Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-04-18 | CVE-2016-3950 | Improper Input Validation vulnerability in Huawei Ar3200 Firmware V200R005C20/V200R005C30/V200R005C32 Huawei AR3200 routers with software before V200R006C10SPC300 allow remote authenticated users to cause a denial of service (restart) via crafted packets. | 6.5 |
| 2016-04-18 | CVE-2016-3071 | Improper Input Validation vulnerability in multiple products Libreswan 3.16 might allow remote attackers to cause a denial of service (daemon restart) via an IKEv2 aes_xcbc transform. | 7.5 |
| 2016-04-18 | CVE-2016-1654 | Improper Input Validation vulnerability in multiple products The media subsystem in Google Chrome before 50.0.2661.75 does not initialize an unspecified data structure, which allows remote attackers to cause a denial of service (invalid read operation) via unknown vectors. | 6.5 |
| 2016-04-18 | CVE-2016-2424 | Improper Input Validation vulnerability in Google Android server/content/SyncStorageEngine.java in SyncStorageEngine in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 mismanages certain authority data, which allows attackers to cause a denial of service (reboot loop) via a crafted application, aka internal bug 26513719. | 5.5 |
| 2016-04-18 | CVE-2016-2414 | Improper Input Validation vulnerability in Google Android The Minikin library in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not properly consider negative size values in font data, which allows remote attackers to cause a denial of service (memory corruption and reboot loop) via a crafted font, aka internal bug 26413177. | 6.2 |
| 2016-04-18 | CVE-2016-2411 | Improper Input Validation vulnerability in Google Android 6.0/6.0.1 A Qualcomm Power Management kernel driver in Android 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application that leverages root access, aka internal bug 26866053. | 6.5 |
| 2016-04-18 | CVE-2016-0834 | Improper Input Validation vulnerability in Google Android 6.0/6.0.1 An unspecified media codec in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 26220548. | 8.4 |
| 2016-04-15 | CVE-2016-3961 | Improper Input Validation vulnerability in multiple products Xen and the Linux kernel through 4.5.x do not properly suppress hugetlbfs support in x86 PV guests, which allows local PV guest OS users to cause a denial of service (guest OS crash) by attempting to access a hugetlbfs mapped area. | 5.5 |
| 2016-04-15 | CVE-2016-2145 | Improper Input Validation vulnerability in multiple products The am_read_post_data function in mod_auth_mellon before 0.11.1 does not check if the ap_get_client_block function returns an error, which allows remote attackers to cause a denial of service (segmentation fault and process crash) via a crafted POST data. | 7.5 |
| 2016-04-15 | CVE-2016-1271 | Improper Input Validation vulnerability in Juniper Junos Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R11, 12.3X48 before 12.3X48-D25, 13.2 before 13.2R8, 13.3 before 13.3R7, 14.1 before 14.1R6, 14.2 before 14.2R4, 15.1 before 15.1R1 or 15.1F2, and 15.1X49 before 15.1X49-D15 allow local users to gain privileges via crafted combinations of CLI commands and arguments, a different vulnerability than CVE-2015-3003, CVE-2014-3816, and CVE-2014-0615. | 7.8 |