CWE-1284 · Improper Validation of Specified Quantity in Input

338 CVEs classified under CWE-1284 (Improper Validation of Specified Quantity in Input). Browse by severity and year.

Top CVEs for CWE-1284
CVESeverityScorePublishedSummary
CVE-2026-49777Critical10.02026-06-05Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pro for WooCommerce allows Malicious Software Implanted. …
CVE-2024-8887Critical10.02024-09-18CIRCUTOR Q-SMT in its firmware version 1.0.4, could be affected by a denial of service (DoS) attack if an attacker with access to the web service bypasses the…
CVE-2022-20699Critical10.02022-02-10Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbi…
CVE-2021-21960Critical10.02022-02-04A stack-based buffer overflow vulnerability exists in both the LLMNR functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted netwo…
CVE-2021-21951Critical10.02021-12-08An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6…
CVE-2021-21950Critical10.02021-12-08An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6…
CVE-2026-25345Critical9.92026-03-25Improper Validation of Specified Quantity in Input vulnerability in GalleryCreator SimpLy Gallery simply-gallery-block allows Accessing Functionality Not Prope…
CVE-2026-3381Critical9.82026-03-05Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compre…
CVE-2025-55398Critical9.82025-08-22An issue was discovered in mouse07410 asn1c thru 0.9.29 (2025-03-20) - a fork of vlm asn1c. In UPER (Unaligned Packed Encoding Rules), asn1c-generated decoders…
CVE-2024-1610Critical9.82024-12-18In OPPO Store APP, there's a possible escalation of privilege due to improper input validation.
CVE-2022-25727Critical9.82022-11-15Memory Corruption in modem due to improper length check while copying into memory in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Mus…
CVE-2022-36938Critical9.82022-11-11DexLoader function get_stringidx_fromdex() in Redex prior to commit 3b44c64 can load an out of bound address when loading the string index table, potentially a…
CVE-2022-20385Critical9.82022-09-13a function called 'nla_parse', do not check the len of para, it will check nla_type (which can be controlled by userspace) with 'maxtype' (in this case, it is…
CVE-2022-37134Critical9.82022-08-22D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Buffer Overflow via /goform/form2Wan.cgi. When wantype is 3, l2tp_usrname will be decrypted by base64, and th…
CVE-2021-43267Critical9.82021-11-02An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote…
CVE-2021-31556Critical9.82021-08-12An issue was discovered in the Oauth extension for MediaWiki through 1.35.2. MWOAuthConsumerSubmitControl.php does not ensure that the length of an RSA key wil…
CVE-2009-4488Critical9.82010-01-13Varnish 2.0.6 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly…
CVE-2008-2374Critical9.82008-07-07src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate string length fields in SDP pac…
CVE-2026-33471Critical9.62026-04-22nimiq-block contains block primitives to be used in Nimiq's Rust implementation. `SkipBlockProof::verify` computes its quorum check using `BitSet.len()`, then…
CVE-2024-9369Critical9.62024-11-27Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote attacker who had compromised the renderer process to perform an o…