Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-02 | CVE-2018-13371 | Improper Input Validation vulnerability in Fortinet Fortios An external control of system vulnerability in FortiOS may allow an authenticated, regular user to change the routing settings of the device via connecting to the ZebOS component. | 8.8 |
| 2020-04-01 | CVE-2020-10204 | Improper Input Validation vulnerability in Sonatype Nexus Sonatype Nexus Repository before 3.21.2 allows Remote Code Execution. | 7.2 |
| 2020-03-31 | CVE-2020-4214 | Improper Input Validation vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to arbitrary delete a directory caused by improper validation of user-supplied input. | 7.5 |
| 2020-03-30 | CVE-2020-10374 | Improper Input Validation vulnerability in Paessler Prtg Network Monitor A webserver component in Paessler PRTG Network Monitor 19.2.50 to PRTG 20.1.56 allows unauthenticated remote command execution via a crafted POST request or the what parameter of the screenshot function in the Contact Support form. | 9.8 |
| 2020-03-30 | CVE-2020-5255 | Improper Input Validation vulnerability in Sensiolabs Symfony In Symfony before versions 4.4.7 and 5.0.7, when a `Response` does not contain a `Content-Type` header, affected versions of Symfony can fallback to the format defined in the `Accept` header of the request, leading to a possible mismatch between the response's content and `Content-Type` header. | 4.3 |
| 2020-03-25 | CVE-2020-10885 | Improper Input Validation vulnerability in Tp-Link Ac1750 Firmware 190726 This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. | 9.8 |
| 2020-03-25 | CVE-2020-2168 | Improper Input Validation vulnerability in Jenkins Azure Container Service Jenkins Azure Container Service Plugin 1.0.1 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability. | 8.8 |
| 2020-03-25 | CVE-2020-2167 | Improper Input Validation vulnerability in Jenkins Openshift Pipeline Jenkins OpenShift Pipeline Plugin 1.0.56 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability. | 8.8 |
| 2020-03-25 | CVE-2020-2166 | Improper Input Validation vulnerability in Jenkins Pipeline: AWS Steps Jenkins Pipeline: AWS Steps Plugin 1.40 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability. | 8.8 |
| 2020-03-25 | CVE-2020-5555 | Improper Input Validation vulnerability in Shihonkanri Plus Goout Project Shihonkanri Plus Goout 1.5.8/2.2.10 Shihonkanri Plus GOOUT Ver1.5.8 and Ver2.2.10 allows remote attackers to read and write data of the files placed in the same directory where it is placed via unspecified vector due to the improper input validation issue. | 9.1 |