CWE-20: Improper Input Validation

A denial-of-service vulnerability in go-git versions before v5.11 allows attackers to crash go-git clients by sending specially crafted responses from...

This CVE describes a denial of service vulnerability in the .NET Framework where improper input validation allows attackers to crash applications. It ...

This vulnerability in Froxlor server administration software allows attackers to bypass mandatory field validation during user registration by submitt...

This vulnerability in MediaTek modem EMM (Evolved Packet System Mobility Management) allows remote attackers to cause a system crash via improper inpu...

Pexip Infinity before version 31.2 has improper input validation in signaling components, allowing remote attackers to trigger an abort condition. Thi...

This vulnerability allows attackers to cause permanent denial of service on affected terminals by exploiting a firmware upgrade design flaw. The termi...

This vulnerability allows attackers to cause denial-of-service by sending specially crafted messages to port 4004/tcp on affected Siemens industrial s...

The Candid library vulnerability allows attackers to cause Denial of Service by sending specially crafted payloads that trigger infinite decoding loop...

This vulnerability in AMI AptioV BIOS allows local attackers to upload malicious PNG logo files without proper validation, potentially compromising sy...

IBM InfoSphere Information Server 11.7 has an improper input validation vulnerability that allows remote attackers to cause denial of service. This af...

Adobe RoboHelp Server versions 11.4 and earlier contain an improper input validation vulnerability that allows unauthenticated attackers to access sen...

This CVE describes an improper input validation vulnerability in AMI AptioV BIOS that allows attackers on the local network to exploit the system. Suc...

This vulnerability in AMI AptioV BIOS allows attackers on the local network to exploit improper input validation, potentially compromising system conf...

This vulnerability in Intel Unison software allows unauthenticated attackers to cause denial of service through network access by sending specially cr...

This vulnerability in AMD processors allows attackers to corrupt SMRAM (System Management Mode RAM) by exploiting improper validation of SMM communica...

This vulnerability allows a privileged user with local access to potentially escalate privileges through improper input validation in Intel Server Sys...

The Lenovo LeCloud App contains an improper input validation vulnerability that allows attackers to bypass security controls and access arbitrary comp...

This vulnerability in Rockwell Automation FactoryTalk View Site Edition allows threat actors to send malicious input that crashes the software, causin...

IBM Db2 for Linux, UNIX and Windows (including Db2 Connect Server) versions 11.1 and 11.5 are vulnerable to denial of service attacks when processing ...

CVE-2023-5571 is an improper input validation vulnerability in the vrite content management system that allows attackers to inject malicious input thr...

An improper input validation vulnerability in Juniper Networks Junos OS routing protocol daemon (rpd) allows attackers to cause denial of service by s...

An unauthenticated network attacker can cause a memory leak leading to denial of service on Juniper QFX5000 Series switches running vulnerable Junos O...

This CVE describes an out-of-bounds read vulnerability in Huawei's Bluetooth module that could allow attackers to read sensitive information from memo...

This vulnerability in Windows upnphost.dll allows attackers to cause a denial of service (DoS) by sending specially crafted requests to the Universal ...

This CVE describes a command injection vulnerability in the distributed file system module of HarmonyOS. Attackers can exploit this to execute arbitra...

This vulnerability in quinn-proto (QUIC transport protocol implementation) allows denial of service attacks by causing the application to panic when p...

CVE-2023-33914 is a vulnerability in the NIA0 algorithm implementation within Security Mode Command in certain Unisoc chipsets. It allows remote attac...

This CVE describes an improper input validation vulnerability in the memos application that allows attackers to inject malicious input through user-co...

An improper input validation vulnerability in Juniper's Routing Protocol Daemon (rpd) allows unauthenticated attackers to cause denial of service by s...

A vulnerability in Stormshield Network Security (SNS) ASQ component allows remote attackers to cause a denial-of-service crash by sending a specially ...

An integer overflow vulnerability in Rockwell Automation ThinManager ThinServer allows attackers to cause denial of service by sending crafted synchro...

This vulnerability in Apache Airflow Spark Provider allows attackers to inject malicious parameters when establishing connections, potentially enablin...

CVE-2023-4241 is a vulnerability in the lol-html HTML parsing library that causes panics (crashes) when processing certain malicious HTML inputs. This...

This vulnerability in Huawei/HarmonyOS window management APIs allows attackers to cause denial of service through improper input validation. Exploitat...

This vulnerability involves insufficient input validation in certain window management APIs, allowing attackers to trigger device restarts through cra...

This CVE describes an input verification vulnerability in the audio module of Huawei devices running HarmonyOS. Successful exploitation could cause vi...

This vulnerability allows attackers to pass malicious parameters when establishing connections with DrillHook in Apache Airflow Drill Provider, enabli...

This vulnerability allows a privileged user with local access to Intel NUC devices to potentially escalate privileges through improper input validatio...

This vulnerability in Intel NUC BIOS firmware allows a privileged user with local access to potentially escalate privileges through improper input val...

This vulnerability allows attackers to exploit improper input validation in Apache Traffic Server's range header handling. Attackers could cause denia...

This vulnerability in Microsoft Message Queuing (MSMQ) allows attackers to cause a denial of service by sending specially crafted malicious packets. I...

This vulnerability allows attackers to bypass form validation in GX Software XperienCentral's Interactive Forms (IAF) component, potentially enabling ...

A buffer overflow vulnerability in the HCI IEC 60870-5-104 function of RTU500 series products allows remote attackers to cause targeted CMU units to r...

This vulnerability allows remote attackers to crash OpenDDS processes by sending a specially crafted DATA submessage during participant discovery. It ...

A stack-based buffer overflow vulnerability in SiPass integrated server applications allows unauthenticated remote attackers to crash the server by se...

IBM Db2 databases running on Linux, UNIX, or Windows are vulnerable to denial of service attacks through specially crafted queries. Attackers can cras...

IBM Db2 databases running versions 10.5, 11.1, and 11.5 on Linux, UNIX, or Windows are vulnerable to denial of service attacks. Attackers can crash th...

This vulnerability allows attackers to exploit improper input validation in Qualcomm modem firmware when processing LTE security mode commands from ce...

This vulnerability in NVIDIA DGX A100/A800 systems allows attackers to exploit improper input validation in the SBIOS by providing configuration infor...

An improper input validation vulnerability in Juniper's Routing Protocol Daemon (rpd) allows unauthenticated attackers to cause BGP session flaps and ...