - Open Redirect via Location Parameter
CVE-2010-2075
UnrealIRCd 3.2.8.1 - Remote Code Execution via Trojaned DEBUG3_DOLOG_SYSTEM Macro
CVE-2010-2262
Galileo Students Team Weborf < 0.12.1 - Denial of Service via Crafted Range Header
CVE-2010-2193
CA PSFormX and WebScan ActiveX Controls - Remote Code Execution
CVE-2010-0485 HIGH
Windows Kernel win32k.sys - Local Privilege Escalation via Window Creation Callback
CVSS 7.8
CVE-2010-0484
Windows Kernel win32k.sys - Local Privilege Escalation via GetDCEx Device Context Validation
CVE-2010-0819
Microsoft Windows - Memory Corruption
CVE-2010-0296
glibc < 2.11.1 - Denial of Service via Newline in Mountpoint Name
CVE-2010-2115
SolarWinds TFTP Server 10.4.0.10 - Denial of Service via Crafted Read Request
CVE-2010-2020
FreeBSD 7.2-8.1-PRERELEASE - Privilege Escalation via NFS Client fhsize Parameter
CVE-2010-2090
IBM Communications Server - Denial of Service via APPC GDSID Variable
CVE-2010-2079
DataTrack System 3.5 - Arbitrary File Read via Trailing Backslash in URI
CVE-2010-2078
DataTrack System 3.5 - Directory Listing via Malformed URI
CVE-2010-0777
IBM WebSphere Application Server <6.0.2.43-7.0.0.11 - Info Disclosure
CVE-2010-0776
IBM WebSphere Application Server <6.0.2.43-7.0.0.11 - DoS
CVE-2010-1567
Cisco PGW 2200 Softswitch <9.8(1)S5 - DoS
CVE-2010-1563
Cisco PGW 2200 Softswitch <9.7(3)S9-9.7(3)P9 - DoS
CVE-2010-1562
Cisco PGW 2200 Softswitch <9.7(3)S9-9.7(3)P9 - DoS
CVE-2010-1561
Cisco PGW 2200 Softswitch <9.7(3)S11-9.7(3)P11 - DoS
Details
Vulnerabilities 12,641
Exploit Likelihood High