Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-1284

CWE-1284

Improper Validation of Specified Quantity in Input

Parent: CWE-20 - Improper Input Validation

The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.

321 vulnerabilities with CWE-1284

CVE-2026-49110 HIGH

WordPress Upsell Order Bump Offer for WooCommerce plugin <= 3.1.4 - Price Manipulation vulnerability

CVE-2026-49078 HIGH

WordPress WP Travel Engine plugin <= 6.7.10 - Other Vulnerability Type vulnerability

CVE-2026-45441 HIGH

WordPress WpEvently plugin <= 5.3.3 - Other Vulnerability Type vulnerability

CVE-2026-42657 MEDIUM

WordPress Contest Gallery plugin <= 28.1.7 - Other Vulnerability Type vulnerability

CVE-2026-12059 HIGH

Cellopoint｜CelloOS - Improper Access Control

CVE-2026-11596 MEDIUM

Connectwise ScreenConnect - Improper Validation of Specified Quantity in Input

CVE-2026-53689 HIGH

Sahlberg Libnfs - Improper Validation of Specified Quantity in Input

CVE-2026-49777 CRITICAL

WordPress Product Slider Pro for WooCommerce plugin < 3.5.3 - Backdoor vulnerability

CVE-2026-47329 LOW

Incorrect validation of field size in Ubuntu Linux AppArmor notification responses

CVE-2026-9801 MEDIUM

Keycloak: keycloak: denial of service via malformed ldap password policy response

CVE-2026-44635 HIGH

Kysely: JSON-path traversal injection via unsanitized path-leg metacharacters in `JSONPathBuilder.key()` / `.at()`

CVE-2026-9704 MEDIUM

Keycloak: keycloak: privilege escalation due to oversized subject_token jwt

CVE-2026-7254 MEDIUM

IBM Openbmc < FW1110.11 - Denial of Service

CVE-2026-3676 MEDIUM

There are multiple vulnerabilities in IBM DB2 bundled with IBM Application Performance Management products.

CVE-2026-42744 MEDIUM

WordPress Ads by WPQuads plugin <= 3.0.2 - Bypass Vulnerability vulnerability

CVE-2026-42732 MEDIUM

WordPress Ads by WPQuads plugin <= 3.0.2 - Broken Authentication vulnerability

CVE-2026-5260 HIGH

Gnutls: gnutls: information disclosure via heap overread in rsa key exchange

CVE-2026-42013 HIGH

Gnutls: gnutls: certificate validation bypass due to oversized subject alternative name

CVE-2026-8047 HIGH

Out-of-bounds Write in CODESYS Control

CVE-2026-8813 HIGH

exifreader < 4.39.0 - Denial of Service via ICC mluc Tag Parsing

CVE-2026-44826 HIGH

Vvveb: Vvveb CMS — Negative-quantity cart manipulation allows creation of orders with negative grand totals

CVE-2026-0428 LOW

AMD Instinct MI300A - Improper Input Validation in TEE SOC Driver

CVE-2026-44459 LOW

Hono: Improper validation of NumericDate claims (exp, nbf, iat) in JWT verify()

CVE-2026-25863 HIGH

Conditional Fields for Contact Form 7 < 2.7.3 DoS via Uncontrolled Resource Consumption

CVE-2026-1577 MEDIUM

IBM® Db2® is vulnerable to a denial of service with a specially crafted query involving multiple subqueries

Page 1 of 13 Next

Details

Vulnerabilities 321

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy