CWE-1284
Improper Validation of Specified Quantity in Input
Description
The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.
Hierarchy (View 1000)
CVEs mapped to this weakness (151)
page 2 of 8| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-46385 | Hig | 0.50 | — | 0.00 | May 29, 2026 | iskorotkov/avro is a fast Go Avro codec. Prior to 2.33.0, the Avro array and map decoders looped over an attacker-controlled block-count value without checking the underlying reader's error state inside the loop body. Reader.ReadBlockHeader returns the count as a Go int, which… | ||
| CVE-2026-46384 | Hig | 0.50 | — | 0.00 | May 29, 2026 | iskorotkov/avro is a fast Go Avro codec. Prior to 2.33.0, several Avro decoder paths read attacker-controlled 64-bit values from the wire format and either narrowed them to platform-sized int before bounds-checking, or summed them with overflow-prone signed-int arithmetic. On… | ||
| CVE-2026-49110 | Hig | 0.49 | 7.5 | 0.00 | Jun 15, 2026 | Unauthenticated Broken Authentication in Upsell Order Bump Offer for WooCommerce <= 3.1.4 versions. | ||
| CVE-2026-49078 | Hig | 0.49 | 7.5 | 0.00 | Jun 15, 2026 | Unauthenticated Other Vulnerability Type in WP Travel Engine <= 6.7.10 versions. | ||
| CVE-2026-45441 | Hig | 0.49 | 7.5 | 0.00 | Jun 15, 2026 | Unauthenticated Other Vulnerability Type in WpEvently <= 5.3.3 versions. | ||
| CVE-2026-8047 | — | Hig | 0.49 | 7.5 | 0.00 | May 26, 2026 | The affected products perform improper length checking when parsing incoming HTTP requests, resulting in a size-limited out-of-bounds write. An unauthenticated remote attacker can exploit this flaw to cause a denial of service via a system crash on the affected device. | |
| CVE-2025-14869 | Hig | 0.49 | 7.5 | 0.00 | May 14, 2026 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause denial of service by sending specially crafted payloads on certain API endpoints. | ||
| CVE-2026-25863 | Hig | 0.49 | 7.5 | 0.00 | May 4, 2026 | Conditional Fields for Contact Form 7 WordPress plugin through version 2.7.2 contains an uncontrolled resource consumption vulnerability in the Wpcf7cfMailParser class where the hide_hidden_mail_fields_regex_callback() method reads an iteration count directly from user-supplied… | ||
| CVE-2026-1092 | Hig | 0.49 | 7.5 | 0.01 | Apr 8, 2026 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.10 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an unauthenticated user to cause denial of service due to improper input validation of JSON payloads. | ||
| CVE-2025-12664 | Hig | 0.49 | 7.5 | 0.01 | Apr 8, 2026 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.0 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an unauthenticated user to cause denial of service by sending repeated GraphQL queries. | ||
| CVE-2026-30573 | Hig | 0.49 | 7.5 | 0.00 | Apr 1, 2026 | A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0. The vulnerability is located in the add-sales.php file. The application fails to validate the "txtprice" and "txttotalcost" parameters, allowing attackers to submit negative values… | ||
| CVE-2026-30575 | Hig | 0.49 | 7.5 | 0.00 | Mar 27, 2026 | A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtqty" parameter during stock entry, allowing negative values to be processed. This causes the system to decrease the… | ||
| CVE-2021-47831 | Hig | 0.49 | 7.5 | 0.00 | Jan 16, 2026 | Sandboxie 5.49.7 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the container folder input field. Attackers can paste a large buffer of repeated characters into the Sandbox container folder setting to trigger an… | ||
| CVE-2021-47827 | Hig | 0.49 | 7.5 | 0.00 | Jan 16, 2026 | WebSSH for iOS 14.16.10 contains a denial of service vulnerability in the mashREPL tool that allows attackers to crash the application by pasting malformed input. Attackers can trigger the vulnerability by copying a 300-character buffer of repeated 'A' characters into the… | ||
| CVE-2021-47824 | Hig | 0.49 | 7.5 | 0.00 | Jan 16, 2026 | iDailyDiary 4.30 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the preferences tab name field. Attackers can paste a 2,000,000 character buffer into the default diary tab name to trigger an application crash. | ||
| CVE-2021-47821 | Hig | 0.49 | 7.5 | 0.00 | Jan 16, 2026 | RarmaRadio 2.72.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing network configuration fields with large character buffers. Attackers can generate a 100,000 character buffer and paste it into multiple network settings… | ||
| CVE-2021-47818 | Hig | 0.49 | 7.5 | 0.00 | Jan 16, 2026 | DupTerminator 1.4.5639.37199 contains a denial of service vulnerability that allows attackers to crash the application by inputting a long character string in the Excluded text box. Attackers can generate a payload of 8000 repeated characters to trigger the application to stop… | ||
| CVE-2024-30516 | Hig | 0.49 | 7.5 | 0.00 | Jan 5, 2026 | Improper Validation of Specified Quantity in Input vulnerability in SaasProject Booking Package allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Booking Package: from n/a through 1.6.27. | ||
| CVE-2025-32689 | Hig | 0.49 | 7.5 | 0.00 | Sep 9, 2025 | Improper Validation of Specified Quantity in Input vulnerability in Convers Lab WP SmartPay smartpay.This issue affects WP SmartPay: from n/a through <= 2.8.2. | ||
| CVE-2024-9448 | Hig | 0.49 | 7.5 | 0.00 | May 8, 2025 | On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropped and instead will be… |
- risk 0.50cvss —epss 0.00
iskorotkov/avro is a fast Go Avro codec. Prior to 2.33.0, the Avro array and map decoders looped over an attacker-controlled block-count value without checking the underlying reader's error state inside the loop body. Reader.ReadBlockHeader returns the count as a Go int, which…
- risk 0.50cvss —epss 0.00
iskorotkov/avro is a fast Go Avro codec. Prior to 2.33.0, several Avro decoder paths read attacker-controlled 64-bit values from the wire format and either narrowed them to platform-sized int before bounds-checking, or summed them with overflow-prone signed-int arithmetic. On…
- risk 0.49cvss 7.5epss 0.00
Unauthenticated Broken Authentication in Upsell Order Bump Offer for WooCommerce <= 3.1.4 versions.
- risk 0.49cvss 7.5epss 0.00
Unauthenticated Other Vulnerability Type in WP Travel Engine <= 6.7.10 versions.
- risk 0.49cvss 7.5epss 0.00
Unauthenticated Other Vulnerability Type in WpEvently <= 5.3.3 versions.
- risk 0.49cvss 7.5epss 0.00
The affected products perform improper length checking when parsing incoming HTTP requests, resulting in a size-limited out-of-bounds write. An unauthenticated remote attacker can exploit this flaw to cause a denial of service via a system crash on the affected device.
- risk 0.49cvss 7.5epss 0.00
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause denial of service by sending specially crafted payloads on certain API endpoints.
- risk 0.49cvss 7.5epss 0.00
Conditional Fields for Contact Form 7 WordPress plugin through version 2.7.2 contains an uncontrolled resource consumption vulnerability in the Wpcf7cfMailParser class where the hide_hidden_mail_fields_regex_callback() method reads an iteration count directly from user-supplied…
- risk 0.49cvss 7.5epss 0.01
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.10 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an unauthenticated user to cause denial of service due to improper input validation of JSON payloads.
- risk 0.49cvss 7.5epss 0.01
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.0 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an unauthenticated user to cause denial of service by sending repeated GraphQL queries.
- risk 0.49cvss 7.5epss 0.00
A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0. The vulnerability is located in the add-sales.php file. The application fails to validate the "txtprice" and "txttotalcost" parameters, allowing attackers to submit negative values…
- risk 0.49cvss 7.5epss 0.00
A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtqty" parameter during stock entry, allowing negative values to be processed. This causes the system to decrease the…
- risk 0.49cvss 7.5epss 0.00
Sandboxie 5.49.7 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the container folder input field. Attackers can paste a large buffer of repeated characters into the Sandbox container folder setting to trigger an…
- risk 0.49cvss 7.5epss 0.00
WebSSH for iOS 14.16.10 contains a denial of service vulnerability in the mashREPL tool that allows attackers to crash the application by pasting malformed input. Attackers can trigger the vulnerability by copying a 300-character buffer of repeated 'A' characters into the…
- risk 0.49cvss 7.5epss 0.00
iDailyDiary 4.30 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the preferences tab name field. Attackers can paste a 2,000,000 character buffer into the default diary tab name to trigger an application crash.
- risk 0.49cvss 7.5epss 0.00
RarmaRadio 2.72.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing network configuration fields with large character buffers. Attackers can generate a 100,000 character buffer and paste it into multiple network settings…
- risk 0.49cvss 7.5epss 0.00
DupTerminator 1.4.5639.37199 contains a denial of service vulnerability that allows attackers to crash the application by inputting a long character string in the Excluded text box. Attackers can generate a payload of 8000 repeated characters to trigger the application to stop…
- risk 0.49cvss 7.5epss 0.00
Improper Validation of Specified Quantity in Input vulnerability in SaasProject Booking Package allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Booking Package: from n/a through 1.6.27.
- risk 0.49cvss 7.5epss 0.00
Improper Validation of Specified Quantity in Input vulnerability in Convers Lab WP SmartPay smartpay.This issue affects WP SmartPay: from n/a through <= 2.8.2.
- risk 0.49cvss 7.5epss 0.00
On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropped and instead will be…