Vulnerabilities > Improper Input Validation

DATE CVE VULNERABILITY TITLE RISK
2020-03-14 CVE-2020-10567 Improper Input Validation vulnerability in Tecrail Responsive Filemanager
An issue was discovered in Responsive Filemanager through 9.14.0.
network
low complexity
tecrail CWE-20
critical
9.8
2020-03-12 CVE-2020-0567 Improper Input Validation vulnerability in Intel Graphics Driver
Improper input validation in Intel(R) Graphics Drivers before version 26.20.100.7212 may allow an authenticated user to enable denial of service via local access.
local
low complexity
intel CWE-20
5.5
2020-03-12 CVE-2020-0526 Improper Input Validation vulnerability in Intel products
Improper input validation in firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-20
6.7
2020-03-12 CVE-2018-19516 Improper Input Validation vulnerability in KDE Applications
messagepartthemes/default/defaultrenderer.cpp in messagelib in KDE Applications before 18.12.0 does not properly restrict the handling of an http-equiv="REFRESH" value.
network
low complexity
kde CWE-20
5.3
2020-03-12 CVE-2020-0808 Improper Input Validation vulnerability in Microsoft products
An elevation of privilege vulnerability exists in the way the Provisioning Runtime validates certain file operations, aka 'Provisioning Runtime Elevation of Privilege Vulnerability'.
local
low complexity
microsoft CWE-20
7.8
2020-03-12 CVE-2020-7253 Improper Input Validation vulnerability in Mcafee Agent
Improper access control vulnerability in masvc.exe in McAfee Agent (MA) prior to 5.6.4 allows local users with administrator privileges to disable self-protection via a McAfee supplied command-line utility.
local
low complexity
mcafee CWE-20
4.4
2020-03-11 CVE-2020-5203 Improper Input Validation vulnerability in Fatfreeframework Fat-Free Framework 3.7.1
In Fat-Free Framework 3.7.1, attackers can achieve arbitrary code execution if developers choose to pass user controlled input (e.g., $_REQUEST, $_GET, or $_POST) to the framework's Clear method.
network
low complexity
fatfreeframework CWE-20
critical
9.8
2020-03-10 CVE-2020-6202 Improper Input Validation vulnerability in SAP Netweaver Application Server Java
SAP NetWeaver Application Server Java (User Management Engine), versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; does not sufficiently validate the LDAP data source configuration XML document accepted from an untrusted source, leading to Missing XML Validation.
network
low complexity
sap CWE-20
7.2
2020-03-10 CVE-2020-0041 Improper Input Validation vulnerability in Google Android
In binder_transaction of binder.c, there is a possible out of bounds write due to an incorrect bounds check.
local
low complexity
google CWE-20
7.8
2020-03-10 CVE-2019-7589 Improper Input Validation vulnerability in Johnsoncontrols Entrapass 7.60
A vulnerability with the SmartService API Service option exists whereby an unauthorized user could potentially exploit this to upload malicious code to the server that could be executed at system level privileges.
network
low complexity
johnsoncontrols CWE-20
critical
9.8