CVE-2021-34992

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Orckestra C1 CMS 6.10. Authentication is required to exploit this vulnerability. The specific flaw exists within Composite.dll. The issue results from the lack of proper validation of user-supplied...

Deserialization of untrusted data

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Orckestra C1 CMS 6.10. Authentication is required to exploit this vulnerability. The specific flaw exists within Composite.dll. The issue results from the lack of proper validation of user-supplied...

WordPress Appointment Booking Calendar System Plugin Cross-Site Scripting Vulnerability

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the hosting of personal blogging sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress Appointment Booking Calendar System...

TYPO3 Cross-Site Scripting Vulnerability (CNVD-2022-17967)

TYPO3 is a free and open source content management system framework CMS/CMF from the TYPO3 Association in Switzerland.TYPO3 has a cross-site scripting vulnerability that stems from a lack of data validation filtering of user-supplied data and output, which can be exploited by an attacker with TYP...

Airangel Hsmx Gateway Cross-Site Scripting Vulnerability

Airangel Hsmx Gateway is a platform from Airangel UK. It is used to manage authentication and billing in the network.A cross-site scripting vulnerability exists in versions of Airangel Hsmx Gateway prior to 5.2.04, which stems from a lack of data validation filtering of user-supplied data and...

CVE-2021-38972

IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly...

Input validation

IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly...

Advanced Micro Devices SNP 输入验证错误漏洞

Advanced Micro Devices SNP AMD SNP is a firmware from AMD Advanced Micro Devices, Inc.. The Advanced Micro Devices SNP Firmware suffers from an input validation error vulnerability that arises from a networked system or product that does not properly validate incoming data...

Advanced Micro Devices SNP 输入验证错误漏洞

Advanced Micro Devices SNP AMD SNP is a firmware from AMD Advanced Micro Devices, Inc.. The Advanced Micro Devices SNP suffers from an input validation error vulnerability that arises from a networked system or product that does not properly validate incoming data...

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to insufficient input data validation. This vulnerability allows attackers to gain unauthorized access to protected information.

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to insufficient validation of input data. Exploiting these vulnerabilities can allow unauthorized actors to gain...

WordPress Translate WordPress-Google Language Translator plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. Translate WordPress-Google Language Translator prior to version 6.0.12 suffers from a cross-site scripting vulnerability, which...

WordPress Booking.com Product Helper Plugin Cross-Site Scripting Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress Booking.com Product Helper plugin in version 1.0....

WordPress Unlimited PopUps Plugin SQL Injection Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress Unlimited PopUps plugin in version 4.5.3 and earlier suffers from a SQL injection vulnerability that...

WordPress AddToAny Share Buttons Plugin Cross-Site Scripting Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress AddToAny Share Buttons plugin in versions prior t...

WordPress Booking.com Banner Creator Plugin Cross-Site Scripting Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress Booking.com Banner Creator plugin in version 1.4....

Appointment Booking Calendar System 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the hosting of personal blogging sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress Appointment Booking Calendar System...

TYPO3 跨站脚本漏洞

TYPO3 is a free and open source content management system framework CMS/CMF from the TYPO3 Association in Switzerland.TYPO3 has a cross-site scripting vulnerability that stems from a lack of data validation filtering of user-supplied data and output, which can be exploited by an attacker with TYP...

The vulnerability of the TCP/IP protocol implementation in Microsoft Windows operating systems allows a perpetrator to cause service failures.

The vulnerability of the TCP/IP protocol implementation in Microsoft Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

Input validation

NLnet Labs Routinator prior to 0.10.2 happily processes a chain of RRDP repositories of infinite length causing it to never finish a validation run. In RPKI, a CA can choose the RRDP repository it wishes to publish its data in. By continuously generating a new child CA that only consists of anoth...

GNU C Library has unspecified vulnerabilities

The GNU C Library glibc, libc6 is an open source, free C compiler released under the LGPL license. version 2.34 of the GNU C Library aka glibc contains a security vulnerability that stems from a data validation issue in the affected version of the library, iconvdata/iso-2022-jp-3.c's iconv in the...