Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-29 | CVE-2017-13685 | Improper Input Validation vulnerability in Sqlite 3.20.0 The dump_callback function in SQLite 3.20.0 allows remote attackers to cause a denial of service (EXC_BAD_ACCESS and application crash) via a crafted file. | 5.5 |
| 2017-08-29 | CVE-2017-2254 | Improper Input Validation vulnerability in Cybozu Garoon Cybozu Garoon 3.5.0 to 4.2.5 allows an attacker to cause a denial of service in the application menu's edit function via specially crafted input | 4.9 |
| 2017-08-29 | CVE-2015-0234 | Improper Input Validation vulnerability in Pki-Core Project Pki-Core 10.2.0 Multiple temporary file creation vulnerabilities in pki-core 10.2.0. | 7.5 |
| 2017-08-28 | CVE-2015-1554 | Improper Input Validation vulnerability in Kgb-Bot Project Kgb-Bot 1.332 kgb-bot 1.33-2 allows remote attackers to cause a denial of service (crash). | 7.5 |
| 2017-08-28 | CVE-2015-1443 | Improper Input Validation vulnerability in Fli4L 3.10.0/4.0 The httpd package in fli4l before 3.10.1 and 4.0 before 2015-01-30 allows remote attackers to execute arbitrary code. | 8.8 |
| 2017-08-27 | CVE-2017-13709 | Improper Input Validation vulnerability in Flightgear 2017.2.1 In FlightGear before version 2017.3.1, Main/logger.cxx in the FGLogger subsystem allows one to overwrite any file via a resource that affects the contents of the global Property Tree. | 7.5 |
| 2017-08-27 | CVE-2017-12595 | Improper Input Validation vulnerability in Qpdf Project Qpdf 6.0.0/7.0.B1 The tokenizer in QPDF 6.0.0 and 7.0.b1 is recursive for arrays and dictionaries, which allows remote attackers to cause a denial of service (stack consumption and segmentation fault) or possibly have unspecified other impact via a PDF document with a deep data structure, as demonstrated by a crash in QPDFObjectHandle::parseInternal in libqpdf/QPDFObjectHandle.cc. | 7.8 |
| 2017-08-25 | CVE-2017-13692 | Improper Input Validation vulnerability in Htacg Tidy 5.5.31 In Tidy 5.5.31, the IsURLCodePoint function in attrs.c allows attackers to cause a denial of service (Segmentation Fault), as demonstrated by an invalid ISALNUM argument. | 7.5 |
| 2017-08-24 | CVE-2015-5146 | Improper Input Validation vulnerability in multiple products ntpd in ntp before 4.2.8p3 with remote configuration enabled allows remote authenticated users with knowledge of the configuration password and access to a computer entrusted to perform remote configuration to cause a denial of service (service crash) via a NULL byte in a crafted configuration directive packet. | 5.3 |
| 2017-08-23 | CVE-2017-13147 | Improper Input Validation vulnerability in Graphicsmagick 1.3.26 In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value. | 8.8 |