Common Weakness Enumeration

CWE-1284

Allowed

Improper Validation of Specified Quantity in Input

Abstraction: Base · Status: Incomplete

The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.

500 vulnerabilities reference this CWE, most recent first.

GHSA-6V99-57J9-CQ4W

Vulnerability from github – Published: 2025-08-22 18:31 – Updated: 2025-08-26 15:30
VLAI
Details

An issue was discovered in mouse07410 asn1c thru 0.9.29 (2025-03-20) - a fork of vlm asn1c. In UPER (Unaligned Packed Encoding Rules), asn1c-generated decoders fail to enforce INTEGER constraints when the bound is positive and exceeds 32 bits in length, potentially allowing incorrect or malicious input to be processed.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-55398"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1284"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-22T17:15:32Z",
    "severity": "CRITICAL"
  },
  "details": "An issue was discovered in mouse07410 asn1c thru 0.9.29 (2025-03-20) - a fork of vlm asn1c. In UPER (Unaligned Packed Encoding Rules), asn1c-generated decoders fail to enforce INTEGER constraints when the bound is positive and exceeds 32 bits in length, potentially allowing incorrect or malicious input to be processed.",
  "id": "GHSA-6v99-57j9-cq4w",
  "modified": "2025-08-26T15:30:56Z",
  "published": "2025-08-22T18:31:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55398"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mouse07410/asn1c/issues/222"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6VPW-RMVH-QC2W

Vulnerability from github – Published: 2026-06-25 15:32 – Updated: 2026-06-25 18:30
VLAI
Details

Improper input validation in the PAM AD discovery endpoints in Devolutions Server 2026.2.4.0 through 2026.2.7.0 allows an authenticated user with the UserGroupsView permission to coerce server-side authentication to an attacker-controlled host, exposing PAM provider credentials as a NTLMv2 challenge-response, via a crafted DomainName parameter.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-12755"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1284"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-25T14:16:36Z",
    "severity": "LOW"
  },
  "details": "Improper input validation in the PAM AD discovery endpoints in \nDevolutions Server 2026.2.4.0 through 2026.2.7.0 allows an authenticated\n user with the UserGroupsView permission to coerce server-side \nauthentication to an attacker-controlled host, exposing PAM provider \ncredentials as a NTLMv2 challenge-response, via a crafted DomainName \nparameter.",
  "id": "GHSA-6vpw-rmvh-qc2w",
  "modified": "2026-06-25T18:30:35Z",
  "published": "2026-06-25T15:32:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12755"
    },
    {
      "type": "WEB",
      "url": "https://devolutions.net/security/advisories/DEVO-2026-0020"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6W5W-27H7-6R2X

Vulnerability from github – Published: 2022-03-04 00:00 – Updated: 2025-11-04 18:30
VLAI
Details

A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to a wrong check on the input packet length in the babel_packet_examin function in babeld/message.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-26128"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119",
      "CWE-1284"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-03-03T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to a wrong check on the input packet length in the babel_packet_examin function in babeld/message.c.",
  "id": "GHSA-6w5w-27h7-6r2x",
  "modified": "2025-11-04T18:30:38Z",
  "published": "2022-03-04T00:00:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26128"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FRRouting/frr/issues/10502"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00007.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6WG3-R534-HRWR

Vulnerability from github – Published: 2025-08-29 18:30 – Updated: 2025-08-29 18:30
VLAI
Details

Improper Input Validation vulnerability in OpenText Self Service Password Reset allows Authentication Bypass.This issue affects Self Service Password Reset from before 4.8 patch 3.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-5808"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1284"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-29T16:15:37Z",
    "severity": "HIGH"
  },
  "details": "Improper Input Validation vulnerability in OpenText Self Service Password Reset allows Authentication Bypass.This issue affects Self Service Password Reset from before 4.8 patch 3.",
  "id": "GHSA-6wg3-r534-hrwr",
  "modified": "2025-08-29T18:30:51Z",
  "published": "2025-08-29T18:30:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5808"
    },
    {
      "type": "WEB",
      "url": "https://docs.microfocus.com/doc/28/4.8/scrtyimpr"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-6WPF-J472-FR56

Vulnerability from github – Published: 2025-02-12 00:32 – Updated: 2025-02-12 00:32
VLAI
Details

Improper access control in the DRTM firmware could allow a privileged attacker to perform multiple driver initializations, resulting in stack memory corruption that could potentially lead to loss of integrity or availability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-31331"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1284"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-11T22:15:26Z",
    "severity": "LOW"
  },
  "details": "Improper access control in the DRTM firmware could allow a privileged attacker to perform multiple driver initializations, resulting in stack memory corruption that could potentially lead to loss of integrity or availability.",
  "id": "GHSA-6wpf-j472-fr56",
  "modified": "2025-02-12T00:32:16Z",
  "published": "2025-02-12T00:32:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31331"
    },
    {
      "type": "WEB",
      "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4008.html"
    },
    {
      "type": "WEB",
      "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5004.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6X74-CJF9-R2HC

Vulnerability from github – Published: 2023-02-09 18:30 – Updated: 2025-03-25 15:31
VLAI
Details

The geofencing kernel code has a vulnerability of not verifying the length of the input data. Successful exploitation of this vulnerability may cause out-of-bounds memory access.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-48297"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1284",
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-02-09T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "The geofencing kernel code has a vulnerability of not verifying the length of the input data. Successful exploitation of this vulnerability may cause out-of-bounds memory access.",
  "id": "GHSA-6x74-cjf9-r2hc",
  "modified": "2025-03-25T15:31:13Z",
  "published": "2023-02-09T18:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48297"
    },
    {
      "type": "WEB",
      "url": "https://consumer.huawei.com/en/support/bulletin/2023/2"
    },
    {
      "type": "WEB",
      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202302-0000001454769474"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-73PW-PFFQ-GH67

Vulnerability from github – Published: 2024-11-27 18:34 – Updated: 2024-11-27 21:32
VLAI
Details

Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-9369"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1284"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-27T18:15:18Z",
    "severity": "MODERATE"
  },
  "details": "Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)",
  "id": "GHSA-73pw-pffq-gh67",
  "modified": "2024-11-27T21:32:44Z",
  "published": "2024-11-27T18:34:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9369"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop.html"
    },
    {
      "type": "WEB",
      "url": "https://issues.chromium.org/issues/368208152"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-75HF-VVF9-P39G

Vulnerability from github – Published: 2025-09-05 15:31 – Updated: 2026-04-01 18:36
VLAI
Details

Improper Validation of Specified Quantity in Input vulnerability in calliko Bonus for Woo allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Bonus for Woo: from n/a through 7.4.1.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-58835"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1284"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-05T14:15:56Z",
    "severity": "MODERATE"
  },
  "details": "Improper Validation of Specified Quantity in Input vulnerability in calliko Bonus for Woo allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Bonus for Woo: from n/a through 7.4.1.",
  "id": "GHSA-75hf-vvf9-p39g",
  "modified": "2026-04-01T18:36:05Z",
  "published": "2025-09-05T15:31:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58835"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/wordpress/plugin/bonus-for-woo/vulnerability/wordpress-bonus-for-woo-plugin-7-4-1-other-vulnerability-type-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-75R7-WF67-87F9

Vulnerability from github – Published: 2024-06-10 18:31 – Updated: 2024-06-12 18:30
VLAI
Details

A sym-linked file accessed via the repair function in Avast Antivirus <24.2 on Windows may allow user to elevate privilege to delete arbitrary files or run processes as NT AUTHORITY\SYSTEM. The vulnerability exists within the "Repair" (settings -> troubleshooting -> repair) feature, which attempts to delete a file in the current user's AppData directory as NT AUTHORITY\SYSTEM. A low-privileged user can make a pseudo-symlink and a junction folder and point to a file on the system. This can provide a low-privileged user an Elevation of Privilege to win a race-condition which will re-create the system files and make Windows callback to a specially-crafted file which could be used to launch a privileged shell instance.

This issue affects Avast Antivirus prior to 24.2.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-5102"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1284",
      "CWE-59"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-10T17:16:34Z",
    "severity": "HIGH"
  },
  "details": "A sym-linked file accessed via the repair function in Avast Antivirus \u003c24.2 on Windows may allow user to elevate privilege to delete arbitrary files or run processes as NT AUTHORITY\\SYSTEM.\u00a0The vulnerability exists within the \"Repair\" (settings -\u003e troubleshooting -\u003e repair) feature, which attempts to delete a file in the current user\u0027s AppData directory as NT AUTHORITY\\SYSTEM. A\u00a0low-privileged user can make a pseudo-symlink and a junction folder and point to a file on the system. This can provide a low-privileged user an Elevation of Privilege to win a race-condition which will re-create the system files and make Windows callback to a specially-crafted file which could be used to launch a privileged shell instance.\n\nThis issue affects Avast Antivirus prior to 24.2.",
  "id": "GHSA-75r7-wf67-87f9",
  "modified": "2024-06-12T18:30:40Z",
  "published": "2024-06-10T18:31:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5102"
    },
    {
      "type": "WEB",
      "url": "https://support.norton.com/sp/static/external/tools/security-advisories.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-75R9-XH7M-QFVX

Vulnerability from github – Published: 2024-09-07 18:30 – Updated: 2024-09-07 18:30
VLAI
Details

A vulnerability classified as problematic was found in SourceCodester Food Ordering Management System 1.0. This vulnerability affects unknown code of the file /foms/routers/place-order.php of the component Price Handler. The manipulation of the argument total leads to improper validation of specified quantity in input. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-8558"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1284"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-07T16:15:02Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability classified as problematic was found in SourceCodester Food Ordering Management System 1.0. This vulnerability affects unknown code of the file /foms/routers/place-order.php of the component Price Handler. The manipulation of the argument total leads to improper validation of specified quantity in input. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.",
  "id": "GHSA-75r9-xh7m-qfvx",
  "modified": "2024-09-07T18:30:23Z",
  "published": "2024-09-07T18:30:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8558"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Niu-zida/cve/blob/main/Payment%20loopholes.md"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.276778"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.276778"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.403345"
    },
    {
      "type": "WEB",
      "url": "https://www.sourcecodester.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

Mitigation MIT-5
Implementation

Strategy: Input Validation

  • Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
  • When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
  • Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.

No CAPEC attack patterns related to this CWE.