2917 matches found
Improper Validation of Specified Type of Input
Overview Affected versions of this package are vulnerable to Improper Validation of Specified Type of Input in the JMSConfigFactory method. An attacker can execute arbitrary code by supplying untrusted JMS configuration data. Remediation Upgrade org.apache.cxf:cxf-rt-transports-jms to version...
EUVD-2026-36239
guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Versions prior to 2.10.2 contain improper Host header validation when parsing raw HTTP request messages and when deriving a server request URI from server variables. An attacker can provide a malformed Host header containing U...
Improper Validation of Specified Quantity in Input
Overview Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input in the libnfszdrstring function in lib/libnfs-zdr.c when connecting to a specially crafted NFS server. An attacker can cause an integer overflow and potentially execute arbitrary code o...
Improper Validation of Specified Quantity in Input
Overview Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input in the retrytopic-attempts header. An attacker can manipulate retry routing and backoff behavior by sending crafted headers with out-of-range attempt counts. Remediation Upgrade...
SAP NetWeaver ABAP Platform 安全漏洞
SAP NetWeaver ABAP Platform is an integrated technology platform developed by the German company SAP. There is a security vulnerability in SAP NetWeaver ABAP Platform, which stems from improper validation of RFC protocols. This vulnerability allows unauthorized attackers to send specially crafted...
SUSE CVE-2024-22119
The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section...
CVE-2026-7471
GitLab has remediated an issue in GitLab EE affecting all versions from 18.8 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with control of a virtual registry upstream to make requests to internal hosts due to improper validation...
CVE-2026-1184
GitLab has remediated an issue in GitLab EE affecting all versions from 11.9 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause denial of service by uploading a specially crafted file due to improper validation...
CVE-2026-40383
An improper validation of user-supplied input leads to a local file inclusion vulnerability...
CVE-2026-49777
Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pro for WooCommerce allows Malicious Software Implanted. This issue affects Product Slider Pro for WooCommerce: from n/a before 3.5.4...
CVE-2026-9330
IBM WebSphere Application Server 9.0, and 8.5 is affected by an improper validation of user-supplied data during deserialization using the SAML Web Single Sign-On component. This could result in remote code execution via a crafted HTTP request when combined with a suitable gadget chain...
CVE-2026-47074
Improper Certificate Validation vulnerability in ex-aws exawssns ExAws.SNS, ExAws.SNS.PublicKeyCache modules allows Signature Spoofing by Improper Validation. This vulnerability is associated with program files lib/exaws/sns.ex, lib/exaws/sns/publickeycache.ex and program routines...
CVE-2026-47074 ex_aws_sns SigningCertURL not validated in verify_message/1
Improper Certificate Validation vulnerability in ex-aws exawssns ExAws.SNS, ExAws.SNS.PublicKeyCache modules allows Signature Spoofing by Improper Validation. This vulnerability is associated with program files lib/exaws/sns.ex, lib/exaws/sns/publickeycache.ex and program routines...
CVE-2026-42744
Improper Validation of Specified Quantity in Input vulnerability in Ads by WPQuads Ads by WPQuads quick-adsense-reloaded allows Manipulating Hidden Fields.This issue affects Ads by WPQuads: from n/a through = 3.0.2...
Improper Validation of Specified Quantity in Input
Overview Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input in the rsa key exchange process when handling an extremely short premaster secret sent to a server using an RSA key backed by a PKCS11 token. An attacker can access sensitive informatio...
PT-2026-43653
Improper Validation of Specified Quantity in Input vulnerability in Ads by WPQuads Ads by WPQuads quick-adsense-reloaded allows Manipulating Hidden Fields.This issue affects Ads by WPQuads: from n/a through = 3.0.2...
CVE-2026-40383
An improper validation of user-supplied input leads to a local file inclusion vulnerability...
CVE-2026-35222 Joomla! Core - [20260507] - Authenticated blind SQLi in com_tags
Improperly validated order clauses lead to a SQL injection vulnerability in comtags...
CVE-2026-35222
Improperly validated order clauses lead to a SQL injection vulnerability in comtags...
EUVD-2026-31885
An improper validation of the search parameter of the commedia files API endpoint leads to a path traversal vulnerability...