Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-1284

CWE-1284

Improper Validation of Specified Quantity in Input

Parent: CWE-20 - Improper Input Validation

The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.

321 vulnerabilities with CWE-1284

CVE-2022-20689 MEDIUM

Cisco ATA 190 Series - Memory Corruption

CVE-2022-20688 MEDIUM

Cisco ATA 190 Series Firmware - RCE and DoS via Cisco Discovery Protocol

CVE-2022-20687 MEDIUM

Cisco ATA 190/191/192 Firmware - Remote Code Execution and Denial of Service via LLDP Packet Header Length Validation

CVE-2022-20686 MEDIUM

Cisco ATA 190/191/192 Firmware - Unauthenticated Remote Code Execution and Denial of Service via LLDP Packet Header

CVE-2022-41968 LOW

Nextcloud Server 23.0.0-23.0.9 - Denial of Service via Calendar Name Length

CVE-2022-4111 MEDIUM

tooljet < 1.27.0 - Authenticated Denial of Service via Unrestricted Profile Picture Upload

CVE-2022-41896 MEDIUM

TensorFlow < 2.8.4 - Denial of Service via ThreadUnsafeUnigramCandidateSampler Input Validation

CVE-2022-41877 MEDIUM

FreeRDP < 2.9.0 - Out-of-Bounds Read via Drive Channel

CVE-2022-25727 CRITICAL

Qualcomm AR8031 and other Firmware - Memory Corruption via Improper Length Check

CVE-2022-26047 MEDIUM

Intel Killer WiFi Software < 3.1122.3158 - Unauthenticated Denial of Service via Improper Input Validation

CVE-2022-36938 CRITICAL

Facebook Redex < 2022-11-04 - Out-of-bounds Read in DexLoader get_stringidx_fromdex()

CVE-2022-20445 HIGH

Android - Remote Information Disclosure via Improper Input Validation in sdp_discovery.cc

CVE-2022-39294 HIGH

conduit-hyper 0.2.0-0.4.1 - Denial of Service via Unbounded Content-Length Request

CVE-2022-39313 HIGH

Parse Server < 4.10.17 and 5.x < 5.2.8 - Denial of Service via Invalid Byte Range in File Download Request

CVE-2022-39272 MEDIUM

Flux2 < 0.35.0 - Denial of Service via Invalid Interval or Timeout Input

CVE-2022-2592 MEDIUM

GitLab < 15.1.6, 15.2 < 15.2.4, 15.3 < 15.3.2 - Authenticated Denial of Service via Snippet Description Length

CVE-2022-36063 HIGH

eclipse/threadx_usbx < 6.1.11 - Integer Underflow and Buffer Overflow in _ux_host_class_cdc_ecm_mac_address_get

CVE-2022-31629 MEDIUM

PHP <7.4.31, 8.0.24, 8.1.11 - Info Disclosure

CVE-2022-40761 HIGH

Samsung mTower < 0.3.0 - Denial of Service via TEE_AllocateOperation Heap Layout Manipulation

CVE-2022-2277 HIGH

Hitachi Energy MicroSCADA X SYS600 <10.3.1 - DoS

CVE-2022-20385 CRITICAL

Android - Out-of-Bounds Access in nla_parse Function

CVE-2022-36086 HIGH

linked_list_allocator <0.10.2 - Memory Corruption

CVE-2022-36078 HIGH

binary < 0.7.1 - Denial of Service via Unchecked Slice Length in Decode Method

CVE-2022-28199 MEDIUM

NVIDIA DPDK 19.11_1.0.0-20.11_5.0.0 DoS & Data Integrity via Input Validation

CVE-2022-36620 HIGH

D-Link DIR-816 A2_v1.10CNB04 and DIR-878 - Buffer Overflow via addRouting Endpoint

Previous Page 10 of 13 Next

Details

Vulnerabilities 321

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy