Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-28 | CVE-2017-11183 | Improper Input Validation vulnerability in Glpi-Project Glpi front/backup.php in GLPI before 9.1.5 allows remote authenticated administrators to delete arbitrary files via a crafted file parameter. | 4.9 |
| 2017-07-27 | CVE-2016-2161 | Improper Input Validation vulnerability in Apache Http Server In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests. | 7.5 |
| 2017-07-27 | CVE-2017-11665 | Improper Input Validation vulnerability in Ffmpeg 3.3.2 The ff_amf_get_field_value function in libavformat/rtmppkt.c in FFmpeg 3.3.2 allows remote RTMP servers to cause a denial of service (Segmentation Violation and application crash) via a crafted stream. | 7.5 |
| 2017-07-27 | CVE-2017-11673 | Improper Input Validation vulnerability in Acunetix web vulnerability Scanner 8 Reporter.exe in Acunetix 8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed PRE file, related to a "User Mode Write AV starting at reporter!madTraceProcess." | 9.8 |
| 2017-07-26 | CVE-2017-11638 | Improper Input Validation vulnerability in Graphicsmagick 1.3.26 GraphicsMagick 1.3.26 has a segmentation violation in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11642. | 8.8 |
| 2017-07-26 | CVE-2017-11613 | Improper Input Validation vulnerability in Libtiff 4.0.8 In LibTIFF 4.0.8, there is a denial of service vulnerability in the TIFFOpen function. | 6.5 |
| 2017-07-25 | CVE-2017-6751 | Improper Input Validation vulnerability in Cisco products A vulnerability in the web proxy functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to forward traffic from the web proxy interface of an affected device to the administrative management interface of an affected device, aka an Access Control Bypass Vulnerability. | 7.5 |
| 2017-07-25 | CVE-2017-6746 | Improper Input Validation vulnerability in Cisco web Security Appliance A vulnerability in the web interface of the Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and elevate privileges to root. | 7.2 |
| 2017-07-25 | CVE-2015-4035 | Improper Input Validation vulnerability in Tukaani XZ 4.999.7/4.999.8/4.999.9 scripts/xzgrep.in in xzgrep 5.2.x before 5.2.0, before 5.0.0 does not properly process file names containing semicolons, which allows remote attackers to execute arbitrary code by having a user run xzgrep on a crafted file name. | 7.8 |
| 2017-07-25 | CVE-2015-3278 | Improper Input Validation vulnerability in NSS Compat Ossl Project NSS Compat Ossl The cipherstring parsing code in nss_compat_ossl while in multi-keyword mode does not match the expected set of ciphers for a given cipher combination, which allows attackers to have unspecified impact via unknown vectors. | 9.8 |