Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-27 | CVE-2020-3846 | Improper Input Validation vulnerability in Apple products A buffer overflow was addressed with improved size validation. | 8.8 |
| 2020-02-27 | CVE-2020-3839 | Improper Input Validation vulnerability in Apple mac OS X A validation issue was addressed with improved input sanitization. | 5.5 |
| 2020-02-26 | CVE-2020-3172 | Improper Input Validation vulnerability in Cisco Firepower Extensible Operating System A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. | 8.8 |
| 2020-02-26 | CVE-2020-3170 | Improper Input Validation vulnerability in Cisco Nx-Os A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. | 5.3 |
| 2020-02-26 | CVE-2020-3166 | Improper Input Validation vulnerability in Cisco Firepower Threat Defense A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on the underlying operating system (OS). | 6.7 |
| 2020-02-26 | CVE-2019-19992 | Improper Input Validation vulnerability in Seling Visual Access Manager 4.15.0/4.29.0 An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. | 6.5 |
| 2020-02-24 | CVE-2020-4212 | Improper Input Validation vulnerability in IBM Spectrum Protect 10.1.0/10.1.5 IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. | 9.8 |
| 2020-02-20 | CVE-2015-4410 | Improper Input Validation vulnerability in multiple products The Moped::BSON::ObjecId.legal? method in rubygem-moped before commit dd5a7c14b5d2e466f7875d079af71ad19774609b allows remote attackers to cause a denial of service (worker resource consumption) or perform a cross-site scripting (XSS) attack via a crafted string. | 7.5 |
| 2020-02-20 | CVE-2014-4657 | Improper Input Validation vulnerability in Redhat Ansible The safe_eval function in Ansible before 1.5.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions. | 9.8 |
| 2020-02-20 | CVE-2015-2923 | Improper Input Validation vulnerability in Freebsd The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD through 10.1 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message. | 6.5 |