Vulnerabilities > Improper Input Validation

DATE CVE VULNERABILITY TITLE RISK
2017-03-30 CVE-2014-9815 Improper Input Validation vulnerability in Imagemagick
ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted wpg file.
local
low complexity
imagemagick CWE-20
5.5
5.5
2017-03-30 CVE-2014-9813 Improper Input Validation vulnerability in Imagemagick
ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted viff file.
local
low complexity
imagemagick CWE-20
5.5
5.5
2017-03-30 CVE-2014-9811 Improper Input Validation vulnerability in Imagemagick
The xwd file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed xwd file.
local
low complexity
imagemagick CWE-20
5.5
5.5
2017-03-30 CVE-2014-9810 Improper Input Validation vulnerability in Imagemagick
The dpx file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed dpx file.
local
low complexity
imagemagick CWE-20
5.5
5.5
2017-03-30 CVE-2014-9809 Improper Input Validation vulnerability in Imagemagick
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted xwd image.
local
low complexity
imagemagick CWE-20
5.5
5.5
2017-03-30 CVE-2014-9808 Improper Input Validation vulnerability in Imagemagick
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted dpc image.
local
low complexity
imagemagick CWE-20
5.5
5.5
2017-03-30 CVE-2014-9806 Improper Input Validation vulnerability in Imagemagick
ImageMagick allows remote attackers to cause a denial of service (file descriptor consumption) via a crafted file.
local
low complexity
imagemagick CWE-20
5.5
5.5
2017-03-30 CVE-2014-9805 Improper Input Validation vulnerability in Imagemagick
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file.
local
low complexity
imagemagick CWE-20
5.5
5.5
2017-03-29 CVE-2017-5226 Improper Input Validation vulnerability in Projectatomic Bubblewrap
When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an attacker to escape the sandbox.
network
low complexity
projectatomic CWE-20
critical
 10.0
10
2017-03-29 CVE-2017-7301 Improper Input Validation vulnerability in GNU Binutils 2.28
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that has an off-by-one vulnerability because it does not carefully check the string offset.
network
low complexity
gnu CWE-20
7.5
7.5