CWE-1284 · Improper Validation of Specified Quantity in Input
338 CVEs classified under CWE-1284 (Improper Validation of Specified Quantity in Input). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-49777 | Critical | 10.0 | 2026-06-05 | Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pro for WooCommerce allows Malicious Software Implanted. … |
CVE-2024-8887 | Critical | 10.0 | 2024-09-18 | CIRCUTOR Q-SMT in its firmware version 1.0.4, could be affected by a denial of service (DoS) attack if an attacker with access to the web service bypasses the… |
CVE-2022-20699 | Critical | 10.0 | 2022-02-10 | Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbi… |
CVE-2021-21960 | Critical | 10.0 | 2022-02-04 | A stack-based buffer overflow vulnerability exists in both the LLMNR functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted netwo… |
CVE-2021-21951 | Critical | 10.0 | 2021-12-08 | An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6… |
CVE-2021-21950 | Critical | 10.0 | 2021-12-08 | An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6… |
CVE-2026-25345 | Critical | 9.9 | 2026-03-25 | Improper Validation of Specified Quantity in Input vulnerability in GalleryCreator SimpLy Gallery simply-gallery-block allows Accessing Functionality Not Prope… |
CVE-2026-3381 | Critical | 9.8 | 2026-03-05 | Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compre… |
CVE-2025-55398 | Critical | 9.8 | 2025-08-22 | An issue was discovered in mouse07410 asn1c thru 0.9.29 (2025-03-20) - a fork of vlm asn1c. In UPER (Unaligned Packed Encoding Rules), asn1c-generated decoders… |
CVE-2024-1610 | Critical | 9.8 | 2024-12-18 | In OPPO Store APP, there's a possible escalation of privilege due to improper input validation. |
CVE-2022-25727 | Critical | 9.8 | 2022-11-15 | Memory Corruption in modem due to improper length check while copying into memory in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Mus… |
CVE-2022-36938 | Critical | 9.8 | 2022-11-11 | DexLoader function get_stringidx_fromdex() in Redex prior to commit 3b44c64 can load an out of bound address when loading the string index table, potentially a… |
CVE-2022-20385 | Critical | 9.8 | 2022-09-13 | a function called 'nla_parse', do not check the len of para, it will check nla_type (which can be controlled by userspace) with 'maxtype' (in this case, it is… |
CVE-2022-37134 | Critical | 9.8 | 2022-08-22 | D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Buffer Overflow via /goform/form2Wan.cgi. When wantype is 3, l2tp_usrname will be decrypted by base64, and th… |
CVE-2021-43267 | Critical | 9.8 | 2021-11-02 | An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote… |
CVE-2021-31556 | Critical | 9.8 | 2021-08-12 | An issue was discovered in the Oauth extension for MediaWiki through 1.35.2. MWOAuthConsumerSubmitControl.php does not ensure that the length of an RSA key wil… |
CVE-2009-4488 | Critical | 9.8 | 2010-01-13 | Varnish 2.0.6 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly… |
CVE-2008-2374 | Critical | 9.8 | 2008-07-07 | src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate string length fields in SDP pac… |
CVE-2026-33471 | Critical | 9.6 | 2026-04-22 | nimiq-block contains block primitives to be used in Nimiq's Rust implementation. `SkipBlockProof::verify` computes its quorum check using `BitSet.len()`, then… |
CVE-2024-9369 | Critical | 9.6 | 2024-11-27 | Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote attacker who had compromised the renderer process to perform an o… |