CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,645 vulnerabilities with CWE-20
CVE-2008-2636
Cisco Linksys WRH54G 1.01.03 - Denial of Service via Malformed URI
CVE-2008-1805
Skype < 3.8.0.139 - Unauthenticated Arbitrary Code Execution via File URI Blacklist Bypass
CVE-2008-2545
Skype < 3.8.0.139 - Unauthenticated Arbitrary Code Execution via Case-Sensitive File Extension Bypass
CVE-2008-2574
FlashBlog 0.31 beta - Unauthenticated Arbitrary File Upload via imgupload.php
CVE-2008-2055
Cisco PIX and ASA 7.1.x<7.1(2)70 7.2.x<7.2(4) 8.0.x<8.0(3)10 - Denial of Service via Crafted TCP ACK Packet
CVE-2008-2056
Cisco ASA and PIX 8.0.x < 8.0(3)9 / 8.1.x < 8.1(1)1 DoS via TLS Packet
CVE-2008-2401
Sun Java Active Server Pages Server - Arbitrary File Write via ASP Application Inclusion
CVE-2008-2405
Sun Java Active Server Pages < 4.0.3 - Remote Command Execution via Shell Metacharacters
CVE-2008-2119
Asterisk Open Source < 1.2.29 and Business Edition < B.2.5.3 - Denial of Service via SIP INVITE Without From Header
CVE-2008-1028
Mac OS X < 10.5 - Remote Code Execution or Denial of Service via Crafted Document File
CVE-2008-1030
Mac OS X - Heap-Based Buffer Overflow via CFDataReplaceBytes Invalid Length Argument
CVE-2008-2157
EMC AlphaStor 3.1 SP1 - Remote Code Execution via TCP Port 3500
CVE-2008-0534
Cisco Service Control Engine < 3.1.6 - Denial of Service via High Rate of SSH Login Attempts
CVE-2008-2006
Apple iCal 3.0.1 - Denial of Service via Malformed .ics File
CVE-2008-2391
SubSonic - Denial of Service via Page Index Parameter
CVE-2008-2392
WordPress < 2.5.1 - Authenticated Arbitrary File Upload via Dashboard Upload Section
CVE-2008-2283
IDAutomation Barcode Components - Arbitrary File Write via SaveBarCode and SaveEnhWMF
CVE-2008-1158
Cisco Unified Presence <6.0(1) - DoS
CVE-2008-1419
libvorbis <= 1.2.0 - Denial of Service via Zero Codebook Dimension
CVE-2008-1740
Cisco Unified Presence <6.0(1) - DoS
CVE-2008-1741
Cisco Unified Presence <6.0(3) - DoS
CVE-2008-1744
Cisco Unified Communications Manager <4.1(3)SR7-4.3(2) - DoS
CVE-2008-1745
Cisco Unified Communications Manager <5.1.2-6.1.1 - DoS
CVE-2008-1746
Cisco Unified Communications Manager <4.1(3)SR6-6.1(1) - DoS
CVE-2008-1747
Cisco Unified Communications Manager <4.1(3)SR6-6.1(1) - DoS
Details
Vulnerabilities 12,645
Exploit Likelihood High