VYPR

CWE-20

Improper Input Validation

ClassStableLikelihood: High

Description

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-101 · CAPEC-104 · CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-120 · CAPEC-13 · CAPEC-135 · CAPEC-136 · CAPEC-14 · CAPEC-153 · CAPEC-182 · CAPEC-209 · CAPEC-22 · CAPEC-23 · CAPEC-230 · CAPEC-231 · CAPEC-24 · CAPEC-250 · CAPEC-261 · CAPEC-267 · CAPEC-28 · CAPEC-3 · CAPEC-31 · CAPEC-42 · CAPEC-43 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-473 · CAPEC-52 · CAPEC-53 · CAPEC-588 · CAPEC-63 · CAPEC-64 · CAPEC-664 · CAPEC-67 · CAPEC-7 · CAPEC-71 · CAPEC-72 · CAPEC-73 · CAPEC-78 · CAPEC-79 · CAPEC-8 · CAPEC-80 · CAPEC-81 · CAPEC-83 · CAPEC-85 · CAPEC-88 · CAPEC-9

CVEs mapped to this weakness (8,003)

page 68 of 401
  • CVE-2018-6777HigFeb 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In Jiangmin Antivirus 16.0.0.100, the driver file (KVFG.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x220400.

  • CVE-2018-6776HigFeb 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9A00813C.

  • CVE-2018-6775HigFeb 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x990081C8.

  • CVE-2018-6774HigFeb 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9A008088.

  • CVE-2018-6773HigFeb 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9A008084.

  • CVE-2018-6772HigFeb 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x99008208.

  • CVE-2018-6771HigFeb 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x99008224.

  • CVE-2018-6770HigFeb 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x99008210.

  • CVE-2018-6769HigFeb 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x99008020.

  • CVE-2018-6768HigFeb 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9A008090.

  • CVE-2018-6633HigFeb 5, 2018
    risk 0.51cvss 7.8epss 0.00

    In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80000038.

  • CVE-2018-6632HigFeb 5, 2018
    risk 0.51cvss 7.8epss 0.00

    In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80000110.

  • CVE-2018-6631HigFeb 5, 2018
    risk 0.51cvss 7.8epss 0.00

    In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110009.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80000170.

  • CVE-2018-6630HigFeb 5, 2018
    risk 0.51cvss 7.8epss 0.00

    In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8000014c.

  • CVE-2018-6629HigFeb 5, 2018
    risk 0.51cvss 7.8epss 0.00

    In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80000118.

  • CVE-2018-6628HigFeb 5, 2018
    risk 0.51cvss 7.8epss 0.00

    In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8000010c.

  • CVE-2018-6627HigFeb 5, 2018
    risk 0.51cvss 7.8epss 0.00

    In WatchDog Anti-Malware 2.74.186.150, the driver file (ZAMGUARD32.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80002054.

  • CVE-2018-6626HigFeb 5, 2018
    risk 0.51cvss 7.8epss 0.00

    In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80000035.

  • CVE-2018-6625HigFeb 5, 2018
    risk 0.51cvss 7.8epss 0.00

    In WatchDog Anti-Malware 2.74.186.150, the driver file (ZAMGUARD32.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80002010.

  • CVE-2018-6525HigFeb 2, 2018
    risk 0.51cvss 7.8epss 0.00

    In nProtect AVS V4.0 before 4.0.0.39, the driver file (TKFsAv.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x220458.