CWE-1284

Improper Validation of Specified Quantity in Input

Parent: CWE-20 - Improper Input Validation

The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.

321 vulnerabilities with CWE-1284
CVE-2023-31310 MEDIUM
Power Management Firmware - Info Disclosure
CVSS 5.0
CVE-2023-31304 LOW
AMD Radeon RX 6000 and PRO W6000 Series Graphics Cards - Denial of Service via SMU PCIe Lane Configuration
CVSS 2.3
CVE-2023-52343 MEDIUM
Android - Remote Information Disclosure via SecurityCommand Message Input Validation
CVSS 5.5
CVE-2023-38709 HIGH
Apache HTTP Server <= 2.4.58 - HTTP Response Splitting via Faulty Input Validation
CVSS 7.3
CVE-2023-4518 MEDIUM
Hitachi Energy RELION 670/650/SAM600-IO Firmware - Denial of Service via GOOSE Message Input Validation
CVSS 6.5
CVE-2023-23549 LOW
Checkmk <2.2.0p15, <2.1.0p37, <=2.0.0p39 - Denial of Service via Long Hostname Input
CVSS 2.7
CVE-2023-43665 HIGH
Django <3.2.22, <4.1.12, <4.2.6 - DoS
CVSS 7.5
CVE-2023-41164 HIGH
Django <3.2.21-<4.1.11-<4.2.5 - DoS
CVSS 7.5
CVE-2023-36839 MEDIUM
Juniper Networks Junos OS/Junos OS Evolved - DoS
CVSS 6.5
CVE-2023-42448 HIGH
Hydra < 0.13.0 - Improper Validation of Contestation Period in Head Validator
CVSS 8.1
CVE-2023-42447 HIGH
blurhash-rs 0.1.1 - Denial of Service via Malicious Blurhash Input
CVSS 8.6
CVE-2023-42444 HIGH
phonenumber < 0.2.5 - Denial of Service via Malicious Phone Number String
CVSS 8.6
CVE-2023-4439 MEDIUM
SourceCodester Card Holder Management System 1.0 - Info Disclosure
CVSS 4.3
CVE-2023-38744 HIGH
Omron CJ2M/CJ2H/CS/CJ Series - Denial of Service via Crafted EtherNet/IP Packet
CVSS 7.5
CVE-2023-35932 HIGH
jcvi < 1.3.5 - Configuration Injection
CVSS 7.1
CVE-2023-34188 HIGH
Mongoose < 7.10 - Denial of Service via Negative Content-Length Header
CVSS 7.5
CVE-2023-30082 HIGH
osTicket - Denial of Service via Long Password Input
CVSS 7.5
CVE-2023-25731 HIGH
Firefox < 110.0 - Privilege Escalation via Developer Tools Network Panel URL Preview
CVSS 8.8
CVE-2023-21111 MEDIUM
Android - Local Denial of Service via PhoneAccountRegistrar Input Validation
CVSS 5.5
CVE-2023-20722 MEDIUM
Android - Local Privilege Escalation via m4u Improper Input Validation
CVSS 6.7
CVE-2023-20710 MEDIUM
Android - Local Information Disclosure via Missing Bounds Check in keyinstall
CVSS 4.4
CVE-2023-20709 MEDIUM
Android - Local Information Disclosure via Missing Bounds Check in keyinstall
CVSS 4.4
CVE-2023-20708 MEDIUM
Android - Out-of-Bounds Read in Keyinstall
CVSS 6.7
CVE-2023-20707 MEDIUM
Android - Local Privilege Escalation via Missing Bounds Check in ril
CVSS 6.7
CVE-2023-20705 MEDIUM
Android - Local Information Disclosure via Missing Bounds Check in APU
CVSS 5.5
Details
Vulnerabilities 321
Links
MITRE CWE Entry Search this CWE With Exploits