Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-29 | CVE-2023-41266 | Improper Input Validation vulnerability in Qlik Sense A path traversal vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows an unauthenticated remote attacker to generate an anonymous session. | 6.5 |
| 2023-08-28 | CVE-2023-27604 | Improper Input Validation vulnerability in Apache Airflow Sqoop Provider Apache Airflow Sqoop Provider, versions before 4.0.0, is affected by a vulnerability that allows an attacker pass parameters with the connections, which makes it possible to implement RCE attacks via ‘sqoop import --connect’, obtain airflow server permissions, etc. | 8.8 |
| 2023-08-25 | CVE-2023-40797 | Improper Input Validation vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn In Tenda AC23 v16.03.07.45_cn, the sub_4781A4 function does not validate the parameters entered by the user, resulting in a post-authentication stack overflow vulnerability. | 8.8 |
| 2023-08-25 | CVE-2023-40798 | Improper Input Validation vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn In Tenda AC23 v16.03.07.45_cn, the formSetIPv6status and formGetWanParameter functions do not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability. | 8.8 |
| 2023-08-25 | CVE-2023-40800 | Improper Input Validation vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn The compare_parentcontrol_time function does not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn. | 8.8 |
| 2023-08-25 | CVE-2023-40801 | Improper Input Validation vulnerability in Tenda Ac23 The sub_451784 function does not validate the parameters entered by the user, resulting in a stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn | 8.8 |
| 2023-08-24 | CVE-2023-3704 | Improper Input Validation vulnerability in Cpplusworld products The vulnerability exists in CP-Plus DVR due to an improper input validation within the web-based management interface of the affected products. | 5.3 |
| 2023-08-23 | CVE-2023-20168 | Improper Input Validation vulnerability in Cisco Nx-Os 10.2(5)/9.3(11) A vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software could allow an unauthenticated, local attacker to cause an affected device to unexpectedly reload. | 6.5 |
| 2023-08-23 | CVE-2023-20169 | Improper Input Validation vulnerability in Cisco Nx-Os 10.3(2) A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco NX-OS Software for the Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the IS-IS process to unexpectedly restart, which could cause an affected device to reload. This vulnerability is due to insufficient input validation when parsing an ingress IS-IS packet. | 7.4 |
| 2023-08-20 | CVE-2023-4435 | Improper Input Validation vulnerability in Hamza417 Inure Improper Input Validation in GitHub repository hamza417/inure prior to build88. | 5.5 |