Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-21 | CVE-2020-6638 | Improper Input Validation vulnerability in Grin Grin through 2.1.1 has Insufficient Validation. | 7.5 |
| 2020-01-21 | CVE-2015-2784 | Improper Input Validation vulnerability in Papercrop Project Papercrop The papercrop gem before 0.3.0 for Ruby on Rails does not properly handle crop input. | 9.8 |
| 2020-01-21 | CVE-2019-14010 | Improper Input Validation vulnerability in Qualcomm products The device may enter into error state when some tool or application gets failure at 1st buffer map all and performs 2nd buffer map which happens to be at same physical address in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, Nicobar, Rennell, SA6155P, SDM660, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130 | 7.5 |
| 2020-01-16 | CVE-2019-9503 | Improper Input Validation vulnerability in multiple products The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. | 8.3 |
| 2020-01-16 | CVE-2019-11998 | Improper Input Validation vulnerability in HPE Superdome Flex Server Firmware HPE Superdome Flex Server is vulnerable to multiple remote vulnerabilities via improper input validation of administrator commands. | 5.5 |
| 2020-01-16 | CVE-2019-13524 | Improper Input Validation vulnerability in Emerson products GE PACSystems RX3i CPE100/115: All versions prior to R9.85,CPE302/305/310/330/400/410: All versions prior to R9.90,CRU/320 All versions(End of Life) may allow an attacker sending specially manipulated packets to cause the module state to change to halt-mode, resulting in a denial-of-service condition. | 7.5 |
| 2020-01-15 | CVE-2015-6497 | Improper Input Validation vulnerability in Magento The create function in app/code/core/Mage/Catalog/Model/Product/Api/V2.php in Magento Community Edition (CE) before 1.9.2.1 and Enterprise Edition (EE) before 1.14.2.1, when used with PHP before 5.4.24 or 5.5.8, allows remote authenticated users to execute arbitrary PHP code via the productData parameter to index.php/api/v2_soap. | 8.8 |
| 2020-01-15 | CVE-2015-5230 | Improper Input Validation vulnerability in multiple products The DNS packet parsing/generation code in PowerDNS (aka pdns) Authoritative Server 3.4.x before 3.4.6 allows remote attackers to cause a denial of service (crash) via crafted query packets. | 7.5 |
| 2020-01-15 | CVE-2012-1326 | Improper Input Validation vulnerability in Cisco Ironport web Security Appliance 7.5 Cisco IronPort Web Security Appliance up to and including 7.5 does not validate the basic constraints of the certificate authority which could lead to MITM attacks | 7.4 |
| 2020-01-15 | CVE-2012-0334 | Improper Input Validation vulnerability in Cisco Ironport web Security Appliance 7.5 Cisco IronPort Web Security Appliance AsyncOS software prior to 7.5 has a SSL Certificate Caching vulnerability which could allow man-in-the-middle attacks | 6.4 |