Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-13 | CVE-2016-5782 | Improper Input Validation vulnerability in Locusenergy Lgate Firmware An issue was discovered in Locus Energy LGate prior to 1.05H, LGate 50, LGate 100, LGate 101, LGate 120, and LGate 320. | 8.6 |
| 2017-02-13 | CVE-2016-6129 | Improper Input Validation vulnerability in multiple products The rsa_verify_hash_ex function in rsa_verify_hash.c in LibTomCrypt, as used in OP-TEE before 2.2.0, does not validate that the message length is equal to the ASN.1 encoded data length, which makes it easier for remote attackers to forge RSA signatures or public certificates by leveraging a Bleichenbacher signature forgery attack. | 7.5 |
| 2017-02-13 | CVE-2016-4547 | Improper Input Validation vulnerability in Samsung Mobile Samsung devices with Android KK(4.4), L(5.0/5.1), or M(6.0) allow attackers to cause a denial of service (system crash) via a crafted system call to TvoutService_C. | 7.5 |
| 2017-02-13 | CVE-2016-4546 | Improper Input Validation vulnerability in Samsung Mobile 4.4/5.0/5.1 Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users to cause a denial of service (IAndroidShm service crash) via crafted data in a service call. | 5.5 |
| 2017-02-13 | CVE-2017-3896 | Improper Input Validation vulnerability in Mcafee Agent Unvalidated parameter vulnerability in the remote log viewing capability in Intel Security McAfee Agent 5.0.x versions prior to 5.0.4.449 allows remote attackers to pass unexpected input parameters via a URL that was not completely validated. | 5.9 |
| 2017-02-08 | CVE-2016-9686 | Improper Input Validation vulnerability in Puppet Enterprise 2016.4.0/2016.4.2/2016.5.1 The Puppet Communications Protocol (PCP) Broker incorrectly validates message header sizes. | 5.3 |
| 2017-02-08 | CVE-2016-0206 | Improper Input Validation vulnerability in IBM Cloud Orchestrator IBM Cloud Orchestrator could allow a local authenticated attacker to cause the server to slow down for a short period of time by using a specially crafted and malformed URL. | 3.3 |
| 2017-02-08 | CVE-2017-0422 | Improper Input Validation vulnerability in Google Android A denial of service vulnerability in Bionic DNS could enable a remote attacker to use a specially crafted network packet to cause a device hang or reboot. | 7.5 |
| 2017-02-07 | CVE-2016-7164 | Improper Input Validation vulnerability in Libtorrent 1.1 The construct function in puff.cpp in Libtorrent 1.1.0 allows remote torrent trackers to cause a denial of service (segmentation fault and crash) via a crafted GZIP response. | 7.5 |
| 2017-02-07 | CVE-2016-6131 | Improper Input Validation vulnerability in GNU Libiberty The demangler in GNU Libiberty allows remote attackers to cause a denial of service (infinite loop, stack overflow, and crash) via a cycle in the references of remembered mangled types. | 7.5 |