Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-14 | CVE-2020-0617 | Improper Input Validation vulnerability in Microsoft products A denial of service vulnerability exists when Microsoft Hyper-V Virtual PCI on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Hyper-V Denial of Service Vulnerability'. | 6.0 |
| 2020-01-14 | CVE-2020-0606 | Improper Input Validation vulnerability in Microsoft .Net Core and .Net Framework A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'. | 8.8 |
| 2020-01-14 | CVE-2020-0605 | Improper Input Validation vulnerability in Microsoft .Net Core and .Net Framework A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'. | 8.8 |
| 2020-01-14 | CVE-2018-1002104 | Improper Input Validation vulnerability in Kubernetes Nginx Ingress Controller Versions < 1.5 of the Kubernetes ingress default backend, which handles invalid ingress traffic, exposed prometheus metrics publicly. | 5.3 |
| 2020-01-14 | CVE-2011-3203 | Improper Input Validation vulnerability in Jcow CMS 4.2/5.2 A Code Execution vulnerability exists the attachment parameter to index.php in Jcow CMS 4.x to 4.2 and 5.2 to 5.2. | 9.8 |
| 2020-01-14 | CVE-2020-6304 | Improper Input Validation vulnerability in SAP products Improper input validation in SAP NetWeaver Internet Communication Manager (update provided in KRNL32NUC & KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT KRNL64NUC & KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49 KERNEL 7.21, 7.49, 7.53) allows an attacker to prevent users from accessing its services through a denial of service. | 7.5 |
| 2020-01-14 | CVE-2015-3150 | Improper Input Validation vulnerability in Redhat Automatic BUG Reporting Tool abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to delete or change the ownership of arbitrary files via the problem directory argument to the (1) ChownProblemDir, (2) DeleteElement, or (3) DeleteProblem method. | 7.1 |
| 2020-01-14 | CVE-2014-2271 | Improper Input Validation vulnerability in multiple products cn.wps.moffice.common.beans.print.CloudPrintWebView in Kingsoft Office 5.3.1, as used in Huawei P2 devices before V100R001C00B043, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and execute arbitrary Java code by leveraging a network position between the client and the registry to block HTTPS traffic. | 8.1 |
| 2020-01-10 | CVE-2012-4603 | Improper Input Validation vulnerability in Citrix Receiver and Xenapp Online Citrix XenApp Online Plug-in for Windows 12.1 and earlier, and Citrix Receiver for Windows 3.2 and earlier could allow remote attackers to execute arbitrary code by convincing a target to open a specially crafted file from an SMB or WebDAV fileserver. | 7.8 |
| 2020-01-10 | CVE-2012-4030 | Improper Input Validation vulnerability in Chamilo LMS Chamilo before 1.8.8.6 does not adequately handle user supplied input by the index.php script, which could allow remote attackers to delete arbitrary files. | 7.5 |