Vulnerabilities > Improper Input Validation

DATE CVE VULNERABILITY TITLE RISK
2024-01-16 CVE-2023-5097 Improper Input Validation vulnerability in Hypr Workforce Access
Improper Input Validation vulnerability in HYPR Workforce Access on Windows allows Path Traversal.This issue affects Workforce Access: before 8.7.
local
low complexity
hypr CWE-20
5.5
2024-01-12 CVE-2024-22027 Improper Input Validation vulnerability in Ays-Pro Quiz Maker
Improper input validation vulnerability in WordPress Quiz Maker Plugin prior to 6.5.0.6 allows a remote authenticated attacker to perform a Denial of Service (DoS) attack against external services.
network
low complexity
ays-pro CWE-20
6.5
2024-01-10 CVE-2023-29446 Improper Input Validation vulnerability in PTC products
An improper input validation vulnerability has been discovered that could allow an adversary to inject a UNC path via a malicious project file.
local
high complexity
ptc CWE-20
4.7
2024-01-02 CVE-2023-33014 Improper Input Validation vulnerability in Qualcomm products
Information disclosure in Core services while processing a Diag command.
low complexity
qualcomm CWE-20
6.8
2024-01-02 CVE-2023-32890 Improper Input Validation vulnerability in Mediatek products
In modem EMM, there is a possible system crash due to improper input validation.
network
low complexity
mediatek CWE-20
7.5
2023-12-25 CVE-2023-31289 Improper Input Validation vulnerability in Pexip Infinity
Pexip Infinity before 31.2 has Improper Input Validation for signalling, allowing remote attackers to trigger an abort.
network
low complexity
pexip CWE-20
7.5
2023-12-25 CVE-2023-31455 Improper Input Validation vulnerability in Pexip Infinity
Pexip Infinity before 31.2 has Improper Input Validation for RTCP, allowing remote attackers to trigger an abort.
network
low complexity
pexip CWE-20
7.5
2023-12-18 CVE-2023-22439 Improper Input Validation vulnerability in Gallagher Command Centre and Controller 6000 Firmware
Improper input validation of a large HTTP request in the Controller 6000 and Controller 7000 optional diagnostic web interface (Port 80) can be used to perform a Denial of Service of the diagnostic web interface. This issue affects: Gallagher Controller 6000 and 7000 8.90 prior to vCR8.90.231204a (distributed in 8.90.1620 (MR2)), 8.80 prior to vCR8.80.231204a (distributed in 8.80.1369 (MR3)), 8.70 prior to vCR8.70.231204a (distributed in 8.70.2375 (MR5)), 8.60 prior to vCR8.60.231116a (distributed in 8.60.2550 (MR7)), all versions of 8.50 and prior.
network
low complexity
gallagher CWE-20
4.3
2023-12-18 CVE-2023-32727 Improper Input Validation vulnerability in Zabbix Server 6.0.22/6.4.7/7.0.0
An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.
network
low complexity
zabbix CWE-20
7.2
2023-12-15 CVE-2023-6835 Improper Input Validation vulnerability in Wso2 API Manager and IOT Server
Multiple WSO2 products have been identified as vulnerable due to lack of server-side input validation in the Forum feature, API rating could be manipulated.
network
low complexity
wso2 CWE-20
5.3