Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-31 | CVE-2017-14063 | Improper Input Validation vulnerability in Asynchttpclient Project Async-Http-Client Async Http Client (aka async-http-client) before 2.0.35 can be tricked into connecting to a host different from the one extracted by java.net.URI if a '?' character occurs in a fragment identifier. | 7.5 |
| 2017-08-30 | CVE-2017-9945 | Improper Input Validation vulnerability in Siemens 7KM PAC Switched Ethernet Profinet Expansion Module Firmware 2.1.2 In the Siemens 7KM PAC Switched Ethernet PROFINET expansion module (All versions < V2.1.3), a Denial-of-Service condition could be induced by a specially crafted PROFINET DCP packet sent as a local Ethernet (Layer 2) broadcast. | 6.5 |
| 2017-08-30 | CVE-2016-4462 | Improper Input Validation vulnerability in Apache Ofbiz By manipulating the URL parameter externalLoginKey, a malicious, logged in user could pass valid Freemarker directives to the Template Engine that are reflected on the webpage; a specially crafted Freemarker template could be used for remote code execution. | 8.8 |
| 2017-08-29 | CVE-2017-1428 | Improper Input Validation vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11.0 could allow a remote attacker to hijack the clicking action of the victim. | 6.1 |
| 2017-08-29 | CVE-2016-2977 | Improper Input Validation vulnerability in IBM Sametime IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a malicious user to lower other users hands in the meeting. | 4.3 |
| 2017-08-29 | CVE-2016-10503 | Improper Input Validation vulnerability in IBM Sametime IBM Sametime Meeting Server 8.5.2 and 9.0 could allow an authenticated and invited user of Sametime meeting to lower any or all hands in an e-meeting, thus spoofing results of votes in the meeting. | 4.3 |
| 2017-08-29 | CVE-2017-12775 | Improper Input Validation vulnerability in Question2Answer qa-include/qa-install.php in Question2Answer before 1.7.5 allows remote attackers to create multiple user accounts. | 7.5 |
| 2017-08-29 | CVE-2015-5209 | Improper Input Validation vulnerability in Apache Struts Apache Struts 2.x before 2.3.24.1 allows remote attackers to manipulate Struts internals, alter user sessions, or affect container settings via vectors involving a top object. | 7.5 |
| 2017-08-29 | CVE-2017-10952 | Improper Input Validation vulnerability in Foxitsoftware Foxit Reader 8.2.0.2051 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.2.0.2051. | 8.8 |
| 2017-08-29 | CVE-2017-13735 | Improper Input Validation vulnerability in Libraw 0.18.2 There is a floating point exception in the kodak_radc_load_raw function in dcraw_common.cpp in LibRaw 0.18.2. | 7.5 |