Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-11 | CVE-2021-33316 | Improper Input Validation vulnerability in Trendnet products The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from an integer underflow vulnerability. | 9.8 |
| 2022-05-11 | CVE-2021-26373 | Improper Input Validation vulnerability in AMD products Insufficient bound checks in the System Management Unit (SMU) may result in a system voltage malfunction that could result in denial of resources and/or possibly denial of service. | 5.5 |
| 2022-05-11 | CVE-2022-1406 | Improper Input Validation vulnerability in Gitlab Improper input validation in GitLab CE/EE affecting all versions from 8.12 prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0 allows a Developer to read protected Group or Project CI/CD variables by importing a malicious project | 6.5 |
| 2022-05-10 | CVE-2022-1431 | Improper Input Validation vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 12.10 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. | 5.3 |
| 2022-05-10 | CVE-2021-26370 | Improper Input Validation vulnerability in AMD products Improper validation of destination address in SVC_LOAD_FW_IMAGE_BY_INSTANCE and SVC_LOAD_BINARY_BY_ATTRIB in a malicious UApp or ABL may allow an attacker to overwrite arbitrary bootloader memory with SPI ROM contents resulting in a loss of integrity and availability. | 7.1 |
| 2022-05-07 | CVE-2022-30330 | Improper Input Validation vulnerability in Keepkey Firmware In the KeepKey firmware before 7.3.2,Flaws in the supervisor interface can be exploited to bypass important security restrictions on firmware operations. | 6.6 |
| 2022-05-06 | CVE-2022-1053 | Improper Input Validation vulnerability in multiple products Keylime does not enforce that the agent registrar data is the same when the tenant uses it for validation of the EK and identity quote and the verifier for validating the integrity quote. | 9.1 |
| 2022-05-06 | CVE-2021-25745 | Improper Input Validation vulnerability in Kubernetes Ingress-Nginx A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the spec.rules[].http.paths[].path field of an Ingress object (in the networking.k8s.io or extensions API group) to obtain the credentials of the ingress-nginx controller. | 8.1 |
| 2022-05-06 | CVE-2021-25746 | Improper Input Validation vulnerability in Kubernetes Ingress-Nginx A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use .metadata.annotations in an Ingress object (in the networking.k8s.io or extensions API group) to obtain the credentials of the ingress-nginx controller. | 7.1 |
| 2022-05-05 | CVE-2022-28708 | Improper Input Validation vulnerability in F5 products On F5 BIG-IP 16.1.x versions prior to 16.1.2.2 and 15.1.x versions prior to 15.1.5.1, when a BIG-IP DNS resolver-enabled, HTTP-Explicit or SOCKS profile is configured on a virtual server, an undisclosed DNS response can cause the Traffic Management Microkernel (TMM) process to terminate. | 5.9 |