CWE-20
Improper Input Validation
Description
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-101 · CAPEC-104 · CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-120 · CAPEC-13 · CAPEC-135 · CAPEC-136 · CAPEC-14 · CAPEC-153 · CAPEC-182 · CAPEC-209 · CAPEC-22 · CAPEC-23 · CAPEC-230 · CAPEC-231 · CAPEC-24 · CAPEC-250 · CAPEC-261 · CAPEC-267 · CAPEC-28 · CAPEC-3 · CAPEC-31 · CAPEC-42 · CAPEC-43 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-473 · CAPEC-52 · CAPEC-53 · CAPEC-588 · CAPEC-63 · CAPEC-64 · CAPEC-664 · CAPEC-67 · CAPEC-7 · CAPEC-71 · CAPEC-72 · CAPEC-73 · CAPEC-78 · CAPEC-79 · CAPEC-8 · CAPEC-80 · CAPEC-81 · CAPEC-83 · CAPEC-85 · CAPEC-88 · CAPEC-9
CVEs mapped to this weakness (8,003)
page 397 of 401| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-4466 | 0.00 | — | 0.01 | Aug 31, 2006 | Joomla! before 1.0.11 does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to have an unspecified impact. NOTE: it could be argued that this vulnerability… | |||
| CVE-2006-4468 | 0.00 | — | 0.02 | Aug 31, 2006 | Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to unvalidated input, allow attackers to have an unknown impact via unspecified vectors involving the (1) mosMail, (2) JosIsValidEmail, and (3) josSpoofValue functions; (4) the lack of inclusion of… | |||
| CVE-2006-3633 | 0.00 | — | 0.03 | Jul 27, 2006 | OSSP shiela 1.1.5 and earlier allows remote authenticated users to execute arbitrary commands on the CVS server via shell metacharacters in a filename that is committed. | |||
| CVE-2006-2920 | 0.00 | — | 0.01 | Jun 9, 2006 | Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote attackers to bypass the URI check functionality and makes it easier to conduct phishing attacks via a URI that begins with a space character. | |||
| CVE-2006-2782 | 0.00 | — | 0.02 | Jun 2, 2006 | Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which allows remote attackers to read arbitrary files by inserting the target filename into a text box, then turning that box into a file upload control. | |||
| CVE-2006-2759 | 0.00 | — | 0.01 | Jun 2, 2006 | jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary script source code via a capital P in the .jsp extension, and probably other mixed case manipulations. | |||
| CVE-2006-1858 | 0.00 | — | 0.06 | May 22, 2006 | SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a chunk length that is inconsistent with the actual length of provided parameters. | |||
| CVE-2006-1528 | 0.00 | — | 0.00 | May 18, 2006 | Linux kernel before 2.6.13 allows local users to cause a denial of service (crash) via a dio transfer from the sg driver to memory mapped (mmap) IO space. | |||
| CVE-2006-1957 | 0.00 | — | 0.02 | Apr 21, 2006 | The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote attackers to cause a denial of service (disk consumption and possibly web-server outage) via multiple requests with different values of the feed parameter. | |||
| CVE-2006-0744 | 0.00 | — | 0.00 | Apr 18, 2006 | Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kernel exception handler to run on the user stack with the wrong GS. | |||
| CVE-2006-1729 | 0.00 | — | 0.02 | Apr 14, 2006 | Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2)… | |||
| CVE-2006-1721 | 0.00 | — | 0.02 | Apr 11, 2006 | digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer (SASL) library 2.1.18, and possibly other versions before 2.1.21, allows remote unauthenticated attackers to cause a denial of service (segmentation fault) via malformed inputs in DIGEST-MD5 negotiation. | |||
| CVE-2006-1522 | 0.00 | — | 0.00 | Apr 10, 2006 | The sys_add_key function in the keyring code in Linux kernel 2.6.16.1 and 2.6.17-rc1, and possibly earlier versions, allows local users to cause a denial of service (OOPS) via keyctl requests that add a key to a user key instead of a keyring key, which causes an invalid… | |||
| CVE-2006-1546 | 0.00 | — | 0.06 | Mar 30, 2006 | Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to bypass validation via a request with a 'org.apache.struts.taglib.html.Constants.CANCEL' parameter, which causes the action to be canceled but would not be detected from applications that do not use… | |||
| CVE-2006-0914 | 0.00 | — | 0.01 | Feb 28, 2006 | Bugzilla 2.16.10, 2.17 through 2.18.4, and 2.20 does not properly handle certain characters in the mostfreqthreshold parameter in duplicates.cgi, which allows remote attackers to trigger a SQL error. | |||
| CVE-2006-0298 | 0.00 | — | 0.03 | Feb 2, 2006 | The XML parser in Mozilla Firefox before 1.5.0.1 and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly read sensitive data via unknown attack vectors that trigger an out-of-bounds read. | |||
| CVE-2006-0321 | 0.00 | — | 0.03 | Jan 24, 2006 | fetchmail 6.3.0 and other versions before 6.3.2 allows remote attackers to cause a denial of service (crash) via crafted e-mail messages that cause a free of an invalid pointer when fetchmail bounces the message to the originator or local postmaster. | |||
| CVE-2006-0340 | 0.00 | — | 0.03 | Jan 21, 2006 | Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a… | |||
| CVE-2006-0203 | 0.00 | — | 0.02 | Jan 13, 2006 | membership.asp in Mini-Nuke CMS System 1.8.2 and earlier does not verify the old password when changing a password, which allows remote attackers to change the passwords of other members via a lostpassnew action with a modified x parameter. | |||
| CVE-2005-4846 | 0.00 | — | 0.02 | Dec 31, 2005 | Format string vulnerability in Logger.cc for Spey 0.3.3 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a syslog call. |
- CVE-2006-4466Aug 31, 2006risk 0.00cvss —epss 0.01
Joomla! before 1.0.11 does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to have an unspecified impact. NOTE: it could be argued that this vulnerability…
- CVE-2006-4468Aug 31, 2006risk 0.00cvss —epss 0.02
Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to unvalidated input, allow attackers to have an unknown impact via unspecified vectors involving the (1) mosMail, (2) JosIsValidEmail, and (3) josSpoofValue functions; (4) the lack of inclusion of…
- CVE-2006-3633Jul 27, 2006risk 0.00cvss —epss 0.03
OSSP shiela 1.1.5 and earlier allows remote authenticated users to execute arbitrary commands on the CVS server via shell metacharacters in a filename that is committed.
- CVE-2006-2920Jun 9, 2006risk 0.00cvss —epss 0.01
Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote attackers to bypass the URI check functionality and makes it easier to conduct phishing attacks via a URI that begins with a space character.
- CVE-2006-2782Jun 2, 2006risk 0.00cvss —epss 0.02
Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which allows remote attackers to read arbitrary files by inserting the target filename into a text box, then turning that box into a file upload control.
- CVE-2006-2759Jun 2, 2006risk 0.00cvss —epss 0.01
jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary script source code via a capital P in the .jsp extension, and probably other mixed case manipulations.
- CVE-2006-1858May 22, 2006risk 0.00cvss —epss 0.06
SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a chunk length that is inconsistent with the actual length of provided parameters.
- CVE-2006-1528May 18, 2006risk 0.00cvss —epss 0.00
Linux kernel before 2.6.13 allows local users to cause a denial of service (crash) via a dio transfer from the sg driver to memory mapped (mmap) IO space.
- CVE-2006-1957Apr 21, 2006risk 0.00cvss —epss 0.02
The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote attackers to cause a denial of service (disk consumption and possibly web-server outage) via multiple requests with different values of the feed parameter.
- CVE-2006-0744Apr 18, 2006risk 0.00cvss —epss 0.00
Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kernel exception handler to run on the user stack with the wrong GS.
- CVE-2006-1729Apr 14, 2006risk 0.00cvss —epss 0.02
Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2)…
- CVE-2006-1721Apr 11, 2006risk 0.00cvss —epss 0.02
digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer (SASL) library 2.1.18, and possibly other versions before 2.1.21, allows remote unauthenticated attackers to cause a denial of service (segmentation fault) via malformed inputs in DIGEST-MD5 negotiation.
- CVE-2006-1522Apr 10, 2006risk 0.00cvss —epss 0.00
The sys_add_key function in the keyring code in Linux kernel 2.6.16.1 and 2.6.17-rc1, and possibly earlier versions, allows local users to cause a denial of service (OOPS) via keyctl requests that add a key to a user key instead of a keyring key, which causes an invalid…
- CVE-2006-1546Mar 30, 2006risk 0.00cvss —epss 0.06
Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to bypass validation via a request with a 'org.apache.struts.taglib.html.Constants.CANCEL' parameter, which causes the action to be canceled but would not be detected from applications that do not use…
- CVE-2006-0914Feb 28, 2006risk 0.00cvss —epss 0.01
Bugzilla 2.16.10, 2.17 through 2.18.4, and 2.20 does not properly handle certain characters in the mostfreqthreshold parameter in duplicates.cgi, which allows remote attackers to trigger a SQL error.
- CVE-2006-0298Feb 2, 2006risk 0.00cvss —epss 0.03
The XML parser in Mozilla Firefox before 1.5.0.1 and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly read sensitive data via unknown attack vectors that trigger an out-of-bounds read.
- CVE-2006-0321Jan 24, 2006risk 0.00cvss —epss 0.03
fetchmail 6.3.0 and other versions before 6.3.2 allows remote attackers to cause a denial of service (crash) via crafted e-mail messages that cause a free of an invalid pointer when fetchmail bounces the message to the originator or local postmaster.
- CVE-2006-0340Jan 21, 2006risk 0.00cvss —epss 0.03
Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a…
- CVE-2006-0203Jan 13, 2006risk 0.00cvss —epss 0.02
membership.asp in Mini-Nuke CMS System 1.8.2 and earlier does not verify the old password when changing a password, which allows remote attackers to change the passwords of other members via a lostpassnew action with a modified x parameter.
- CVE-2005-4846Dec 31, 2005risk 0.00cvss —epss 0.02
Format string vulnerability in Logger.cc for Spey 0.3.3 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a syslog call.