CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,643 vulnerabilities with CWE-20
CVE-2008-4824
Adobe Flash Player 9.0.16.0-9.0.150.0 - Remote Code Execution
CVE-2008-5105
KarjaSoft Sami FTP Server 2.0.x - Denial of Service via Malformed FTP Commands
CVE-2008-5023
Firefox 2.0-2.0.0.17 and 3.x < 3.0.4 - Remote Code Execution via -moz-binding CSS Property
CVE-2008-5014
Firefox 2.0-2.0.0.17 and 3.0-3.0.1 - Remote Code Execution via Window Prototype Manipulation
CVE-2008-5002
Chilkat Crypt ActiveX Control - Arbitrary File Write via WriteFile Method
CVE-2008-4999
Nortel UNIStim IP Phone 0604DAS - Denial of Service via Long Ping Packet
CVE-2008-4934
Linux Kernel < 2.6.28 - Denial of Service via Crafted HFS+ Filesystem Image
CVE-2008-4932
U-Mail Webmail Server 4.91 - Arbitrary File Write via Filesystem Module Path Parameter
CVE-2008-4817
Adobe Acrobat < 8.1.2 - Remote Code Execution via AcroJS Long String Argument
CVE-2008-4814
Adobe Acrobat and Reader < 8.1.2 - Remote Code Execution via JavaScript Method
CVE-2008-4812
Adobe Acrobat and Reader < 8.1.2 - Remote Code Execution via Crafted PDF Type 1 Font Parsing
CVE-2008-4930
MyBB 1.4.2 - HTML Injection via Nonstandard File Type Upload
CVE-2008-4927
Windows Media Player 9.0-11 - Denial of Service via Malformed MIDI or DAT File
CVE-2008-4919
VISAGESOFT eXPert PDF Viewer X ActiveX 3.0.990.0 - Arbitrary File Write via savePageAsBitmap Method
CVE-2008-4907
Dovecot 1.1.4 and 1.1.5 - Denial of Service via Malformed From Address in IMAP FETCH ENVELOPE
CVE-2008-4910
Sun Java Web Start - Remote Code Execution via showDocument Method
CVE-2008-4878
WebCards < 1.3 - Authenticated Arbitrary File Upload via Add Image Macro
CVE-2008-4309 HIGH
net-snmp 5.2-5.2.5, 5.3-5.3.2.2, 5.4-5.4.2 - Denial of Service via SNMP GETBULK Request
CVSS 7.5
CVE-2008-4794
Opera < 9.62 - Remote Command Execution via History Search Results Page
CVE-2008-4767
PHP-Nuke DownloadsPlus Module - Unrestricted File Upload and Remote Code Execution via .htm .html or .txt Extensions
CVE-2008-4748
KVirc 3.4.0 - Format String Vulnerability via IRC URI Handler
CVE-2008-4682
Wireshark 0.99.7-1.0.3 - Denial of Service via Malformed Tamos CommView Capture File
CVE-2008-4681
Wireshark 0.99.7-1.0.3 - Denial of Service in Bluetooth RFCOMM Dissector
CVE-2008-4641
jhead < 2.84 - OS Command Injection via Shell Metacharacters in DoCommand
CVE-2008-4640
jhead < 2.84 - Arbitrary File Deletion via Modified Filename
Details
Vulnerabilities 12,643
Exploit Likelihood High