Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-19 | CVE-2016-5222 | Improper Input Validation vulnerability in Google Chrome Incorrect handling of invalid URLs in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 6.5 |
| 2017-01-19 | CVE-2016-5218 | Improper Input Validation vulnerability in Google Chrome The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled navigation within PDFs, which allowed a remote attacker to temporarily spoof the contents of the Omnibox (URL bar) via a crafted HTML page containing PDF data. | 6.5 |
| 2017-01-19 | CVE-2016-5197 | Improper Input Validation vulnerability in Google Chrome The content view client in Google Chrome prior to 54.0.2840.85 for Android insufficiently validated intent URLs, which allowed a remote attacker who had compromised the renderer process to start arbitrary activity on the system via a crafted HTML page. | 8.8 |
| 2017-01-18 | CVE-2016-9278 | Improper Input Validation vulnerability in Samsung Exynos Fimg2D Driver The Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows local users to cause a denial of service (kernel panic) via a crafted ioctl command. | 5.5 |
| 2017-01-18 | CVE-2016-7998 | Improper Input Validation vulnerability in Spip The SPIP template composer/compiler in SPIP 3.1.2 and earlier allows remote authenticated users to execute arbitrary PHP code by uploading an HTML file with a crafted (1) INCLUDE or (2) INCLURE tag and then accessing it with a valider_xml action. | 8.8 |
| 2017-01-13 | CVE-2016-7434 | Improper Input Validation vulnerability in multiple products The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query. | 7.5 |
| 2017-01-13 | CVE-2016-7431 | Improper Input Validation vulnerability in NTP 4.2.8 NTP before 4.2.8p9 allows remote attackers to bypass the origin timestamp protection mechanism via an origin timestamp of zero. | 5.3 |
| 2017-01-12 | CVE-2016-7791 | Improper Input Validation vulnerability in Exponentcms Exponent CMS 2.3.9 Exponent CMS 2.3.9 suffers from a remote code execution vulnerability in /install/index.php. | 9.8 |
| 2017-01-12 | CVE-2016-7790 | Improper Input Validation vulnerability in Exponentcms Exponent CMS 2.3.9 Exponent CMS 2.3.9 suffers from a remote code execution vulnerability in /install/index.php. | 9.8 |
| 2017-01-12 | CVE-2017-0389 | Improper Input Validation vulnerability in Google Android A denial of service vulnerability in core networking could enable a remote attacker to use specially crafted network packet to cause a device hang or reboot. | 7.5 |