CWE-19(Data Processing Errors)描述一種在漏洞資料庫與安全評估中使用的弱點類型;定義、背景與對應 CVE 見下方各節。
Weaknesses in this category are typically found in functionality that processes data. Data processing is the manipulation of input to retrieve or save information.
下列 CVE 在本庫中對應到該弱點,並保留以便追溯與檢索。
| CVE | 公開時間 | 摘要 |
|---|---|---|
| CVE-2026-28552 | 2026-03-05 | Out-of-bounds write vulnerability in the IMS module. Impact: Successful exploitation of this vulnerability may affect availability. |
| CVE-2026-28539 | 2026-03-05 | Data processing vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| CVE-2025-20311 | 2025-09-24 | A vulnerability in the handling of certain Ethernet frames in Cisco IOS XE Software for Catalyst 9000 Series Switches could allow an unauthenticated, adjacent attacker to cause an egress port to becom… |
| CVE-2023-39395 | 2023-08-13 | Mismatch vulnerability in the serialization process in the communication system. Successful exploitation of this vulnerability may affect availability. |
| CVE-2021-0263 | 2021-04-22 | A Data Processing vulnerability in the Multi-Service process (multi-svcs) on the FPC of Juniper Networks Junos OS on the PTX Series routers may lead to the process becoming unresponsive, ultimately af… |
| CVE-2020-3414 | 2020-09-24 | A vulnerability in the packet processing of Cisco IOS XE Software for Cisco 4461 Integrated Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload, resu… |
| CVE-2020-1651 | 2020-07-17 | On Juniper Networks MX series, receipt of a stream of specific Layer 2 frames may cause a memory leak resulting in the packet forwarding engine (PFE) on the line card to crash and restart, causing tra… |
| CVE-2020-3232 | 2020-06-03 | A vulnerability in the Simple Network Management Protocol (SNMP) implementation in Cisco ASR 920 Series Aggregation Services Router model ASR920-12SZ-IM could allow an authenticated, remote attacker t… |
| CVE-2019-14794 | 2019-08-09 | The Meta Box plugin before 4.16.2 for WordPress mishandles the uploading of files to custom folders. |
| CVE-2019-13917 | 2019-07-25 | Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $loc… |
| CVE-2019-4236 | 2019-07-22 | A IBM Spectrum Protect 7.l client backup or archive operation running for an HP-UX VxFS object is silently skipping Access Control List (ACL) entries from backup or archive if there are more than twel… |
| CVE-2019-13624 | 2019-07-17 | In ONOS 1.15.0, apps/yang/web/src/main/java/org/onosproject/yang/web/YangWebResource.java mishandles backquote characters within strings that can be used in a shell command. |
| CVE-2019-1083 | 2019-07-15 | A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests, aka '.NET Denial of Service Vulnerability'. |
| CVE-2019-0811 | 2019-07-15 | A denial of service vulnerability exists in Windows DNS Server when it fails to properly handle DNS queries, aka 'Windows DNS Server Denial of Service Vulnerability'. |
| CVE-2019-12828 | 2019-06-14 | An issue was discovered in Electronic Arts Origin before 10.5.39. Due to improper sanitization of the origin:// and origin2:// URI schemes, it is possible to inject additional arguments into the Origi… |
| CVE-2019-0941 | 2019-06-12 | A denial of service exists in Microsoft IIS Server when the optional request filtering feature improperly handles requests. An attacker who successfully exploited this vulnerability could perform a te… |
| CVE-2019-9673 | 2019-06-05 | Freenet 1483 has a MIME type bypass that allows arbitrary JavaScript execution via a crafted Freenet URI. |
| CVE-2019-0089 | 2019-05-17 | Improper data sanitization vulnerability in subsystem in Intel(R) SPS before versions SPS_E5_04.00.04.381.0, SPS_E3_04.01.04.054.0, SPS_SoC-A_04.00.04.181.0, and SPS_SoC-X_04.00.04.086.0 may allow a p… |
| CVE-2019-0982 | 2019-05-16 | A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'. |
| CVE-2019-0981 | 2019-05-16 | A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from… |
| 日期 | 名稱 | 版本 | 重要性 | 評論 |
|---|---|---|---|---|
| 2008-09-08 | CWE Content Team | 1.0 | — | updated Relationships |
| 2014-02-18 | CWE Content Team | 2.6 | — | updated Related_Attack_Patterns |
| 2015-12-07 | CWE Content Team | 2.9 | — | updated Relationships |
| 2017-01-19 | CWE Content Team | 2.10 | — | updated Relationships |
| 2017-05-03 | CWE Content Team | 2.11 | — | updated Name, Relationships |
| 2017-11-08 | CWE Content Team | 3.0 | — | updated Related_Attack_Patterns, Relationships |
| 2018-03-27 | CWE Content Team | 3.1 | — | updated Relationships |
| 2019-06-20 | CWE Content Team | 3.3 | — | updated Relationships |
| 2020-02-24 | CWE Content Team | 4.0 | — | updated Description, Relationships |
| 2023-04-27 | CWE Content Team | 4.11 | — | updated Mapping_Notes, Relationships |
| 2023-06-29 | CWE Content Team | 4.12 | — | updated Mapping_Notes |