Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-07 | CVE-2020-16227 | Improper Input Validation vulnerability in Deltaww Tpeditor Delta Electronics TPEditor Versions 1.97 and prior. | 7.8 |
| 2020-08-06 | CVE-2020-16215 | Improper Input Validation vulnerability in Advantech Webaccess/Hmi Designer 2.1/2.1.9.31 Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. | 7.8 |
| 2020-08-06 | CVE-2020-7459 | Improper Input Validation vulnerability in Freebsd 11.3/11.4/12.1 In FreeBSD 12.1-STABLE before r362166, 12.1-RELEASE before p8, 11.4-STABLE before r362167, 11.4-RELEASE before p2, and 11.3-RELEASE before p12, missing length validation code common to mulitple USB network drivers allows a malicious USB device to write beyond the end of an allocated network packet buffer. | 6.8 |
| 2020-08-05 | CVE-2020-8607 | Improper Input Validation vulnerability in Trendmicro products An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. | 6.7 |
| 2020-08-03 | CVE-2020-5771 | Improper Input Validation vulnerability in Teltonika-Networks Trb245 Firmware 00.02.04.01 Improper Input Validation in Teltonika firmware TRB2_R_00.02.04.01 allows a remote, authenticated attacker to gain root privileges by uploading a malicious backup archive. | 7.5 |
| 2020-08-03 | CVE-2020-16272 | Improper Input Validation vulnerability in KEE Keepassrpc The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0 is missing validation for a client-provided parameter, which allows remote attackers to read and modify data in the KeePass database via an A=0 WebSocket connection. | 9.1 |
| 2020-07-31 | CVE-2020-3383 | Improper Input Validation vulnerability in Cisco Data Center Network Manager A vulnerability in the archive utility of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. | 8.8 |
| 2020-07-31 | CVE-2020-3375 | Improper Input Validation vulnerability in Cisco IOS XE Sd-Wan and Sd-Wan A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. | 9.8 |
| 2020-07-29 | CVE-2020-15099 | Improper Input Validation vulnerability in Typo3 In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.20, and greater than or equal to 10.0.0 and less than 10.4.6, in a case where an attacker manages to generate a valid cryptographic message authentication code (HMAC-SHA1) - either by using a different existing vulnerability or in case the internal encryptionKey was exposed - it is possible to retrieve arbitrary files of a TYPO3 installation. | 8.1 |
| 2020-07-23 | CVE-2020-7518 | Improper Input Validation vulnerability in Schneider-Electric Easergy Builder 1.4.7.2 A CWE-20: Improper input validation vulnerability exists in Easergy Builder (Version 1.4.7.2 and older) which could allow an attacker to modify project configuration files. | 7.5 |