Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-12 | CVE-2022-46372 | Improper Input Validation vulnerability in Alotceriot Ar7088H-A Firmware 16.10.3 Alotcer - AR7088H-A firmware version 16.10.3 Command execution Improper validation of unspecified input field may allow Authenticated command execution. | 8.8 |
| 2023-01-11 | CVE-2022-4428 | Improper Input Validation vulnerability in Cloudflare Warp support_uri parameter in the WARP client local settings file (mdm.xml) lacked proper validation which allowed for privilege escalation and launching an arbitrary executable on the local machine upon clicking on the "Send feedback" option. | 8.0 |
| 2023-01-11 | CVE-2023-22952 | Improper Input Validation vulnerability in Sugarcrm 11.0.0/12.0.0 In SugarCRM before 12.0. | 8.8 |
| 2023-01-11 | CVE-2021-26316 | Improper Input Validation vulnerability in AMD products Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM (System Management Mode) arbitrary code execution. | 7.8 |
| 2023-01-11 | CVE-2021-26404 | Improper Input Validation vulnerability in AMD products Improper input validation and bounds checking in SEV firmware may leak scratch buffer bytes leading to potential information disclosure. | 5.5 |
| 2023-01-11 | CVE-2021-46767 | Improper Input Validation vulnerability in AMD Milanpi Firmware and Romepi Firmware Insufficient input validation in the ASP may allow an attacker with physical access, unauthorized write access to memory potentially leading to a loss of integrity or denial of service. | 6.1 |
| 2023-01-11 | CVE-2022-23814 | Improper Input Validation vulnerability in AMD Milanpi-Sp3 Firmware Failure to validate addresses provided by software to BIOS commands may result in a potential loss of integrity of guest memory in a confidential compute environment. | 5.3 |
| 2023-01-11 | CVE-2023-20522 | Improper Input Validation vulnerability in AMD Milanpi Firmware and Romepi Firmware Insufficient input validation in ASP may allow an attacker with a malicious BIOS to potentially cause a denial of service. | 7.5 |
| 2023-01-11 | CVE-2023-20525 | Improper Input Validation vulnerability in AMD products Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory outside the bounds of a mapped register potentially leading to a denial of service. | 6.5 |
| 2023-01-11 | CVE-2023-20527 | Improper Input Validation vulnerability in AMD products Improper syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory out-of-bounds, potentially leading to a denial-of-service. | 6.5 |