Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-11-24 | CVE-2016-2996 | Improper Input Validation vulnerability in IBM Security Privileged Identity Manager 2.0.0/2.0.1/2.0.2 IBM Security Privileged Identity Manager 2.0 before 2.0.2 FP8, when Virtual Appliance is used, allows remote authenticated users to append to arbitrary files via unspecified vectors. | 6.5 |
| 2016-11-23 | CVE-2016-1248 | Improper Input Validation vulnerability in multiple products vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened. | 7.8 |
| 2016-11-19 | CVE-2016-6463 | Improper Input Validation vulnerability in Cisco Email Security Appliance Firmware 10.0.0082/9.7.0125/9.7.106 A vulnerability in the email filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to bypass Advanced Malware Protection (AMP) filters that are configured for an affected device. | 5.3 |
| 2016-11-19 | CVE-2016-6462 | Improper Input Validation vulnerability in Cisco Email Security Appliance Firmware 10.0.0082/10.0.0125/9.7.106 A vulnerability in the email filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to bypass Advanced Malware Protection (AMP) filters that are configured for an affected device. | 5.3 |
| 2016-11-19 | CVE-2016-6461 | Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the HTTP web-based management interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to inject arbitrary XML commands on the affected system. | 5.9 |
| 2016-11-19 | CVE-2016-6458 | Improper Input Validation vulnerability in Cisco Email Security Appliance Firmware A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to bypass content filters configured on an affected device. | 7.5 |
| 2016-11-19 | CVE-2016-6450 | Improper Input Validation vulnerability in Cisco IOS XE A vulnerability in the package unbundle utility of Cisco IOS XE Software could allow an authenticated, local attacker to gain write access to some files in the underlying operating system. | 2.5 |
| 2016-11-18 | CVE-2016-4332 | Improper Input Validation vulnerability in Hdfgroup Hdf5 1.8.16 The library's failure to check if certain message types support a particular flag, the HDF5 1.8.16 library will cast the structure to an alternative structure and then assign to fields that aren't supported by the message type and the library will write outside the bounds of the heap buffer. | 8.6 |
| 2016-11-15 | CVE-2016-0909 | Improper Input Validation vulnerability in EMC Avamar Data Store and Avamar Server Virtual Edition EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) versions 7.3 and older contain a vulnerability that may expose the Avamar servers to potentially be compromised by malicious users. | 8.4 |
| 2016-11-10 | CVE-2016-7209 | Improper Input Validation vulnerability in Microsoft Edge Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability." | 5.3 |