Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-13 | CVE-2017-11763 | Improper Input Validation vulnerability in Microsoft products The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way it handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability". | 8.8 |
| 2017-10-13 | CVE-2017-11762 | Improper Input Validation vulnerability in Microsoft products The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way it handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability". | 8.8 |
| 2017-10-12 | CVE-2016-9263 | Improper Input Validation vulnerability in Wordpress WordPress through 4.8.2, when domain-based flashmediaelement.swf sandboxing is not used, allows remote attackers to conduct cross-domain Flash injection (XSF) attacks by leveraging code contained within the wp-includes/js/mediaelement/flashmediaelement.swf file. | 4.7 |
| 2017-10-12 | CVE-2017-15285 | Improper Input Validation vulnerability in Qualiteam X-Cart X-Cart 5.2.23, 5.3.1.9, 5.3.2.13, and 5.3.3 is vulnerable to Remote Code Execution. | 8.8 |
| 2017-10-11 | CVE-2017-8025 | Improper Input Validation vulnerability in EMC Archer GRC Platform 6.2.0.4 RSA Archer GRC Platform prior to 6.2.0.5 is affected by an arbitrary file upload vulnerability. | 7.4 |
| 2017-10-11 | CVE-2017-5721 | Improper Input Validation vulnerability in Intel products Insufficient input validation in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to execute arbitrary code via manipulation of memory. | 7.5 |
| 2017-10-10 | CVE-2017-8994 | Improper Input Validation vulnerability in HP Operations Orchestration A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely. | 9.8 |
| 2017-10-09 | CVE-2017-15185 | Improper Input Validation vulnerability in Libmp3Splt Project Libmp3Splt 0.9.2 plugins/ogg.c in Libmp3splt 0.9.2 calls the libvorbis vorbis_block_clear function with uninitialized data upon detection of invalid input, which allows remote attackers to cause a denial of service (application crash) via a crafted file. | 5.0 |
| 2017-10-06 | CVE-2017-9272 | Improper Input Validation vulnerability in Microfocus Bi-Directional Driver 4.0.2.0 The Bi-directional driver in IDM 4.5 before 4.0.3.0 could be susceptible to a denial of service attack. | 7.5 |
| 2017-10-06 | CVE-2017-1002153 | Improper Input Validation vulnerability in Koji Project Koji 1.13.0 Koji 1.13.0 does not properly validate SCM paths, allowing an attacker to work around blacklisted paths for build submission. | 7.5 |