CWE-20— Improper Input Validation

11,300 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →

CVEs classified under CWE-20page 1 of 226

CVE-1999-0001NONECVSS 0.0EG 0.0
1999-12-30
ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets.
CVE-1999-0265NONECVSS 0.0EG 0.0
1997-01-01
ICMP redirect messages may crash or lock up a host.
CVE-1999-0721NONECVSS 0.0EG 0.0
1999-07-20
Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request.
CVE-1999-0726NONECVSS 0.0EG 0.0
1999-06-30
An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header.
CVE-1999-0867NONECVSS 0.0EG 0.0
1999-08-11
Denial of service in IIS 4.0 via a flood of HTTP requests with malformed headers.
CVE-1999-0918NONECVSS 0.0EG 0.0
1999-07-03
Denial of service in various Windows systems via malformed, fragmented IGMP packets.
CVE-1999-0995NONECVSS 0.0EG 0.0
1999-12-16
Windows NT Local Security Authority (LSA) allows remote attackers to cause a denial of service via malformed arguments to the LsaLookupSids function which looks up the SID, aka "Malformed Security Identifier Request."
CVE-1999-0999NONECVSS 0.0EG 0.0
1999-11-19
Microsoft SQL 7.0 server allows a remote attacker to cause a denial of service via a malformed TDS packet.
CVE-1999-1547NONECVSS 0.0EG 0.0
1999-11-25
Oracle Web Listener 2.1 allows remote attackers to bypass access restrictions by replacing a character in the URL with its HTTP-encoded (hex) equivalent.
CVE-2000-0258HIGHCVSS 7.5EG 7.5
2000-04-12
IIS 4.0 and 5.0 allows remote attackers to cause a denial of service by sending many URLs with a large number of escaped characters, aka the "Myriad Escaped Characters" Vulnerability.
CVE-2000-0380NONECVSS 0.0EG 9.0
2000-04-26
The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string.
CVE-2000-0400NONECVSS 0.0EG 0.0
2000-05-13
The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does not restrict which file types can be downloaded, which allows an attacker to download any type of file to a user's system by encoding it within an email message or news…
CVE-2001-0427NONECVSS 0.0EG 0.0
2001-06-18
Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via a flood of invalid login requests to (1) the SSL service, or (2) the telnet service, which do not properly disconnect the user afte…
CVE-2001-0509NONECVSS 0.0EG 0.0
2001-09-20
Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs.
CVE-2001-0566NONECVSS 0.0EG 0.0
2001-08-14
Cisco Catalyst 2900XL switch allows a remote attacker to create a denial of service via an empty UDP packet sent to port 161 (SNMP) when SNMP is disabled.
CVE-2001-0748NONECVSS 0.0EG 0.0
2001-10-18
Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote attackers to read arbitrary files by prepending several / (slash) characters to the URI.
CVE-2001-1584NONECVSS 0.0EG 0.0
2001-12-31
CardBoard 2.4 greeting card CGI by Michael Barretto allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient field.
CVE-2002-0146NONECVSS 0.0EG 0.0
2002-06-25
fetchmail email client before 5.9.10 does not properly limit the maximum number of messages available, which allows a remote IMAP server to overwrite memory via a message count that exceeds the boundaries of an array.
CVE-2002-1175NONECVSS 0.0EG 0.0
2002-10-11
The getmxrecord function in Fetchmail 6.0.0 and earlier does not properly check the boundary of a particular malformed DNS packet from a malicious DNS server, which allows remote attackers to cause a denial of service (crash) when Fetchmai…
CVE-2002-1358NONECVSS 0.0EG 0.0
2002-12-23
Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol …
CVE-2002-1359NONECVSS 0.0EG 9.0
2002-12-23
Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SS…
CVE-2002-1360NONECVSS 0.0EG 0.0
2002-12-23
Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitr…
CVE-2002-1663NONECVSS 0.0EG 0.0
2002-12-31
The Post_Method function in method.c for Monkey HTTP Daemon before 0.5.1 allows remote attackers to cause a denial of service (crash) via a POST request with an invalid or missing Content-Length header value.
CVE-2002-1874NONECVSS 0.0EG 0.0
2002-12-31
astrocam.cgi in AstroCam 0.9-1-1 through 1.4.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request. NOTE: earlier disclosures stated that the affected versions were 1.7.1 through 2.1.2, but th…
CVE-2002-1979NONECVSS 0.0EG 0.0
2002-12-31
WatchGuard SOHO products running firmware 5.1.6 and earlier, and Vclass/RSSA using 3.2 SP1 and earlier, allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, …
CVE-2002-2228NONECVSS 0.0EG 0.0
2002-12-31
MailScanner before 4.0 5-1 and before 3.2 6-1 allows remote attackers to bypass protection via attachments with a filename with (1) extra leading spaces, (2) extra trailing spaces, or (3) alternate character encodings that cannot be proces…
CVE-2002-2236NONECVSS 0.0EG 0.0
2002-12-31
Format string vulnerability in the awp_log function in apt-www-proxy 0.1 allows remote attackers to execute arbitrary code.
CVE-2002-2237NONECVSS 0.0EG 0.0
2002-12-31
tftp32 TFTP server 2.21 and earlier allows remote attackers to cause a denial of service via a GET request with a DOS device name such as com1 or aux.
CVE-2002-2239NONECVSS 0.0EG 0.0
2002-12-31
The Cisco Optical Service Module (OSM) for the Catalyst 6500 and 7600 series running Cisco IOS 12.1(8)E through 12.1(13.4)E allows remote attackers to cause a denial of service (hang) via a malformed packet.
CVE-2002-2314NONECVSS 0.0EG 0.0
2002-12-31
Mozilla 1.0 allows remote attackers to steal cookies from other domains via a javascript: URL with a leading "//" and ending in a newline, which causes the host/path check to fail.
CVE-2002-2322NONECVSS 0.0EG 0.0
2002-12-31
Ultimate PHP Board (UPB) 1.0b stores the users.dat data file under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords.
CVE-2002-2325NONECVSS 0.0EG 0.0
2002-12-31
The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows remote attackers to cause a denial of service (client crash) via a MIME-encoded email with Content-Type header…
CVE-2002-2328NONECVSS 0.0EG 0.0
2002-12-31
Active Directory in Windows 2000, when supporting Kerberos V authentication and GSSAPI, allows remote attackers to cause a denial of service (hang) via an LDAP client that sets the page length to zero during a large request.
CVE-2002-2329NONECVSS 0.0EG 0.0
2002-12-31
ICQ client 2001b, 2002a and 2002b allows remote attackers to cause a denial of service (CPU consumption or crash) via a message with a large number of emoticons.
CVE-2002-2338NONECVSS 0.0EG 0.0
2002-12-31
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as th…
CVE-2002-2354NONECVSS 0.0EG 0.0
2002-12-31
Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests.
CVE-2002-2365NONECVSS 0.0EG 0.0
2002-12-31
Simple WAIS (SWAIS) 1.11 allows remote attackers to execute arbitrary commands via the shell metacharacters in the search field, as demonstrated using the "|" (pipe) character.
CVE-2002-2371NONECVSS 0.0EG 0.0
2002-12-31
Linksys WET11 firmware 1.31 and 1.32 allows remote attackers to cause a denial of service (crash) via a packet containing the device's hardware address as the source MAC address in the DLC header.
CVE-2002-2393NONECVSS 0.0EG 0.0
2002-12-31
Serv-U FTP server 3.0, 3.1 and 4.0.0.4 does not accept new connections while validating user folder access rights, which allows remote attackers to cause a denial of service (no new connections) via a series of MKD commands.
CVE-2002-2406NONECVSS 0.0EG 0.0
2002-12-31
Buffer overflow in HTTP server in LiteServe 2.0, 2.0.1 and 2.0.2 allows remote attackers to cause a denial of service (hang) via a large number of percent characters (%) in an HTTP GET request.
CVE-2002-2415NONECVSS 0.0EG 0.0
2002-12-31
Allied Telesyn AT-8024 1.3.1 and Rapier 24 switches allow remote authenticated users to cause a denial of service in the management interface via a stream of zero (null) bytes sent via UDP to a running service.
CVE-2002-2420NONECVSS 0.0EG 0.0
2002-12-31
site_searcher.cgi in Super Site Searcher allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter.
CVE-2002-2421NONECVSS 0.0EG 0.0
2002-12-31
acWEB 1.14 allows remote attackers to cause a denial of service (crash) via an HTTP request for a MS-DOS device name such as COM2.
CVE-2002-2423NONECVSS 0.0EG 0.0
2002-12-31
Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 characters, which allows remote attackers to prevent the IP address from being logged via a long IDENT response.
CVE-2002-2428NONECVSS 0.0EG 0.0
2009-02-06
webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an HTTP POST request that contains a Content-Length header but no body data.
CVE-2002-2429NONECVSS 0.0EG 0.0
2009-02-06
webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to cause a denial of service (daemon crash) via an HTTP POST request that contains a negative integer in the Content-Length header.
CVE-2002-2433NONECVSS 0.0EG 0.0
2010-04-05
NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote authenticated users to cause a denial of service (abend) via a crafted ABOR command.
CVE-2002-2443NONECVSS 0.0EG 0.0
2013-05-29
schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption…
CVE-2002-2444CRITICALCVSS 9.8EG 9.8
2019-10-28
Snoopy before 2.0.0 has a security hole in exec cURL
CVE-2003-0367NONECVSS 0.0EG 0.0
2003-07-02
znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files.

Map vulnerabilities like CWE-20 to your infrastructure

EchelonGraph correlates every CVE — across CWE-20 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.

Start Free Scan →