Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-04 | CVE-2020-8125 | Improper Input Validation vulnerability in Klona Project Klona 1.0.0/1.1.0 Flaw in input validation in npm package klona version 1.1.0 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using klona. | 9.8 |
| 2020-02-04 | CVE-2020-8124 | Improper Input Validation vulnerability in Url-Parse Project Url-Parse Insufficient validation and sanitization of user input exists in url-parse npm package version 1.4.4 and earlier may allow attacker to bypass security checks. | 5.3 |
| 2020-02-04 | CVE-2020-8122 | Improper Input Validation vulnerability in Nextcloud Server A missing check in Nextcloud Server 14.0.3 could give recipient the possibility to extend the expiration date of a share they received. | 4.3 |
| 2020-02-04 | CVE-2019-15624 | Improper Input Validation vulnerability in multiple products Improper Input Validation in Nextcloud Server 15.0.7 allows group admins to create users with IDs of system folders. | 4.9 |
| 2020-01-31 | CVE-2014-8126 | Improper Input Validation vulnerability in Wisc Htcondor The scheduler in HTCondor before 8.2.6 allows remote authenticated users to execute arbitrary code. | 8.8 |
| 2020-01-31 | CVE-2016-2031 | Improper Input Validation vulnerability in multiple products Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a malicious user to bypass security restrictions, obtain sensitive information, perform unauthorized actions and execute arbitrary code. | 9.8 |
| 2020-01-30 | CVE-2020-8095 | Improper Input Validation vulnerability in Bitdefender Total Security 2020 24.0.12.69/24.0.20.116 A vulnerability in the improper handling of junctions before deletion in Bitdefender Total Security 2020 can allow an attacker to to trigger a denial of service on the affected device. | 5.5 |
| 2020-01-30 | CVE-2020-3147 | Improper Input Validation vulnerability in Cisco products A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2020-01-30 | CVE-2020-8445 | Improper Input Validation vulnerability in Ossec In OSSEC-HIDS 2.7 through 3.5.0, the OS_CleanMSG function in ossec-analysisd doesn't remove or encode terminal control characters or newlines from processed log messages. | 9.8 |
| 2020-01-28 | CVE-2020-5215 | Improper Input Validation vulnerability in Google Tensorflow In TensorFlow before 1.15.2 and 2.0.1, converting a string (from Python) to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the graph mode. | 7.5 |