Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-04 | CVE-2017-6471 | Improper Input Validation vulnerability in multiple products In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a WSP infinite loop, triggered by packet injection or a malformed capture file. | 7.5 |
| 2017-03-04 | CVE-2017-6469 | Improper Input Validation vulnerability in multiple products In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an LDSS dissector crash, triggered by packet injection or a malformed capture file. | 7.5 |
| 2017-03-04 | CVE-2017-6468 | Improper Input Validation vulnerability in multiple products In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser crash, triggered by a malformed capture file. | 7.5 |
| 2017-03-03 | CVE-2016-7407 | Improper Input Validation vulnerability in Dropbear SSH Project Dropbear SSH The dropbearconvert command in Dropbear SSH before 2016.74 allows attackers to execute arbitrary code via a crafted OpenSSH key file. | 9.8 |
| 2017-03-03 | CVE-2016-7406 | Improper Input Validation vulnerability in Dropbear SSH Project Dropbear SSH Format string vulnerability in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code via format string specifiers in the (1) username or (2) host argument. | 9.8 |
| 2017-03-02 | CVE-2016-10069 | Improper Input Validation vulnerability in multiple products coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a mat file with an invalid number of frames. | 5.5 |
| 2017-03-02 | CVE-2016-10068 | Improper Input Validation vulnerability in multiple products The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file. | 5.5 |
| 2017-03-02 | CVE-2016-10228 | Improper Input Validation vulnerability in GNU Glibc The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service. | 5.9 |
| 2017-03-01 | CVE-2017-3826 | Improper Input Validation vulnerability in Cisco Netflow Generation Appliance Software A vulnerability in the Stream Control Transmission Protocol (SCTP) decoder of the Cisco NetFlow Generation Appliance (NGA) with software before 1.1(1a) could allow an unauthenticated, remote attacker to cause the device to hang or unexpectedly reload, causing a denial of service (DoS) condition. | 7.5 |
| 2017-03-01 | CVE-2017-6345 | Improper Input Validation vulnerability in Linux Kernel The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls. | 7.8 |