Vulnerabilities > Improper Input Validation

DATE CVE VULNERABILITY TITLE RISK
2023-05-04 CVE-2023-26125 Improper Input Validation vulnerability in Gin-Gonic GIN
Versions of the package github.com/gin-gonic/gin before 1.9.0 are vulnerable to Improper Input Validation by allowing an attacker to use a specially crafted request via the X-Forwarded-Prefix header, potentially leading to cache poisoning. **Note:** Although this issue does not pose a significant threat on its own it can serve as an input vector for other more impactful vulnerabilities.
network
low complexity
gin-gonic CWE-20
7.3
2023-04-26 CVE-2022-25273 Improper Input Validation vulnerability in Drupal
Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation.
network
low complexity
drupal CWE-20
7.5
2023-04-26 CVE-2023-30269 Improper Input Validation vulnerability in Cltphp 6.0
CLTPHP <=6.0 is vulnerable to Improper Input Validation via application/admin/controller/Template.php.
network
low complexity
cltphp CWE-20
8.1
2023-04-24 CVE-2023-29780 Improper Input Validation vulnerability in 3Reality 3Rsb015Bz Firmware 1.00.54
Third Reality Smart Blind 1.00.54 contains a denial-of-service vulnerability, which allows a remote attacker to send malicious Zigbee messages to a vulnerable device and cause crashes.
network
low complexity
3reality CWE-20
7.5
2023-04-20 CVE-2022-29606 Improper Input Validation vulnerability in Opennetworking Onos 2.5.1
An issue was discovered in ONOS 2.5.1.
network
low complexity
opennetworking CWE-20
critical
9.8
2023-04-19 CVE-2023-27043 Improper Input Validation vulnerability in Python
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character.
network
low complexity
python CWE-20
5.3
2023-04-11 CVE-2022-42477 Improper Input Validation vulnerability in Fortinet Fortianalyzer
An improper input validation vulnerability [CWE-20] in FortiAnalyzer version 7.2.1 and below, version 7.0.6 and below, 6.4 all versions may allow an authenticated attacker to disclose file system information via custom dataset SQL queries.
local
low complexity
fortinet CWE-20
5.5
2023-04-10 CVE-2023-26067 Improper Input Validation vulnerability in Lexmark products
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 1 of 4).
network
high complexity
lexmark CWE-20
8.1
2023-04-10 CVE-2023-26068 Improper Input Validation vulnerability in Lexmark products
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 2 of 4).
network
low complexity
lexmark CWE-20
critical
9.8
2023-04-10 CVE-2023-26069 Improper Input Validation vulnerability in Lexmark products
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 3 of 4).
network
low complexity
lexmark CWE-20
critical
9.8