Vulnerabilities > Improper Validation of Specified Quantity in Input
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-31 | CVE-2022-39294 | Improper Validation of Specified Quantity in Input vulnerability in Conduit-Hyper Project Conduit-Hyper conduit-hyper integrates a conduit application with the hyper server. | 7.5 |
| 2022-10-24 | CVE-2022-39313 | Improper Validation of Specified Quantity in Input vulnerability in Parseplatform Parse-Server Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. | 7.5 |
| 2022-10-22 | CVE-2022-39272 | Improper Validation of Specified Quantity in Input vulnerability in Fluxcd products Flux is an open and extensible continuous delivery solution for Kubernetes. | 4.3 |
| 2022-10-17 | CVE-2022-2592 | Improper Validation of Specified Quantity in Input vulnerability in Gitlab A lack of length validation in Snippet descriptions in GitLab CE/EE affecting all versions prior to 15.1.6, 15.2 prior to 15.2.4 and 15.3 prior to 15.3.2 allows an authenticated attacker to create a maliciously large Snippet which when requested with or without authentication places excessive load on the server, potential leading to Denial of Service. | 6.5 |
| 2022-10-10 | CVE-2022-36063 | Improper Validation of Specified Quantity in Input vulnerability in Microsoft Azure Rtos Usbx Azure RTOS USBx is a USB host, device, and on-the-go (OTG) embedded stack, fully integrated with Azure RTOS ThreadX and available for all Azure RTOS ThreadX–supported processors. | 9.8 |
| 2022-09-16 | CVE-2022-40761 | Improper Validation of Specified Quantity in Input vulnerability in Samsung Mtower 0.1.0/0.2.0/0.3.0 The function tee_obj_free in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_AllocateOperation with a disturbed heap layout, related to utee_cryp_obj_alloc. | 7.5 |
| 2022-09-14 | CVE-2022-2277 | Improper Validation of Specified Quantity in Input vulnerability in Hitachienergy Microscada X Sys600 Improper Input Validation vulnerability exists in the Hitachi Energy MicroSCADA X SYS600's ICCP stack during the ICCP communication establishment causes a denial-of-service when ICCP of SYS600 is request to forward any data item updates with timestamps too distant in the future to any remote ICCP system. | 7.5 |
| 2022-09-13 | CVE-2022-20385 | Improper Validation of Specified Quantity in Input vulnerability in Google Android a function called 'nla_parse', do not check the len of para, it will check nla_type (which can be controlled by userspace) with 'maxtype' (in this case, it is GSCAN_MAX), then it access polciy array 'policy[type]', which OOB access happens.Product: AndroidVersions: Android SoCAndroid ID: A-238379819 | 9.8 |
| 2022-09-07 | CVE-2022-36086 | Improper Validation of Specified Quantity in Input vulnerability in Rust-Osdev Linked-List-Allocator linked_list_allocator is an allocator usable for no_std systems. | 9.8 |
| 2022-09-02 | CVE-2022-36078 | Improper Validation of Specified Quantity in Input vulnerability in Binary Project Binary Binary provides encoding/decoding in Borsh and other formats. | 7.5 |