The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,655 vulnerabilities with CWE-20
CVE-2007-5737
Korean GHBoard - Unrestricted File Upload via upload.jsp
CVE-2007-5738
Korean GHBoard - Arbitrary File Upload via FlashUpload Client-Side Bypass
CVE-2007-5711
World in Conflict <= 1.001 - Denial of Service via Large Packet to Port 48000
CVE-2007-4999
Pidgin 2.1.0-2.2.1 - Denial of Service via Invalid HTML Message Data
CVE-2007-5691
Firefox 2.0.0.7 - Denial of Service via Crafted FTP Listing Reply
CVE-2007-5339
Mozilla Firefox < 2.0.0.7, SeaMonkey < 1.1.4, Thunderbird < 2.0.0.6 - Denial of Service via Crafted HTML
CVE-2007-5340
Mozilla Firefox < 2.0.0.7, SeaMonkey < 1.1.4, Thunderbird < 2.0.0.6 - Remote DoS via JavaScript Memory Corruption
CVE-2007-5568
Cisco PIX and ASA 7.0-8.0 and FWSM < 3.1(5) - Denial of Service via Crafted MGCP Packet
CVE-2007-5569
Cisco Adaptive Security Appliance and PIX 500 7.1-7.2 - Denial of Service via Crafted TLS Packet
CVE-2007-5570
Cisco Firewall Services Module < 3.1(5) - Denial of Service via Crafted HTTPS Request
CVE-2007-5556
Avaya VoIP Handset - Denial of Service via Crafted Packets
CVE-2007-5557
NEC Mobile Handset - Improper Input Validation
CVE-2007-5563
VirtueMart < 1.0.12 - Remote Code Execution
CVE-2007-5540
Opera < 9.24 - Same-Origin Policy Bypass via Function Overwrite
CVE-2007-5541
Opera < 9.24 - Remote Code Execution via External Email Client
CVE-2007-5507
Oracle Database Server - Denial of Service and Memory Disclosure via GIOP Packet Buffer Over-Read
CVE-2007-5462
Solaris 8-10 - Denial of Service in RPC Services Library
CVE-2007-5448
madwifi < 0.9.3.2 - Denial of Service via Malformed Beacon Frame
CVE-2007-5440
CRS Manager - Remote File Inclusion via DOCUMENT_ROOT Parameter
CVE-2007-5438
VMware ACE - Denial of Service via Reconfig.DLL ConnectPopulatedDiskEx Function
CVE-2007-5208
HP Linux Imaging and Printing Project < 2.7.10 - OS Command Injection via Sendmail From Address
CVE-2007-5375
Sun Java Virtual Machine - DNS Rebinding Attack via Local Relative URI Handling
CVE-2007-3896
Internet Explorer - Remote Code Execution via Invalid URI Handler Sequences
CVE-2007-5318
TYPOlight webCMS 2.4.6 - Arbitrary File Download via Preview.php src Parameter
CVE-2007-5281
Hitachi Cosminexus Developer's Kit for Java < 07-50-01 - Denial of Service via SSL/TLS Handshake Requests
Details
Vulnerabilities
12,655
Exploit Likelihood
High