Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-17 | CVE-2017-0007 | Improper Input Validation vulnerability in Microsoft Windows 10 and Windows Server 2016 Device Guard in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows remote attackers to modify PowerShell script without invalidating associated signatures, aka "PowerShell Security Feature Bypass Vulnerability." | 5.5 |
| 2017-03-15 | CVE-2017-3846 | Improper Input Validation vulnerability in Cisco Tidal Enterprise Scheduler A vulnerability in the Client Manager Server of Cisco Workload Automation and Cisco Tidal Enterprise Scheduler could allow an unauthenticated, remote attacker to retrieve any file from the Client Manager Server. | 8.6 |
| 2017-03-15 | CVE-2017-5359 | Improper Input Validation vulnerability in Easycom-Aura SQL Iplug EasyCom SQL iPlug allows remote attackers to cause a denial of service via the D$EVAL parameter to the default URI. | 7.5 |
| 2017-03-15 | CVE-2016-10167 | Improper Input Validation vulnerability in Libgd The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted image file. | 5.5 |
| 2017-03-15 | CVE-2017-6436 | Improper Input Validation vulnerability in Libplist Project Libplist 1.12 The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file. | 5.0 |
| 2017-03-14 | CVE-2016-8017 | Improper Input Validation vulnerability in Mcafee Virusscan Enterprise Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user input. | 4.1 |
| 2017-03-14 | CVE-2017-6516 | Improper Input Validation vulnerability in Magnicomp Sysinfo 10H62 A Local Privilege Escalation Vulnerability in MagniComp's Sysinfo before 10-H64 for Linux and UNIX platforms could allow a local attacker to gain elevated privileges. | 6.7 |
| 2017-03-14 | CVE-2017-6367 | Improper Input Validation vulnerability in Cerberusftp FTP Server 8.0.10.1 In Cerberus FTP Server 8.0.10.1, a crafted HTTP request causes the Windows service to crash. | 7.5 |
| 2017-03-12 | CVE-2014-9645 | Improper Input Validation vulnerability in Busybox The add_probe function in modutils/modprobe.c in BusyBox before 1.23.0 allows local users to bypass intended restrictions on loading kernel modules via a / (slash) character in a module name, as demonstrated by an "ifconfig /usbserial up" command or a "mount -t /snd_pcm none /" command. | 5.5 |
| 2017-03-12 | CVE-2017-6815 | Improper Input Validation vulnerability in multiple products In WordPress before 4.7.3 (wp-includes/pluggable.php), control characters can trick redirect URL validation. | 6.1 |