Vulnerabilities > Improper Input Validation

DATE CVE VULNERABILITY TITLE RISK
2021-10-08 CVE-2021-41133 Improper Input Validation vulnerability in multiple products
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux.
local
low complexity
flatpak debian fedoraproject CWE-20
4.6
2021-10-06 CVE-2021-25468 Improper Input Validation vulnerability in Google Android 10.0/11.0
A possible guessing and confirming a byte memory vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows attackers to read arbitrary memory address.
local
low complexity
google CWE-20
2.1
2021-10-06 CVE-2021-25489 Improper Input Validation vulnerability in Google Android
Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic.
local
low complexity
google CWE-20
4.9
2021-10-06 CVE-2021-0687 Improper Input Validation vulnerability in Google Android
In ellipsize of Layout.java, there is a possible ANR due to improper input validation.
local
google CWE-20
1.9
2021-10-05 CVE-2021-31987 Improper Input Validation vulnerability in Axis products
A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients.
network
high complexity
axis CWE-20
5.1
2021-10-05 CVE-2021-31988 Improper Input Validation vulnerability in Axis products
A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and Line Feed (CRLF) control characters and include arbitrary SMTP headers in the generated test email.
network
axis CWE-20
6.8
2021-10-04 CVE-2021-21705 Improper Input Validation vulnerability in PHP
In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using URL validation functionality via filter_var() function with FILTER_VALIDATE_URL parameter, an URL with invalid password field can be accepted as valid.
network
low complexity
php CWE-20
5.0
2021-09-30 CVE-2020-18683 Improper Input Validation vulnerability in Atlassian Floodlight
Floodlight through 1.2 has poor input validation in checkFlow in StaticFlowEntryPusherResource.java because of undefined fields mishandling.
network
low complexity
atlassian CWE-20
7.5
2021-09-30 CVE-2020-18685 Improper Input Validation vulnerability in Atlassian Floodlight
Floodlight through 1.2 has poor input validation in checkFlow in StaticFlowEntryPusherResource.java because of unchecked prerequisites related to TCP or UDP ports, or group or table IDs.
network
low complexity
atlassian CWE-20
7.5
2021-09-29 CVE-2021-28547 Improper Input Validation vulnerability in Adobe Creative Cloud Desktop Application
Adobe Creative Cloud Desktop Application for macOS version 5.3 (and earlier) is affected by a privilege escalation vulnerability that could allow a normal user to delete the OOBE directory and get permissions of any directory under the administrator authority.
local
low complexity
adobe CWE-20
4.6