CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,645 vulnerabilities with CWE-20
CVE-2008-0054
Mac OS X 10.4.11 - Remote Code Execution via NSSelectorFromString API
CVE-2008-0999
Mac OS X 10.5.2 - Denial of Service via Crafted UDF Disk Image
CVE-2008-1366
Trend Micro OfficeScan Corporate Edition <8.0.1189 & <7.3.1314 - DoS
CVE-2008-1118
Timbuktu Pro <8.7 - Info Disclosure
CVE-2008-1157
CiscoWorks Internetwork Performance Monitor 2.6 - Remote Code Execution via Unsecured Command Shell Process
CVE-2008-1337
Timbuktu Pro - Denial of Service via Invalid Instant Message Version Field
CVE-2008-1303
Perforce Server <2007.3/143793 - DoS
CVE-2008-1311
PacketTrap pt360 Tool Suite PRO <2.0.3901.0 - DoS
CVE-2008-0116
Microsoft Excel 2000-2003, Viewer 2003, Compatibility Pack, Office 2004-2008 for Mac - RCE via Malformed RTF Tags
CVE-2008-1277
MailEnable Professional and Enterprise < 3.13 - Denial of Service via IMAP SEARCH and APPEND Commands
CVE-2008-1278
Remotely Anywhere Server/Workstation <8.0.668 - DoS
CVE-2008-1279
Acronis True Image < 1.5.19.191 and < 9.5.0.8072 - Denial of Service via Invalid Packet Length
CVE-2008-1280
Acronis True Image Windows Agent < 1.0.0.54 - Denial of Service via Malformed Packet to Port 9876
CVE-2008-1245
Belkin F5D7230-4 - Denial of Service via Invalid POST Data
CVE-2008-1249
snom 320 SIP Phone - Denial of Service via Call a Number Field Input
CVE-2008-1265
Linksys WRT54G - Denial of Service via Long FTP Credentials
CVE-2008-1216
IBM Lotus Quickr 8.0 - Cross-Site Scripting via Calendar OpenDocument Count Parameter
CVE-2008-1136
SynCE vdccm 0.92-0.10.0 - Remote Code Execution via TCP Port 5679
CVE-2008-1114
Vocera Wireless Handset - Unauthenticated Man-in-the-Middle via PEAP Certificate Validation Bypass
CVE-2008-1080
Opera < 9.26 - Arbitrary File Read via File Input
CVE-2008-1066
Smarty < 2.6.18 - Arbitrary PHP Function Execution via Regex Replace Modifier
CVE-2008-1062
InterVideo WinDVD Media Center <2.11.15.0 - DoS
CVE-2008-0982
Spyce 2.1.3 - Information Disclosure via Direct Request to automaton.spy
CVE-2008-0932
The SWORD Project Diatheke < 1.5.9 - Remote Command Execution via Range Parameter
CVE-2008-0876
Hitachi SEWB3/PLATFORM and SEWB3/MI-PLATFORM 01-00-02-14-/A - Denial of Service via Invalid Data
Details
Vulnerabilities 12,645
Exploit Likelihood High