Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-18 | CVE-2021-20760 | Improper Input Validation vulnerability in Cybozu Garoon Improper input validation vulnerability in User Profile of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to alter the data of User Profile without the appropriate privilege. | 4.3 |
| 2021-08-18 | CVE-2021-20761 | Improper Input Validation vulnerability in Cybozu Garoon Improper input validation vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker with an administrative privilege to alter the data of E-mail without the appropriate privilege. | 2.7 |
| 2021-08-18 | CVE-2021-20762 | Improper Input Validation vulnerability in Cybozu Garoon Improper input validation vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated to alter the data of E-mail without the appropriate privilege. | 4.3 |
| 2021-08-18 | CVE-2021-20764 | Improper Input Validation vulnerability in Cybozu Garoon Improper input validation vulnerability in Attaching Files of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker to alter the data of Attaching Files. | 5.3 |
| 2021-08-18 | CVE-2021-20775 | Improper Input Validation vulnerability in Cybozu Garoon Improper input validation vulnerability in Bulletin of Cybozu Garoon 4.10.0 to 5.5.0 allows a remote authenticated attacker to obtain the data of Comment and Space without the viewing privilege. | 4.3 |
| 2021-08-16 | CVE-2021-22931 | Improper Input Validation vulnerability in multiple products Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host names returned by Domain Name Servers in Node.js dns library which can lead to output of wrong hostnames (leading to Domain Hijacking) and injection vulnerabilities in applications using the library. | 9.8 |
| 2021-08-13 | CVE-2021-37586 | Improper Input Validation vulnerability in Mitel Interaction Recording 6.6 The PowerPlay Web component of Mitel Interaction Recording Multitenancy systems before 6.7 could allow a user (with Administrator rights) to replay a previously recorded conversation of another tenant due to insufficient validation. | 4.9 |
| 2021-08-12 | CVE-2021-33199 | Improper Input Validation vulnerability in Expressionengine In Expression Engine before 6.0.3, addonIcon in Addons/file/mod.file.php relies on the untrusted input value of input->get('file') instead of the fixed file names of icon.png and icon.svg. | 9.8 |
| 2021-08-12 | CVE-2021-36982 | Improper Input Validation vulnerability in Monitorapp Application Insight Manager B107 AIMANAGER before B115 on MONITORAPP Application Insight Web Application Firewall (AIWAF) devices with Manager 2.1.0 allows OS Command Injection because of missing input validation on one of the parameters of an HTTP request. | 8.1 |
| 2021-08-11 | CVE-2021-1110 | Improper Input Validation vulnerability in Nvidia Jetson Linux NVIDIA Linux kernel distributions on Jetson Xavier contain a vulnerability in camera firmware where a user can change input data after validation, which may lead to complete denial of service and serious data corruption of all kernel components. | 7.1 |