Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-24 | CVE-2020-3426 | Improper Input Validation vulnerability in Cisco IOS A vulnerability in the implementation of the Low Power, Wide Area (LPWA) subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data or cause a denial of service (DoS) condition. | 9.1 |
| 2020-09-24 | CVE-2020-3393 | Improper Input Validation vulnerability in Cisco IOS XE 16.12.1 A vulnerability in the application-hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. | 7.8 |
| 2020-09-24 | CVE-2020-3390 | Improper Input Validation vulnerability in Cisco IOS XE 16.12.1 A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients of the Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause the device to unexpectedly reload, causing a denial of service (DoS) condition on an affected device. | 7.4 |
| 2020-09-24 | CVE-2020-3359 | Improper Input Validation vulnerability in Cisco IOS XE 16.12.1 A vulnerability in the multicast DNS (mDNS) feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 8.6 |
| 2020-09-24 | CVE-2020-6020 | Improper Input Validation vulnerability in Checkpoint ICA Management Portal Check Point Security Management's Internal CA web management before Jumbo HFAs R80.10 Take 278, R80.20 Take 160, R80.30 Take 210, and R80.40 Take 38, can be manipulated to run commands as a high privileged user or crash, due to weak input validation on inputs by a trusted management administrator. | 6.4 |
| 2020-09-23 | CVE-2020-4324 | Improper Input Validation vulnerability in IBM Security Secret Server IBM Security Secret Server proir to 10.9 could allow a remote attacker to bypass security restrictions, caused by improper input validation. | 4.3 |
| 2020-09-23 | CVE-2019-15289 | Improper Input Validation vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint Multiple vulnerabilities in the video service of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2020-09-23 | CVE-2019-15959 | Improper Input Validation vulnerability in Cisco Spa500 Series IP Phones Firmware A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate attacker to execute arbitrary commands on the device. | 6.6 |
| 2020-09-23 | CVE-2019-16017 | Improper Input Validation vulnerability in Cisco Unified Customer Voice Portal A vulnerability in the Operations, Administration, Maintenance and Provisioning (OAMP) OpsConsole Server for Cisco Unified Customer Voice Portal (CVP) could allow an authenticated, remote attacker to execute Insecure Direct Object Reference actions on specific pages within the OAMP application. | 6.8 |
| 2020-09-23 | CVE-2019-1947 | Improper Input Validation vulnerability in Cisco Asyncos and Email Security Appliance A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause the CPU utilization to increase to 100 percent, causing a denial of service (DoS) condition on an affected device. | 8.6 |