Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-17 | CVE-2014-8324 | Improper Input Validation vulnerability in Aircrack-Ng 1.0/1.2 network.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (segmentation fault) via a response with a crafted length parameter. | 7.5 |
| 2017-10-17 | CVE-2014-8323 | Improper Input Validation vulnerability in Aircrack-Ng 1.0/1.2 buddy-ng.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (segmentation fault) via a response with a crafted length parameter. | 7.5 |
| 2017-10-16 | CVE-2017-0316 | Improper Input Validation vulnerability in Nvidia Geforce Experience In GeForce Experience (GFE) 3.x before 3.10.0.55, NVIDIA Installer Framework contains a vulnerability in NVISystemService64 where a value passed from a user to the driver is used without validation, which may lead to denial of service or possible escalation of privileges. | 7.8 |
| 2017-10-16 | CVE-2016-4461 | Improper Input Validation vulnerability in multiple products Apache Struts 2.x before 2.3.29 allows remote attackers to execute arbitrary code via a "%{}" sequence in a tag attribute, aka forced double OGNL evaluation. | 8.8 |
| 2017-10-13 | CVE-2017-10615 | Improper Input Validation vulnerability in Juniper Junos 14.1/14.1X53/14.2 A vulnerability in the pluggable authentication module (PAM) of Juniper Networks Junos OS may allow an unauthenticated network based attacker to potentially execute arbitrary code or crash daemons such as telnetd or sshd that make use of PAM. | 9.8 |
| 2017-10-13 | CVE-2017-10610 | Improper Input Validation vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49 On SRX Series devices, a crafted ICMP packet embedded within a NAT64 IPv6 to IPv4 tunnel may cause the flowd process to crash. | 5.9 |
| 2017-10-13 | CVE-2017-15012 | Improper Input Validation vulnerability in Opentext Documentum Content Server 7.3 OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 does not properly validate the input of the PUT_FILE RPC-command, which allows any authenticated user to hijack an arbitrary file from the Content Server filesystem; because some files on the Content Server filesystem are security-sensitive, this leads to privilege escalation. | 8.8 |
| 2017-10-13 | CVE-2017-11782 | Improper Input Validation vulnerability in Microsoft Windows 10 and Windows Server 2016 The Microsoft Server Block Message (SMB) on Microsoft Windows 10 1607 and Windows Server 2016, allows an elevation of privilege vulnerability when an attacker sends specially crafted requests to the server, aka "Windows SMB Elevation of Privilege Vulnerability". | 7.8 |
| 2017-10-13 | CVE-2017-11781 | Improper Input Validation vulnerability in Microsoft products The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows a denial of service vulnerability when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability". | 7.5 |
| 2017-10-13 | CVE-2017-11771 | Improper Input Validation vulnerability in Microsoft products The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly handle DNS responses, aka "Windows Search Remote Code Execution Vulnerability". | 9.8 |