CWE-1287
AllowedImproper Validation of Specified Type of Input
Abstraction: Base · Status: Incomplete
The product receives input that is expected to be of a certain type, but it does not validate or incorrectly validates that the input is actually of the expected type.
259 vulnerabilities reference this CWE, most recent first.
GHSA-9F2J-V7X5-9JCF
Vulnerability from github – Published: 2024-06-18 15:30 – Updated: 2024-06-18 15:30IBM QRadar Suite Software 1.10.12.0 through 1.10.21.0 and IBM Cloud Pak for Security 1.10.12.0 through 1.10.21.0 could allow an authenticated user to execute certain arbitrary commands due to improper input validation. IBM X-Force ID: 272087.
{
"affected": [],
"aliases": [
"CVE-2023-47726"
],
"database_specific": {
"cwe_ids": [
"CWE-1287"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-18T14:15:10Z",
"severity": "HIGH"
},
"details": "IBM QRadar Suite Software 1.10.12.0 through 1.10.21.0 and IBM Cloud Pak for Security 1.10.12.0 through 1.10.21.0 could allow an authenticated user to execute certain arbitrary commands due to improper input validation. IBM X-Force ID: 272087.",
"id": "GHSA-9f2j-v7x5-9jcf",
"modified": "2024-06-18T15:30:35Z",
"published": "2024-06-18T15:30:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47726"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/272087"
},
{
"type": "WEB",
"url": "https://https://www.ibm.com/support/pages/node/7157750"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-9FX4-733J-XGMG
Vulnerability from github – Published: 2024-05-02 15:30 – Updated: 2024-05-02 15:30IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.20.0 could allow an authenticated user to modify dashboard parameters due to improper input validation. IBM X-Force ID: 272089.
{
"affected": [],
"aliases": [
"CVE-2023-47727"
],
"database_specific": {
"cwe_ids": [
"CWE-1287"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-02T15:15:06Z",
"severity": "MODERATE"
},
"details": "IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.20.0 could allow an authenticated user to modify dashboard parameters due to improper input validation. IBM X-Force ID: 272089.",
"id": "GHSA-9fx4-733j-xgmg",
"modified": "2024-05-02T15:30:35Z",
"published": "2024-05-02T15:30:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47727"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/272089"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7149968"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-9JXQ-5X44-GX23
Vulnerability from github – Published: 2025-02-14 18:03 – Updated: 2025-03-15 20:47Impact
The Keylime registrar implemented more strict type checking on version 7.12.0. As a result, when updated to version 7.12.0, the registrar will not accept the format of the data previously stored in the database by versions >= 7.8.0, raising an exception.
This makes the Keylime registrar vulnerable to a Denial-of-Service attack in an update scenario, as an attacker could populate the registrar database by creating multiple valid agent registrations with different UUIDs while the version is still < 7.12.0. Then, when the Keylime registrar is updated to the 7.12.0 version, any query to the database matching any of the entries populated by the attacker will result in failure.
Patches
Users should upgrade to versions >= 7.12.1
Workarounds
- Remove the registrar database and re-register all agents
Credit
Reported by: Anderson Toshiyuki Sasaki/@ansasaki Patched by: Anderson Toshiyuki Sasaki/@ansasaki
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "keylime"
},
"ranges": [
{
"events": [
{
"introduced": "7.12.0"
},
{
"fixed": "7.12.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"7.12.0"
]
}
],
"aliases": [
"CVE-2025-1057"
],
"database_specific": {
"cwe_ids": [
"CWE-1287",
"CWE-704"
],
"github_reviewed": true,
"github_reviewed_at": "2025-02-14T18:03:14Z",
"nvd_published_at": "2025-03-15T09:15:10Z",
"severity": "MODERATE"
},
"details": "### Impact\nThe Keylime `registrar` implemented more strict type checking on version 7.12.0. As a result, when updated to version 7.12.0, the `registrar` will not accept the format of the data previously stored in the database by versions \u003e= 7.8.0, raising an exception.\n\nThis makes the Keylime `registrar` vulnerable to a Denial-of-Service attack in an update scenario, as an attacker could populate the `registrar` database by creating multiple valid agent registrations with different UUIDs while the version is still \u003c 7.12.0. Then, when the Keylime `registrar` is updated to the 7.12.0 version, any query to the database matching any of the entries populated by the attacker will result in failure.\n\n### Patches\nUsers should upgrade to versions \u003e= 7.12.1\n\n### Workarounds\n- Remove the registrar database and re-register all agents\n\n### Credit\n\nReported by: Anderson Toshiyuki Sasaki/@ansasaki\nPatched by: Anderson Toshiyuki Sasaki/@ansasaki",
"id": "GHSA-9jxq-5x44-gx23",
"modified": "2025-03-15T20:47:38Z",
"published": "2025-02-14T18:03:14Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/keylime/keylime/security/advisories/GHSA-9jxq-5x44-gx23"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1057"
},
{
"type": "WEB",
"url": "https://github.com/keylime/keylime/commit/e08b10d86c3717006774e787542c190e2ba24fc7"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2025-1057"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343894"
},
{
"type": "PACKAGE",
"url": "https://github.com/keylime/keylime"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
],
"summary": "Keylime registrar is vulnerable to Denial-of-Service attack when updated to version 7.12.0"
}
GHSA-9V3G-GWX4-PX97
Vulnerability from github – Published: 2024-11-19 06:30 – Updated: 2024-11-20 03:30Improper Validation of Specified Type of Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET versions 1.100 and later and FX5-ENET/IP versions 1.100 to 1.104 allows a remote attacker to cause a Denial of Service condition in Ethernet communication of the products by sending specially crafted SLMP packets.
{
"affected": [],
"aliases": [
"CVE-2024-8403"
],
"database_specific": {
"cwe_ids": [
"CWE-1287"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-19T06:15:17Z",
"severity": "HIGH"
},
"details": "Improper Validation of Specified Type of Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET versions 1.100 and later and FX5-ENET/IP versions 1.100 to 1.104 allows a remote attacker to cause a Denial of Service condition in Ethernet communication of the products by sending specially crafted SLMP packets.",
"id": "GHSA-9v3g-gwx4-px97",
"modified": "2024-11-20T03:30:29Z",
"published": "2024-11-19T06:30:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8403"
},
{
"type": "WEB",
"url": "https://jvn.jp/vu/JVNVU97790713"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-324-01"
},
{
"type": "WEB",
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-009_en.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9VRQ-3CXG-5MHW
Vulnerability from github – Published: 2025-09-09 03:30 – Updated: 2025-09-09 03:30Due to missing input validation, an attacker with high privilege access to ABAP reports could delete the content of arbitrary database tables, if the tables are not protected by an authorization group. This leads to a high impact on integrity and availability of the database.
{
"affected": [],
"aliases": [
"CVE-2025-42929"
],
"database_specific": {
"cwe_ids": [
"CWE-1287"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-09T02:15:41Z",
"severity": "HIGH"
},
"details": "Due to missing input validation, an attacker with high privilege access to ABAP reports could delete the content of arbitrary database tables, if the tables are not protected by an authorization group. This leads to a high impact on integrity and availability of the database.",
"id": "GHSA-9vrq-3cxg-5mhw",
"modified": "2025-09-09T03:30:19Z",
"published": "2025-09-09T03:30:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-42929"
},
{
"type": "WEB",
"url": "https://me.sap.com/notes/3633002"
},
{
"type": "WEB",
"url": "https://url.sap/sapsecuritypatchday"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C8M2-CX6J-JF7P
Vulnerability from github – Published: 2025-10-13 21:31 – Updated: 2025-10-13 21:31Mattermost Desktop App versions <= 5.13.0 fail to validate URLs external to the configured Mattermost servers, allowing an attacker on a server the user has configured to crash the user's application by sending the user a malformed URL.
{
"affected": [],
"aliases": [
"CVE-2025-58084"
],
"database_specific": {
"cwe_ids": [
"CWE-1287"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-13T20:15:33Z",
"severity": "LOW"
},
"details": "Mattermost Desktop App versions \u003c= 5.13.0 fail to validate URLs external to the configured Mattermost servers, allowing an attacker on a server the user has configured to crash the user\u0027s application by sending the user a malformed URL.",
"id": "GHSA-c8m2-cx6j-jf7p",
"modified": "2025-10-13T21:31:10Z",
"published": "2025-10-13T21:31:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58084"
},
{
"type": "WEB",
"url": "https://mattermost.com/security-updates"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-CHXC-9V7P-7XGG
Vulnerability from github – Published: 2025-09-18 12:30 – Updated: 2025-09-18 12:30Improper Validation of Specified Type of Input vulnerability in ABB FLXEON.A remote code execution is possible due to an improper input validation.
This issue affects FLXEON: through 9.3.5.
{
"affected": [],
"aliases": [
"CVE-2024-48851"
],
"database_specific": {
"cwe_ids": [
"CWE-1287"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-18T12:15:38Z",
"severity": "HIGH"
},
"details": "Improper Validation of Specified Type of Input vulnerability in ABB FLXEON.A remote code execution is possible due to an improper input validation.\n\n\n\n\nThis issue affects FLXEON: through 9.3.5.",
"id": "GHSA-chxc-9v7p-7xgg",
"modified": "2025-09-18T12:30:27Z",
"published": "2025-09-18T12:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-48851"
},
{
"type": "WEB",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A7121\u0026LanguageCode=en\u0026DocumentPartId=pdf\u0026Action=Launch"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-CQGH-JJ7H-J2HC
Vulnerability from github – Published: 2025-11-24 12:30 – Updated: 2025-11-24 12:30An unauthenticated remote attacker can send a specially crafted Modbus read command to the device which leads to a denial of service.
{
"affected": [],
"aliases": [
"CVE-2025-41729"
],
"database_specific": {
"cwe_ids": [
"CWE-1287"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-24T12:15:46Z",
"severity": "HIGH"
},
"details": "An unauthenticated remote attacker can send a specially crafted Modbus read command to the device which leads to a denial of service.",
"id": "GHSA-cqgh-jj7h-j2hc",
"modified": "2025-11-24T12:30:30Z",
"published": "2025-11-24T12:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-41729"
},
{
"type": "WEB",
"url": "https://certvde.com/de/advisories/VDE-2025-094"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CQGQ-FF3F-RJ7R
Vulnerability from github – Published: 2026-05-20 15:35 – Updated: 2026-06-30 03:36Multiple flaws have been identified in named related to the handling of DNS messages whose CLASS is not Internet (IN) — for example, CHAOS or HESIOD, or DNS messages that specify meta-classes (ANY or NONE) in the question section. Specially crafted requests reaching the affected code paths — recursion, dynamic updates (UPDATE), zone change notifications (NOTIFY), or processing of IN-specific record types in non-IN data — can cause assertion failures in named.
This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.
{
"affected": [],
"aliases": [
"CVE-2026-5946"
],
"database_specific": {
"cwe_ids": [
"CWE-1287",
"CWE-20"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-20T13:16:40Z",
"severity": "HIGH"
},
"details": "Multiple flaws have been identified in `named` related to the handling of DNS messages whose CLASS is not Internet (`IN`) \u2014 for example, `CHAOS` or `HESIOD`, or DNS messages that specify meta-classes (`ANY` or `NONE`) in the question section. Specially crafted requests reaching the affected code paths \u2014 recursion, dynamic updates (`UPDATE`), zone change notifications (`NOTIFY`), or processing of `IN`-specific record types in non-`IN` data \u2014 can cause assertion failures in `named`.\nThis issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.",
"id": "GHSA-cqgq-ff3f-rj7r",
"modified": "2026-06-30T03:36:45Z",
"published": "2026-05-20T15:35:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5946"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:20334"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:23360"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:24338"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:24339"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:24367"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:24368"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2026-5946"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479771"
},
{
"type": "WEB",
"url": "https://downloads.isc.org/isc/bind9/9.18.49"
},
{
"type": "WEB",
"url": "https://downloads.isc.org/isc/bind9/9.20.23"
},
{
"type": "WEB",
"url": "https://downloads.isc.org/isc/bind9/9.21.22"
},
{
"type": "WEB",
"url": "https://kb.isc.org/docs/cve-2026-5946"
},
{
"type": "WEB",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5946.json"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-F2G8-QCQC-2HMV
Vulnerability from github – Published: 2025-05-27 09:30 – Updated: 2025-05-27 09:30An unauthenticated remote attacker can exploit input validation in cmd services of the devices, allowing them to disrupt system operations and potentially cause a denial-of-service.
{
"affected": [],
"aliases": [
"CVE-2025-41650"
],
"database_specific": {
"cwe_ids": [
"CWE-1287"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-27T09:15:21Z",
"severity": "HIGH"
},
"details": "An unauthenticated remote attacker can exploit input validation in cmd services of the devices, allowing them to disrupt system operations and potentially cause a denial-of-service.",
"id": "GHSA-f2g8-qcqc-2hmv",
"modified": "2025-05-27T09:30:32Z",
"published": "2025-05-27T09:30:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-41650"
},
{
"type": "WEB",
"url": "https://certvde.com/en/advisories/VDE-2025-044"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-5
Strategy: Input Validation
- Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
- When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
- Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
No CAPEC attack patterns related to this CWE.