CWE-175 - Improper Handling of Mixed Encoding

Home/CWEs/CWE info/

CWE-175

Abstraction:
Variant

Structure:
Simple

Status:
Draft

Weakness Name: Improper Handling of Mixed Encoding

Description: The product does not properly handle when the same input uses several different (mixed) encodings.

Common Consequences: Scope: Integrity
Impact: Unexpected State

Related Weaknesses: CWE-172Encoding Error

Release Date:
2006-07-19

Latest Modification Date:
2023-06-29

Top Security News

Truist Bank confirms breach after stolen data shows up on hacking forum

Massive PSAUX ransomware attack targets 22,000 CyberPanel instances

Millions of Synology NAS devices vulnerable to zero-click attacks (CVE-2024-10443)

Microsoft SharePoint RCE bug exploited to breach corporate network

Google patches actively exploited Android vulnerability (CVE-2024-43093)

VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware

Download: CIS Critical Security Controls v8.1

CISA proposes new security requirements to protect govt, personal data

Common Alerts

LowInformation Disclosure - Sensitive Information in Browser localStorage

MediumEmails Found in the Viewstate

LowCookie Without Secure Flag

LowHash Disclosure - MD4 / MD5

LowTimestamp Disclosure - Unix

HighXML External Entity Attack

LowX-Debug-Token Information Leak

LowCookie No HttpOnly Flag

InformationalSec-Fetch-User Header is Missing

LowCSP: X-Content-Security-Policy

Latest CVE List

CVE-2024-5910 Palo Alto Expedition Missing Authentication Vulnerability

CVE-2024-43093 Android Framework Privilege Escalation Vulnerability

CVE-2024-51567 CyberPanel Incorrect Default Permissions Vulnerability

CVE-2019-16278 Nostromo nhttpd Directory Traversal Vulnerability

CVE-2024-8957 PTZOptics PT30X-SDI/NDI Cameras OS Command Injection Vulnerability

CVE-2024-8956 PTZOptics PT30X-SDI/NDI Cameras Authentication Bypass Vulnerability

CVE-2024-20481 Cisco ASA and FTD Denial-of-Service Vulnerability

CVE-2024-37383 RoundCube Webmail Cross-Site Scripting (XSS) Vulnerability

CVE-2024-47575 Fortinet FortiManager Missing Authentication Vulnerability

CVE-2024-38094 Microsoft SharePoint Deserialization Vulnerability

Common CWEs

CWE-694 Use of Multiple Resources with Duplicate Identifier

LowCWE-749 Exposed Dangerous Method or Function

CWE-1084 Invokable Control Element with Excessive File or Data Access Operations

LowCWE-407 Inefficient Algorithmic Complexity

MediumCWE-468 Incorrect Pointer Scaling

CWE-81 Improper Neutralization of Script in an Error Message Web Page

CWE-1265 Unintended Reentrant Invocation of Non-reentrant Code Via Nested Calls

CWE-304 Missing Critical Step in Authentication

MediumCWE-374 Passing Mutable Objects to an Untrusted Method

CWE-534 DEPRECATED: Information Exposure Through Debug Log Files

Free security scan for your website

Don't show website scan report rating on the leaderboard

CWE-175 - Improper Handling of Mixed Encoding

The product does not properly handle when the same input uses several different (mixed) encodings.