CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,642 vulnerabilities with CWE-20
CVE-2009-2470
Mozilla Firefox <3.0.12, <3.5.2 - DoS
CVE-2009-2655
Microsoft Internet Explorer <8 - DoS
CVE-2009-2654
Mozilla Firefox <3.0.13, 3.5.x <3.5.2 - XSS
CVE-2009-2620
Firebird SQL 1.5-1.5.5, 2.0-2.0.5, 2.1-2.1.2, 2.5 Beta 1 - Denial of Service via Malformed op_connect_request Message
CVE-2009-2622
Squid 3.0-3.0.STABLE16 and 3.1-3.1.0.11 - Denial of Service via Malformed HTTP Requests
CVE-2009-2583
IBM Tivoli Identity Manager <5.0.0.6 - Session Fixation
CVE-2009-2534
RealNetworks Helix Server <13.0.0 - DoS
CVE-2009-2533
RealNetworks Helix Server <13.0.0 - DoS
CVE-2009-1538
Microsoft DirectX 7.0-9.0c - Remote Code Execution via QuickTime Movie Parser Filter
CVE-2009-2431
WordPress 2.7.1 - Information Disclosure via HTML Comment
CVE-2009-2425
Tor - Denial of Service via Malformed Router Descriptor
CVE-2009-2386
Awingsoft Awakening Winds3D Viewer <3.5.0.0-<3.0.0.5 - Code Injection
CVE-2009-2421
Apple Safari 3.2.3 - DoS/Buffer Overflow
CVE-2009-2420
Apple Safari 3.2.3 - Info Disclosure
CVE-2009-2320
Axesstel MV 410R - Improper Input Validation via Client-Side JavaScript Bypass
CVE-2009-2318
Axesstel MV 410R - Denial of Service via SYN Flood
CVE-2009-2305
armassa ARD-9808 Software - Denial of Service via Long URI with //.\ Sequences
CVE-2009-2304
Aardvark Topsites PHP <5.2.0 - Info Disclosure
CVE-2009-2303
Aardvark Topsites PHP <5.2.1 - Info Disclosure
CVE-2009-2301
Radware AppWall WAF 1.0.2.6-4.6.0.2 - Info Disclosure
CVE-2009-2261
PeaZIP <2.6.1-2.5.1 - Command Injection
CVE-2009-2256
Netgear DG632 3.4.0_ap - Denial of Service via Firmware Configuration CGI Endpoint
CVE-2009-2185
strongSwan 2.8-2.8.9, 4.2-4.2.15, 4.3-4.3.1 - Denial of Service via ASN.1 Parser
CVE-2009-2138
TBDev.NET 01-01-08 - Open Redirect via Returnto Parameter
CVE-2009-0959
iPhone OS 1.0-2.2.1 and iPod touch 1.1-2.2.1 - Denial of Service via Crafted MPEG-4 Video File
Details
Vulnerabilities 12,642
Exploit Likelihood High