CWE-1284— Improper Validation of Specified Quantity in Input
The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.— MITRE CWE catalog
337 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-1284page 6 of 7
- CVE-2025-54515LOWCVSS 1.0EG 1.02025-11-23
The Secure Flag passed to Versal™ Adaptive SoC’s Trusted Firmware for Cortex®-A processors (TF-A) for Arm’s Power State Coordination Interface (PSCI) commands were incorrectly set to secure instead of using the processor’s actual…
- CVE-2025-55398CRITICALCVSS 9.8EG 9.82025-08-22
An issue was discovered in mouse07410 asn1c thru 0.9.29 (2025-03-20) - a fork of vlm asn1c. In UPER (Unaligned Packed Encoding Rules), asn1c-generated decoders fail to enforce INTEGER constraints when the bound is positive and exceeds 32 b…
- CVE-2025-5808HIGHCVSS 7.3EG 7.32025-08-29
Improper Input Validation vulnerability in OpenText Self Service Password Reset allows Authentication Bypass.This issue affects Self Service Password Reset from before 4.8 patch 3.
- CVE-2025-58835MEDIUMCVSS 5.3EG 5.32025-09-05
Improper Validation of Specified Quantity in Input vulnerability in calliko Bonus for Woo bonus-for-woo allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bonus for Woo: from n/a through <= 7.6.6.
- CVE-2025-59820MEDIUMCVSS 6.7EG 6.72025-11-26
In KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer overflow in plugins/impex/tga/kis_tga_import.cpp (aka KisTgaImport). Control flow proceeds even when a number of pixels becomes negative.
- CVE-2025-61938HIGHCVSS 7.5EG 7.52025-10-15
When a BIG-IP Advanced WAF or ASM security policy is configured with a URL greater than 1024 characters in length for the Data Guard Protection Enforcement setting, either manually or through the automatic Policy Builder, the bd process ca…
- CVE-2025-65548CRITICALCVSS 9.1EG 9.12025-12-08
NUT-14 allows cashu tokens to be created with a preimage hash. However, nutshell (cashubtc/nuts) before 0.18.0 do not validate the size of preimage when the token is spent. The preimage is stored by the mint and attacker can exploit this v…
- CVE-2025-66660LOWCVSS 1.8EG 1.82026-05-15
Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_SRIOV_CHECK_TA_COMPAT to cause incorrect shared memory mapping, potentially resulting in unexpected behavior.
- CVE-2025-67901MEDIUMCVSS 5.3EG 5.32025-12-15
openrsync through 0.5.0, as used in OpenBSD through 7.8 and on other platforms, allows a client to cause a server SIGSEGV by specifying a length of zero for block data, because the relationship between p->rem and p->len is not checked.
- CVE-2025-68383MEDIUMCVSS 6.5EG 6.52025-12-18
Improper Validation of Specified Index, Position, or Offset in Input (CWE-1285) in Filebeat Syslog parser and the Libbeat Dissect processor can allow a user to trigger a Buffer Overflow (CAPEC-100) and cause a denial of service (panic/cras…
- CVE-2025-70069HIGHCVSS 7.5EG 7.52026-05-04
An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXConverter.cpp and ConvertMeshMultiMaterial() method
- CVE-2025-70071MEDIUMCVSS 5.9EG 5.92026-05-04
An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXParser.cpp, ParseVectorDataArray()
- CVE-2025-8320HIGHCVSS 8.8EG 8.82025-07-30
Tesla Wall Connector Content-Length Header Improper Input Validation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Tesla Wall Connector devi…
- CVE-2025-8424HIGHCVSS 8.7EG 8.72025-08-26
Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway when an attacker can get access to the appliance NSIP, Cluster Management IP or local GSLB Site IP or SNIP with Management Access
- CVE-2025-9316MEDIUMCVSS 6.9EG 6.92025-11-12
N-central < 2025.4 can generate sessionIDs for unauthenticated users This issue affects N-central: before 2025.4.
- CVE-2026-0428LOWCVSS 1.8EG 1.82026-05-15
Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_SRIOV_COPY_VF_CHIPLET_REGS to write invalid data to a remote Die, potentially resulting in unexpected behavior.
- CVE-2026-0925LOWCVSS 2.7EG 2.72026-01-26
Tanium addressed an improper input validation vulnerability in Discover.
- CVE-2026-1092HIGHCVSS 7.5EG 7.52026-04-08
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.10 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an unauthenticated user to cause denial of service due to improper input v…
- CVE-2026-1101MEDIUMCVSS 6.5EG 6.52026-04-08
GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user to cause denial of service to the GitLab instance due to…
- CVE-2026-11596MEDIUMCVSS 4.7EG 4.72026-06-10
In ScreenConnect™ versions prior to 26.2, input validation within the Host Pass creation functionality could allow an authenticated user with Host Pass creation privileges the ability to specify a token expiration duration beyond the int…
- CVE-2026-11906MEDIUMCVSS 6.5EG 6.52026-06-30
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in the d…
- CVE-2026-12059HIGHCVSS 8.8EG 8.82026-06-12
The SSH service of CelloOS developed by Cellopoint has an Improper Access Control vulnerability, allowing authenticated remote attackers to bypass the enforced command restrictions and execute operating system commands outside the original…
- CVE-2026-12755LOWCVSS 2.7EG 2.72026-06-25
Improper input validation in the PAM AD discovery endpoints in Devolutions Server 2026.2.4.0 through 2026.2.7.0 allows an authenticated user with the UserGroupsView permission to coerce server-side authentication to an attacker-controll…
- CVE-2026-1352MEDIUMCVSS 6.5EG 6.52026-04-23
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data …
- CVE-2026-1528HIGHCVSS 7.5EG 7.52026-03-12
ImpactA server can reply with a WebSocket frame using the 64-bit length form and an extremely large length. undici's ByteParser overflows internal math, ends up in an invalid state, and throws a fatal TypeError that terminates the process.…
- CVE-2026-1577MEDIUMCVSS 6.5EG 6.52026-04-30
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data …
- CVE-2026-21485HIGHCVSS 8.8EG 8.82026-01-06
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are prone to have Undefined Behavior (UB) and Out of Memory errors. This issue is fixed in version 2.3.1.2.
- CVE-2026-2229HIGHCVSS 7.5EG 7.52026-03-12
ImpactThe undici WebSocket client is vulnerable to a denial-of-service attack due to improper validation of the server_max_window_bits parameter in the permessage-deflate extension. When a WebSocket client connects to a server, it automa…
- CVE-2026-23864HIGHCVSS 7.5EG 7.52026-01-26
Multiple denial of service vulnerabilities exist in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack. The vulnerabilities are triggered by sending spe…
- CVE-2026-2403MEDIUMCVSS 4.3EG 4.32026-04-14
CWE-1284 Improper Validation of Specified Quantity in Input vulnerability exists that could cause Event and Data Log truncation impacting log integrity when a Web Admin user alters the POST /logsettings request payload.
- CVE-2026-2474HIGHCVSS 7.5EG 7.52026-02-16
Crypt::URandom versions from 0.41 before 0.55 for Perl is vulnerable to a heap buffer overflow in the XS function crypt_urandom_getrandom(). The function does not validate that the length parameter is non-negative. If a negative value (e.…
- CVE-2026-25345CRITICALCVSS 9.9EG 9.92026-03-25
Improper Validation of Specified Quantity in Input vulnerability in GalleryCreator SimpLy Gallery simply-gallery-block allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects SimpLy Gallery: from n/a through <= 3…
- CVE-2026-25863HIGHCVSS 7.5EG 7.52026-05-04
Conditional Fields for Contact Form 7 WordPress plugin through version 2.7.2 contains an uncontrolled resource consumption vulnerability in the Wpcf7cfMailParser class where the hide_hidden_mail_fields_regex_callback() method reads an iter…
- CVE-2026-27384CRITICALCVSS 9.0EG 9.02026-03-05
Improper Validation of Specified Quantity in Input vulnerability in BoldGrid W3 Total Cache w3-total-cache allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects W3 Total Cache: from n/a through <= 2.9.1.
- CVE-2026-29062HIGHCVSS 7.5EG 7.52026-03-06
jackson-core contains core low-level incremental ("streaming") parser and generator abstractions used by Jackson Data Processor. From version 3.0.0 to before version 3.1.0, the UTF8DataInputJsonParser, which is used when parsing from a jav…
- CVE-2026-30573HIGHCVSS 7.5EG 7.52026-04-01
A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0. The vulnerability is located in the add-sales.php file. The application fails to validate the "txtprice" and "txttotalcost" parameters, allowin…
- CVE-2026-3085HIGHCVSS 8.8EG 8.82026-03-16
GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required t…
- CVE-2026-33471CRITICALCVSS 9.6EG 9.62026-04-22
nimiq-block contains block primitives to be used in Nimiq's Rust implementation. `SkipBlockProof::verify` computes its quorum check using `BitSet.len()`, then iterates `BitSet` indices and casts each `usize` index to `u16` (`slot as u16`) …
- CVE-2026-34545HIGHCVSS 7.3EG 7.32026-04-01
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.7, an attacker providing a crafted .exr file with HTJ…
- CVE-2026-34756MEDIUMCVSS 6.5EG 6.52026-04-06
vLLM is an inference and serving engine for large language models (LLMs). From 0.1.0 to before 0.19.0, a Denial of Service vulnerability exists in the vLLM OpenAI-compatible API server. Due to the lack of an upper bound validation on the n…
- CVE-2026-35489HIGHCVSS 7.3EG 7.32026-04-07
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.4, the POST /api/food/{id}/shopping/ endpoint reads amount and unit directly from request.data and passes them without valida…
- CVE-2026-3676MEDIUMCVSS 6.5EG 6.52026-05-27
IBM Cloud APM, Base Private 8.1.4 and IBM Cloud APM, Advanced Private 8.1.4 IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) could allow an authenticated user to cause a denial of service due to improper neutralization of …
- CVE-2026-3816MEDIUMCVSS 4.3EG 4.32026-03-09
A security vulnerability has been detected in OWASP DefectDojo up to 2.55.4. This vulnerability affects the function input_zip.read of the file parser.py of the component SonarQubeParser/MSDefenderParser. The manipulation leads to denial o…
- CVE-2026-39829HIGHCVSS 7.5EG 7.52026-05-22
The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause several minutes of CPU consumption during signature verification. This co…
- CVE-2026-40093HIGHCVSS 8.1EG 9.12026-04-09
nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In 1.3.0 and earlier, block timestamp validation enforces that timestamp >= parent.timestamp for non-skip blocks and timestamp == parent.timestamp + MIN_PR…
- CVE-2026-41285MEDIUMCVSS 4.3EG 4.32026-04-21
In OpenBSD through 7.8, the slaacd and rad daemons have an infinite loop when they receive a crafted ICMPv6 Neighbor Discovery (ND) option (over a local network) with length zero, because of an "nd_opt_len * 8 - 2" expression with no prece…
- CVE-2026-41677CRITICALCVSS 9.1EG 9.12026-04-24
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.0 to before 0.10.78, the *_from_pem_callback APIs did not validate the length returned by the user's callback. A password callback that returns a value lar…
- CVE-2026-42013HIGHCVSS 8.2EG 8.22026-05-26
A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name (SAN) could cause the validation process to incorrectly fall back to checking the Common Name (CN) field. This could allow a remote attacker to…
- CVE-2026-42657MEDIUMCVSS 6.5EG 5.32026-06-15
Unauthenticated Other Vulnerability Type in Contest Gallery <= 28.1.7 versions.
- CVE-2026-42732MEDIUMCVSS 6.5EG 6.52026-05-27
Improper Validation of Specified Quantity in Input vulnerability in Ads by WPQuads Ads by WPQuads quick-adsense-reloaded allows Input Data Manipulation.This issue affects Ads by WPQuads: from n/a through <= 3.0.2.
Map vulnerabilities like CWE-1284 to your infrastructure
EchelonGraph correlates every CVE — across CWE-1284 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →