CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,641 vulnerabilities with CWE-20
CVE-2010-0603
Cisco PGW 2200 Softswitch - Denial of Service via Malformed SIP Session Attribute
CVE-2010-0602
Cisco PGW 2200 Softswitch - Denial of Service via Malformed SIP Packet
CVE-2010-0601
Cisco PGW 2200 Softswitch - Denial of Service via Malformed MGCP Packet
CVE-2010-1624
Pidgin < 2.7.0 - Denial of Service via Malformed SLP Message
CVE-2010-1455
Wireshark <1.2.8 - DoS
CVE-2010-0730
Red Hat Enterprise Linux 5 - Denial of Service via MMIO Instruction Emulation
CVE-2010-1690
Microsoft Windows and Exchange Server - DNS Response Spoofing via Transaction ID Mismatch
CVE-2010-1173
Linux Kernel < 2.6.33.3 - Denial of Service via SCTPChunkInit Packet with Invalid Parameters
CVE-2010-1167
fetchmail 4.6.3-6.3.16 - Denial of Service via Invalid Multi-Character Locale Handling
CVE-2010-1735
Microsoft Windows 2000, XP, and Server 2003 - Denial of Service via SfnLOGONNOTIFY Function
CVE-2010-1734
Windows 2000, XP, and Server 2003 - Denial of Service via SfnINSTRING Function
CVE-2010-0101
Lexmark Multiple Printers - Denial of Service via Malformed HTTP Authorization Header
CVE-2010-1598
phpThumb() - Remote Code Execution via fltr[] Parameter
CVE-2010-1592
SiSoftware Sandra <16.10.2010.1 - Privilege Escalation/DoS
CVE-2010-1591
Beijing Rising International Rising Antivirus 2008-2010 - Privilege Escalation via IOCTL Input Validation
CVE-2010-1587
Apache ActiveMQ <5.3.2 and <5.4.0 - Info Disclosure
CVE-2010-1586
HP System Management Homepage 2.x.x.x - Open Redirect via RedirectUrl Parameter
CVE-2010-1585
Mozilla Firefox <3.5.17 & 3.6.x <3.6.14 - RCE
CVE-2010-1544
micro_httpd on RCA DCM425 - Denial of Service via Long String to TCP Port 80
CVE-2010-1163
sudo 1.6.8-1.7.2p5 - Command Injection
CVE-2010-1155
Irssi <0.8.15 - SSL Man-in-the-Middle
CVE-2010-0589
Cisco Secure Desktop < 3.5.841 - Remote Code Execution via Web Install ActiveX Control
CVE-2010-0487
Microsoft Windows - Remote Code Execution via Modified Cabinet File
CVE-2010-0486
Microsoft Windows - Remote Code Execution via Authenticode Signature Verification Bypass
CVE-2010-0482
Windows 7 and Windows Server 2008 - Denial of Service via Malformed Image File
Details
Vulnerabilities 12,641
Exploit Likelihood High