The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,645 vulnerabilities with CWE-20
CVE-2008-2806
Firefox and SeaMonkey - Same Origin Policy Bypass via Java LiveConnect
CVE-2008-2970
Academic Web Tools < 1.4.2.8 - Session Fixation via PHPSESSID Parameter
CVE-2008-2988
Benja CMS 0.1 - Unauthenticated Arbitrary File Upload via admin/upload.php
CVE-2008-2372
Linux kernel 2.6.24-2.6.25.8 - Denial of Service via get_user_pages Memory Consumption
CVE-2008-2953
Linux DC++ < 0.707 - Denial of Service via Partial File List Requests
CVE-2008-2954
Linux DC++ < 0.707 - Denial of Service via Empty Private Message
CVE-2008-2955
Pidgin 2.4.1 - Denial of Service via Long Filename in MSN Message
CVE-2008-2957
Pidgin 2.0.0 - Denial of Service via UPnP UDP Packet
CVE-2008-2945
Sun Java System Access Manager 6.3-7.1 & Identity Server 6.1-6.2 - RCE via XSLT Processing
CVE-2008-2061
Cisco Unified Communications Manager 5.x < 5.1(3c) and 6.x < 6.1(2) - Denial of Service via Malformed CTI Traffic
CVE-2008-2748
Skulltag <= 0.97d2-RC2 - Denial of Service via Malformed Connect Packets
CVE-2008-2750
Linux Kernel < 2.6.26-rc6 - Denial of Service via PPPOL2TP Packet Length Mismanagement
CVE-2008-2742
Achievo 1.2.0-1.3.2 - Unauthenticated Arbitrary File Upload and Remote Code Execution via MCPUK File Editor
CVE-2008-2711
fetchmail < 6.3.8 - Denial of Service via Long Mail Headers in Verbose Mode
CVE-2008-2712
vim < 6.4 - Remote Code Execution via Unsanitized Inputs in Vim Scripts
CVE-2008-0071
BitTorrent < 6.0.3 - Denial of Service via Malformed HTTP Range Header
CVE-2008-2704
Novell GroupWise Messenger - Denial of Service via Long User ID
CVE-2008-2686
Flux CMS < 1.50 - Remote Code Execution via XML Parameter File Overwrite
CVE-2008-2683
Black Ice Barcode SDK - Arbitrary File Write via BIDIB.BIDIBCtrl.1 DownloadImageFileURL Method
CVE-2008-1441
Microsoft Windows XP-Server 2008 - DoS
CVE-2008-1445
Microsoft Windows Active Directory - Authenticated Denial of Service via Crafted LDAP Request
CVE-2008-1451
Microsoft Windows <2003 - Privilege Escalation
CVE-2008-1453
Microsoft Windows XP <SP3 & Vista - RCE
CVE-2008-1585
Apple QuickTime < 7.5 - Remote Code Execution via SMIL Text URI Handler
CVE-2008-2648
meBiblio 0.4.7 - Unauthenticated Arbitrary File Upload and Remote Code Execution via PHP File Upload
Details
Vulnerabilities
12,645
Exploit Likelihood
High