CWE-20

Improper Input Validation

ClassStableLikelihood: High

Description

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Hierarchy (View 1000)

Parents

CWE-707

Children

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-101 · CAPEC-104 · CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-120 · CAPEC-13 · CAPEC-135 · CAPEC-136 · CAPEC-14 · CAPEC-153 · CAPEC-182 · CAPEC-209 · CAPEC-22 · CAPEC-23 · CAPEC-230 · CAPEC-231 · CAPEC-24 · CAPEC-250 · CAPEC-261 · CAPEC-267 · CAPEC-28 · CAPEC-3 · CAPEC-31 · CAPEC-42 · CAPEC-43 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-473 · CAPEC-52 · CAPEC-53 · CAPEC-588 · CAPEC-63 · CAPEC-64 · CAPEC-664 · CAPEC-67 · CAPEC-7 · CAPEC-71 · CAPEC-72 · CAPEC-73 · CAPEC-78 · CAPEC-79 · CAPEC-8 · CAPEC-80 · CAPEC-81 · CAPEC-83 · CAPEC-85 · CAPEC-88 · CAPEC-9

CVEs mapped to this weakness (6,893)

page 233 of 345

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2015-1103	Apple Inc. iOS	—	0.01	Apr 10, 2015	The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 makes routing changes in response to ICMP_REDIRECT messages, which allows remote attackers to cause a denial of service (network outage) or obtain sensitive packet-content information via a…
CVE-2015-1102	Apple Inc. iOS	—	0.02	Apr 10, 2015	The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly handle TCP headers, which allows man-in-the-middle attackers to cause a denial of service via unspecified vectors.
CVE-2015-1088	Apple Inc. iOS	—	0.02	Apr 10, 2015	CFURL in Apple iOS before 8.3 and Apple OS X before 10.10.3 does not properly validate URLs, which allows remote attackers to execute arbitrary code via a crafted web site.
CVE-2015-1086	Apple Inc. iOS	—	0.00	Apr 10, 2015	The Audio Drivers subsystem in Apple iOS before 8.3 and Apple TV before 7.2 does not properly validate IOKit object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted app.
CVE-2015-2822	Siemens Foundation Wincc	—	0.01	Apr 8, 2015	Siemens SIMATIC HMI Comfort Panels before WinCC (TIA Portal) 13 SP1 Upd2 and SIMATIC WinCC Runtime Advanced before WinCC (TIA Portal) 13 SP1 Upd2 allow man-in-the-middle attackers to cause a denial of service via crafted packets on TCP port 102.
CVE-2015-0799	Mozilla Corporation Firefox	—	0.00	Apr 8, 2015	The HTTP Alternative Services feature in Mozilla Firefox before 37.0.1 allows man-in-the-middle attackers to bypass an intended X.509 certificate-verification step for an SSL server by specifying that server in the uri-host field of an Alt-Svc HTTP/2 response header.
CVE-2015-1843	Red Hat Docker	—	0.02	Apr 6, 2015	The Red Hat docker package before 1.5.0-28, when using the --add-registry option, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a…
CVE-2015-0685	Cisco Systems, Inc. iOS Xe	—	0.00	Apr 3, 2015	Cisco IOS XE before 3.7.5S on ASR 1000 devices does not properly handle route adjacencies, which allows remote attackers to cause a denial of service (device hang) via crafted IP packets, aka Bug ID CSCub31873.
CVE-2015-2819	SAP SQL Anywhere	—	0.03	Apr 1, 2015	SAP Sybase SQL Anywhere 11 and 16 allows remote attackers to cause a denial of service (crash) via a crafted request, aka SAP Security Note 2108161.
CVE-2015-2752	Xen Xen	—	0.00	Apr 1, 2015	The XEN_DOMCTL_memory_mapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service (host CPU consumption) via a crafted request to the device model (qemu-dm).
CVE-2015-0810	Mozilla Corporation Firefox	—	0.00	Apr 1, 2015	Mozilla Firefox before 37.0 on OS X does not ensure that the cursor is visible, which allows remote attackers to conduct clickjacking attacks via a Flash object in conjunction with DIV elements associated with layered presentation, and crafted JavaScript code that interacts with…
CVE-2015-2776	Gaia Gis Freexl	—	0.02	Mar 31, 2015	The parse_SST function in FreeXL before 1.0.0i allows remote attackers to cause a denial of service (memory consumption) via a crafted shared strings table in a workbook.
CVE-2015-2754	Gaia Gis Freexl	—	0.02	Mar 31, 2015	FreeXL before 1.0.0i allows remote attackers to cause a denial of service (stack corruption) and possibly execute arbitrary code via a crafted workbook, related to a "premature EOF."
CVE-2015-2753	Gaia Gis Freexl	—	0.02	Mar 31, 2015	FreeXL before 1.0.0i allows remote attackers to cause a denial of service (stack corruption) or possibly execute arbitrary code via a crafted sector in a workbook.
CVE-2015-2684	Internet2 Service Provider	—	0.00	Mar 31, 2015	Shibboleth Service Provider (SP) before 2.5.4 allows remote authenticated users to cause a denial of service (crash) via a crafted SAML message.
CVE-2014-9462	Mercurial Mercurial	—	0.01	Mar 31, 2015	The _validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command.
CVE-2015-1609	MongoDB MongoDB	—	0.02	Mar 30, 2015	MongoDB before 2.4.13 and 2.6.x before 2.6.8 allows remote attackers to cause a denial of service via a crafted UTF-8 string in a BSON request.
CVE-2014-9653	PHP PHP	—	0.07	Mar 30, 2015	readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service…
CVE-2015-0679	Cisco Systems, Inc. Wireless Lan Controller Software	—	0.00	Mar 28, 2015	The web-authentication functionality on Cisco Wireless LAN Controller (WLC) devices 7.3(103.8) and 7.4(110.0) allows remote attackers to cause a denial of service (device reload) via a malformed password, aka Bug ID CSCui57980.
CVE-2015-0658	Cisco Systems, Inc. Nx OS	—	0.00	Mar 28, 2015	The DHCP implementation in the PowerOn Auto Provisioning (POAP) feature in Cisco NX-OS does not properly restrict the initialization process, which allows remote attackers to execute arbitrary commands as root by sending crafted response packets on the local network, aka Bug ID…

CVE-2015-1103Apr 10, 2015
Apple Inc.
iOS
risk 0.00cvss —epss 0.01
The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 makes routing changes in response to ICMP_REDIRECT messages, which allows remote attackers to cause a denial of service (network outage) or obtain sensitive packet-content information via a…
CVE-2015-1102Apr 10, 2015
Apple Inc.
iOS
risk 0.00cvss —epss 0.02
The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly handle TCP headers, which allows man-in-the-middle attackers to cause a denial of service via unspecified vectors.
CVE-2015-1088Apr 10, 2015
Apple Inc.
iOS
risk 0.00cvss —epss 0.02
CFURL in Apple iOS before 8.3 and Apple OS X before 10.10.3 does not properly validate URLs, which allows remote attackers to execute arbitrary code via a crafted web site.
CVE-2015-1086Apr 10, 2015
Apple Inc.
iOS
risk 0.00cvss —epss 0.00
The Audio Drivers subsystem in Apple iOS before 8.3 and Apple TV before 7.2 does not properly validate IOKit object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted app.
CVE-2015-2822Apr 8, 2015
Siemens Foundation
Wincc
risk 0.00cvss —epss 0.01
Siemens SIMATIC HMI Comfort Panels before WinCC (TIA Portal) 13 SP1 Upd2 and SIMATIC WinCC Runtime Advanced before WinCC (TIA Portal) 13 SP1 Upd2 allow man-in-the-middle attackers to cause a denial of service via crafted packets on TCP port 102.
CVE-2015-0799Apr 8, 2015
Mozilla Corporation
Firefox
risk 0.00cvss —epss 0.00
The HTTP Alternative Services feature in Mozilla Firefox before 37.0.1 allows man-in-the-middle attackers to bypass an intended X.509 certificate-verification step for an SSL server by specifying that server in the uri-host field of an Alt-Svc HTTP/2 response header.
CVE-2015-1843Apr 6, 2015
Red Hat
Docker
risk 0.00cvss —epss 0.02
The Red Hat docker package before 1.5.0-28, when using the --add-registry option, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a…
CVE-2015-0685Apr 3, 2015
Cisco Systems, Inc.
iOS Xe
risk 0.00cvss —epss 0.00
Cisco IOS XE before 3.7.5S on ASR 1000 devices does not properly handle route adjacencies, which allows remote attackers to cause a denial of service (device hang) via crafted IP packets, aka Bug ID CSCub31873.
CVE-2015-2819Apr 1, 2015
SAP
SQL Anywhere
risk 0.00cvss —epss 0.03
SAP Sybase SQL Anywhere 11 and 16 allows remote attackers to cause a denial of service (crash) via a crafted request, aka SAP Security Note 2108161.
CVE-2015-2752Apr 1, 2015
Xen
Xen
risk 0.00cvss —epss 0.00
The XEN_DOMCTL_memory_mapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service (host CPU consumption) via a crafted request to the device model (qemu-dm).
CVE-2015-0810Apr 1, 2015
Mozilla Corporation
Firefox
risk 0.00cvss —epss 0.00
Mozilla Firefox before 37.0 on OS X does not ensure that the cursor is visible, which allows remote attackers to conduct clickjacking attacks via a Flash object in conjunction with DIV elements associated with layered presentation, and crafted JavaScript code that interacts with…
CVE-2015-2776Mar 31, 2015
Gaia Gis
Freexl
risk 0.00cvss —epss 0.02
The parse_SST function in FreeXL before 1.0.0i allows remote attackers to cause a denial of service (memory consumption) via a crafted shared strings table in a workbook.
CVE-2015-2754Mar 31, 2015
Gaia Gis
Freexl
risk 0.00cvss —epss 0.02
FreeXL before 1.0.0i allows remote attackers to cause a denial of service (stack corruption) and possibly execute arbitrary code via a crafted workbook, related to a "premature EOF."
CVE-2015-2753Mar 31, 2015
Gaia Gis
Freexl
risk 0.00cvss —epss 0.02
FreeXL before 1.0.0i allows remote attackers to cause a denial of service (stack corruption) or possibly execute arbitrary code via a crafted sector in a workbook.
CVE-2015-2684Mar 31, 2015
Internet2
Service Provider
risk 0.00cvss —epss 0.00
Shibboleth Service Provider (SP) before 2.5.4 allows remote authenticated users to cause a denial of service (crash) via a crafted SAML message.
CVE-2014-9462Mar 31, 2015
Mercurial
Mercurial
risk 0.00cvss —epss 0.01
The _validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command.
CVE-2015-1609Mar 30, 2015
MongoDB
MongoDB
risk 0.00cvss —epss 0.02
MongoDB before 2.4.13 and 2.6.x before 2.6.8 allows remote attackers to cause a denial of service via a crafted UTF-8 string in a BSON request.
CVE-2014-9653Mar 30, 2015
PHP
PHP
risk 0.00cvss —epss 0.07
readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service…
CVE-2015-0679Mar 28, 2015
Cisco Systems, Inc.
Wireless Lan Controller Software
risk 0.00cvss —epss 0.00
The web-authentication functionality on Cisco Wireless LAN Controller (WLC) devices 7.3(103.8) and 7.4(110.0) allows remote attackers to cause a denial of service (device reload) via a malformed password, aka Bug ID CSCui57980.
CVE-2015-0658Mar 28, 2015
Cisco Systems, Inc.
Nx OS
risk 0.00cvss —epss 0.00
The DHCP implementation in the PowerOn Auto Provisioning (POAP) feature in Cisco NX-OS does not properly restrict the initialization process, which allows remote attackers to execute arbitrary commands as root by sending crafted response packets on the local network, aka Bug ID…