Vulnerabilities > Improper Validation of Specified Quantity in Input
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-24 | CVE-2022-39313 | Improper Validation of Specified Quantity in Input vulnerability in Parseplatform Parse-Server Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. | 7.5 |
| 2022-10-22 | CVE-2022-39272 | Improper Validation of Specified Quantity in Input vulnerability in Fluxcd products Flux is an open and extensible continuous delivery solution for Kubernetes. | 4.3 |
| 2022-10-17 | CVE-2022-2592 | Improper Validation of Specified Quantity in Input vulnerability in Gitlab A lack of length validation in Snippet descriptions in GitLab CE/EE affecting all versions prior to 15.1.6, 15.2 prior to 15.2.4 and 15.3 prior to 15.3.2 allows an authenticated attacker to create a maliciously large Snippet which when requested with or without authentication places excessive load on the server, potential leading to Denial of Service. | 6.5 |
| 2022-10-10 | CVE-2022-36063 | Improper Validation of Specified Quantity in Input vulnerability in Microsoft Azure Rtos Usbx Azure RTOS USBx is a USB host, device, and on-the-go (OTG) embedded stack, fully integrated with Azure RTOS ThreadX and available for all Azure RTOS ThreadX–supported processors. | 9.8 |
| 2022-09-16 | CVE-2022-40761 | Improper Validation of Specified Quantity in Input vulnerability in Samsung Mtower 0.1.0/0.2.0/0.3.0 The function tee_obj_free in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_AllocateOperation with a disturbed heap layout, related to utee_cryp_obj_alloc. | 7.5 |
| 2022-09-14 | CVE-2022-2277 | Improper Validation of Specified Quantity in Input vulnerability in Hitachienergy Microscada X Sys600 Improper Input Validation vulnerability exists in the Hitachi Energy MicroSCADA X SYS600's ICCP stack during the ICCP communication establishment causes a denial-of-service when ICCP of SYS600 is request to forward any data item updates with timestamps too distant in the future to any remote ICCP system. | 7.5 |
| 2022-09-13 | CVE-2022-20385 | Improper Validation of Specified Quantity in Input vulnerability in Google Android a function called 'nla_parse', do not check the len of para, it will check nla_type (which can be controlled by userspace) with 'maxtype' (in this case, it is GSCAN_MAX), then it access polciy array 'policy[type]', which OOB access happens.Product: AndroidVersions: Android SoCAndroid ID: A-238379819 | 9.8 |
| 2022-09-07 | CVE-2022-36086 | Improper Validation of Specified Quantity in Input vulnerability in Rust-Osdev Linked-List-Allocator linked_list_allocator is an allocator usable for no_std systems. | 9.8 |
| 2022-09-02 | CVE-2022-36078 | Improper Validation of Specified Quantity in Input vulnerability in Binary Project Binary Binary provides encoding/decoding in Borsh and other formats. | 7.5 |
| 2022-09-02 | CVE-2021-35132 | Improper Validation of Specified Quantity in Input vulnerability in Qualcomm products Out of bound write in DSP service due to improper bound check for response buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | 7.8 |