Total
10029 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-3516 | 1 Cisco | 1 Ios Xe | 2024-02-04 | 4.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability in the web server authentication of Cisco IOS XE Software could allow an authenticated, remote attacker to crash the web server on the device. The vulnerability is due to insufficient input validation during authentication. An attacker could exploit this vulnerability by entering unexpected characters during a valid authentication. A successful exploit could allow the attacker to crash the web server on the device, which must be manually recovered by disabling and re-enabling the web server. | |||||
| CVE-2020-26597 | 1 Google | 1 Android | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on LG mobile devices with Android OS 9.0 and 10 software. The Wi-Fi subsystem has incorrect input validation, leading to a crash. The LG ID is LVE-SMP-200022 (October 2020). | |||||
| CVE-2020-13387 | 1 Pexip | 1 Pexip Infinity | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Pexip Infinity before 23.4 has a lack of input validation, leading to temporary denial of service via H.323. | |||||
| CVE-2020-15293 | 1 Bitdefender | 1 Hypervisor Introspection | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| Memory corruption in IntLixCrashDumpDmesg, IntLixTaskFetchCmdLine, IntLixFileReadDentry and IntLixFileGetPath due to insufficient guest-data input validation may lead to denial of service conditions. | |||||
| CVE-2021-21726 | 1 Zte | 6 Zxone 19700, Zxone 19700 Firmware, Zxone 8700 and 3 more | 2024-02-04 | 2.1 LOW | 2.3 LOW |
| Some ZTE products have an input verification vulnerability in the diagnostic function interface. Due to insufficient verification of some parameters input by users, an attacker with high privileges can cause process exception by repeatedly inputting illegal parameters. This affects:<ZXONE 9700 , ZXONE 8700, ZXONE 19700><V1.40.021.021CP049, V1.0P02B219_@NCPM-RELEASE_2.40R1-20200914.set> | |||||
| CVE-2020-4781 | 1 Ibm | 1 Curam Social Program Management | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
| An improper input validation before calling java readLine() method may impact IBM Curam Social Program Management 7.0.9 and 7.0.10, which could result in a denial of service. IBM X-Force ID: 189159. | |||||
| CVE-2020-12351 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 5.8 MEDIUM | 8.8 HIGH |
| Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. | |||||
| CVE-2016-9023 | 1 Exponentcms | 1 Exponent Cms | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Exponent CMS before 2.6.0 has improper input validation in cron/find_help.php. | |||||
| CVE-2021-0404 | 1 Google | 1 Android | 2024-02-04 | 2.1 LOW | 4.4 MEDIUM |
| In mobile_log_d, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05457039. | |||||
| CVE-2020-9105 | 1 Huawei | 2 Taurus-an00b, Taurus-an00b Firmware | 2024-02-04 | 4.6 MEDIUM | 6.7 MEDIUM |
| Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an insufficient input validation vulnerability. Due to the input validation logic is incorrect, an attacker can exploit this vulnerability to access and modify the memory of the device by doing a series of operations. Successful exploit may cause the service abnormal. | |||||
| CVE-2020-8734 | 1 Intel | 2 M10jnp2sb, M10jnp2sb Firmware | 2024-02-04 | 4.6 MEDIUM | 6.7 MEDIUM |
| Improper input validation in the firmware for Intel(R) Server Board M10JNP2SB before version 7.210 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2021-1431 | 1 Cisco | 1 Ios Xe | 2024-02-04 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability in the vDaemon process of Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting a denial of service (DoS) condition. This vulnerability is due to insufficient handling of malformed packets. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. | |||||
| CVE-2020-4324 | 2 Ibm, Microsoft | 2 Security Secret Server, Windows | 2024-02-04 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Security Secret Server proir to 10.9 could allow a remote attacker to bypass security restrictions, caused by improper input validation. IBM X-Force ID: 177515. | |||||
| CVE-2020-3497 | 1 Cisco | 5 9800-40, 9800-80, 9800-cl and 2 more | 2024-02-04 | 6.1 MEDIUM | 7.4 HIGH |
| Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device. | |||||
| CVE-2020-6879 | 1 Zte | 4 Zxhn F670l, Zxhn F670l Firmware, Zxhn Z500 and 1 more | 2024-02-04 | 2.7 LOW | 3.5 LOW |
| Some ZTE devices have input verification vulnerabilities. The devices support configuring a static prefix through the web management page. The restriction of the front-end code can be bypassed by constructing a POST request message and sending the request to the creation of a static routing rule configuration interface. The WEB service backend fails to effectively verify the abnormal input. As a result, the attacker can successfully use the vulnerability to tamper parameter values. This affects: ZXHN Z500 V1.0.0.2B1.1000 and ZXHN F670L V1.1.10P1N2E. This is fixed in ZXHN Z500 V1.0.1.1B1.1000 and ZXHN F670L V1.1.10P2N2. | |||||
| CVE-2020-0572 | 1 Intel | 7 Server Board S2600st Firmware, Server Board S2600stbr, Server Board S2600stqr and 4 more | 2024-02-04 | 4.6 MEDIUM | 6.7 MEDIUM |
| Improper input validation in the firmware for Intel(R) Server Board S2600ST and S2600WF families may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2016-9025 | 1 Exponentcms | 1 Exponent Cms | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Exponent CMS before 2.6.0 has improper input validation in purchaseOrderController.php. | |||||
| CVE-2021-27179 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to crash the telnet daemon by sending a certain 0a 65 6e 61 62 6c 65 0a 02 0a 1a 0a string. | |||||
| CVE-2020-24496 | 1 Intel | 4 Ethernet Network Adapter X722-da2, Ethernet Network Adapter X722-da2 Firmware, Ethernet Network Adapter X722-da4 and 1 more | 2024-02-04 | 2.1 LOW | 4.4 MEDIUM |
| Insufficient input validation in the firmware for Intel(R) 722 Ethernet Controllers before version 1.4.3 may allow a privileged user to potentially enable denial of service via local access. | |||||
| CVE-2021-1053 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Gpu Driver | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of service. | |||||