CWE-20
Improper Input Validation
Description
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-101 · CAPEC-104 · CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-120 · CAPEC-13 · CAPEC-135 · CAPEC-136 · CAPEC-14 · CAPEC-153 · CAPEC-182 · CAPEC-209 · CAPEC-22 · CAPEC-23 · CAPEC-230 · CAPEC-231 · CAPEC-24 · CAPEC-250 · CAPEC-261 · CAPEC-267 · CAPEC-28 · CAPEC-3 · CAPEC-31 · CAPEC-42 · CAPEC-43 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-473 · CAPEC-52 · CAPEC-53 · CAPEC-588 · CAPEC-63 · CAPEC-64 · CAPEC-664 · CAPEC-67 · CAPEC-7 · CAPEC-71 · CAPEC-72 · CAPEC-73 · CAPEC-78 · CAPEC-79 · CAPEC-8 · CAPEC-80 · CAPEC-81 · CAPEC-83 · CAPEC-85 · CAPEC-88 · CAPEC-9
CVEs mapped to this weakness (8,003)
page 37 of 401| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-1747 | — | Cri | 0.57 | 9.8 | 0.05 | Mar 24, 2020 | A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process… | |
| CVE-2020-10108 | — | Cri | 0.57 | 9.8 | 0.04 | Mar 12, 2020 | In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with two content-length headers, it ignored the first header. When the second content-length value was set to zero, the request body was interpreted as a pipelined request. | |
| CVE-2014-4657 | — | Cri | 0.57 | 9.8 | 0.04 | Feb 20, 2020 | The safe_eval function in Ansible before 1.5.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions. | |
| CVE-2020-8125 | — | Cri | 0.57 | 9.8 | 0.04 | Feb 4, 2020 | Flaw in input validation in npm package klona version 1.1.0 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using klona. | |
| CVE-2015-2784 | — | Cri | 0.57 | 9.8 | 0.02 | Jan 21, 2020 | The papercrop gem before 0.3.0 for Ruby on Rails does not properly handle crop input. | |
| CVE-2020-6948 | — | Cri | 0.57 | 9.8 | 0.04 | Jan 13, 2020 | A remote code execution issue was discovered in HashBrown CMS through 1.3.3. Server/Entity/Deployer/GitDeployer.js has a Service.AppService.exec call that mishandles the URL, repository, username, and password. | |
| CVE-2011-1028 | — | Cri | 0.57 | 9.8 | 0.02 | Nov 20, 2019 | The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smarty_internal_compile_private_special_variable.php file. | |
| CVE-2012-4438 | Hig | 0.57 | 8.8 | 0.02 | Nov 18, 2019 | Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers with read access and HTTP access to Jenkins master to insert data and execute arbitrary code. | ||
| CVE-2019-16676 | — | Cri | 0.57 | 9.8 | 0.03 | Sep 30, 2019 | Plataformatec Simple Form has Incorrect Access Control in file_method? in lib/simple_form/form_builder.rb, because a user-supplied string is invoked as a method call. | |
| CVE-2019-16142 | — | Cri | 0.57 | 9.8 | 0.02 | Sep 9, 2019 | An issue was discovered in the renderdoc crate before 0.5.0 for Rust. Multiple exposed methods take self by immutable reference, which is incompatible with a multi-threaded application. | |
| CVE-2019-15657 | — | Cri | 0.57 | 9.8 | 0.02 | Aug 26, 2019 | In eslint-utils before 1.4.1, the getStaticValue function can execute arbitrary code. | |
| CVE-2019-10199 | Hig | 0.57 | 8.8 | 0.01 | Aug 14, 2019 | It was found that Keycloak's account console, up to 6.0.1, did not perform adequate header checks in some requests. An attacker could use this flaw to trick an authenticated user into performing operations via request from an untrusted domain. | ||
| CVE-2019-10648 | Cri | 0.57 | 9.8 | 0.02 | Mar 30, 2019 | Robocode through 1.9.3.5 allows remote attackers to cause external service interaction (DNS), as demonstrated by a query for a unique subdomain name within an attacker-controlled DNS zone, because of a .openStream call within java.net.URL. | ||
| CVE-2018-6333 | Cri | 0.57 | 9.8 | 0.02 | Dec 31, 2018 | The hhvm-attach deep link handler in Nuclide did not properly sanitize the provided hostname parameter when rendering. As a result, a malicious URL could be used to render HTML and other content inside of the editor's context, which could potentially be chained to lead to code… | ||
| CVE-2018-0472 | Hig | 0.57 | 8.6 | 0.16 | Oct 5, 2018 | A vulnerability in the IPsec driver code of multiple Cisco IOS XE Software platforms and the Cisco ASA 5500-X Series Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to improper processing… | ||
| CVE-2018-6055 | Hig | 0.57 | 8.8 | 0.01 | Sep 25, 2018 | Insufficient policy enforcement in Catalog Service in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted HTML page. | ||
| CVE-2018-6043 | Hig | 0.57 | 8.8 | 0.02 | Sep 25, 2018 | Insufficient data validation in External Protocol Handler in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially execute arbitrary programs on user machine via a crafted HTML page. | ||
| CVE-2018-6033 | Hig | 0.57 | 8.8 | 0.01 | Sep 25, 2018 | Insufficient data validation in Downloads in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted Chrome Extension. | ||
| CVE-2018-14318 | Hig | 0.57 | 8.8 | 0.02 | Sep 24, 2018 | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8 G950FXXU1AQL5. User interaction is required to exploit this vulnerability in that the target must have their cellular radios enabled. The specific flaw exists… | ||
| CVE-2018-10496 | Hig | 0.57 | 8.8 | 0.02 | Sep 24, 2018 | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Internet Browser Fixed in version 6.4.0.15. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious… |
- risk 0.57cvss 9.8epss 0.05
A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process…
- risk 0.57cvss 9.8epss 0.04
In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with two content-length headers, it ignored the first header. When the second content-length value was set to zero, the request body was interpreted as a pipelined request.
- risk 0.57cvss 9.8epss 0.04
The safe_eval function in Ansible before 1.5.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions.
- risk 0.57cvss 9.8epss 0.04
Flaw in input validation in npm package klona version 1.1.0 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using klona.
- risk 0.57cvss 9.8epss 0.02
The papercrop gem before 0.3.0 for Ruby on Rails does not properly handle crop input.
- risk 0.57cvss 9.8epss 0.04
A remote code execution issue was discovered in HashBrown CMS through 1.3.3. Server/Entity/Deployer/GitDeployer.js has a Service.AppService.exec call that mishandles the URL, repository, username, and password.
- risk 0.57cvss 9.8epss 0.02
The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smarty_internal_compile_private_special_variable.php file.
- risk 0.57cvss 8.8epss 0.02
Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers with read access and HTTP access to Jenkins master to insert data and execute arbitrary code.
- risk 0.57cvss 9.8epss 0.03
Plataformatec Simple Form has Incorrect Access Control in file_method? in lib/simple_form/form_builder.rb, because a user-supplied string is invoked as a method call.
- risk 0.57cvss 9.8epss 0.02
An issue was discovered in the renderdoc crate before 0.5.0 for Rust. Multiple exposed methods take self by immutable reference, which is incompatible with a multi-threaded application.
- risk 0.57cvss 9.8epss 0.02
In eslint-utils before 1.4.1, the getStaticValue function can execute arbitrary code.
- risk 0.57cvss 8.8epss 0.01
It was found that Keycloak's account console, up to 6.0.1, did not perform adequate header checks in some requests. An attacker could use this flaw to trick an authenticated user into performing operations via request from an untrusted domain.
- risk 0.57cvss 9.8epss 0.02
Robocode through 1.9.3.5 allows remote attackers to cause external service interaction (DNS), as demonstrated by a query for a unique subdomain name within an attacker-controlled DNS zone, because of a .openStream call within java.net.URL.
- risk 0.57cvss 9.8epss 0.02
The hhvm-attach deep link handler in Nuclide did not properly sanitize the provided hostname parameter when rendering. As a result, a malicious URL could be used to render HTML and other content inside of the editor's context, which could potentially be chained to lead to code…
- risk 0.57cvss 8.6epss 0.16
A vulnerability in the IPsec driver code of multiple Cisco IOS XE Software platforms and the Cisco ASA 5500-X Series Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to improper processing…
- risk 0.57cvss 8.8epss 0.01
Insufficient policy enforcement in Catalog Service in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.02
Insufficient data validation in External Protocol Handler in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially execute arbitrary programs on user machine via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
Insufficient data validation in Downloads in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted Chrome Extension.
- risk 0.57cvss 8.8epss 0.02
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8 G950FXXU1AQL5. User interaction is required to exploit this vulnerability in that the target must have their cellular radios enabled. The specific flaw exists…
- risk 0.57cvss 8.8epss 0.02
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Internet Browser Fixed in version 6.4.0.15. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious…