Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-13 | CVE-2020-3327 | Improper Input Validation vulnerability in multiple products A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. | 7.5 |
| 2020-05-12 | CVE-2020-6248 | Improper Input Validation vulnerability in SAP Adaptive Server Enterprise Backup Server 16.0 SAP Adaptive Server Enterprise (Backup Server), version 16.0, does not perform the necessary validation checks for an authenticated user while executing DUMP or LOAD command allowing arbitrary code execution or Code Injection. | 7.2 |
| 2020-05-11 | CVE-2020-10058 | Improper Input Validation vulnerability in Zephyrproject Zephyr 2.1.0 Multiple syscalls in the Kscan subsystem perform insufficient argument validation, allowing code executing in userspace to potentially gain elevated privileges. | 7.8 |
| 2020-05-11 | CVE-2020-10028 | Improper Input Validation vulnerability in Zephyrproject Zephyr 1.14.0/2.1.0 Multiple syscalls with insufficient argument validation See NCC-ZEP-006 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. | 7.8 |
| 2020-05-08 | CVE-2018-20225 | Improper Input Validation vulnerability in Pypa PIP An issue was discovered in pip (all versions) because it installs the version with the highest version number, even if the user had intended to obtain a private package from a private index. | 7.8 |
| 2020-05-07 | CVE-2020-10971 | Improper Input Validation vulnerability in Wavlink products An issue was discovered on Wavlink Jetstream devices where a crafted POST request can be sent to adm.cgi that will result in the execution of the supplied command if there is an active session at the same time. | 8.8 |
| 2020-05-06 | CVE-2020-12669 | Improper Input Validation vulnerability in Dolibarr core/get_menudiv.php in Dolibarr before 11.0.4 allows remote authenticated attackers to bypass intended access restrictions via a non-alphanumeric menu parameter. | 8.8 |
| 2020-05-06 | CVE-2018-8956 | Improper Input Validation vulnerability in NTP 4.2.8 ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via soofed mode 3 and mode 5 packets. | 5.3 |
| 2020-05-06 | CVE-2020-3307 | Improper Input Validation vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to write arbitrary entries to the log file on an affected device. | 5.3 |
| 2020-05-06 | CVE-2020-3302 | Improper Input Validation vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to overwrite files on the file system of an affected device. | 8.1 |