CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,641 vulnerabilities with CWE-20
CVE-2010-0929
Perforce Server 2008.1 - Denial of Service via Crafted Data Sequence
CVE-2010-0433
OpenSSL < 0.9.8n - Denial of Service via NULL Pointer Dereference in kssl_keytab_is_available
CVE-2010-0719
Microsoft Windows - DoS
CVE-2010-0705
avast! 4.8-5.0.418.0 - Local Privilege Escalation
CVE-2010-0420
Pidgin < 2.6.6 - Denial of Service via XMPP Multi-User Chat Nickname Parsing
CVE-2010-0189
NOS Microsystems getPlus Download Manager 1.5.2.35 - Arbitrary Program Download and Installation via ActiveX Control
CVE-2010-0283
MIT Kerberos 5 1.7-1.7.1 and 1.8 alpha - Denial of Service via Invalid AS-REQ or TGS-REQ Request
CVE-2010-0026
Windows Server 2008 - Denial of Service via Malformed Machine Instructions
CVE-2010-0022
Microsoft Windows - Denial of Service via SMB Packet Validation
CVE-2010-0020
Microsoft Windows - Remote Code Execution via Malformed SMB Request
CVE-2010-0016
Microsoft Windows 2000 SP4, XP SP2-SP3, Server 2003 SP2 - Remote Code Execution via SMB Response Field
CVE-2010-0394
trac-git < 0.0.20080710 - Remote Code Execution via Shell Metacharacters in HTTP Query
CVE-2010-0552
Geo++ GNCASTER < 1.4.0.7 - Denial of Service via Long URI Request
CVE-2010-0547
Samba < 3.4.5 - Denial of Service via Invalid Device Name or Mountpoint
CVE-2010-0441
Asterisk < 1.6.0.22, 1.6.1.14, 1.6.2.2 DoS via Malformed SDP FaxMaxDatagram
CVE-2010-0303
hybserv2 1.9.2-1.9.4 - Denial of Service via MemoServ Private Message
CVE-2010-0496
FreeBit ServersMan 3.1.5 - Denial of Service via HEAD Request
CVE-2010-0305
ejabberd < 2.1.3 - Denial of Service via c2s Message Queue Overload
CVE-2010-0453
OpenSolaris snv_69-snv_133 - Denial of Service via UCODE_GET_VERSION IOCTL
CVE-2010-0308
Squid 2.x, 3.0-3.0.STABLE22, 3.1-3.1.0.15 - Denial of Service via Crafted DNS Packet
CVE-2010-0097
ISC BIND DNSSEC NSEC/NSEC3 Record Validation Bypass
CVE-2010-0366
BitScripts Bits Video Script 2.04-2.05 Gold Beta - Unauthenticated Arbitrary File Upload
CVE-2010-0360
Sun Java System Web Server 7.0 Update 7 - Heap-Based Buffer Overflow via Malformed HTTP TRACE Request
CVE-2010-0312
IBM Tivoli Directory Server 6.2 - Denial of Service via Crafted SecureWay Event Registration Request
CVE-2010-0002
Bash - Terminal Escape Sequence Injection via LS_OPTIONS
Details
Vulnerabilities 12,641
Exploit Likelihood High