Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-13 | CVE-2016-4898 | Improper Input Validation vulnerability in Novastor Novabackup Datacenter The datamover module in the Linux version of NovaBACKUP DataCenter before 09.06.03.0353 is vulnerable to remote command execution via unspecified attack vectors. | 9.8 |
| 2017-04-13 | CVE-2015-4646 | Improper Input Validation vulnerability in Squashfs Project Squashfs (1) unsquash-1.c, (2) unsquash-2.c, (3) unsquash-3.c, and (4) unsquash-4.c in Squashfs and sasquatch allow remote attackers to cause a denial of service (application crash) via a crafted input. | 7.5 |
| 2017-04-13 | CVE-2012-1301 | Improper Input Validation vulnerability in Umbraco CMS 4.7.0 The FeedProxy.aspx script in Umbraco 4.7.0 allows remote attackers to proxy requests on their behalf via the "url" parameter. | 9.8 |
| 2017-04-13 | CVE-2016-2567 | Improper Input Validation vulnerability in Samsung Galaxy Note 3 Firmware and Galaxy S6 Firmware secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to bypass URL filtering by inserting an "exceptional URL" in the query string, as demonstrated by the http://should-have-been-filtered.example.com/?http://google.com URL. | 3.3 |
| 2017-04-13 | CVE-2010-1821 | Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows local users to obtain system privileges. | 7.8 |
| 2017-04-13 | CVE-2015-7740 | Improper Input Validation vulnerability in Huawei P7 Firmware and P8 Ale-Ul00 Firmware Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B851 and P8 ALE-UL00 before ALE-UL00B211 allows local users to cause a denial of service (OS crash) via vectors involving an application that passes crafted input to the GPU driver. | 5.5 |
| 2017-04-12 | CVE-2017-7747 | Improper Input Validation vulnerability in multiple products In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the PacketBB dissector could crash, triggered by packet injection or a malformed capture file. | 7.5 |
| 2017-04-12 | CVE-2017-7280 | Improper Input Validation vulnerability in Unitrends Enterprise Backup 7.3.0/8.2.08 An issue was discovered in api/includes/systems.php in Unitrends Enterprise Backup before 9.0.0. | 9.8 |
| 2017-04-12 | CVE-2017-6059 | Improper Input Validation vulnerability in Openidc MOD Auth Openidc Mod_auth_openidc.c in the Ping Identity OpenID Connect authentication module for Apache (aka mod_auth_openidc) before 2.14 allows remote attackers to spoof page content via a malicious URL provided to the user, which triggers an invalid request. | 7.5 |
| 2017-04-12 | CVE-2017-2989 | Improper Input Validation vulnerability in Adobe Campaign 6.11 Adobe Campaign versions Build 8770 and earlier have an input validation bypass that could be exploited to read, write, or delete data from the Campaign database. | 9.1 |