Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-15 | CVE-2020-28898 | Improper Input Validation vulnerability in Resourcexpress 4.9K In QED ResourceXpress through 4.9k, a large numeric or alphanumeric value submitted in specific URL parameters causes a server error in script execution due to insufficient input validation. | 5.3 |
| 2021-04-13 | CVE-2021-23279 | Improper Input Validation vulnerability in Eaton products Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated arbitrary file delete vulnerability induced due to improper input validation in meta_driver_srv.js class with saveDriverData action using invalidated driverID. | 10.0 |
| 2021-04-13 | CVE-2021-0400 | Improper Input Validation vulnerability in Google Android 10.0/11.0/9.0 In injectBestLocation and handleUpdateLocation of GnssLocationProvider.java, there is a possible incorrect reporting of location data to emergency services due to improper input validation. | 5.5 |
| 2021-04-12 | CVE-2021-21393 | Improper Input Validation vulnerability in multiple products Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). | 6.5 |
| 2021-04-12 | CVE-2021-21394 | Improper Input Validation vulnerability in multiple products Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). | 6.5 |
| 2021-04-08 | CVE-2021-1480 | Improper Input Validation vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated privileges on an affected system. | 7.8 |
| 2021-04-08 | CVE-2021-1459 | Improper Input Validation vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. | 9.8 |
| 2021-04-08 | CVE-2021-1137 | Improper Input Validation vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated privileges on an affected system. | 7.8 |
| 2021-04-07 | CVE-2020-11237 | Improper Input Validation vulnerability in Qualcomm products Memory crash when accessing histogram type KPI input received due to lack of check of histogram definition before accessing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile | 7.8 |
| 2021-04-06 | CVE-2021-29136 | Improper Input Validation vulnerability in multiple products Open Container Initiative umoci before 0.4.7 allows attackers to overwrite arbitrary host paths via a crafted image that causes symlink traversal when "umoci unpack" or "umoci raw unpack" is used. | 5.5 |