CWE-20— Improper Input Validation
11,393 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-20page 26 of 228
- CVE-2010-2020NONECVSS 0.0EG 0.02010-05-28
sys/nfsclient/nfs_vfsops.c in the NFS client in the kernel in FreeBSD 7.2 through 8.1-PRERELEASE, when vfs.usermount is enabled, does not validate the length of a certain fhsize parameter, which allows local users to gain privileges via a …
- CVE-2010-2021NONECVSS 0.0EG 0.02012-06-25
Open redirect vulnerability in the Global Redirect module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7.x-1.4 for Drupal, when non-clean to clean is enabled, allows remote attackers to redirect users to arbitrary web sites and conduct phishi…
- CVE-2010-2061HIGHCVSS 7.8EG 7.82019-10-29
rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can be created by an attacker before the daemon is started.
- CVE-2010-2074NONECVSS 0.0EG 0.02010-06-16
istream.c in w3m 0.5.2 and possibly other versions, when ssl_verify_server is enabled, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509 certificat…
- CVE-2010-2075NONECVSS 0.0EG 9.02010-06-15
UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from November 2009 through June 2010, contains an externally introduced modification (Trojan Horse) in the DEBUG3_DOLOG_SYSTEM macro, which allows remote attackers to execute arbit…
- CVE-2010-2078NONECVSS 0.0EG 0.02010-05-25
DataTrack System 3.5 allows remote attackers to list the root directory via a (1) /%u0085/ or (2) /%u00A0/ URI.
- CVE-2010-2079NONECVSS 0.0EG 0.02010-05-25
DataTrack System 3.5 allows remote attackers to bypass intended restrictions on file extensions, and read arbitrary files, via a trailing backslash in a URI, as demonstrated by (1) web.config\ and (2) .ascx\ files.
- CVE-2010-2090NONECVSS 0.0EG 0.02010-05-27
The npb_protocol_error function in sna V5router64 in IBM Communications Server for Windows 6.1.3 and Communications Server for AIX (aka CSAIX or CS/AIX) in sna.rte before 6.3.1.2 allows remote attackers to cause a denial of service (daemon…
- CVE-2010-2115NONECVSS 0.0EG 0.02010-05-28
SolarWinds TFTP Server 10.4.0.10 allows remote attackers to cause a denial of service (no new connections) via a crafted read request.
- CVE-2010-2193NONECVSS 0.0EG 0.02010-06-10
Multiple unspecified vulnerabilities in the CA (1) PSFormX and (2) WebScan ActiveX controls, as distributed on the CA Global Advisor web site until May 2009, allow remote attackers to execute arbitrary code via unknown vectors.
- CVE-2010-2233NONECVSS 0.0EG 0.02010-07-02
tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary c…
- CVE-2010-2236NONECVSS 0.0EG 0.02014-04-15
The monitoring probe display in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN) Satellite 4.0.0 through 4.2.0 and 5.1.0 through 5.3.0, and Proxy 5.3.0, allows remote authenticated users with permissions to administer monitoring p…
- CVE-2010-2243HIGHCVSS 7.5EG 7.52019-11-07
A vulnerability exists in kernel/time/clocksource.c in the Linux kernel before 2.6.34 where on non-GENERIC_TIME systems (GENERIC_TIME=n), accessing /sys/devices/system/clocksource/clocksource0/current_clocksource results in an OOPS.
- CVE-2010-2246NONECVSS 0.0EG 0.02011-05-26
feh before 1.8, when the --wget-timestamp option is enabled, might allow remote attackers to execute arbitrary commands via shell metacharacters in a URL.
- CVE-2010-2248NONECVSS 0.0EG 0.02010-09-07
fs/cifs/cifssmb.c in the CIFS implementation in the Linux kernel before 2.6.34-rc4 allows remote attackers to cause a denial of service (panic) via an SMB response packet with an invalid CountHigh value, as demonstrated by a response from …
- CVE-2010-2251NONECVSS 0.0EG 0.02010-07-06
The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provided filename before determining the destination filename of a download, which allows remote servers to create or overwrite arbitrary files …
- CVE-2010-2252NONECVSS 0.0EG 0.02010-07-06
GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with …
- CVE-2010-2253NONECVSS 0.0EG 0.02010-07-06
lwp-download in libwww-perl before 5.835 does not reject downloads to filenames that begin with a . (dot) character, which allows remote servers to create or overwrite files via (1) a 3xx redirect to a URL with a crafted filename or (2) a …
- CVE-2010-2262NONECVSS 0.0EG 0.02010-06-10
Galileo Students Team Weborf before 0.12.1 allows remote attackers to cause a denial of service (crash) via a crafted Range header.
- CVE-2010-2289NONECVSS 0.0EG 0.02010-06-15
Open redirect vulnerability in dana/home/homepage.cgi in Juniper Networks IVE 6.5R1 (Build 14599) and 6.5R2 (Build 14951) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the Locati…
- CVE-2010-2293NONECVSS 0.0EG 0.02010-06-15
The Ping tools web interface in Dlink Di-604 router allows remote authenticated users to cause a denial of service via a large "ip textfield" size.
- CVE-2010-2295NONECVSS 0.0EG 0.02010-06-15
page/EventHandler.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 does not properly handle a change of the focused frame during the dispatching of keydown, which allows user-assisted remote attackers to redirect keystrokes via …
- CVE-2010-2298NONECVSS 0.0EG 0.02010-06-15
browser/renderer_host/database_dispatcher_host.cc in Google Chrome before 5.0.375.70 on Linux does not properly handle ViewHostMsg_DatabaseOpenFile messages in chroot-based sandboxing, which allows remote attackers to bypass intended sandb…
- CVE-2010-2310NONECVSS 0.0EG 0.02010-06-16
SolarWinds TFTP Server 10.4.0.13 allows remote attackers to cause a denial of service (crash) via a long write request.
- CVE-2010-2327NONECVSS 0.0EG 0.02010-06-18
mod_ibm_ssl in IBM HTTP Server 6.0 before 6.0.2.43, 6.1 before 6.1.0.33, and 7.0 before 7.0.0.11, as used in IBM WebSphere Application Server (WAS) on z/OS, does not properly handle a large HTTP request body in uploading over SSL, which mi…
- CVE-2010-2332NONECVSS 0.0EG 0.02010-06-18
Impact Financials, Inc. Impact PDF Reader 2.0, 1.2, and other versions for iPhone and iPod touch allows remote attackers to cause a denial of service (server crash) via a "..." body in a POST request.
- CVE-2010-2337NONECVSS 0.0EG 0.02010-07-28
Open redirect vulnerability in RSA Federated Identity Manager 4.0 before 4.0.25 and 4.1 before 4.1.26 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unknown vectors.
- CVE-2010-2352NONECVSS 0.0EG 0.02010-06-21
The Node Reference module in Content Construction Kit (CCK) module 5.x before 5.x-1.11 and 6.x before 6.x-2.7 for Drupal does not perform access checks before displaying referenced nodes, which allows remote attackers to read controlled no…
- CVE-2010-2361NONECVSS 0.0EG 0.02010-08-25
Winny 2.0b7.1 and earlier does not properly process BBS information, which has unspecified impact and remote attack vectors that might lead to use of the product's host for DDoS attacks.
- CVE-2010-2362NONECVSS 0.0EG 0.02010-08-25
Winny 2.0b7.1 and earlier does not properly process node information, which has unspecified impact and remote attack vectors that might lead to use of the product's host for DDoS attacks.
- CVE-2010-2435NONECVSS 0.0EG 0.02010-06-24
Weborf HTTP Server 0.12.1 and earlier allows remote attackers to cause a denial of service (crash) via Unicode characters in a Connection HTTP header, and possibly other headers.
- CVE-2010-2446CRITICALCVSS 9.8EG 9.82019-11-06
Rbot Reaction plugin allows command execution
- CVE-2010-2447CRITICALCVSS 9.8EG 9.82019-11-07
gitolite before 1.4.1 does not filter src/ or hooks/ from path names.
- CVE-2010-2449MEDIUMCVSS 6.5EG 6.52019-11-07
Gource through 0.26 logs to a predictable file name (/tmp/gource-$UID.tmp), enabling attackers to overwrite an arbitrary file via a symlink attack.
- CVE-2010-2473MEDIUMCVSS 6.5EG 6.52019-11-07
Drupal 6.x before 6.16 and 5.x before version 5.22 does not properly block users under certain circumstances. A user with an open session that was blocked could maintain their session on the Drupal site despite being blocked.
- CVE-2010-2474NONECVSS 0.0EG 0.02010-08-10
JBoss Enterprise Service Bus (ESB) before 4.7 CP02 in JBoss Enterprise SOA Platform before 5.0.2 does not properly consider the security domain with which a service is secured, which might allow remote attackers to gain privileges by execu…
- CVE-2010-2476CRITICALCVSS 9.8EG 9.82019-11-07
syscp 1.4.2.1 allows attackers to add arbitrary paths via the documentroot of a domain by appending a colon to it and setting the open basedir path to use that domain documentroot.
- CVE-2010-2490MEDIUMCVSS 6.5EG 6.52019-10-31
Mumble: murmur-server has DoS due to malformed client query
- CVE-2010-2505NONECVSS 0.0EG 0.02010-06-28
Soft SaschArt SasCAM Webcam Server 2.6.5, 2.7, and earlier allows remote attackers to cause a denial of service (crash) via a large number of requests with a long line, as demonstrated using a long GET request.
- CVE-2010-2550NONECVSS 0.0EG 0.02010-08-11
The SMB Server in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate fields in an SMB request, which allows remote attackers…
- CVE-2010-2551NONECVSS 0.0EG 0.02010-08-11
The SMB Server in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate an internal variable in an SMB packet, which allows remote attackers to cause a denial of service (syste…
- CVE-2010-2566NONECVSS 0.0EG 0.02010-08-11
The Secure Channel (aka SChannel) security package in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, does not properly validate certificate request messages from TLS and SSL servers, which allows remote servers to execute a…
- CVE-2010-2568HIGHCVSS 7.8EG 9.0⚠ KEV2010-07-22
Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote attackers to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file, which i…
- CVE-2010-2571NONECVSS 0.0EG 0.02010-12-16
Array index error in pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher 97 file, aka "Memory Corruption Due To Invalid Index …
- CVE-2010-2580NONECVSS 0.0EG 0.02010-09-15
The SMTP service (MESMTPC.exe) in MailEnable 3.x and 4.25 does not properly perform a length check, which allows remote attackers to cause a denial of service (crash) via a long (1) email address in the MAIL FROM command, or (2) domain nam…
- CVE-2010-2595NONECVSS 0.0EG 0.02010-07-02
The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF …
- CVE-2010-2596NONECVSS 0.0EG 0.02010-07-02
The OJPEGPostDecode function in tif_ojpeg.c in LibTIFF 3.9.0 and 3.9.2, as used in tiff2ps, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted TIFF image, related to "downsampled OJP…
- CVE-2010-2597NONECVSS 0.0EG 0.02010-07-02
The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image, related to "…
- CVE-2010-2598NONECVSS 0.0EG 0.02010-07-02
LibTIFF in Red Hat Enterprise Linux (RHEL) 3 on x86_64 platforms, as used in tiff2rgba, attempts to process image data even when the required compression functionality is not configured, which allows remote attackers to cause a denial of s…
- CVE-2010-2621NONECVSS 0.0EG 0.02010-07-02
The QSslSocketBackendPrivate::transmit function in src_network_ssl_qsslsocket_openssl.cpp in Qt 4.6.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed request.
Map vulnerabilities like CWE-20 to your infrastructure
EchelonGraph correlates every CVE — across CWE-20 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →