CWE-20: Improper Input Validation

This vulnerability in F5 BIG-IP systems allows remote attackers to cause denial of service by sending specially crafted GTP messages to virtual server...

This vulnerability affects Siemens SIPROTEC 5 relays with specific CPU variants. An unauthenticated remote attacker can send specially crafted webpack...

CVE-2021-3580 is a vulnerability in nettle's RSA decryption functions where specially crafted ciphertext can cause application crashes and denial of s...

CVE-2021-26605 is an improper input validation vulnerability in ezPDFReader's JSON-RPC communication that allows remote attackers to execute arbitrary...

This vulnerability in Go's archive/zip package allows attackers to cause denial-of-service by triggering a panic when processing specially crafted ZIP...

This CVE describes an input verification vulnerability in Huawei smartphones that allows attackers to cause system resets through improper input valid...

This vulnerability allows remote attackers to crash Eclipse Mosquitto MQTT broker servers by sending a specially crafted PUBLISH packet with zero-leng...

This vulnerability in Joomla! CMS allows attackers to manipulate the usergroups table through insufficient input validation, potentially causing denia...

CVE-2021-32566 is an improper input validation vulnerability in Apache Traffic Server's HTTP/2 implementation that allows attackers to cause a denial-...

CVE-2020-7871 is a command injection vulnerability in Cnesty Helpcom software that allows unauthenticated attackers to execute arbitrary commands on a...

This vulnerability in FISCO-BCOS blockchain nodes allows malicious nodes to send malformed packets that cause memory exhaustion and crashes. It affect...

This vulnerability in Brocade SANnav allows remote attackers to cause a denial-of-service condition by sending specially crafted data with excessive l...

This is a denial-of-service vulnerability affecting specific Huawei S5700 and S6700 switch models. An attacker can send specially crafted messages to ...

An improper input validation vulnerability in Schneider Electric Modicon M241/M251 logic controllers allows attackers to cause denial of service via s...

CVE-2020-36332 is a memory exhaustion vulnerability in libwebp library versions before 1.0.1. When processing specially crafted WebP images, libwebp a...

CVE-2020-11268 is a vulnerability in Qualcomm Snapdragon chipsets where processing a specially crafted System Information Block (SIB) message can caus...

This vulnerability in Cisco SD-WAN Software allows unauthenticated remote attackers to cause affected devices to reload by sending malformed packets, ...

CVE-2021-29486 is a denial-of-service vulnerability in the cumulative-distribution-function npm library where passing string data instead of numeric a...

This vulnerability allows authenticated Redmine users to read arbitrary local files accessible by the application server process due to insufficient i...

This vulnerability in MediaWiki's OAuth extension allows attackers to submit overly long oarc_version parameters, potentially causing buffer overflows...

CVE-2021-29430 is a denial-of-service vulnerability in Sydent, a Matrix identity server, where attackers can send oversized HTTP requests or receive o...

This vulnerability in ClamAV's Excel macro parser allows remote attackers to cause denial of service by sending specially crafted Excel files. When ex...

This vulnerability allows attackers to crash Syncthing file synchronization software and its relay server by sending messages with negative length fie...

A vulnerability in knot-resolver DNS software allows malformed DNS messages to cause denial of service by crashing the service. This affects organizat...

This vulnerability in Keycloak's new account console allows attackers to execute malicious code via manipulated referrer URLs. It affects Keycloak dep...

CVE-2021-26788 is an incorrect input validation vulnerability in Oryx Embedded CycloneTCP that allows unauthenticated attackers to cause denial of ser...

This vulnerability in Joomla's template manager allows attackers to bypass input validation, potentially leading to unauthorized actions or code execu...

This vulnerability in Pillow (Python Imaging Library) allows attackers to cause denial of service through memory exhaustion by exploiting improper siz...

This vulnerability in Pillow (Python Imaging Library) allows attackers to cause denial of service through memory exhaustion by providing specially cra...

This vulnerability allows remote attackers to crash the telnet daemon on FiberHome HG6245D devices by sending a specific malformed string. This causes...

This vulnerability in Android's Bluetooth A2DP audio streaming protocol allows attackers to read memory beyond intended boundaries without user intera...

This vulnerability in Android's TextView component allows remote attackers to cause denial of service (slowdown or crash) by sending specially crafted...

This vulnerability in Joomla! allows authenticated users to bypass write access controls (ACL) due to insufficient input validation when handling ACL ...

HCL Domino has a Denial of Service vulnerability in its public API due to improper input validation. Unauthenticated attackers can send specially craf...

CVE-2020-24679 is a vulnerability in ABB's S+ Operations and S+ Historian services where specially crafted messages can cause denial of service or pot...

This vulnerability in the CasAuth extension for MediaWiki allows user impersonation through trivial username manipulation using bidirectional override...

This vulnerability allows attackers to bypass client-side input validation on Host Engineering ECOM100 modules, potentially causing device crashes thr...

This vulnerability in EC-CUBE e-commerce software allows remote attackers to cause denial-of-service conditions through improper input validation. It ...

HCL Domino servers are vulnerable to denial of service attacks due to improper input validation. An attacker can send specially crafted input to crash...

This vulnerability allows unauthenticated remote attackers to bypass layer 3 and layer 4 traffic filters in Cisco SD-WAN Software by sending specially...

This SQL injection vulnerability in QNAP Music Station allows remote attackers to extract sensitive application data by injecting malicious SQL querie...

This CVE describes an input validation vulnerability in Apple operating systems that allows applications to read restricted memory. Successful exploit...

This vulnerability affects Juniper Networks PTX and QFX Series devices running Junos OS with packet sampling configured using tunnel-observation mpls-...

This vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows remote attackers to cause a denial of service by crashing the routing proc...

This vulnerability allows a remote attacker to cause denial of service by sending specially crafted input to iOS/iPadOS devices, leading to unexpected...

This CVE describes a Bluetooth input validation vulnerability in Apple devices that allows attackers in a privileged network position to send malforme...

This vulnerability in LG Android devices allows attackers to cause denial of service through Wi-Fi subsystem crashes due to incorrect input validation...

Pexip Infinity video conferencing platforms before version 23.4 have insufficient input validation in H.323 protocol handling, allowing attackers to c...

This vulnerability allows unauthenticated remote attackers to bypass email content filters on Cisco Email Security Appliances by sending specially cra...

This vulnerability in Laravel allows attackers to bypass mass assignment protection by manipulating table names in database queries, potentially savin...