CWE-20
Improper Input Validation
Description
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-101 · CAPEC-104 · CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-120 · CAPEC-13 · CAPEC-135 · CAPEC-136 · CAPEC-14 · CAPEC-153 · CAPEC-182 · CAPEC-209 · CAPEC-22 · CAPEC-23 · CAPEC-230 · CAPEC-231 · CAPEC-24 · CAPEC-250 · CAPEC-261 · CAPEC-267 · CAPEC-28 · CAPEC-3 · CAPEC-31 · CAPEC-42 · CAPEC-43 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-473 · CAPEC-52 · CAPEC-53 · CAPEC-588 · CAPEC-63 · CAPEC-64 · CAPEC-664 · CAPEC-67 · CAPEC-7 · CAPEC-71 · CAPEC-72 · CAPEC-73 · CAPEC-78 · CAPEC-79 · CAPEC-8 · CAPEC-80 · CAPEC-81 · CAPEC-83 · CAPEC-85 · CAPEC-88 · CAPEC-9
CVEs mapped to this weakness (8,003)
page 105 of 401| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-6129 | Hig | 0.49 | 7.5 | 0.01 | Feb 13, 2017 | The rsa_verify_hash_ex function in rsa_verify_hash.c in LibTomCrypt, as used in OP-TEE before 2.2.0, does not validate that the message length is equal to the ASN.1 encoded data length, which makes it easier for remote attackers to forge RSA signatures or public certificates by… | ||
| CVE-2016-4547 | Hig | 0.49 | 7.5 | 0.01 | Feb 13, 2017 | Samsung devices with Android KK(4.4), L(5.0/5.1), or M(6.0) allow attackers to cause a denial of service (system crash) via a crafted system call to TvoutService_C. | ||
| CVE-2017-0422 | Hig | 0.49 | 7.5 | 0.02 | Feb 8, 2017 | A denial of service vulnerability in Bionic DNS could enable a remote attacker to use a specially crafted network packet to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2,… | ||
| CVE-2016-7164 | Hig | 0.49 | 7.5 | 0.03 | Feb 7, 2017 | The construct function in puff.cpp in Libtorrent 1.1.0 allows remote torrent trackers to cause a denial of service (segmentation fault and crash) via a crafted GZIP response. | ||
| CVE-2016-6131 | Hig | 0.49 | 7.5 | 0.05 | Feb 7, 2017 | The demangler in GNU Libiberty allows remote attackers to cause a denial of service (infinite loop, stack overflow, and crash) via a cycle in the references of remembered mangled types. | ||
| CVE-2016-9249 | Hig | 0.49 | 7.5 | 0.02 | Jan 31, 2017 | An undisclosed traffic pattern received by a BIG-IP Virtual Server with TCP Fast Open enabled may cause the Traffic Management Microkernel (TMM) to restart, resulting in a Denial-of-Service (DoS). | ||
| CVE-2016-9939 | Hig | 0.49 | 7.5 | 0.04 | Jan 30, 2017 | Crypto++ (aka cryptopp and libcrypto++) 5.6.4 contained a bug in its ASN.1 BER decoding routine. The library will allocate a memory block based on the length field of the ASN.1 object. If there is not enough content octets in the ASN.1 object, then the function will fail and the… | ||
| CVE-2017-5371 | Hig | 0.49 | 7.5 | 0.04 | Jan 23, 2017 | Odata Server in SAP Adaptive Server Enterprise (ASE) 16 allows remote attackers to cause a denial of service (process crash) via a series of crafted requests, aka SAP Security Note 2330422. | ||
| CVE-2016-9380 | Hig | 0.49 | 7.5 | 0.00 | Jan 23, 2017 | The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in the bootloader configuration file. | ||
| CVE-2016-5119 | Hig | 0.49 | 7.5 | 0.02 | Jan 23, 2017 | The automatic update feature in KeePass 2.33 and earlier allows man-in-the-middle attackers to execute arbitrary code by spoofing the version check response and supplying a crafted update. | ||
| CVE-2014-9755 | Hig | 0.49 | 7.5 | 0.04 | Jan 20, 2017 | The hardware VPN client in Viprinet MultichannelVPN Router 300 version 2013070830/2013080900 does not validate the remote VPN endpoint identity (through the checking of the endpoint's SSL key) before initiating the exchange, which allows remote attackers to perform a replay… | ||
| CVE-2017-0389 | Hig | 0.49 | 7.5 | 0.01 | Jan 12, 2017 | A denial of service vulnerability in core networking could enable a remote attacker to use specially crafted network packet to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1,… | ||
| CVE-2016-9179 | Hig | 0.49 | 7.5 | 0.02 | Dec 22, 2016 | lynx: It was found that Lynx doesn't parse the authority component of the URL correctly when the host name part ends with '?', and could instead be tricked into connecting to a different host. | ||
| CVE-2016-9158 | Hig | 0.49 | 7.5 | 0.03 | Dec 17, 2016 | A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7… | ||
| CVE-2016-9212 | Hig | 0.49 | 7.5 | 0.03 | Dec 14, 2016 | A vulnerability in the Decrypt for End-User Notification configuration parameter of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to connect to a secure website over Secure Sockets Layer (SSL) or Transport Layer Security… | ||
| CVE-2016-9211 | Hig | 0.49 | 7.5 | 0.03 | Dec 14, 2016 | A vulnerability in TCP port management in Cisco ONS 15454 Series Multiservice Provisioning Platforms could allow an unauthenticated, remote attacker to cause the controller card to unexpectedly reload. More Information: CSCuw26032. Known Affected Releases: 10.51. | ||
| CVE-2016-9201 | Hig | 0.49 | 7.5 | 0.03 | Dec 14, 2016 | A vulnerability in the Zone-Based Firewall feature of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to pass traffic that should otherwise have been dropped based on the configuration. More Information: CSCuz21015. Known Affected Releases:… | ||
| CVE-2016-9193 | Hig | 0.49 | 7.5 | 0.02 | Dec 14, 2016 | A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. Affected Products: Cisco… | ||
| CVE-2016-7952 | Hig | 0.49 | 7.5 | 0.02 | Dec 13, 2016 | X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service (infinite loop) via a reply in the (1) XRecordStartOfData, (2) XRecordEndOfData, or (3) XRecordClientDied category without a client sequence and with attached data. | ||
| CVE-2016-9863 | Hig | 0.49 | 7.5 | 0.02 | Dec 11, 2016 | An issue was discovered in phpMyAdmin. With a very large request to table partitioning function, it is possible to invoke a Denial of Service (DoS) attack. All 4.6.x versions (prior to 4.6.5) are affected. |
- risk 0.49cvss 7.5epss 0.01
The rsa_verify_hash_ex function in rsa_verify_hash.c in LibTomCrypt, as used in OP-TEE before 2.2.0, does not validate that the message length is equal to the ASN.1 encoded data length, which makes it easier for remote attackers to forge RSA signatures or public certificates by…
- risk 0.49cvss 7.5epss 0.01
Samsung devices with Android KK(4.4), L(5.0/5.1), or M(6.0) allow attackers to cause a denial of service (system crash) via a crafted system call to TvoutService_C.
- risk 0.49cvss 7.5epss 0.02
A denial of service vulnerability in Bionic DNS could enable a remote attacker to use a specially crafted network packet to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2,…
- risk 0.49cvss 7.5epss 0.03
The construct function in puff.cpp in Libtorrent 1.1.0 allows remote torrent trackers to cause a denial of service (segmentation fault and crash) via a crafted GZIP response.
- risk 0.49cvss 7.5epss 0.05
The demangler in GNU Libiberty allows remote attackers to cause a denial of service (infinite loop, stack overflow, and crash) via a cycle in the references of remembered mangled types.
- risk 0.49cvss 7.5epss 0.02
An undisclosed traffic pattern received by a BIG-IP Virtual Server with TCP Fast Open enabled may cause the Traffic Management Microkernel (TMM) to restart, resulting in a Denial-of-Service (DoS).
- risk 0.49cvss 7.5epss 0.04
Crypto++ (aka cryptopp and libcrypto++) 5.6.4 contained a bug in its ASN.1 BER decoding routine. The library will allocate a memory block based on the length field of the ASN.1 object. If there is not enough content octets in the ASN.1 object, then the function will fail and the…
- risk 0.49cvss 7.5epss 0.04
Odata Server in SAP Adaptive Server Enterprise (ASE) 16 allows remote attackers to cause a denial of service (process crash) via a series of crafted requests, aka SAP Security Note 2330422.
- risk 0.49cvss 7.5epss 0.00
The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in the bootloader configuration file.
- risk 0.49cvss 7.5epss 0.02
The automatic update feature in KeePass 2.33 and earlier allows man-in-the-middle attackers to execute arbitrary code by spoofing the version check response and supplying a crafted update.
- risk 0.49cvss 7.5epss 0.04
The hardware VPN client in Viprinet MultichannelVPN Router 300 version 2013070830/2013080900 does not validate the remote VPN endpoint identity (through the checking of the endpoint's SSL key) before initiating the exchange, which allows remote attackers to perform a replay…
- risk 0.49cvss 7.5epss 0.01
A denial of service vulnerability in core networking could enable a remote attacker to use specially crafted network packet to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1,…
- risk 0.49cvss 7.5epss 0.02
lynx: It was found that Lynx doesn't parse the authority component of the URL correctly when the host name part ends with '?', and could instead be tricked into connecting to a different host.
- risk 0.49cvss 7.5epss 0.03
A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7…
- risk 0.49cvss 7.5epss 0.03
A vulnerability in the Decrypt for End-User Notification configuration parameter of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to connect to a secure website over Secure Sockets Layer (SSL) or Transport Layer Security…
- risk 0.49cvss 7.5epss 0.03
A vulnerability in TCP port management in Cisco ONS 15454 Series Multiservice Provisioning Platforms could allow an unauthenticated, remote attacker to cause the controller card to unexpectedly reload. More Information: CSCuw26032. Known Affected Releases: 10.51.
- risk 0.49cvss 7.5epss 0.03
A vulnerability in the Zone-Based Firewall feature of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to pass traffic that should otherwise have been dropped based on the configuration. More Information: CSCuz21015. Known Affected Releases:…
- risk 0.49cvss 7.5epss 0.02
A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. Affected Products: Cisco…
- risk 0.49cvss 7.5epss 0.02
X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service (infinite loop) via a reply in the (1) XRecordStartOfData, (2) XRecordEndOfData, or (3) XRecordClientDied category without a client sequence and with attached data.
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in phpMyAdmin. With a very large request to table partitioning function, it is possible to invoke a Denial of Service (DoS) attack. All 4.6.x versions (prior to 4.6.5) are affected.