The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,655 vulnerabilities with CWE-20
CVE-2007-5040
Ghost Security Suite alpha 1.200 - Denial of Service and Privilege Escalation via SSDT Hook Parameter Validation
CVE-2007-5041
G DATA InternetSecurity 2007 - Denial of Service via NtCreateKey and NtOpenProcess SSDT Hooks
CVE-2007-5043
Kaspersky Internet Security 7.0.0.125 - Denial of Service via SSDT Hook Parameter Validation
CVE-2007-5047
Norton Internet Security 2008 15.0.0.60 - Denial of Service via NtOpenSection SSDT Hook
CVE-2007-5029
Dibbler 0.6.0 - Denial of Service via Buffer Over-Read in TSrvMsg Constructor
CVE-2007-5031
Dibbler 0.6.0 - Denial of Service via Invalid IA_NA Option in REBIND Message
CVE-2007-4967
Online Armor Personal Firewall 2.0.1.215 - Denial of Service and Privilege Escalation via SSDT Hooks
CVE-2007-4968
Privatefirewall 5.0.14.2 - Denial of Service via SSDT Hook Manipulation
CVE-2007-4969
Process Monitor 1.22 - Denial of Service via SSDT Hook Parameter Validation
CVE-2007-4970
ProcessGuard 3.410 - Denial of Service and Privilege Escalation via SSDT Hook Manipulation
CVE-2007-4971
ProSecurity 1.40 Beta 2 - Denial of Service and Privilege Escalation via SSDT Hook Manipulation
CVE-2007-4964
WinImage <= 8.10 - Denial of Service via Invalid BPB_BytsPerSec Field
CVE-2007-4925
eWire Payment Client 1.60 and 1.70 - Remote Command Execution via PaymentInfo Parameter
CVE-2007-4927
AXIS 207W Network Camera - Authenticated Denial of Service via buffername Parameter
CVE-2007-4932
Shop-Script < 2.0 - Unauthenticated Admin Panel Access via Improper Redirect Handling
CVE-2007-3654
NetBSD 3.0-4.0_BETA2 - Denial of Service via Display Driver Allocattr Ioctl
CVE-2007-3731
Linux Kernel 2.6.20-2.6.21 - Denial of Service via Invalid LDT Segment Selector in PTRACE_SINGLESTEP
CVE-2007-4911
JetCast Server 2.0.0.4308 - Denial of Service via Long .mp3 URI
CVE-2007-4914
Invision Power Board < 2.3.1 - Authenticated Privilege Escalation via Payment Form Member ID Manipulation
CVE-2007-4915
Boa Webserver 0.93.15 - Remote Admin Password Change via Long Username in HTTP Basic Authentication
CVE-2007-4905
AuraCMS 2.1 - Unauthenticated Arbitrary File Upload via mod/contak.php Image Parameter
CVE-2007-4887
PHP < 5.2.4 - Denial of Service via Long String in dl Function Library Parameter
CVE-2007-4840
PHP < 5.2.4 - Denial of Service via Long String in Iconv Charset Parameter
CVE-2007-4841
Mozilla Firefox/Thunderbird < 2.0.0.8, SeaMonkey < 1.1.5 - Remote Command Execution
CVE-2007-4844
X-Diesel Unreal Commander 0.92 build 565 and 573 - Denial of Service via FTP CWD Command Handling
Details
Vulnerabilities
12,655
Exploit Likelihood
High