CWE-20
Improper Input Validation
Description
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-101 · CAPEC-104 · CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-120 · CAPEC-13 · CAPEC-135 · CAPEC-136 · CAPEC-14 · CAPEC-153 · CAPEC-182 · CAPEC-209 · CAPEC-22 · CAPEC-23 · CAPEC-230 · CAPEC-231 · CAPEC-24 · CAPEC-250 · CAPEC-261 · CAPEC-267 · CAPEC-28 · CAPEC-3 · CAPEC-31 · CAPEC-42 · CAPEC-43 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-473 · CAPEC-52 · CAPEC-53 · CAPEC-588 · CAPEC-63 · CAPEC-64 · CAPEC-664 · CAPEC-67 · CAPEC-7 · CAPEC-71 · CAPEC-72 · CAPEC-73 · CAPEC-78 · CAPEC-79 · CAPEC-8 · CAPEC-80 · CAPEC-81 · CAPEC-83 · CAPEC-85 · CAPEC-88 · CAPEC-9
CVEs mapped to this weakness (8,003)
page 38 of 401| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-15832 | Hig | 0.57 | 8.8 | 0.04 | Sep 20, 2018 | upc.exe in Ubisoft Uplay Desktop Client versions 63.0.5699.0 allows remote attackers to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the… | ||
| CVE-2018-5545 | — | Hig | 0.57 | 8.8 | 0.02 | Sep 13, 2018 | On F5 WebSafe Alert Server 1.0.0-4.2.6, a malicious, authenticated user can execute code on the alert server by using a maliciously crafted payload. | |
| CVE-2018-2462 | Hig | 0.57 | 8.8 | 0.02 | Sep 11, 2018 | In certain cases, BEx Web Java Runtime Export Web Service in SAP NetWeaver BI 7.30, 7.31. 7.40, 7.41, 7.50, does not sufficiently validate an XML document accepted from an untrusted source. | ||
| CVE-2018-10929 | Hig | 0.57 | 8.8 | 0.03 | Sep 4, 2018 | A flaw was found in RPC request using gfs2_create_req in glusterfs server. An authenticated attacker could use this flaw to create arbitrary files and execute arbitrary code on glusterfs server nodes. | ||
| CVE-2018-10926 | — | Hig | 0.57 | 8.8 | 0.03 | Sep 4, 2018 | A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server. An authenticated attacker could use this flaw to write files to an arbitrary location via path traversal and execute arbitrary code on a glusterfs server node. | |
| CVE-2018-15601 | — | Cri | 0.57 | 9.8 | 0.02 | Aug 21, 2018 | apps/filemanager/handlers/upload/drop.php in Elefant CMS 2.0.3 performs a urldecode step too late in the "Cannot upload executable files" protection mechanism. | |
| CVE-2018-15358 | Hig | 0.57 | 8.8 | 0.01 | Aug 17, 2018 | An authenticated attacker with low privileges can activate high privileged user and use it to expand attack surface in Eltex ESP-200 firmware version 1.2.0. | ||
| CVE-2018-7059 | Hig | 0.57 | 8.8 | 0.01 | Aug 6, 2018 | Aruba ClearPass prior to 6.6.9 has a vulnerability in the API that helps to coordinate cluster actions. An authenticated user with the "mon" permission could use this vulnerability to obtain cluster credentials which could allow privilege escalation. This vulnerability is only… | ||
| CVE-2018-14281 | Hig | 0.57 | 8.8 | 0.03 | Jul 31, 2018 | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | ||
| CVE-2018-14280 | Hig | 0.57 | 8.8 | 0.03 | Jul 31, 2018 | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | ||
| CVE-2018-12941 | Hig | 0.57 | 8.8 | 0.04 | Jul 31, 2018 | This vulnerability allows remote attackers to execute arbitrary code in SeedDMS (formerly LetoDMS and MyDMS) before 5.1.8 by adding a system command at the end of the "cacheDir" path and following usage of the "Clear Cache" functionality. This allows an authenticated attacker,… | ||
| CVE-2018-3772 | — | Cri | 0.57 | 9.8 | 0.03 | Jul 30, 2018 | Concatenating unsanitized user input in the `whereis` npm module < 0.4.1 allowed an attacker to execute arbitrary commands. The `whereis` module is deprecated and it is recommended to use the `which` npm module instead. | |
| CVE-2018-9066 | Hig | 0.57 | 8.8 | 0.02 | Jul 30, 2018 | In Lenovo xClarity Administrator versions earlier than 2.1.0, an authenticated LXCA user can, under specific circumstances, inject additional parameters into a specific web API call which can result in privileged command execution within LXCA's underlying operating system. | ||
| CVE-2017-7481 | — | Cri | 0.57 | 9.8 | 0.05 | Jul 19, 2018 | Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By… | |
| CVE-2018-0394 | Hig | 0.57 | 8.8 | 0.02 | Jul 18, 2018 | A vulnerability in the web upload function of Cisco Cloud Services Platform 2100 could allow an authenticated, remote attacker to obtain restricted shell access on an affected system. The vulnerability is due to insufficient input validation of parameters passed to a specific… | ||
| CVE-2018-0387 | Hig | 0.57 | 8.8 | 0.03 | Jul 18, 2018 | A vulnerability in Cisco Webex Teams (for Windows and macOS) could allow an unauthenticated, remote attacker to execute arbitrary code on the user's device, possibly with elevated privileges. The vulnerability occurs because Cisco Webex Teams does not properly sanitize input. An… | ||
| CVE-2018-0345 | Hig | 0.57 | 8.8 | 0.03 | Jul 18, 2018 | A vulnerability in the configuration and management database of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the vmanage user in the configuration management system of the affected software. The… | ||
| CVE-2018-14361 | Cri | 0.57 | 9.8 | 0.03 | Jul 17, 2018 | An issue was discovered in NeoMutt before 2018-07-16. nntp.c proceeds even if memory allocation fails for messages data. | ||
| CVE-2018-14351 | Cri | 0.57 | 9.8 | 0.03 | Jul 17, 2018 | An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a long IMAP status mailbox literal count size. | ||
| CVE-2018-14349 | Cri | 0.57 | 9.8 | 0.03 | Jul 17, 2018 | An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a NO response without a message. |
- risk 0.57cvss 8.8epss 0.04
upc.exe in Ubisoft Uplay Desktop Client versions 63.0.5699.0 allows remote attackers to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the…
- risk 0.57cvss 8.8epss 0.02
On F5 WebSafe Alert Server 1.0.0-4.2.6, a malicious, authenticated user can execute code on the alert server by using a maliciously crafted payload.
- risk 0.57cvss 8.8epss 0.02
In certain cases, BEx Web Java Runtime Export Web Service in SAP NetWeaver BI 7.30, 7.31. 7.40, 7.41, 7.50, does not sufficiently validate an XML document accepted from an untrusted source.
- risk 0.57cvss 8.8epss 0.03
A flaw was found in RPC request using gfs2_create_req in glusterfs server. An authenticated attacker could use this flaw to create arbitrary files and execute arbitrary code on glusterfs server nodes.
- risk 0.57cvss 8.8epss 0.03
A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server. An authenticated attacker could use this flaw to write files to an arbitrary location via path traversal and execute arbitrary code on a glusterfs server node.
- risk 0.57cvss 9.8epss 0.02
apps/filemanager/handlers/upload/drop.php in Elefant CMS 2.0.3 performs a urldecode step too late in the "Cannot upload executable files" protection mechanism.
- risk 0.57cvss 8.8epss 0.01
An authenticated attacker with low privileges can activate high privileged user and use it to expand attack surface in Eltex ESP-200 firmware version 1.2.0.
- risk 0.57cvss 8.8epss 0.01
Aruba ClearPass prior to 6.6.9 has a vulnerability in the API that helps to coordinate cluster actions. An authenticated user with the "mon" permission could use this vulnerability to obtain cluster credentials which could allow privilege escalation. This vulnerability is only…
- risk 0.57cvss 8.8epss 0.03
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- risk 0.57cvss 8.8epss 0.03
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- risk 0.57cvss 8.8epss 0.04
This vulnerability allows remote attackers to execute arbitrary code in SeedDMS (formerly LetoDMS and MyDMS) before 5.1.8 by adding a system command at the end of the "cacheDir" path and following usage of the "Clear Cache" functionality. This allows an authenticated attacker,…
- risk 0.57cvss 9.8epss 0.03
Concatenating unsanitized user input in the `whereis` npm module < 0.4.1 allowed an attacker to execute arbitrary commands. The `whereis` module is deprecated and it is recommended to use the `which` npm module instead.
- risk 0.57cvss 8.8epss 0.02
In Lenovo xClarity Administrator versions earlier than 2.1.0, an authenticated LXCA user can, under specific circumstances, inject additional parameters into a specific web API call which can result in privileged command execution within LXCA's underlying operating system.
- risk 0.57cvss 9.8epss 0.05
Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By…
- risk 0.57cvss 8.8epss 0.02
A vulnerability in the web upload function of Cisco Cloud Services Platform 2100 could allow an authenticated, remote attacker to obtain restricted shell access on an affected system. The vulnerability is due to insufficient input validation of parameters passed to a specific…
- risk 0.57cvss 8.8epss 0.03
A vulnerability in Cisco Webex Teams (for Windows and macOS) could allow an unauthenticated, remote attacker to execute arbitrary code on the user's device, possibly with elevated privileges. The vulnerability occurs because Cisco Webex Teams does not properly sanitize input. An…
- risk 0.57cvss 8.8epss 0.03
A vulnerability in the configuration and management database of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the vmanage user in the configuration management system of the affected software. The…
- risk 0.57cvss 9.8epss 0.03
An issue was discovered in NeoMutt before 2018-07-16. nntp.c proceeds even if memory allocation fails for messages data.
- risk 0.57cvss 9.8epss 0.03
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a long IMAP status mailbox literal count size.
- risk 0.57cvss 9.8epss 0.03
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a NO response without a message.