CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,645 vulnerabilities with CWE-20
CVE-2008-3286
SWAT 4 < 1.1 - Denial of Service via VERIFYCONTENT or GAMECONFIG Command
CVE-2008-3287
EMC Dantz Retrospect Backup Client <7.5.116 - DoS
CVE-2008-3187
zypp-refresh-patches in zypper - SUSE openSUSE 10.2-11.0 - DoS
CVE-2008-3239
phpizabi 0.848b C1 HFP1 - Unauthenticated Arbitrary File Upload and Remote Code Execution via writeLogEntry Function
CVE-2008-3243
F-Prot Antivirus < 6.0.9.0 - Denial of Service via Crafted UPX or ASPack File
CVE-2008-3244
F-Prot Antivirus < 6.0.9.0 - Denial of Service via CHM File with Large nb_dir Value
CVE-2008-3214
dnsmasq 2.25 - Denial of Service via DHCP NAK Response
CVE-2008-3230
FFmpeg lavf_demuxer - Denial of Service via Crafted GIF File
CVE-2008-3231
xine-lib < 1.1.15 - Denial of Service via Crafted OGG File
CVE-2008-3208
Simple DNS Plus < 5.1.101 - Denial of Service via Multiple DNS Reply Packets
CVE-2008-3210
ReSIProcate 1.3.2 - Denial of Service via Long Domain Name in SIP Request URI
CVE-2008-2933
Firefox < 2.0.0.16 and 3.x < 3.0.1 - Local File Access via Command-Line URI Pipe Character Handling
CVE-2008-3199
resiprocate < 1.3.4 - Denial of Service via Large Network Traffic
CVE-2008-3145
Wireshark 0.8.19-1.0.1 - Denial of Service via Fragmented Packets with Non-Sequential Offsets
CVE-2008-3178
WebXell Editor 0.1.3 - Remote Code Execution via Unrestricted File Upload
CVE-2008-3181
ContentNow CMS 1.4.1 - Authenticated Arbitrary File Upload via upload.php
CVE-2008-1588
Safari - Address Bar Spoofing via Unicode Ideographic Spaces
CVE-2008-1589
Safari on iPhone and iPod touch < 2.0 - Certificate Validation Bypass via Menu Button Press
CVE-2008-3127
HIOX Banner Rotator 1.3 - Remote File Inclusion via hm Parameter
CVE-2008-3137
Wireshark 0.99.2-1.0.0 - Denial of Service in GSM SMS Dissector
CVE-2008-3117
phpmotion < 2.0 - Authenticated Arbitrary File Upload via update_profile.php
CVE-2008-3111
Sun Java Web Start < Update 4 - Buffer Overflow
CVE-2008-3081
Avaya Messaging Storage Server 3.x-4.0 - Authenticated Remote Command Execution via Web Management Interface
CVE-2008-2809
Mozilla Firefox < 2.0.0.15 - Certificate Validation Bypass via subjectAltName
CVE-2008-2805
Firefox < 2.0.0.14 and SeaMonkey < 1.1.9 - Arbitrary Local File Upload via DOM Range
Details
Vulnerabilities 12,645
Exploit Likelihood High