CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,645 vulnerabilities with CWE-20
CVE-2008-0830
iPhoto 4.0.3 - Denial of Service via Malformed DPAP URI
CVE-2008-0526
Cisco Skinny Client Control Protocol ... - Improper Input Validation
CVE-2008-0527
Cisco Unified IP Phone 7935 and 7936 SCCP Firmware - Denial of Service via Crafted HTTP Request
CVE-2008-0791
Intermate WinIPDS 3.3 G52-33-021 - Denial of Service via Short Packets on TCP Port 5001
CVE-2008-0105
Microsoft Works File Converter - Remote Code Execution via Crafted WPS File
CVE-2008-0009
Linux kernel <2.6.25 - Memory Corruption
CVE-2008-0010
Linux kernel <2.6.25 - Info Disclosure
CVE-2008-0088
Microsoft Windows 2000 - Improper Input Validation
CVE-2008-0718
Solaris 9 and 10 - Denial of Service in USB Mouse STREAMS Module
CVE-2008-0672
TinTin++ 1.97.9 - Denial of Service via Malformed YES Message
CVE-2008-0414
Firefox < 2.0.0.12 and SeaMonkey < 1.1.8 - Arbitrary File Upload via Focus Spoofing
CVE-2008-0457
Symantec Backup Exec System Recovery Manager 7.0/7.0.1 - Unauthenticated RCE via JSP Upload
CVE-2008-0656
EMC Documentum Administrator and Webtop - Arbitrary File Overwrite via dmclTrace.jsp
CVE-2008-0631
MailBee Objects 5.5 - Arbitrary File Write via SaveToDisk Method
CVE-2008-0570
Drupal OpenID 5.x-1.0 - Improper Input Validation in claimed_id Verification
CVE-2008-0386
xdg-utils < 1.0.2 - Remote Code Execution via URL Argument to xdg-open or xdg-email
CVE-2008-0506
Coppermine Photo Gallery < 1.4.14 - Remote Code Execution via ImageMagick Picture Processing Parameters
CVE-2008-0473
Web Wiz Rich Text Editor 4.0 - Unauthenticated Arbitrary File Upload via RTE_popup_save_file.asp
CVE-2008-0475
ManageEngine Applications Manager 8.1 build 8100 - Information Disclosure via Invalid URI Handling
CVE-2008-0008
PulseAudio 0.9.8-0.9.9 - Privilege Escalation
CVE-2008-0406
HTTP File Server < 2.2b - Denial of Service via Long Account Name
CVE-2008-0373
PHP F1 Max's File Uploader - Unrestricted File Upload
CVE-2008-0171
Boost.Regex 1.33-1.34 - Denial of Service via Invalid Regular Expression
CVE-2008-0172
Boost 1.33-1.34 - Denial of Service via Invalid Regular Expression
CVE-2008-0331
Funkwerk System Software < 7.4.1_patch_8 - Denial of Service via DNS Requests
Details
Vulnerabilities 12,645
Exploit Likelihood High