The vulnerability of Xen hypervisors arises from insufficient validation of input data, allowing attackers to trigger service failures or increase their privileges.

The vulnerability of Xen hypervisors exists due to insufficient checking of input data. Exploiting this vulnerability can allow attackers to cause service failures or increase their privileges...

CVE-2020-6443

Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page...

DEBIAN-CVE-2020-6443

Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page...

CVE-2020-6443

Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page...

CVE-2020-6443

Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page...

Input validation

Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page...

UBUNTU-CVE-2020-6443

Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page...

CVE-2020-6443

Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page...

CVE-2020-6443

Chromium/Google Chrome before 81.0.4044.92 is affected by CVE-2020-6443 due to an insufficient data validation flaw in the DevTools component, enabling a remote attacker to execute arbitrary code via a crafted HTML page after convincing a user to use DevTools. Affected product: Chromium/Chrome; r...

CVE-2020-6443

Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page...

Vastgota-Data ProVide Admin Web Interface Cross-Site Scripting Vulnerability

Vastgota-Data ProVide is a file transfer server with a graphical user interface from Vastgota-Data, Sweden. A cross-site scripting vulnerability exists in the Admin Web Interface in Vastgota-Data ProVide 13.1 and earlier versions. The vulnerability stems from a lack of proper validation of client...

The vulnerability of Google Chrome’s mechanism for processing external browser protocols lies in the lack of a mechanism for checking entered data. This allows attackers to compromise the integrity of the data.

The vulnerability of Google Chrome’s mechanism for processing external browser protocols is related to the lack of a mechanism for checking entered data. Exploiting this vulnerability allows an attacker to influence the integrity of data by creating a malicious HTML page...

CVE-2020-6443

Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page...

express-mock-middleware input validation error vulnerability

express-mock-middleware is a mock middleware. An input validation error vulnerability exists in express-mock-middleware version 0.0.6 and earlier. The vulnerability stems from a network system or product that does not properly validate input data. No detailed vulnerability details are provided at...

SpotAuditor 'Name' Denial of Service Vulnerability (CNVD-2020-21801)

SpotAuditor is a useful password recovery software for recovering passwords stored in your computer, which is mainly used to get the list of passwords that have been saved in the local computer, the list of accessed URLs, and the list of launched programs. A denial of service vulnerability exists...

Apache Solr Velocity Template Remote Code Execution Vulnerability

Apache Solr is the United States Apache Apache Software Foundation of a Lucene a full-text search engine based on the search server . The product supports level search , vertical search , highlighting search results and so on. A remote code execution vulnerability exists in Apache Solr Velocity...

KLA11727 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A implementation vulnerability in...

ViewVC Cross-Site Scripting Vulnerability (CNVD-2020-33722)

ViewVC is a Web-based CVS, SVN code repository browsing tool . A cross-site scripting vulnerability exists in ViewVC versions prior to 1.1.28 and 1.2.1. The vulnerability stems from the lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability...

(0Day) Corel PaintShop Pro PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Corel PaintShop Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing...

(0Day) Corel PaintShop Pro TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Corel PaintShop Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing...