The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,641 vulnerabilities with CWE-20
CVE-2010-0270
Windows 7 and Windows Server 2008 - Remote Code Execution via Crafted SMB Transaction Response
CVE-2010-0238
Microsoft Windows Kernel - Denial of Service via Registry Key Validation
CVE-2010-0235
Microsoft Windows 2000 SP4, XP SP2-SP3, Server 2003 SP2, Vista - Denial of Service via Symbolic Link Validation Bypass
CVE-2010-0234
Microsoft Windows Kernel - Denial of Service via Registry Key Validation
CVE-2010-0024
Microsoft Windows and Exchange Server - Denial of Service via SMTP MX Record Parsing
CVE-2010-1152
memcached < 1.4.3 - Denial of Service via Long Line Input
CVE-2010-0741
Linux Kernel < 2.6.26 - Denial of Service via TCP Segment Offloading in virtio-net
CVE-2010-1311
ClamAV < 0.96 - Denial of Service via Crafted CAB Archive
CVE-2010-1273
Emweb Wt < 3.1.1 - Improper Input Validation in UTF-8 Encoding
CVE-2010-0182
Firefox < 3.5.9 - Unauthenticated Access Restriction Bypass via XMLDocument::load
CVE-2010-0181
Firefox < 3.5.9 and 3.6.x < 3.6.2 - Denial of Service via IMG SRC Redirect to mailto: URL
CVE-2010-1237
Google Chrome 4.1 BETA - Denial of Service via Empty SVG Element
CVE-2010-1235
Google Chrome < 4.1.249.1036 - Download Warning Dialog Bypass
CVE-2010-1226
iPhone OS 3.1 and 3.1.3 - Denial of Service via Crafted DIV innerHTML Property
CVE-2010-0686
VMware VirtualCenter 2.0.2 and 2.5 - Request Origin Spoofing via URL Forwarding
CVE-2010-1189
MediaWiki <1.15.2 - Info Disclosure
CVE-2010-0500
Mac OS X < 10.6.3 - Denial of Service via DNS PTR Record Hostname Validation
CVE-2010-1181
iPhone OS 3.1.3 - Denial of Service or Remote Code Execution via MARQUEE Element
CVE-2010-1174
Cisco TFTP Server 1.1 - Denial of Service via Crafted TFTP Packet
CVE-2010-1129
PHP < 5.2.13 - Directory Access Restriction Bypass via tempnam Function
CVE-2010-0740
OpenSSL 0.9.8f-0.9.8m - Denial of Service via Malformed TLS Record
CVE-2010-0051
Apple Safari < 4.0.5 - Information Disclosure via Cross-Origin Stylesheet Loading
CVE-2010-0045
Apple Safari < 4.0.5 - Remote Code Execution via External URL Scheme Validation Bypass
CVE-2010-0932
Perforce Server 2008.1 - Denial of Service via FTP MKD Command
CVE-2010-0931
Perforce Server 2008.1 - Denial of Service via Crafted Data
Details
Vulnerabilities
12,641
Exploit Likelihood
High