The product receives input that is expected to be of a certain type, but it does not validate or incorrectly validates that the input is actually of the expected type.
134 vulnerabilities with CWE-1287
CVE-2022-31007
MEDIUM
eLabFTW <4.3.0 - Privilege Escalation
CVSS 4.9
CVE-2022-20783
HIGH
Cisco TelePresence <9.15.10.8 & RoomOS <2022 - DoS via H.323
CVSS 7.5
CVE-2022-22168
MEDIUM
Juniper Junos OS < 19.1 - Unauthenticated Use-After-Free via Kernel Input Validation
CVSS 6.5
CVE-2021-47156
MEDIUM
Net::IPAddress::Util <5.000 - Info Disclosure
CVSS 6.5
CVE-2021-44694
MEDIUM
SIMATIC S7-1200 CPU and S7-PLCSIM Advanced Firmware - Denial of Service via Crafted Packets to Port 102/tcp
CVSS 5.5
CVE-2021-32024
CRITICAL
BlackBerry QNX SDP 6.4.0-7.1 - Remote Code Execution via BMP Image Codec
CVSS 9.8
CVE-2021-43802
CRITICAL
Etherpad <1.8.16 - Privilege Escalation
CVSS 9.9
CVE-2021-20329
MEDIUM
MongoDB GO Driver <1.5.0 - Code Injection
CVSS 6.8
CVE-2019-25596
MEDIUM
SpotAuditor 5.2.6 Name Field Denial of Service
CVSS 6.2
Details
Vulnerabilities
134