CWE-242
AllowedUse of Inherently Dangerous Function
Abstraction: Base · Status: Draft
The product calls a function that can never be guaranteed to work safely.
19 vulnerabilities reference this CWE, most recent first.
GHSA-2VGX-XV4F-3VM9
Vulnerability from github – Published: 2024-12-06 21:30 – Updated: 2024-12-06 21:30Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses an inherently dangerous function which could allow an attacker to send a malicious MQTT message resulting in devices executing arbitrary OS commands.
{
"affected": [],
"aliases": [
"CVE-2024-52324"
],
"database_specific": {
"cwe_ids": [
"CWE-242"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-06T19:15:13Z",
"severity": "CRITICAL"
},
"details": "Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses an inherently dangerous function which could allow an attacker to send a malicious MQTT message resulting in devices executing arbitrary OS commands.",
"id": "GHSA-2vgx-xv4f-3vm9",
"modified": "2024-12-06T21:30:39Z",
"published": "2024-12-06T21:30:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52324"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-338-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-78QC-93VM-F29V
Vulnerability from github – Published: 2025-05-09 00:30 – Updated: 2025-05-09 00:30IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the gets function.
{
"affected": [],
"aliases": [
"CVE-2025-1331"
],
"database_specific": {
"cwe_ids": [
"CWE-242"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-08T22:15:18Z",
"severity": "HIGH"
},
"details": "IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1\u00a0could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the gets function.",
"id": "GHSA-78qc-93vm-f29v",
"modified": "2025-05-09T00:30:34Z",
"published": "2025-05-09T00:30:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1331"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7232923"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7232924"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7GPM-F37J-R77G
Vulnerability from github – Published: 2022-05-24 19:19 – Updated: 2022-05-24 19:19The affected application uses specific functions that could be abused through a crafted project file, which could lead to code execution, system reboot, and system shutdown.
{
"affected": [],
"aliases": [
"CVE-2021-42543"
],
"database_specific": {
"cwe_ids": [
"CWE-242"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-11-05T16:15:00Z",
"severity": "HIGH"
},
"details": "The affected application uses specific functions that could be abused through a crafted project file, which could lead to code execution, system reboot, and system shutdown.",
"id": "GHSA-7gpm-f37j-r77g",
"modified": "2022-05-24T19:19:49Z",
"published": "2022-05-24T19:19:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42543"
},
{
"type": "WEB",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-308-02"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-FPXX-JV2F-8CF9
Vulnerability from github – Published: 2023-09-07 15:30 – Updated: 2024-04-04 07:32ColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (and earlier) are impacted by an Use of Inherently Dangerous Function vulnerability that can lead to a security feature bypass??. An authenticated attacker could leverage this vulnerability to access and manipulate arbitrary data on the environment.
{
"affected": [],
"aliases": [
"CVE-2021-40698"
],
"database_specific": {
"cwe_ids": [
"CWE-242"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-09-07T13:15:07Z",
"severity": "HIGH"
},
"details": "ColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (and earlier) are impacted by an Use of Inherently Dangerous Function vulnerability that can lead to a security feature bypass??. An authenticated attacker could leverage this vulnerability to access and manipulate arbitrary data on the environment. ",
"id": "GHSA-fpxx-jv2f-8cf9",
"modified": "2024-04-04T07:32:36Z",
"published": "2023-09-07T15:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-40698"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/coldfusion/apsb21-75.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-HXHJ-HP9M-QWC4
Vulnerability from github – Published: 2017-11-29 23:21 – Updated: 2023-01-23 17:38The private_address_check ruby gem before 0.4.0 is vulnerable to a bypass due to use of Ruby's Resolv.getaddresses method, which is OS-dependent and should not be relied upon for security measures, such as when used to blacklist private network addresses to prevent server-side request forgery.
{
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "private_address_check"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.4.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2017-0904"
],
"database_specific": {
"cwe_ids": [
"CWE-242"
],
"github_reviewed": true,
"github_reviewed_at": "2020-06-16T21:41:23Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "The private_address_check ruby gem before 0.4.0 is vulnerable to a bypass due to use of Ruby\u0027s `Resolv.getaddresses` method, which is OS-dependent and should not be relied upon for security measures, such as when used to blacklist private network addresses to prevent server-side request forgery.",
"id": "GHSA-hxhj-hp9m-qwc4",
"modified": "2023-01-23T17:38:44Z",
"published": "2017-11-29T23:21:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-0904"
},
{
"type": "WEB",
"url": "https://github.com/jtdowney/private_address_check/issues/1"
},
{
"type": "WEB",
"url": "https://github.com/jtdowney/private_address_check/commit/58a0d7fe31de339c0117160567a5b33ad82b46af"
},
{
"type": "WEB",
"url": "https://hackerone.com/reports/287245"
},
{
"type": "WEB",
"url": "https://hackerone.com/reports/287835"
},
{
"type": "WEB",
"url": "https://edoverflow.com/2017/ruby-resolv-bug"
}
],
"schema_version": "1.4.0",
"severity": [],
"summary": "private_address_check vulnerable to bypass of Resolv.getaddresses method"
}
GHSA-J666-4GR9-R4Q4
Vulnerability from github – Published: 2025-08-26 18:31 – Updated: 2025-08-26 18:31IBM Cognos Command Center 10.2.4.1 and 10.2.5
could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the BinaryFormatter function.
{
"affected": [],
"aliases": [
"CVE-2025-1994"
],
"database_specific": {
"cwe_ids": [
"CWE-242"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-26T17:15:36Z",
"severity": "HIGH"
},
"details": "IBM Cognos Command Center 10.2.4.1 and 10.2.5 \n\n\n\ncould allow a local user to execute arbitrary code on the system due to the use of unsafe use of the BinaryFormatter function.",
"id": "GHSA-j666-4gr9-r4q4",
"modified": "2025-08-26T18:31:15Z",
"published": "2025-08-26T18:31:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1994"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7242159"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-JHJH-GHWX-6H7R
Vulnerability from github – Published: 2019-01-17 13:56 – Updated: 2024-09-24 20:48modulemd 1.3.1 and earlier uses an unsafe function for processing externally provided data, leading to remote code execution.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "modulemd"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.3.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2017-1002157"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-242"
],
"github_reviewed": true,
"github_reviewed_at": "2020-06-16T21:43:31Z",
"nvd_published_at": "2019-01-10T21:29:00Z",
"severity": "CRITICAL"
},
"details": "modulemd 1.3.1 and earlier uses an unsafe function for processing externally provided data, leading to remote code execution.",
"id": "GHSA-jhjh-ghwx-6h7r",
"modified": "2024-09-24T20:48:00Z",
"published": "2019-01-17T13:56:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1002157"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/modulemd/PYSEC-2019-153.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/xsuchy/modulemd"
},
{
"type": "WEB",
"url": "https://pagure.io/modulemd/issue/55"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "modulemd uses an unsafe function for processing externally provided data"
}
GHSA-JM5F-GPFQ-Q9H3
Vulnerability from github – Published: 2026-05-14 15:31 – Updated: 2026-07-06 15:30Use of inherently dangerous function PQfn(..., result_is_int=0, ...) in PostgreSQL libpq lo_export(), lo_read(), lo_lseek64(), and lo_tell64() functions allows the server superuser to overwrite a client stack buffer with an arbitrarily-large response. Like gets(), PQfn(..., result_is_int=0, ...) stores arbitrary-length, server-determined data into a buffer of unspecified size. Because both the \lo_export command in psql and pg_dump call lo_read(), the server superuser can overwrite pg_dump or psql stack memory. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.
{
"affected": [],
"aliases": [
"CVE-2026-6477"
],
"database_specific": {
"cwe_ids": [
"CWE-120",
"CWE-242"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-14T14:16:25Z",
"severity": "HIGH"
},
"details": "Use of inherently dangerous function PQfn(..., result_is_int=0, ...) in PostgreSQL libpq lo_export(), lo_read(), lo_lseek64(), and lo_tell64() functions allows the server superuser to overwrite a client stack buffer with an arbitrarily-large response. Like gets(), PQfn(..., result_is_int=0, ...) stores arbitrary-length, server-determined data into a buffer of unspecified size. Because both the \\lo_export command in psql and pg_dump call lo_read(), the server superuser can overwrite pg_dump or psql stack memory. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.",
"id": "GHSA-jm5f-gpfq-q9h3",
"modified": "2026-07-06T15:30:36Z",
"published": "2026-05-14T15:31:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6477"
},
{
"type": "WEB",
"url": "https://www.postgresql.org/support/security/CVE-2026-6477"
},
{
"type": "WEB",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-6477.json"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477442"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2026-6477"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:35880"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:34363"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:34362"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:34043"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:33497"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:33441"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:32994"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:32983"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:29953"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:29904"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:29815"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:29212"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:28037"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:27743"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:27742"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:27741"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:27738"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:27718"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:26561"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:26525"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:26524"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:26204"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:26203"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:26181"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:22878"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:21182"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-M868-6R8G-X6R5
Vulnerability from github – Published: 2025-06-17 21:32 – Updated: 2025-06-17 21:32A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability.
{
"affected": [],
"aliases": [
"CVE-2025-49215"
],
"database_specific": {
"cwe_ids": [
"CWE-242",
"CWE-89"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-17T21:15:39Z",
"severity": "HIGH"
},
"details": "A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on affected installations. \n\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability.",
"id": "GHSA-m868-6r8g-x6r5",
"modified": "2025-06-17T21:32:31Z",
"published": "2025-06-17T21:32:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49215"
},
{
"type": "WEB",
"url": "https://success.trendmicro.com/en-US/solution/KA-0019928"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-372"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-58
Identify a list of prohibited API functions and prohibit developers from using these functions, providing safer alternatives. In some cases, automatic code analysis tools or the compiler can be instructed to spot use of prohibited functions, such as the "banned.h" include file from Microsoft's SDL. [REF-554] [REF-1009] [REF-7]
Mitigation
Use grep or static analysis tools to spot usage of dangerous functions.
No CAPEC attack patterns related to this CWE.