Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-17 | CVE-2016-9955 | Improper Input Validation vulnerability in multiple products The SimpleSAML_XML_Validator class constructor in SimpleSAMLphp before 1.14.11 might allow remote attackers to spoof signatures on SAML 1 responses or possibly cause a denial of service (memory consumption) by leveraging improper conversion of return values to boolean. | 6.3 |
| 2017-02-17 | CVE-2016-8652 | Improper Input Validation vulnerability in Dovecot The auth component in Dovecot before 2.2.27, when auth-policy is configured, allows a remote attackers to cause a denial of service (crash) by aborting authentication without setting a username. | 5.9 |
| 2017-02-15 | CVE-2017-0318 | Improper Input Validation vulnerability in Nvidia GPU Driver All versions of NVIDIA Linux GPU Display Driver contain a vulnerability in the kernel mode layer handler where improper validation of an input parameter may cause a denial of service on the system. | 5.5 |
| 2017-02-15 | CVE-2017-0312 | Improper Input Validation vulnerability in Nvidia GPU Driver All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscapeID 0x100008b where user provided input is used as the limit for a loop may lead to denial of service or potential escalation of privileges | 7.8 |
| 2017-02-15 | CVE-2016-8944 | Improper Input Validation vulnerability in IBM AIX 7.1/7.2 IBM AIX 7.1 and 7.2 allows a local user to open a file with a specially crafted argument that would crash the system. | 5.5 |
| 2017-02-13 | CVE-2016-8344 | Improper Input Validation vulnerability in Honeywell Experion Process Knowledge System An issue was discovered in Honeywell Experion Process Knowledge System (PKS) platform: Experion PKS, Release 3xx and prior, Experion PKS, Release 400, Experion PKS, Release 410, Experion PKS, Release 430, and Experion PKS, Release 431. | 3.7 |
| 2017-02-13 | CVE-2016-5782 | Improper Input Validation vulnerability in Locusenergy Lgate Firmware An issue was discovered in Locus Energy LGate prior to 1.05H, LGate 50, LGate 100, LGate 101, LGate 120, and LGate 320. | 8.6 |
| 2017-02-13 | CVE-2016-6129 | Improper Input Validation vulnerability in multiple products The rsa_verify_hash_ex function in rsa_verify_hash.c in LibTomCrypt, as used in OP-TEE before 2.2.0, does not validate that the message length is equal to the ASN.1 encoded data length, which makes it easier for remote attackers to forge RSA signatures or public certificates by leveraging a Bleichenbacher signature forgery attack. | 7.5 |
| 2017-02-13 | CVE-2016-4547 | Improper Input Validation vulnerability in Samsung Mobile Samsung devices with Android KK(4.4), L(5.0/5.1), or M(6.0) allow attackers to cause a denial of service (system crash) via a crafted system call to TvoutService_C. | 7.5 |
| 2017-02-13 | CVE-2016-4546 | Improper Input Validation vulnerability in Samsung Mobile 4.4/5.0/5.1 Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users to cause a denial of service (IAndroidShm service crash) via crafted data in a service call. | 5.5 |