CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,645 vulnerabilities with CWE-20
CVE-2008-1748
Cisco Unified Communications Manager <5.1.3 - DoS
CVE-2008-2267
CMS Made Simple <= 1.2.4 - Remote Code Execution via File Upload Bypass
CVE-2008-2169 HIGH
Avici Router - Denial of Service via Crafted BGP UPDATE Messages
CVSS 7.5
CVE-2008-2170 HIGH
Century Software Router - Denial of Service via Crafted BGP UPDATE Messages
CVSS 7.5
CVE-2008-2171
AlaxalA AX Router - Denial of Service via Crafted BGP UPDATE Messages
CVE-2008-2172
Hitachi GR2000 GR3000 GR4000 - Denial of Service via Crafted BGP UPDATE Messages
CVE-2008-2173 HIGH
Yamaha Router - Denial of Service via Crafted BGP UPDATE Messages
CVSS 7.5
CVE-2008-2134
Tru-Zone Nuke ET 3.x - Arbitrary Account Access via Journal Module Cookie Manipulation
CVE-2008-2042
Adobe Acrobat < 8.1.1 - Remote Code Execution via JavaScript API app.checkForUpdate
CVE-2008-2110
QTOFileManager 1.0 - Unauthenticated Arbitrary File Upload via qtofm.php
CVE-2008-2106
Call of Duty 4 < 1.5 - Authenticated Denial of Service via Type 7 Stats Packet
CVE-2008-1294
Linux kernel <2.6.22 - Privilege Escalation
CVE-2008-2031
VicFTPS 5.0 - Denial of Service via Crafted LIST Command
CVE-2008-2032
Acritum Femitter Server 1.03 - Denial of Service via Crafted RETR Commands
CVE-2008-1737
Sophos Anti-Virus 7.x - Denial of Service via NtCreateKey SSDT Hook
CVE-2008-1738
Rising Antivirus 2008 <20.38.20 - DoS
CVE-2008-1988
EncapsGallery 2.0.2 - Authenticated Arbitrary File Upload via File Upload Function
CVE-2008-1942
Foxit Reader 2.2 - Denial of Service and Possible Remote Code Execution via Malformed PDF Resources
CVE-2008-1905
Nero MediaHome < 3.3.3.0 - Denial of Service via Long HTTP Request
CVE-2008-1898
Microsoft Office and Works - Remote Code Execution via WkImgSrv.dll WksPictureInterface Property
CVE-2008-1693
poppler < 0.7.3 - Remote Code Execution via Crafted Font Object
CVE-2008-1734
PHP Toolkit <1.0.1 - DoS/Info Disclosure
CVE-2008-1862
exbb_italia < 0.2.2 - Remote File Inclusion via new_exbb[home_path] or exbb[home_path] Parameter
CVE-2008-1856
LinPHA <= 1.3.3 - Unauthenticated Directory Traversal and Arbitrary File Execution via Maps Configuration
CVE-2008-0892
Red Hat Directory Server 8.0 EL4 and EL5 - Remote Code Execution via Replication Monitor CGI Script
Details
Vulnerabilities 12,645
Exploit Likelihood High