Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-11 | CVE-2023-20528 | Improper Input Validation vulnerability in AMD products Insufficient input validation in the SMU may allow a physical attacker to exfiltrate SMU memory contents over the I2C bus potentially leading to a loss of confidentiality. | 2.4 |
| 2023-01-11 | CVE-2023-20530 | Improper Input Validation vulnerability in AMD products Insufficient input validation of BIOS mailbox messages in SMU may result in out-of-bounds memory reads potentially resulting in a denial of service. | 7.5 |
| 2023-01-11 | CVE-2023-20532 | Improper Input Validation vulnerability in AMD products Insufficient input validation in the SMU may allow an attacker to improperly lock resources, potentially resulting in a denial of service. | 5.3 |
| 2023-01-11 | CVE-2023-22963 | Improper Input Validation vulnerability in Personnummer The personnummer implementation before 3.0.3 for Dart mishandles numbers in which the last four digits match the ^000[0-9]$ regular expression. | 5.3 |
| 2023-01-10 | CVE-2023-0139 | Improper Input Validation vulnerability in Google Chrome Insufficient validation of untrusted input in Downloads in Google Chrome on Windows prior to 109.0.5414.74 allowed a remote attacker to bypass download restrictions via a crafted HTML page. | 6.5 |
| 2023-01-10 | CVE-2023-22898 | Improper Input Validation vulnerability in Circl Pandora workers/extractor.py in Pandora (aka pandora-analysis/pandora) 1.3.0 allows a denial of service when an attacker submits a deeply nested ZIP archive (aka ZIP bomb). | 6.5 |
| 2023-01-04 | CVE-2023-22465 | Improper Input Validation vulnerability in Typelevel Http4S Http4s is a Scala interface for HTTP services. | 5.3 |
| 2023-01-04 | CVE-2022-45875 | Improper Input Validation vulnerability in Apache Dolphinscheduler Improper validation of script alert plugin parameters in Apache DolphinScheduler to avoid remote command execution vulnerability. | 9.8 |
| 2023-01-04 | CVE-2023-22460 | Improper Input Validation vulnerability in Protocol Go-Ipld-Prime go-ipld-prime is an implementation of the InterPlanetary Linked Data (IPLD) spec interfaces, a batteries-included codec implementations of IPLD for CBOR and JSON, and tooling for basic operations on IPLD objects. | 7.5 |
| 2023-01-03 | CVE-2022-32652 | Improper Input Validation vulnerability in Google Android 11.0/12.0/13.0 In mtk-aie, there is a possible use after free due to a logic error. | 6.7 |