Vulnerabilities > Improper Input Validation

DATE CVE VULNERABILITY TITLE RISK
2020-05-19 CVE-2020-4411 Improper Input Validation vulnerability in IBM Spectrum Scale
The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service vulnerability in its kernel module that could allow an attacker to cause a denial of service condition on the affected system.
local
low complexity
ibm CWE-20
7.1
2020-05-18 CVE-2020-10967 Improper Input Validation vulnerability in Dovecot
In Dovecot before 2.3.10.1, remote unauthenticated attackers can crash the lmtp or submission process by sending mail with an empty localpart.
network
low complexity
dovecot CWE-20
5.3
2020-05-15 CVE-2020-8100 Improper Input Validation vulnerability in Bitdefender Engines
Improper Input Validation vulnerability in the cevakrnl.rv0 module as used in the Bitdefender Engines allows an attacker to trigger a denial of service while scanning a specially-crafted sample.
network
low complexity
bitdefender CWE-20
7.5
2020-05-13 CVE-2020-2011 Improper Input Validation vulnerability in Paloaltonetworks Pan-Os
An improper input validation vulnerability in the configuration daemon of Palo Alto Networks PAN-OS Panorama allows for a remote unauthenticated user to send a specifically crafted registration request to the device that causes the configuration service to crash.
network
low complexity
paloaltonetworks CWE-20
7.5
2020-05-13 CVE-2020-1714 Improper Input Validation vulnerability in multiple products
A flaw was found in Keycloak before version 11.0.0, where the code base contains usages of ObjectInputStream without type checks.
network
low complexity
redhat quarkus CWE-20
8.8
2020-05-13 CVE-2019-15880 Improper Input Validation vulnerability in Freebsd 12.1
In FreeBSD 12.1-STABLE before r356911, and 12.1-RELEASE before p5, insufficient checking in the cryptodev module allocated the size of a kernel buffer based on a user-supplied length allowing an unprivileged process to trigger a kernel panic.
network
low complexity
freebsd CWE-20
critical
9.8
2020-05-13 CVE-2020-12742 Improper Input Validation vulnerability in Iubenda Iubenda-Cookie-Law-Solution
The iubenda-cookie-law-solution plugin before 2.3.5 for WordPress does not restrict URL sanitization to http protocols.
network
low complexity
iubenda CWE-20
6.1
2020-05-13 CVE-2020-3341 Improper Input Validation vulnerability in multiple products
A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
cisco canonical fedoraproject debian CWE-20
7.5
2020-05-13 CVE-2020-3327 Improper Input Validation vulnerability in multiple products
A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
cisco debian fedoraproject canonical CWE-20
7.5
2020-05-12 CVE-2020-6248 Improper Input Validation vulnerability in SAP Adaptive Server Enterprise Backup Server 16.0
SAP Adaptive Server Enterprise (Backup Server), version 16.0, does not perform the necessary validation checks for an authenticated user while executing DUMP or LOAD command allowing arbitrary code execution or Code Injection.
network
low complexity
sap CWE-20
7.2