CWE-20
Improper Input Validation
Description
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-101 · CAPEC-104 · CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-120 · CAPEC-13 · CAPEC-135 · CAPEC-136 · CAPEC-14 · CAPEC-153 · CAPEC-182 · CAPEC-209 · CAPEC-22 · CAPEC-23 · CAPEC-230 · CAPEC-231 · CAPEC-24 · CAPEC-250 · CAPEC-261 · CAPEC-267 · CAPEC-28 · CAPEC-3 · CAPEC-31 · CAPEC-42 · CAPEC-43 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-473 · CAPEC-52 · CAPEC-53 · CAPEC-588 · CAPEC-63 · CAPEC-64 · CAPEC-664 · CAPEC-67 · CAPEC-7 · CAPEC-71 · CAPEC-72 · CAPEC-73 · CAPEC-78 · CAPEC-79 · CAPEC-8 · CAPEC-80 · CAPEC-81 · CAPEC-83 · CAPEC-85 · CAPEC-88 · CAPEC-9
CVEs mapped to this weakness (5,710)
page 274 of 286| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2008-0414 | 0.00 | — | 0.02 | Feb 8, 2008 | Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to trick the user into uploading arbitrary files via label tags that shift focus to a file input field, aka "focus spoofing." | ||
| CVE-2008-0656 | 0.00 | — | 0.03 | Feb 7, 2008 | Unrestricted file upload vulnerability in dmclTrace.jsp in EMC Documentum Administrator 5.3.0.313 and Webtop 5.3.0.317 allows remote attackers to overwrite arbitrary files via the filename attribute. | ||
| CVE-2008-0570 | 0.00 | — | 0.00 | Feb 5, 2008 | The OpenID 5.x-1.0 and earlier module for Drupal does not properly verify the claimed_id returned by an OpenID provider, which allows remote OpenID providers to spoof OpenID authentication for domains associated with other providers. | ||
| CVE-2007-4130 | 0.00 | — | 0.00 | Feb 5, 2008 | The Linux kernel 2.6.9 before 2.6.9-67 in Red Hat Enterprise Linux (RHEL) 4 on Itanium (ia64) does not properly handle page faults during NUMA memory access, which allows local users to cause a denial of service (panic) via invalid arguments to set_mempolicy in an MPOL_BIND operation. | ||
| CVE-2008-0386 | 0.00 | — | 0.03 | Feb 4, 2008 | Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URL argument to (1) xdg-open or (2) xdg-email. | ||
| CVE-2008-0475 | 0.00 | — | 0.00 | Jan 29, 2008 | ManageEngine Applications Manager 8.1 build 8100 allows remote attackers to obtain sensitive information ( Home->Summary) via an invalid URI, as demonstrated by the "/-" URI. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||
| CVE-2008-0008 | 0.00 | — | 0.00 | Jan 29, 2008 | The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail via attacks such as resource exhaustion. | ||
| CVE-2008-0373 | 0.00 | — | 0.01 | Jan 22, 2008 | Unrestricted file upload vulnerability in PHP F1 Max's File Uploader allows remote attackers to upload and execute arbitrary PHP files. | ||
| CVE-2008-0171 | 0.00 | — | 0.03 | Jan 17, 2008 | regex/v4/perl_matcher_non_recursive.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (failed assertion and crash) via an invalid regular expression. | ||
| CVE-2008-0172 | 0.00 | — | 0.02 | Jan 17, 2008 | The get_repeat_type function in basic_regex_creator.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (NULL dereference and crash) via an invalid regular expression. | ||
| CVE-2008-0331 | 0.00 | — | 0.01 | Jan 17, 2008 | Unspecified vulnerability in Funkwerk System Software before 7.4.1 PATCH 9 for certain Funkwerk Router / VPN devices allows remote attackers to cause a denial of service (panic and reboot) via unspecified DNS requests. | ||
| CVE-2007-6689 | 0.00 | — | 0.01 | Jan 17, 2008 | Menalto Gallery before 2.2.4 does not properly check for malicious file extensions during file uploads, which allows attackers to execute arbitrary code via the (1) Core application or (2) MIME module. | ||
| CVE-2007-6684 | 0.00 | — | 0.01 | Jan 17, 2008 | The RTSP module in VideoLAN VLC 0.8.6d allows remote attackers to cause a denial of service (crash) via a request without a Transport parameter, which triggers a NULL pointer dereference. | ||
| CVE-2008-0264 | 0.00 | — | 0.01 | Jan 15, 2008 | Unspecified vulnerability in the Meta Tags (aka Nodewords) 5.x-1.6 module for Drupal, when images are permitted in node bodies, allows remote authenticated users to execute arbitrary code via unspecified vectors involving creation of a node. | ||
| CVE-2008-0277 | 0.00 | — | 0.01 | Jan 15, 2008 | Unspecified vulnerability in the Fileshare module for Drupal allows remote authenticated users with node-creation privileges to execute arbitrary code via unspecified vectors. | ||
| CVE-2008-0241 | 0.00 | — | 0.02 | Jan 11, 2008 | Open redirect vulnerability in /idm/user/login.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the nextPage parameter. | ||
| CVE-2008-0199 | 0.00 | — | 0.01 | Jan 10, 2008 | PRO-Search 0.17 and earlier allows remote attackers to cause a denial of service via certain values of the show_page and time parameters to the default URI. | ||
| CVE-2008-0209 | 0.00 | — | 0.00 | Jan 10, 2008 | Open redirect vulnerability in Forums/login.asp in Snitz Forums 2000 3.4.06 and earlier allows remote attackers to redirect users to arbitrary web sites via a URL in the target parameter. | ||
| CVE-2007-0012 | 0.00 | — | 0.01 | Jan 9, 2008 | Sun JRE 5.0 before update 14 allows remote attackers to cause a denial of service (Internet Explorer crash) via an object tag with an encoded applet and an undefined name attribute, which triggers a NULL pointer dereference in jpiexp32.dll when the applet is decoded and passed to the JVM. | ||
| CVE-2008-0101 | 0.00 | — | 0.04 | Jan 8, 2008 | Format string vulnerability in the swDebugf function in DuneApp.cpp in White_Dune 0.29 beta791 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a .WRL file. |
- CVE-2008-0414Feb 8, 2008risk 0.00cvss —epss 0.02
Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to trick the user into uploading arbitrary files via label tags that shift focus to a file input field, aka "focus spoofing."
- CVE-2008-0656Feb 7, 2008risk 0.00cvss —epss 0.03
Unrestricted file upload vulnerability in dmclTrace.jsp in EMC Documentum Administrator 5.3.0.313 and Webtop 5.3.0.317 allows remote attackers to overwrite arbitrary files via the filename attribute.
- CVE-2008-0570Feb 5, 2008risk 0.00cvss —epss 0.00
The OpenID 5.x-1.0 and earlier module for Drupal does not properly verify the claimed_id returned by an OpenID provider, which allows remote OpenID providers to spoof OpenID authentication for domains associated with other providers.
- CVE-2007-4130Feb 5, 2008risk 0.00cvss —epss 0.00
The Linux kernel 2.6.9 before 2.6.9-67 in Red Hat Enterprise Linux (RHEL) 4 on Itanium (ia64) does not properly handle page faults during NUMA memory access, which allows local users to cause a denial of service (panic) via invalid arguments to set_mempolicy in an MPOL_BIND operation.
- CVE-2008-0386Feb 4, 2008risk 0.00cvss —epss 0.03
Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URL argument to (1) xdg-open or (2) xdg-email.
- CVE-2008-0475Jan 29, 2008risk 0.00cvss —epss 0.00
ManageEngine Applications Manager 8.1 build 8100 allows remote attackers to obtain sensitive information ( Home->Summary) via an invalid URI, as demonstrated by the "/-" URI. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
- CVE-2008-0008Jan 29, 2008risk 0.00cvss —epss 0.00
The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail via attacks such as resource exhaustion.
- CVE-2008-0373Jan 22, 2008risk 0.00cvss —epss 0.01
Unrestricted file upload vulnerability in PHP F1 Max's File Uploader allows remote attackers to upload and execute arbitrary PHP files.
- CVE-2008-0171Jan 17, 2008risk 0.00cvss —epss 0.03
regex/v4/perl_matcher_non_recursive.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (failed assertion and crash) via an invalid regular expression.
- CVE-2008-0172Jan 17, 2008risk 0.00cvss —epss 0.02
The get_repeat_type function in basic_regex_creator.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (NULL dereference and crash) via an invalid regular expression.
- CVE-2008-0331Jan 17, 2008risk 0.00cvss —epss 0.01
Unspecified vulnerability in Funkwerk System Software before 7.4.1 PATCH 9 for certain Funkwerk Router / VPN devices allows remote attackers to cause a denial of service (panic and reboot) via unspecified DNS requests.
- CVE-2007-6689Jan 17, 2008risk 0.00cvss —epss 0.01
Menalto Gallery before 2.2.4 does not properly check for malicious file extensions during file uploads, which allows attackers to execute arbitrary code via the (1) Core application or (2) MIME module.
- CVE-2007-6684Jan 17, 2008risk 0.00cvss —epss 0.01
The RTSP module in VideoLAN VLC 0.8.6d allows remote attackers to cause a denial of service (crash) via a request without a Transport parameter, which triggers a NULL pointer dereference.
- CVE-2008-0264Jan 15, 2008risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Meta Tags (aka Nodewords) 5.x-1.6 module for Drupal, when images are permitted in node bodies, allows remote authenticated users to execute arbitrary code via unspecified vectors involving creation of a node.
- CVE-2008-0277Jan 15, 2008risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Fileshare module for Drupal allows remote authenticated users with node-creation privileges to execute arbitrary code via unspecified vectors.
- CVE-2008-0241Jan 11, 2008risk 0.00cvss —epss 0.02
Open redirect vulnerability in /idm/user/login.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the nextPage parameter.
- CVE-2008-0199Jan 10, 2008risk 0.00cvss —epss 0.01
PRO-Search 0.17 and earlier allows remote attackers to cause a denial of service via certain values of the show_page and time parameters to the default URI.
- CVE-2008-0209Jan 10, 2008risk 0.00cvss —epss 0.00
Open redirect vulnerability in Forums/login.asp in Snitz Forums 2000 3.4.06 and earlier allows remote attackers to redirect users to arbitrary web sites via a URL in the target parameter.
- CVE-2007-0012Jan 9, 2008risk 0.00cvss —epss 0.01
Sun JRE 5.0 before update 14 allows remote attackers to cause a denial of service (Internet Explorer crash) via an object tag with an encoded applet and an undefined name attribute, which triggers a NULL pointer dereference in jpiexp32.dll when the applet is decoded and passed to the JVM.
- CVE-2008-0101Jan 8, 2008risk 0.00cvss —epss 0.04
Format string vulnerability in the swDebugf function in DuneApp.cpp in White_Dune 0.29 beta791 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a .WRL file.