CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,642 vulnerabilities with CWE-20
CVE-2009-4101
infoRSS < 1.1.4.2 - Remote Code Execution and Cross-Domain Scripting via RSS Feed Description Tag
CVE-2009-4100
Yoono < 6.1.1 - Remote Code Execution and Cross-Domain Scripting via DOM Event Handlers
CVE-2009-4098
OpenX < 2.8.1 - Authenticated Arbitrary File Upload and Remote Code Execution via Banner Edit
CVE-2009-4090
telepark.wiki < 2.4.23 - Remote Code Execution via NULL Byte in File Upload
CVE-2009-4086
Xerver HTTP Server <4.33 - CRLF Injection
CVE-2009-4031
Linux kernel <2.6.32-rc8-next - DoS
CVE-2009-4051
Home FTP Server 1.10.1.139 - Denial of Service via Invalid SITE INDEX Commands
CVE-2009-3962
2wire Gateway 1700HG, 1701HG, 1800HW, 2071, 2700HG, 2701HG-T - Denial of Service via %0d%0a Sequence in Page Parameter
CVE-2009-3931
Google Chrome < 3.0.195.32 - Incomplete Blacklist Bypass via Content-Disposition Header
CVE-2009-2513
Microsoft Windows - Privilege Escalation
CVE-2009-1127
Microsoft Windows - Local Privilege Escalation via Win32k.sys NULL Pointer Dereference
CVE-2009-2835
macOS X < 10.6.2 - Local Privilege Escalation via Task State Segment Handling
CVE-2009-3830
Microsoft Office SharePoint Server 2007 Unauthenticated ASP.NET Source Code Disclosure
CVE-2009-3549
Wireshark 1.2.0-1.2.2 - Denial of Service in Paltalk Dissector
CVE-2009-3640
Linux Kernel < 2.6.32-rc1 - Denial of Service via KVM CR8 Intercept Handling
CVE-2009-3627
HTML-Parser < 3.63 - Denial of Service via Incomplete SGML Numeric Character Reference
CVE-2009-3802
amiro.cms <= 5.4.0.0 - Information Disclosure via Invalid Login Parameter
CVE-2009-3753
Opial 1.0 - Unauthenticated Arbitrary File Upload and Remote Code Execution via User Image
CVE-2009-3458
Adobe Acrobat and Reader 7.x < 7.1.4, 8.x < 8.1.7, 9.x < 9.2 - Remote Code Execution
CVE-2009-2998
Adobe Acrobat and Reader 7.x < 7.1.4, 8.x < 8.1.7, 9.x < 9.2 - Remote Code Execution
CVE-2009-2993
Adobe Acrobat and Reader < 9.2 - Arbitrary File Write via JavaScript API cPath Parameter
CVE-2009-2992
Adobe Acrobat and Reader < 9.2 - Denial of Service via ActiveX Control Input Validation
CVE-2009-2988
Adobe Acrobat and Reader 7.x < 7.1.4, 8.x < 8.1.7, 9.x < 9.2 - Denial of Service
CVE-2009-2981
Adobe Acrobat and Reader 7.x-9.x - Trust Manager Bypass via Improper Input Validation
CVE-2009-2516 HIGH
Microsoft Windows - Privilege Escalation
CVSS 7.1
Details
Vulnerabilities 12,642
Exploit Likelihood High