CWE-20
Improper Input Validation
Description
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-101 · CAPEC-104 · CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-120 · CAPEC-13 · CAPEC-135 · CAPEC-136 · CAPEC-14 · CAPEC-153 · CAPEC-182 · CAPEC-209 · CAPEC-22 · CAPEC-23 · CAPEC-230 · CAPEC-231 · CAPEC-24 · CAPEC-250 · CAPEC-261 · CAPEC-267 · CAPEC-28 · CAPEC-3 · CAPEC-31 · CAPEC-42 · CAPEC-43 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-473 · CAPEC-52 · CAPEC-53 · CAPEC-588 · CAPEC-63 · CAPEC-64 · CAPEC-664 · CAPEC-67 · CAPEC-7 · CAPEC-71 · CAPEC-72 · CAPEC-73 · CAPEC-78 · CAPEC-79 · CAPEC-8 · CAPEC-80 · CAPEC-81 · CAPEC-83 · CAPEC-85 · CAPEC-88 · CAPEC-9
CVEs mapped to this weakness (8,003)
page 71 of 401| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-5085 | Hig | 0.51 | 7.8 | 0.00 | Jan 3, 2018 | In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83002124. | ||
| CVE-2018-5084 | Hig | 0.51 | 7.8 | 0.00 | Jan 3, 2018 | In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8300212C. | ||
| CVE-2018-5083 | Hig | 0.51 | 7.8 | 0.00 | Jan 3, 2018 | In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8300215B. | ||
| CVE-2018-5082 | Hig | 0.51 | 7.8 | 0.00 | Jan 3, 2018 | In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83002128. | ||
| CVE-2018-5081 | Hig | 0.51 | 7.8 | 0.00 | Jan 3, 2018 | In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x830020F0. | ||
| CVE-2018-5080 | Hig | 0.51 | 7.8 | 0.00 | Jan 3, 2018 | In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x830020FC. | ||
| CVE-2018-5079 | Hig | 0.51 | 7.8 | 0.00 | Jan 3, 2018 | In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83002130. | ||
| CVE-2017-13858 | Hig | 0.51 | 7.8 | 0.01 | Dec 25, 2017 | An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app. | ||
| CVE-2017-13848 | Hig | 0.51 | 7.8 | 0.01 | Dec 25, 2017 | An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app. | ||
| CVE-2017-17805 | Hig | 0.51 | 7.8 | 0.00 | Dec 20, 2017 | The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free… | ||
| CVE-2017-14968 | Hig | 0.51 | 7.8 | 0.00 | Dec 20, 2017 | In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x830000c4, a related issue to CVE-2017-17113. | ||
| CVE-2017-14967 | Hig | 0.51 | 7.8 | 0.00 | Dec 20, 2017 | In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x83000080. | ||
| CVE-2017-14966 | Hig | 0.51 | 7.8 | 0.00 | Dec 20, 2017 | In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x830000c0. | ||
| CVE-2017-14965 | Hig | 0.51 | 7.8 | 0.00 | Dec 20, 2017 | In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x830000cc. | ||
| CVE-2017-14964 | Hig | 0.51 | 7.8 | 0.00 | Dec 20, 2017 | In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8300005c. | ||
| CVE-2017-14963 | Hig | 0.51 | 7.8 | 0.00 | Dec 20, 2017 | In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x83000058. | ||
| CVE-2017-17804 | Hig | 0.51 | 7.8 | 0.00 | Dec 20, 2017 | In IKARUS anti.virus 2.16.20, the driver file (ntguard.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83000084. | ||
| CVE-2017-17803 | Hig | 0.51 | 7.8 | 0.00 | Dec 20, 2017 | In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x82736068, a different vulnerability than CVE-2017-17475. | ||
| CVE-2017-17802 | Hig | 0.51 | 7.8 | 0.00 | Dec 20, 2017 | In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8273E080. | ||
| CVE-2017-17801 | Hig | 0.51 | 7.8 | 0.00 | Dec 20, 2017 | In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8273E060. |
- risk 0.51cvss 7.8epss 0.00
In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83002124.
- risk 0.51cvss 7.8epss 0.00
In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8300212C.
- risk 0.51cvss 7.8epss 0.00
In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8300215B.
- risk 0.51cvss 7.8epss 0.00
In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83002128.
- risk 0.51cvss 7.8epss 0.00
In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x830020F0.
- risk 0.51cvss 7.8epss 0.00
In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x830020FC.
- risk 0.51cvss 7.8epss 0.00
In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83002130.
- risk 0.51cvss 7.8epss 0.01
An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app.
- risk 0.51cvss 7.8epss 0.01
An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app.
- risk 0.51cvss 7.8epss 0.00
The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free…
- risk 0.51cvss 7.8epss 0.00
In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x830000c4, a related issue to CVE-2017-17113.
- risk 0.51cvss 7.8epss 0.00
In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x83000080.
- risk 0.51cvss 7.8epss 0.00
In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x830000c0.
- risk 0.51cvss 7.8epss 0.00
In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x830000cc.
- risk 0.51cvss 7.8epss 0.00
In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8300005c.
- risk 0.51cvss 7.8epss 0.00
In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x83000058.
- risk 0.51cvss 7.8epss 0.00
In IKARUS anti.virus 2.16.20, the driver file (ntguard.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83000084.
- risk 0.51cvss 7.8epss 0.00
In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x82736068, a different vulnerability than CVE-2017-17475.
- risk 0.51cvss 7.8epss 0.00
In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8273E080.
- risk 0.51cvss 7.8epss 0.00
In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8273E060.