Vulnerabilities > Improper Input Validation

DATE CVE VULNERABILITY TITLE RISK
2016-11-18 CVE-2016-4332 Improper Input Validation vulnerability in Hdfgroup Hdf5 1.8.16
The library's failure to check if certain message types support a particular flag, the HDF5 1.8.16 library will cast the structure to an alternative structure and then assign to fields that aren't supported by the message type and the library will write outside the bounds of the heap buffer.
local
low complexity
hdfgroup CWE-20
8.6
2016-11-15 CVE-2016-0909 Improper Input Validation vulnerability in EMC Avamar Data Store and Avamar Server Virtual Edition
EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) versions 7.3 and older contain a vulnerability that may expose the Avamar servers to potentially be compromised by malicious users.
local
low complexity
emc CWE-20
8.4
2016-11-10 CVE-2016-7209 Improper Input Validation vulnerability in Microsoft Edge
Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability."
network
high complexity
microsoft CWE-20
5.3
2016-11-08 CVE-2016-8809 Improper Input Validation vulnerability in Nvidia GPU Driver
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x70001b2 where the size of an input buffer is not validated, leading to denial of service or potential escalation of privileges.
local
low complexity
nvidia CWE-20
7.8
2016-11-08 CVE-2016-5025 Improper Input Validation vulnerability in Nvidia GPU Driver
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.
local
low complexity
nvidia CWE-20
6.6
2016-11-08 CVE-2016-4961 Improper Input Validation vulnerability in Nvidia Geforce Experience
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.
local
low complexity
nvidia CWE-20
5.5
2016-11-08 CVE-2016-4960 Improper Input Validation vulnerability in Nvidia Geforce Experience
For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege.
local
low complexity
nvidia CWE-20
7.3
2016-11-04 CVE-2016-8870 Improper Input Validation vulnerability in Joomla Joomla!
The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4, when registration has been disabled, allows remote attackers to create user accounts by leveraging failure to check the Allow User Registration configuration setting.
network
high complexity
joomla CWE-20
8.1
2016-11-04 CVE-2016-8869 Improper Input Validation vulnerability in Joomla Joomla!
The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4 allows remote attackers to gain privileges by leveraging incorrect use of unfiltered data when registering on a site.
network
low complexity
joomla CWE-20
critical
9.8
2016-10-31 CVE-2016-7965 Improper Input Validation vulnerability in Dokuwiki
DokuWiki 2016-06-26a and older uses $_SERVER[HTTP_HOST] instead of the baseurl setting as part of the password-reset URL.
network
low complexity
dokuwiki CWE-20
6.5