Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-07 | CVE-2016-2781 | Improper Input Validation vulnerability in GNU Coreutils chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. | 6.5 |
| 2017-02-06 | CVE-2016-5102 | Improper Input Validation vulnerability in Libtiff Buffer overflow in the readgifimage function in gif2tiff.c in the gif2tiff tool in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (segmentation fault) via a crafted gif file. | 5.5 |
| 2017-02-06 | CVE-2010-5328 | Improper Input Validation vulnerability in Linux Kernel include/linux/init_task.h in the Linux kernel before 2.6.35 does not prevent signals with a process group ID of zero from reaching the swapper process, which allows local users to cause a denial of service (system crash) by leveraging access to this process group. | 5.5 |
| 2017-02-04 | CVE-2017-5880 | Improper Input Validation vulnerability in Splunk Splunk Web in Splunk Enterprise versions 6.5.x before 6.5.2, 6.4.x before 6.4.5, 6.3.x before 6.3.9, 6.2.x before 6.2.13, 6.1.x before 6.1.12, 6.0.x before 6.0.13, 5.0.x before 5.0.17 and Splunk Light versions before 6.5.2 allows remote authenticated users to cause a denial of service (daemon crash) via a crafted GET request, aka SPL-130279. | 6.5 |
| 2017-02-03 | CVE-2016-6500 | Improper Input Validation vulnerability in Forgerock Racf Connector 1.1.0.0 Unspecified methods in the RACF Connector component before 1.1.1.0 in ForgeRock OpenIDM and OpenICF improperly call the SearchControls constructor with returnObjFlag set to true, which allows remote attackers to execute arbitrary code via a crafted serialized Java object, aka LDAP entry poisoning. | 8.1 |
| 2017-02-03 | CVE-2017-3822 | Improper Input Validation vulnerability in Cisco Firepower Threat Defense 6.1.0 A vulnerability in the logging subsystem of the Cisco Firepower Threat Defense (FTD) Firepower Device Manager (FDM) could allow an unauthenticated, remote attacker to add arbitrary entries to the audit log. | 5.3 |
| 2017-02-03 | CVE-2017-3818 | Improper Input Validation vulnerability in Cisco Email Security Appliance Firmware 9.7.1066 A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device, aka a Malformed MIME Header Filtering Bypass. | 5.8 |
| 2017-02-03 | CVE-2017-3814 | Improper Input Validation vulnerability in Cisco Secure Firewall Management Center A vulnerability in Cisco Firepower System Software could allow an unauthenticated, remote attacker to maliciously bypass the appliance's ability to block certain web content, aka a URL Bypass. | 5.8 |
| 2017-02-03 | CVE-2017-3809 | Improper Input Validation vulnerability in Cisco Secure Firewall Management Center 6.1.0/6.2.0 A vulnerability in the Policy deployment module of the Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to prevent deployment of a complete and accurate rule base. | 5.8 |
| 2017-02-02 | CVE-2016-6234 | Improper Input Validation vulnerability in Lepton Project Lepton 1.0 The process_file function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service (crash) via a crafted jpeg file. | 5.5 |