Vulnerabilities > Improper Input Validation

DATE CVE VULNERABILITY TITLE RISK
2023-08-31 CVE-2023-41746 Improper Input Validation vulnerability in Acronis Cloud Manager
Remote command execution due to improper input validation.
network
low complexity
acronis CWE-20
critical
9.8
2023-08-31 CVE-2023-41748 Improper Input Validation vulnerability in Acronis Cloud Manager
Remote command execution due to improper input validation.
network
low complexity
acronis CWE-20
critical
9.8
2023-08-25 CVE-2023-40797 Improper Input Validation vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn
In Tenda AC23 v16.03.07.45_cn, the sub_4781A4 function does not validate the parameters entered by the user, resulting in a post-authentication stack overflow vulnerability.
network
low complexity
tenda CWE-20
8.8
2023-08-25 CVE-2023-40798 Improper Input Validation vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn
In Tenda AC23 v16.03.07.45_cn, the formSetIPv6status and formGetWanParameter functions do not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability.
network
low complexity
tenda CWE-20
8.8
2023-08-25 CVE-2023-40800 Improper Input Validation vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn
The compare_parentcontrol_time function does not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn.
network
low complexity
tenda CWE-20
8.8
2023-08-25 CVE-2023-40801 Improper Input Validation vulnerability in Tenda Ac23
The sub_451784 function does not validate the parameters entered by the user, resulting in a stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn
network
low complexity
tenda CWE-20
8.8
2023-08-24 CVE-2023-3704 Improper Input Validation vulnerability in Cpplusworld products
The vulnerability exists in CP-Plus DVR due to an improper input validation within the web-based management interface of the affected products.
network
low complexity
cpplusworld CWE-20
5.3
2023-08-23 CVE-2023-20168 Improper Input Validation vulnerability in Cisco Nx-Os 10.2(5)/9.3(11)
A vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software could allow an unauthenticated, local attacker to cause an affected device to unexpectedly reload.
local
low complexity
cisco CWE-20
6.5
2023-08-23 CVE-2023-20169 Improper Input Validation vulnerability in Cisco Nx-Os 10.3(2)
A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco NX-OS Software for the Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the IS-IS process to unexpectedly restart, which could cause an affected device to reload. This vulnerability is due to insufficient input validation when parsing an ingress IS-IS packet.
low complexity
cisco CWE-20
7.4
2023-08-16 CVE-2023-20232 Improper Input Validation vulnerability in Cisco Unified Contact Center Express
A vulnerability in the Tomcat implementation for Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to cause a web cache poisoning attack on an affected device.
network
low complexity
cisco CWE-20
5.3