CWE-20: Improper Input Validation

This CVE describes an improper input validation vulnerability in multiple ABB industrial control system products. An attacker can send specially craft...

CVE-2021-44040 is an improper input validation vulnerability in Apache Traffic Server's request line parsing that allows attackers to send invalid req...

This vulnerability in Samba's DCE/RPC implementation allows attackers to bypass signature requirements by intercepting and modifying fragmented large ...

This vulnerability in Drupal core's form API allows improper input validation in certain contributed or custom module forms. Attackers could inject di...

This vulnerability allows remote attackers to cause denial of service on Schneider Electric Modicon industrial control devices by sending specially cr...

CVE-2021-22800 is an input validation vulnerability in Schneider Electric Modicon M218 Logic Controllers that allows remote attackers to cause denial ...

An improper input validation vulnerability in ABB SPIET800 and PNI800 modules allows attackers to send specially crafted input that causes denial of s...

A denial of service vulnerability exists in the cgiserver.cgi API command parser of Reolink RLC-410W cameras. Attackers can send specially-crafted HTT...

This vulnerability in F5 BIG-IP systems allows an attacker to cause a memory exhaustion denial-of-service (DoS) condition by sending specific traffic ...

CVE-2021-42555 is an input validation vulnerability in Pexip Infinity that allows temporary remote denial of service by causing service abortion durin...

This vulnerability in Pexip Infinity allows remote attackers to cause denial of service by sending specially crafted H.264 video input without proper ...

This vulnerability in Pexip Infinity allows remote attackers to cause denial of service by sending specially crafted RTMP input to unpatched systems. ...

This vulnerability in ClamAV's OOXML parsing module allows remote attackers to crash the antivirus scanning process by sending specially crafted OOXML...

An improper input validation vulnerability in the web server of Siemens SIPROTEC 5 devices allows unauthenticated attackers to access device informati...

IBM Security Verify versions 10.0.0 through 10.0.2.0 contain an input validation vulnerability during QR code generation that could allow attackers to...

This vulnerability in Insyde InsydeH2O firmware's SdLegacySmm SMI handler allows attackers to execute arbitrary code with System Management Mode (SMM)...

This vulnerability in the simple_asn1 Rust crate causes a panic when parsing malicious ASN.1 UTCTime data with a second character greater than 0x7f. A...

This CVE describes an improper input validation vulnerability in Huawei smartphones running HarmonyOS. Attackers can exploit this vulnerability to cau...

An improper input validation vulnerability in the APDU parser of Hitachi Energy RTU500 series CMU devices allows attackers to send specially crafted I...

This vulnerability in Huawei smartphones allows attackers to cause kernel crashes through improper input validation. It affects Huawei devices running...

This vulnerability in Huawei smartphones allows attackers to cause kernel crashes through improper input validation. It affects Huawei devices running...

This CVE-2021-37026 is an improper input validation vulnerability in Huawei smartphones that allows attackers to cause kernel crashes through speciall...

This CVE describes an improper input validation vulnerability in Huawei smartphones that allows attackers to cause kernel crashes. Successful exploita...

An improper input validation vulnerability in Mitsubishi Electric GOT2000 and related HMI products allows remote unauthenticated attackers to write va...

This CVE describes an improper input validation vulnerability in Apache Traffic Server's header parsing that allows attackers to smuggle HTTP requests...

An improper input validation vulnerability in Apache Traffic Server's socket connection handling allows attackers to send malicious requests that caus...

CVE-2021-37147 is an improper input validation vulnerability in Apache Traffic Server's header parsing that allows HTTP request smuggling. Attackers c...

This vulnerability allows remote attackers to upload arbitrary files to affected NEC cluster management servers via network requests due to improper i...

This CVE describes an input validation vulnerability in Huawei smartphones that could allow attackers to disrupt service availability. Attackers could...

This vulnerability allows attackers to cause buffer overflow by sending specially crafted CF-ACK and CF-Poll data frames to affected Qualcomm Snapdrag...

An improper input validation vulnerability in the Packet Forwarding Engine manager (FXPC) process of Juniper Networks Junos OS allows attackers to cau...

This path traversal vulnerability in Samsung's FactoryAirCommandManager allows attackers to write files with system-level privileges via Bluetooth rem...

Dell BIOS contains an improper input validation vulnerability that allows a local authenticated attacker to execute arbitrary code in SMRAM via System...

CVE-2020-12080 is a Denial of Service vulnerability in FlexNet Publisher's lmadmin.exe service. Attackers can send specially crafted messages to crash...

This vulnerability in Apache Tomcat allows denial of service attacks when using specific TLS configurations. Attackers can send specially crafted TLS ...

This vulnerability in F5 BIG-IP Advanced WAF and ASM allows remote attackers to cause a denial of service by sending specially crafted WebSocket reque...

This vulnerability in F5 BIG-IP Advanced WAF and ASM allows attackers to cause denial of service by sending specific requests to systems with WebSocke...

This vulnerability in F5 BIG-IP systems allows remote attackers to cause denial of service by sending specially crafted chunked HTTP responses. When e...

This vulnerability allows an authorized remote IPSec peer to send specially crafted requests that cause the Traffic Management Microkernel (TMM) to te...

This vulnerability in F5 BIG-IP systems allows remote attackers to cause denial of service by sending specially crafted SCTP requests to virtual serve...

This vulnerability affects F5 BIG-IP devices using Intel QAT compression, where specific network traffic can cause the Traffic Management Microkernel ...

This vulnerability in F5 BIG-IP systems allows remote attackers to cause denial of service by sending specially crafted GTP messages to virtual server...

This vulnerability affects Siemens SIPROTEC 5 relays with specific CPU variants. An unauthenticated remote attacker can send specially crafted webpack...

CVE-2021-3580 is a vulnerability in nettle's RSA decryption functions where specially crafted ciphertext can cause application crashes and denial of s...

CVE-2021-26605 is an improper input validation vulnerability in ezPDFReader's JSON-RPC communication that allows remote attackers to execute arbitrary...

This vulnerability in Go's archive/zip package allows attackers to cause denial-of-service by triggering a panic when processing specially crafted ZIP...

This CVE describes an input verification vulnerability in Huawei smartphones that allows attackers to cause system resets through improper input valid...

This vulnerability allows remote attackers to crash Eclipse Mosquitto MQTT broker servers by sending a specially crafted PUBLISH packet with zero-leng...

This vulnerability in Joomla! CMS allows attackers to manipulate the usergroups table through insufficient input validation, potentially causing denia...

CVE-2021-32566 is an improper input validation vulnerability in Apache Traffic Server's HTTP/2 implementation that allows attackers to cause a denial-...