The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,645 vulnerabilities with CWE-20
CVE-2008-3660
PHP 4.4.x < 4.4.9 and 5.x <= 5.2.6 - Denial of Service via FastCGI Extension Handling
CVE-2008-2941
HP Linux Imaging and Printing Project - Denial of Service via hpssd Message Parser
CVE-2008-3676
hMailServer 4.4.1 - Authenticated Denial of Service via IMAP Command Flood
CVE-2008-3680
Flagship Industries Ventrilo <3.0.2 - DoS
CVE-2008-1456
Microsoft Windows - Remote Code Execution via Event System Array Index
CVE-2008-1457
Microsoft Windows Event System - Authenticated Remote Code Execution via Event Subscription Request
CVE-2008-2256
Microsoft Internet Explorer 5.01, 6, 7 - Remote Code Execution via Uninitialized Memory Corruption
CVE-2008-2259
Microsoft Internet Explorer 6 and 7 - Remote Code Execution via Print Preview Argument Validation
CVE-2008-3657
Ruby < 1.8.5 and 1.8.6-1.8.6-p286 and 1.8.7-1.8.7-p71 and 1.9-r18423 - Safe Level Bypass via DL.dlopen
CVE-2008-2926
Broadcom Internet Security Suite - Improper Input Validation
CVE-2008-3003
Microsoft Office Excel 2007 - Information Disclosure via Improper Password String Deletion
CVE-2008-3004
Microsoft Office Excel 2000/2002/2003, Excel Viewer 2003, Office 2004-2008 for Mac - RCE via Crafted AxesSet Record
CVE-2008-3005
Microsoft Office Excel - Remote Code Execution via Crafted FORMAT Record Array Index
CVE-2008-3607
NoticeWare Email Server NG <4.6.3 - DoS
CVE-2008-3578
hydrairc < 0.3.164 - Denial of Service via Long irc:// URI
CVE-2008-3571
Xerox Phaser 8400 - Denial of Service via Empty UDP Packet to Port 1900
CVE-2008-3337
PowerDNS Authoritative Server <2.9.21.1 - Info Disclosure
CVE-2008-3492
America's Army < 2.8.3.1 - Denial of Service via Crafted UDP Packet
CVE-2008-3493
RealVNC Windows Client <4.1.2.0 - DoS
CVE-2008-3444
Firefox 3.0-3.0.1 - Denial of Service via Crafted HTML Tags
CVE-2008-3410
Unreal Tournament 3 <1.3beta4 - DoS
CVE-2008-3396
Unreal Tournament 2004 <= 3369 - Denial of Service via Malformed Packet Sequence
CVE-2008-3362
Giulio Ganci Wp Downloads Manager <0.2 - RCE
CVE-2008-3323
Cygwin < 1.7 - Remote Code Execution via Trojan Package MD5 Checksum
CVE-2008-3314
zdaemon < 1.08.07 - Denial of Service via Crafted Type 6 Command
Details
Vulnerabilities
12,645
Exploit Likelihood
High