Vulnerabilities > Improper Input Validation

DATE CVE VULNERABILITY TITLE RISK
2022-11-30 CVE-2022-4186 Improper Input Validation vulnerability in Google Chrome
Insufficient validation of untrusted input in Downloads in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass Downloads restrictions via a crafted HTML page.
network
low complexity
google CWE-20
4.3
2022-11-30 CVE-2022-4188 Improper Input Validation vulnerability in Google Chrome
Insufficient validation of untrusted input in CORS in Google Chrome on Android prior to 108.0.5359.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
network
low complexity
google CWE-20
4.3
2022-11-29 CVE-2022-4033 Improper Input Validation vulnerability in Expresstech Quiz and Survey Master
The Quiz and Survey Master plugin for WordPress is vulnerable to input validation bypass via the 'question[id]' parameter in versions up to, and including, 8.0.4 due to insufficient input validation that allows attackers to inject content other than the specified value (i.e.
network
low complexity
expresstech CWE-20
5.3
2022-11-28 CVE-2022-38900 Improper Input Validation vulnerability in Decode-Uri-Component Project Decode-Uri-Component 0.2.0
decode-uri-component 0.2.0 is vulnerable to Improper Input Validation resulting in DoS.
network
low complexity
decode-uri-component-project CWE-20
7.5
2022-11-25 CVE-2022-39338 Improper Input Validation vulnerability in Nextcloud Openid Connect User Backend
user_oidc is an OpenID Connect user backend for Nextcloud.
network
low complexity
nextcloud CWE-20
5.4
2022-11-24 CVE-2022-40266 Improper Input Validation vulnerability in Mitsubishielectric products
Improper Input Validation vulnerability in Mitsubishi Electric GOT2000 Series GT27 model FTP server versions 01.39.000 and prior, Mitsubishi Electric GOT2000 Series GT25 model FTP server versions 01.39.000 and prior and Mitsubishi Electric GOT2000 Series GT23 model FTP server versions 01.39.000 and prior allows a remote authenticated attacker to cause a Denial of Service condition by sending specially crafted command.
network
low complexity
mitsubishielectric CWE-20
6.5
2022-11-21 CVE-2022-3388 Improper Input Validation vulnerability in ABB Microscada PRO Sys600 9.3/9.4
An input validation vulnerability exists in the Monitor Pro interface of MicroSCADA Pro and MicroSCADA X SYS600.
local
low complexity
abb CWE-20
7.8
2022-11-21 CVE-2022-45470 Improper Input Validation vulnerability in Apache Hama
** UNSUPPORTED WHEN ASSIGNED ** missing input validation in Apache Hama may cause information disclosure through path traversal and XSS.
network
low complexity
apache CWE-20
7.5
2022-11-19 CVE-2022-31607 Improper Input Validation vulnerability in Nvidia Cloud Gaming Guest and GPU Display Driver
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where a local user with basic capabilities can cause improper input validation, which may lead to denial of service, escalation of privileges, data tampering, and limited information disclosure.
local
low complexity
nvidia CWE-20
7.8
2022-11-18 CVE-2022-41888 Improper Input Validation vulnerability in Google Tensorflow
TensorFlow is an open source platform for machine learning.
network
low complexity
google CWE-20
7.5