CWE-20

Improper Input Validation

ClassStableLikelihood: High

Description

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Hierarchy (View 1000)

Parents

CWE-707

Children

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-101 · CAPEC-104 · CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-120 · CAPEC-13 · CAPEC-135 · CAPEC-136 · CAPEC-14 · CAPEC-153 · CAPEC-182 · CAPEC-209 · CAPEC-22 · CAPEC-23 · CAPEC-230 · CAPEC-231 · CAPEC-24 · CAPEC-250 · CAPEC-261 · CAPEC-267 · CAPEC-28 · CAPEC-3 · CAPEC-31 · CAPEC-42 · CAPEC-43 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-473 · CAPEC-52 · CAPEC-53 · CAPEC-588 · CAPEC-63 · CAPEC-64 · CAPEC-664 · CAPEC-67 · CAPEC-7 · CAPEC-71 · CAPEC-72 · CAPEC-73 · CAPEC-78 · CAPEC-79 · CAPEC-8 · CAPEC-80 · CAPEC-81 · CAPEC-83 · CAPEC-85 · CAPEC-88 · CAPEC-9

CVEs mapped to this weakness (5,727)

page 94 of 287

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2016-9191	Linux Kernel	Med	0.36	5.5	0.00	Nov 28, 2016	The cgroup offline implementation in the Linux kernel through 4.8.11 mishandles certain drain operations, which allows local users to cause a denial of service (system hang) by leveraging access to a container environment for executing a crafted application, as demonstrated by trinity.
CVE-2016-8650	Linux Kernel	Med	0.36	5.5	0.00	Nov 28, 2016	The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through 4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent.
CVE-2016-4961	—	Med	0.36	5.5	0.00	Nov 8, 2016	For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.
CVE-2016-7796	Red Hat Enterprise Linux Desktop	Med	0.36	5.5	0.00	Oct 13, 2016	The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled.
CVE-2016-7795	Canonical Ubuntu Linux	Med	0.36	5.5	0.00	Oct 13, 2016	The manager_invoke_notify_message function in systemd 231 and earlier allows local users to cause a denial of service (assertion failure and PID 1 hang) via a zero-length message received over a notify socket.
CVE-2016-3920	—	Med	0.36	5.5	0.00	Oct 10, 2016	id3/ID3.cpp in libstagefright in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows remote attackers to cause a denial of service (device hang or reboot) via a crafted file, aka internal bug 30744884.
CVE-2016-4706	Apple Inc. Mac Os X	Med	0.36	5.5	0.00	Sep 25, 2016	cd9660 in Apple OS X before 10.12 allows local users to cause a denial of service via unspecified vectors.
CVE-2015-8932	—	Med	0.36	5.5	0.01	Sep 20, 2016	The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift.
CVE-2016-6197	Oracle Corporation Linux	Med	0.36	5.5	0.00	Aug 6, 2016	fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink.
CVE-2016-3830	—	Med	0.36	5.5	0.00	Aug 5, 2016	codecs/aacdec/SoftAAC2.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows remote attackers to cause a denial of service (device hang or reboot) via crafted ADTS data, aka internal bug 29153599.
CVE-2016-2495	Google Android	Med	0.36	5.5	0.00	Jun 13, 2016	SampleTable.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows remote attackers to cause a denial of service (device hang or reboot) via a crafted file, aka internal bug 28076789.
CVE-2016-4498	Panasonic Fpwin Pro	Med	0.36	5.5	0.00	May 12, 2016	Panasonic FPWIN Pro 5.x through 7.x before 7.130 accesses an uninitialized pointer, which allows local users to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2016-2454	Google Android	Med	0.36	5.5	0.00	May 9, 2016	The Qualcomm hardware video codec in Android before 2016-05-01 on Nexus 5 devices allows remote attackers to cause a denial of service (reboot) via a crafted file, aka internal bug 26221024.
CVE-2015-2672	Linux Kernel	Med	0.36	5.5	0.00	May 2, 2016	The xsave/xrstor implementation in arch/x86/include/asm/xsave.h in the Linux kernel before 3.19.2 creates certain .altinstr_replacement pointers and consequently does not provide any protection against instruction faulting, which allows local users to cause a denial of service (panic) by triggering a fault, as demonstrated by an unaligned memory operand or a non-canonical address memory operand.
CVE-2008-7316	Linux Kernel	Med	0.36	5.5	0.00	May 2, 2016	mm/filemap.c in the Linux kernel before 2.6.25 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers an iovec of zero length, followed by a page fault for an iovec of nonzero length.
CVE-2015-8844	Linux Kernel	Med	0.36	5.5	0.00	Apr 27, 2016	The signal implementation in the Linux kernel before 4.3.5 on powerpc platforms does not check for an MSR with both the S and T bits set, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application.
CVE-2016-2424	Google Android	Med	0.36	5.5	0.00	Apr 18, 2016	server/content/SyncStorageEngine.java in SyncStorageEngine in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 mismanages certain authority data, which allows attackers to cause a denial of service (reboot loop) via a crafted application, aka internal bug 26513719.
CVE-2016-3961	Canonical Ubuntu Linux	Med	0.36	5.5	0.00	Apr 15, 2016	Xen and the Linux kernel through 4.5.x do not properly suppress hugetlbfs support in x86 PV guests, which allows local PV guest OS users to cause a denial of service (guest OS crash) by attempting to access a hugetlbfs mapped area.
CVE-2015-8305	—	Med	0.36	5.5	0.00	Apr 7, 2016	Huawei Sophia-L10 smartphones with software before P7-L10C900B852 allow attackers to cause a denial of service (system panic) via a crafted application with the system or camera privilege.
CVE-2016-1752	Apple Inc. Mac Os X	Med	0.36	5.5	0.00	Mar 24, 2016	The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to cause a denial of service via a crafted app.

CVE-2016-9191MedNov 28, 2016
Linux
Kernel
risk 0.36cvss 5.5epss 0.00
The cgroup offline implementation in the Linux kernel through 4.8.11 mishandles certain drain operations, which allows local users to cause a denial of service (system hang) by leveraging access to a container environment for executing a crafted application, as demonstrated by trinity.
CVE-2016-8650MedNov 28, 2016
Linux
Kernel
risk 0.36cvss 5.5epss 0.00
The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through 4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent.
CVE-2016-4961MedNov 8, 2016
risk 0.36cvss 5.5epss 0.00
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.
CVE-2016-7796MedOct 13, 2016
Red Hat
Enterprise Linux Desktop
risk 0.36cvss 5.5epss 0.00
The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled.
CVE-2016-7795MedOct 13, 2016
Canonical
Ubuntu Linux
risk 0.36cvss 5.5epss 0.00
The manager_invoke_notify_message function in systemd 231 and earlier allows local users to cause a denial of service (assertion failure and PID 1 hang) via a zero-length message received over a notify socket.
CVE-2016-3920MedOct 10, 2016
risk 0.36cvss 5.5epss 0.00
id3/ID3.cpp in libstagefright in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows remote attackers to cause a denial of service (device hang or reboot) via a crafted file, aka internal bug 30744884.
CVE-2016-4706MedSep 25, 2016
Apple Inc.
Mac Os X
risk 0.36cvss 5.5epss 0.00
cd9660 in Apple OS X before 10.12 allows local users to cause a denial of service via unspecified vectors.
CVE-2015-8932MedSep 20, 2016
risk 0.36cvss 5.5epss 0.01
The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift.
CVE-2016-6197MedAug 6, 2016
Oracle Corporation
Linux
risk 0.36cvss 5.5epss 0.00
fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink.
CVE-2016-3830MedAug 5, 2016
risk 0.36cvss 5.5epss 0.00
codecs/aacdec/SoftAAC2.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows remote attackers to cause a denial of service (device hang or reboot) via crafted ADTS data, aka internal bug 29153599.
CVE-2016-2495MedJun 13, 2016
Google
Android
risk 0.36cvss 5.5epss 0.00
SampleTable.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows remote attackers to cause a denial of service (device hang or reboot) via a crafted file, aka internal bug 28076789.
CVE-2016-4498MedMay 12, 2016
Panasonic
Fpwin Pro
risk 0.36cvss 5.5epss 0.00
Panasonic FPWIN Pro 5.x through 7.x before 7.130 accesses an uninitialized pointer, which allows local users to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2016-2454MedMay 9, 2016
Google
Android
risk 0.36cvss 5.5epss 0.00
The Qualcomm hardware video codec in Android before 2016-05-01 on Nexus 5 devices allows remote attackers to cause a denial of service (reboot) via a crafted file, aka internal bug 26221024.
CVE-2015-2672MedMay 2, 2016
Linux
Kernel
risk 0.36cvss 5.5epss 0.00
The xsave/xrstor implementation in arch/x86/include/asm/xsave.h in the Linux kernel before 3.19.2 creates certain .altinstr_replacement pointers and consequently does not provide any protection against instruction faulting, which allows local users to cause a denial of service (panic) by triggering a fault, as demonstrated by an unaligned memory operand or a non-canonical address memory operand.
CVE-2008-7316MedMay 2, 2016
Linux
Kernel
risk 0.36cvss 5.5epss 0.00
mm/filemap.c in the Linux kernel before 2.6.25 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers an iovec of zero length, followed by a page fault for an iovec of nonzero length.
CVE-2015-8844MedApr 27, 2016
Linux
Kernel
risk 0.36cvss 5.5epss 0.00
The signal implementation in the Linux kernel before 4.3.5 on powerpc platforms does not check for an MSR with both the S and T bits set, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application.
CVE-2016-2424MedApr 18, 2016
Google
Android
risk 0.36cvss 5.5epss 0.00
server/content/SyncStorageEngine.java in SyncStorageEngine in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 mismanages certain authority data, which allows attackers to cause a denial of service (reboot loop) via a crafted application, aka internal bug 26513719.
CVE-2016-3961MedApr 15, 2016
Canonical
Ubuntu Linux
risk 0.36cvss 5.5epss 0.00
Xen and the Linux kernel through 4.5.x do not properly suppress hugetlbfs support in x86 PV guests, which allows local PV guest OS users to cause a denial of service (guest OS crash) by attempting to access a hugetlbfs mapped area.
CVE-2015-8305MedApr 7, 2016
risk 0.36cvss 5.5epss 0.00
Huawei Sophia-L10 smartphones with software before P7-L10C900B852 allow attackers to cause a denial of service (system panic) via a crafted application with the system or camera privilege.
CVE-2016-1752MedMar 24, 2016
Apple Inc.
Mac Os X
risk 0.36cvss 5.5epss 0.00
The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to cause a denial of service via a crafted app.