CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,655 vulnerabilities with CWE-20
CVE-2007-5474
Linksys WRT350N 2.00.17 - Denial of Service via Atheros Information Element Length
CVE-2007-5671
VMware Workstation 5.x < 5.5.6 - Privilege Escalation via HGFS.sys IOCTL Argument Validation
CVE-2007-6017
Symantec Backup Exec for Windows Server Arbitrary File Write via PVATLCalendar ActiveX Control
CVE-2007-4516
Symantec Veritas Storage Foundation 5.0 - DoS
CVE-2007-0216
Microsoft Works File Converter - Remote Code Execution via Crafted WPS Section Length Headers
CVE-2007-4130
Red Hat Enterprise Linux 4 - Denial of Service via set_mempolicy MPOL_BIND Operation
CVE-2007-6689
Menalto Gallery < 2.2.3 - Arbitrary Code Execution via File Upload
CVE-2007-6684
VLC - Denial of Service via RTSP Request Without Transport Parameter
CVE-2007-5657
TIBCO RTworks < 4.0.3 and SmartSockets RTserver < 6.8.0 - Remote Code Execution via Crafted Request Pointer Offset
CVE-2007-5658
TIBCO Enterprise Message Service 4.0.0-4.4.1 - Remote Code Execution via Crafted Request
CVE-2007-0012
Sun JRE < 1.5.0 - Denial of Service via Malformed Applet Object Tag
CVE-2007-5762
Novell NetWare Client 4.91 SP4 - Local Privilege Escalation via NICM.SYS IOCTL
CVE-2007-6596
ClamAV 0.92 - Scanner Bypass via Base64-UUEncoded Archives
CVE-2007-6573
QK SMTP Server 3 - Denial of Service via Long Command Strings
CVE-2007-6558
TotalPlayer 3.0 - Denial of Service via Large M3U File
CVE-2007-6534
Microsoft Publisher - Denial of Service via Crafted PUB File
CVE-2007-6527
PunBB imgUpload module 1.3.2 - Unauthenticated Arbitrary File Upload via Content-Type Bypass
CVE-2007-6509
Appian Enterprise BPM <5.6 SP1 - DoS
CVE-2007-4567
Linux Kernel < 2.6.22 - Denial of Service via IPv6 Hop-by-Hop Extended Header
CVE-2007-6488
Falcon Series One CMS 1.4.3 - Remote File Inclusion via dir[classes] or error Parameter
CVE-2007-6492
imesh < 7.1.0 - Denial of Service via ProcessRequestEx Method
CVE-2007-6493
imesh < 7.1.0.37263 - Remote Code Execution via SetHandler Method
CVE-2007-6494
Hosting Controller <6.1 Hot fix 3.3 - Info Disclosure
CVE-2007-6242
Adobe Flash Player < 9.0.48.0 - Remote Code Execution
CVE-2007-6437
Balabit syslog-ng <2.0.6-2.1.8 - DoS
Details
Vulnerabilities 12,655
Exploit Likelihood High