CWE-20— Improper Input Validation
11,434 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-20page 70 of 229
- CVE-2016-9158HIGHCVSS 7.5EG 7.52016-12-17
A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) …
- CVE-2016-9494MEDIUMCVSS 6.5EG 6.52018-07-13
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, are potentially vulnerable to improper input validation. The device's advanced status web page that is linked to from the basic status web page does not …
- CVE-2016-9577HIGHCVSS 7.5EG 8.82018-07-27
A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution.
- CVE-2016-9578HIGHCVSS 7.5EG 7.52018-07-27
A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An attacker able to connect to the SPICE server could send crafted messages which would cause the process to crash.
- CVE-2016-9579MEDIUMCVSS 6.5EG 7.52018-08-01
A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this flaw to cause denial of service by sending a …
- CVE-2016-9587HIGHCVSS 8.1EG 8.12018-04-24
Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts…
- CVE-2016-9606HIGHCVSS 8.1EG 8.12018-03-09
JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, resulting in unmarshalling of potentially untrusted data which could allow an attacker to execute arbitrary code with RESTEasy application permis…
- CVE-2016-9749MEDIUMCVSS 4.0EG 3.32018-11-09
IBM Campaign 9.1.0, 9.1.2, 10.0, and 10.1 could allow an authenticated user with access to the local network to bypass security due to lack of input validation. IBM X-Force ID: 120206.
- CVE-2016-9901CRITICALCVSS 9.8EG 9.82018-06-11
HTML tags received from the Pocket server will be processed without sanitization and any JavaScript code executed will be run in the "about:pocket-saved" (unprivileged) page, giving it access to Pocket's messaging API through HTML injectio…
- CVE-2017-0143HIGHCVSS 8.8EG 9.0⚠ KEV2017-03-17
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote at…
- CVE-2017-0144HIGHCVSS 8.8EG 9.0⚠ KEV2017-03-17
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote at…
- CVE-2017-0145HIGHCVSS 8.8EG 9.0⚠ KEV2017-03-17
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote at…
- CVE-2017-0146HIGHCVSS 8.8EG 9.0⚠ KEV2017-03-17
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote at…
- CVE-2017-0148HIGHCVSS 8.1EG 9.0⚠ KEV2017-03-17
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote at…
- CVE-2017-0366MEDIUMCVSS 5.4EG 5.42018-04-13
Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw allowing to evade SVG filter using default attribute values in DTD declaration.
- CVE-2017-0368MEDIUMCVSS 5.3EG 5.32018-04-13
Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw making rawHTML mode apply to system messages.
- CVE-2017-0370MEDIUMCVSS 5.3EG 5.32018-04-13
Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw were Spam blacklist is ineffective on encoded URLs inside file inclusion syntax's link parameter.
- CVE-2017-0915CRITICALCVSS 9.8EG 9.82018-03-21
Gitlab Community Edition version 10.2.4 is vulnerable to a lack of input validation in the GitlabProjectsImportService resulting in remote code execution.
- CVE-2017-0916CRITICALCVSS 9.8EG 9.82018-03-21
Gitlab Community Edition version 10.3 is vulnerable to a lack of input validation in the system_hook_push queue through web hook component resulting in remote code execution.
- CVE-2017-0917MEDIUMCVSS 6.1EG 6.12018-03-21
Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the CI job component resulting in persistent cross site scripting.
- CVE-2017-0938HIGHCVSS 7.5EG 7.52019-02-12
Denial of Service attack in airMAX < 8.3.2 , airMAX < 6.0.7 and EdgeMAX < 1.9.7 allow attackers to use the Discovery Protocol in amplification attacks.
- CVE-2017-1000391HIGHCVSS 7.3EG 7.32018-01-26
Jenkins versions 2.88 and earlier and 2.73.2 and earlier stores metadata related to 'people', which encompasses actual user accounts, as well as users appearing in SCM, in directories corresponding to the user ID on disk. These directories…
- CVE-2017-1000394HIGHCVSS 7.5EG 7.52018-01-26
Jenkins 2.73.1 and earlier, 2.83 and earlier bundled a version of the commons-fileupload library with the denial-of-service vulnerability known as CVE-2016-3092. The fix for that vulnerability has been backported to the version of the libr…
- CVE-2017-1000397MEDIUMCVSS 5.9EG 5.92018-01-26
Jenkins Maven Plugin 2.17 and earlier bundled a version of the commons-httpclient library with the vulnerability CVE-2012-6153 that incorrectly verified SSL certificates, making it susceptible to man-in-the-middle attacks. Maven Plugin 3.0…
- CVE-2017-1000401LOWCVSS 2.2EG 2.22018-01-26
The Jenkins 2.73.1 and earlier, 2.83 and earlier default form control for passwords and other secrets, <f:password/>, supports form validation (e.g. for API keys). The form validation AJAX requests were sent via GET, which could result in …
- CVE-2017-1000402MEDIUMCVSS 5.9EG 5.92018-01-26
Jenkins Swarm Plugin Client 3.4 and earlier bundled a version of the commons-httpclient library with the vulnerability CVE-2012-6153 that incorrectly verified SSL certificates, making it susceptible to man-in-the-middle attacks.
- CVE-2017-1000423CRITICALCVSS 9.8EG 9.82018-01-02
b2evolution version 6.6.0 - 6.8.10 is vulnerable to input validation (backslash and single quote escape) in basic install functionality resulting in unauthenticated attacker gaining PHP code execution on the victim's setup.
- CVE-2017-1000469CRITICALCVSS 9.8EG 9.82018-01-03
Cobbler version up to 2.8.2 is vulnerable to a command injection vulnerability in the "add repo" component resulting in arbitrary code execution as root user.
- CVE-2017-1000600HIGHCVSS 8.8EG 8.82018-09-06
WordPress version <4.9 contains a CWE-20 Input Validation vulnerability in thumbnail processing that can result in remote code execution. This attack appears to be exploitable via thumbnail upload by an authenticated user and may require a…
- CVE-2017-1002157CRITICALCVSS 9.8EG 9.82019-01-10
modulemd 1.3.1 and earlier uses an unsafe function for processing externally provided data, leading to remote code execution.
- CVE-2017-1081HIGHCVSS 7.5EG 7.52018-04-10
In FreeBSD before 11.0-STABLE, 11.0-RELEASE-p10, 10.3-STABLE, and 10.3-RELEASE-p19, ipfilter using "keep state" or "keep frags" options can cause a kernel panic when fed specially crafted packet fragments due to incorrect memory handling.
- CVE-2017-1082HIGHCVSS 7.5EG 7.52018-09-12
In FreeBSD 11.x before 11.1-RELEASE and 10.x before 10.4-RELEASE, the qsort algorithm has a deterministic recursion pattern. Feeding a pathological input to the algorithm can lead to excessive stack usage and potential overflow. Applicatio…
- CVE-2017-11357CRITICALCVSS 9.8EG 9.8⚠ KEV2017-08-23
Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code.
- CVE-2017-11740HIGHCVSS 8.8EG 8.82019-05-23
In Zoho ManageEngine Application Manager 13.1 Build 13100, the administrative user has the ability to upload files/binaries that can be executed upon the occurrence of an alarm. An attacker can abuse this functionality by uploading a malic…
- CVE-2017-12070HIGHCVSS 8.8EG 8.82018-06-14
Unsigned versions of the DLLs distributed by the OPC Foundation may be replaced with malicious code.
- CVE-2017-12088HIGHCVSS 8.6EG 7.52018-04-05
An exploitable denial of service vulnerability exists in the Ethernet functionality of the Allen Bradley Micrologix 1400 Series B FRN 21.2 and below. A specially crafted packet can cause a device power cycle resulting in a fault state and …
- CVE-2017-12124MEDIUMCVSS 6.5EG 7.52018-05-14
An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in the web server crashing. An attacker …
- CVE-2017-12148HIGHCVSS 8.4EG 7.22018-07-27
A flaw was found in Ansible Tower's interface before 3.1.5 and 3.2.0 with SCM repositories. If a Tower project (SCM repository) definition does not have the 'delete before update' flag set, an attacker with commit access to the upstream pl…
- CVE-2017-12171MEDIUMCVSS 6.5EG 6.52018-07-26
A regression was found in the Red Hat Enterprise Linux 6.9 version of httpd 2.2.15-60, causing comments in the "Allow" and "Deny" configuration lines to be parsed incorrectly. A web administrator could unintentionally allow any client to a…
- CVE-2017-12173MEDIUMCVSS 4.3EG 8.82018-07-27
It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cach…
- CVE-2017-12176CRITICALCVSS 9.8EG 9.82018-01-24
xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
- CVE-2017-12178CRITICALCVSS 9.8EG 9.82018-01-24
xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
- CVE-2017-12180CRITICALCVSS 9.8EG 9.82018-01-24
xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
- CVE-2017-12181CRITICALCVSS 9.8EG 9.82018-01-24
xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
- CVE-2017-12182CRITICALCVSS 9.8EG 9.82018-01-24
xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
- CVE-2017-12183CRITICALCVSS 9.8EG 9.82018-01-24
xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
- CVE-2017-12184CRITICALCVSS 9.8EG 9.82018-01-24
xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
- CVE-2017-12185CRITICALCVSS 9.8EG 9.82018-01-24
xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
- CVE-2017-12186CRITICALCVSS 9.8EG 9.82018-01-24
xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
- CVE-2017-12187CRITICALCVSS 9.8EG 9.82018-01-24
xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
Map vulnerabilities like CWE-20 to your infrastructure
EchelonGraph correlates every CVE — across CWE-20 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →