Search Results (Refine Search)
- Category (CWE): CWE-20 Improper Input Validation
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2021-33660 |
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated FLI file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. Published: June 09, 2021; 10:15:09 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2021-33659 |
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated GIF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. Published: June 09, 2021; 10:15:09 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2021-27643 |
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated IFF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. Published: June 09, 2021; 10:15:09 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2021-27642 |
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PCX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. Published: June 09, 2021; 10:15:09 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2021-27641 |
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated TIF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. Published: June 09, 2021; 10:15:09 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2021-27640 |
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PSD file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. Published: June 09, 2021; 10:15:09 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2021-27639 |
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated JT file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. Published: June 09, 2021; 10:15:09 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2021-27638 |
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated JT file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. Published: June 09, 2021; 10:15:09 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2020-11261 |
Memory corruption due to improper check to return error when user application requests memory allocation of a huge size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Published: June 09, 2021; 1:15:07 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2020-11178 |
Trusted APPS to overwrite the CPZ memory of another use-case as TZ only checks the physical address not overlapping with its memory and its RoT memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published: June 09, 2021; 1:15:07 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2020-26138 |
In SilverStripe through 4.6.0-rc1, a FormField with square brackets in the field name skips validation. Published: June 08, 2021; 2:15:07 PM -0400 |
V4.0:(not available) V3.1: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
CVE-2021-22116 |
RabbitMQ all versions prior to 3.8.16 are prone to a denial of service vulnerability due to improper input validation in AMQP 1.0 client connection endpoint. A malicious user can exploit the vulnerability by sending malicious AMQP messages to the target RabbitMQ instance having the AMQP 1.0 plugin enabled. Published: June 08, 2021; 8:15:10 AM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 4.3 MEDIUM |
CVE-2021-32666 |
wire-ios is the iOS version of Wire, an open-source secure messaging app. In wire-ios versions 3.8.0 and prior, a vulnerability exists that can cause a denial of service between users. If a user has an invalid assetID for their profile picture and it contains the " character, it will cause the iOS client to crash. The vulnerability is patched in wire-ios version 3.8.1. Published: June 03, 2021; 6:15:08 PM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2021-29629 |
In FreeBSD 13.0-STABLE before n245765-bec0d2c9c841, 12.2-STABLE before r369859, 11.4-STABLE before r369866, 13.0-RELEASE before p1, 12.2-RELEASE before p7, and 11.4-RELEASE before p10, missing message validation in libradius(3) could allow malicious clients or servers to trigger denial of service in vulnerable servers or clients respectively. Published: May 28, 2021; 11:15:08 AM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2021-33620 |
Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients) via an HTTP response. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent by the server. Published: May 28, 2021; 8:15:07 AM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2021-22359 |
There is a denial of service vulnerability in the verisions V200R005C00SPC500 of S5700 and V200R005C00SPC500 of S6700. An attacker could exploit this vulnerability by sending specific message to a targeted device. Due to insufficient input validation, successful exploit can cause the service abnormal. Published: May 27, 2021; 9:15:07 AM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 7.8 HIGH |
CVE-2021-22358 |
There is an insufficient input validation vulnerability in FusionCompute 8.0.0. Due to the input validation is insufficient, an attacker can exploit this vulnerability to upload any files to the device. Successful exploit may cause the service abnormal. Published: May 27, 2021; 9:15:07 AM -0400 |
V4.0:(not available) V3.1: 4.3 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2021-20297 |
A flaw was found in NetworkManager in versions before 1.30.0. Setting match.path and activating a profile crashes NetworkManager. The highest threat from this vulnerability is to system availability. Published: May 26, 2021; 5:15:08 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2021-22699 |
Improper Input Validation vulnerability exists in Modicon M241/M251 logic controllers firmware prior to V5.1.9.1 that could cause denial of service when specific crafted requests are sent to the controller over HTTP. Published: May 26, 2021; 4:15:08 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 7.8 HIGH |
CVE-2021-21985 |
The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. Published: May 26, 2021; 11:15:07 AM -0400 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 10.0 HIGH |