Vulnerabilities > Improper Validation of Specified Quantity in Input
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-16 | CVE-2022-41877 | Improper Validation of Specified Quantity in Input vulnerability in multiple products FreeRDP is a free remote desktop protocol library and clients. | 4.6 |
| 2022-11-15 | CVE-2022-25727 | Improper Validation of Specified Quantity in Input vulnerability in Qualcomm products Memory Corruption in modem due to improper length check while copying into memory in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music | 9.8 |
| 2022-11-11 | CVE-2022-36938 | Improper Validation of Specified Quantity in Input vulnerability in Facebook Redex DexLoader function get_stringidx_fromdex() in Redex prior to commit 3b44c64 can load an out of bound address when loading the string index table, potentially allowing remote code execution during processing of a 3rd party Android APK file. | 9.8 |
| 2022-11-08 | CVE-2022-20445 | Improper Validation of Specified Quantity in Input vulnerability in Google Android In process_service_search_rsp of sdp_discovery.cc, there is a possible out of bounds read due to improper input validation. | 7.5 |
| 2022-10-31 | CVE-2022-39294 | Improper Validation of Specified Quantity in Input vulnerability in Conduit-Hyper Project Conduit-Hyper conduit-hyper integrates a conduit application with the hyper server. | 7.5 |
| 2022-10-24 | CVE-2022-39313 | Improper Validation of Specified Quantity in Input vulnerability in Parseplatform Parse-Server Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. | 7.5 |
| 2022-10-22 | CVE-2022-39272 | Improper Validation of Specified Quantity in Input vulnerability in Fluxcd products Flux is an open and extensible continuous delivery solution for Kubernetes. | 4.3 |
| 2022-10-17 | CVE-2022-2592 | Improper Validation of Specified Quantity in Input vulnerability in Gitlab A lack of length validation in Snippet descriptions in GitLab CE/EE affecting all versions prior to 15.1.6, 15.2 prior to 15.2.4 and 15.3 prior to 15.3.2 allows an authenticated attacker to create a maliciously large Snippet which when requested with or without authentication places excessive load on the server, potential leading to Denial of Service. | 6.5 |
| 2022-10-10 | CVE-2022-36063 | Improper Validation of Specified Quantity in Input vulnerability in Microsoft Azure Rtos Usbx Azure RTOS USBx is a USB host, device, and on-the-go (OTG) embedded stack, fully integrated with Azure RTOS ThreadX and available for all Azure RTOS ThreadX–supported processors. | 9.8 |
| 2022-09-16 | CVE-2022-40761 | Improper Validation of Specified Quantity in Input vulnerability in Samsung Mtower 0.1.0/0.2.0/0.3.0 The function tee_obj_free in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_AllocateOperation with a disturbed heap layout, related to utee_cryp_obj_alloc. | 7.5 |