Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-06 | CVE-2022-33876 | Improper Input Validation vulnerability in Fortinet Fortiadc Multiple instances of improper input validation vulnerability in Fortinet FortiADC version 7.1.0, version 7.0.0 through 7.0.2 and version 6.2.4 and below allows an authenticated attacker to retrieve files with specific extension from the underlying Linux system via crafted HTTP requests. | 6.5 |
| 2022-12-06 | CVE-2022-38123 | Improper Input Validation vulnerability in Secomea Gatemanager 9.6.621421014 Improper Input Validation of plugin files in Administrator Interface of Secomea GateManager allows a server administrator to inject code into the GateManager interface. This issue affects: Secomea GateManager versions prior to 10.0. | 7.2 |
| 2022-12-06 | CVE-2022-24439 | Improper Input Validation vulnerability in multiple products All versions of package gitpython are vulnerable to Remote Code Execution (RCE) due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. | 9.8 |
| 2022-12-05 | CVE-2022-43484 | Improper Input Validation vulnerability in Nttdata products TERASOLUNA Global Framework 1.0.0 (Public review version) and TERASOLUNA Server Framework for Java (Rich) 2.0.0.2 to 2.0.5.1 are vulnerable to a ClassLoader manipulation vulnerability due to using the old version of Spring Framework which contains the vulnerability.The vulnerability is caused by an improper input validation issue in the binding mechanism of Spring MVC. | 7.8 |
| 2022-12-03 | CVE-2021-37533 | Improper Input Validation vulnerability in multiple products Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host from PASV response by default. | 6.5 |
| 2022-11-30 | CVE-2022-40265 | Improper Input Validation vulnerability in Mitsubishielectric products Improper Input Validation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series RJ71EN71 Firmware version "65" and prior and Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120ENCPU Network Part Firmware version "65" and prior allows a remote unauthenticated attacker to cause a Denial of Service condition by sending specially crafted packets. | 7.5 |
| 2022-11-30 | CVE-2022-4186 | Improper Input Validation vulnerability in Google Chrome Insufficient validation of untrusted input in Downloads in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass Downloads restrictions via a crafted HTML page. | 4.3 |
| 2022-11-29 | CVE-2022-36960 | Improper Input Validation vulnerability in Solarwinds Orion Platform SolarWinds Platform was susceptible to Improper Input Validation. | 8.8 |
| 2022-11-29 | CVE-2022-4033 | Improper Input Validation vulnerability in Expresstech Quiz and Survey Master The Quiz and Survey Master plugin for WordPress is vulnerable to input validation bypass via the 'question[id]' parameter in versions up to, and including, 8.0.4 due to insufficient input validation that allows attackers to inject content other than the specified value (i.e. | 5.3 |
| 2022-11-28 | CVE-2022-38900 | Improper Input Validation vulnerability in Decode-Uri-Component Project Decode-Uri-Component 0.2.0 decode-uri-component 0.2.0 is vulnerable to Improper Input Validation resulting in DoS. | 7.5 |