Lucene search
K

2917 matches found

Snyk
Snyk
added 2026/06/12 11:10 a.m.8 views

Improper Validation of Specified Type of Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Type of Input in the JMSConfigFactory method. An attacker can execute arbitrary code by supplying untrusted JMS configuration data. Remediation Upgrade org.apache.cxf:cxf-rt-transports-jms to version...

8.8CVSS5.9AI score0.00646EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/11 12:34 p.m.9 views

EUVD-2026-36239

guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Versions prior to 2.10.2 contain improper Host header validation when parsing raw HTTP request messages and when deriving a server request URI from server variables. An attacker can provide a malformed Host header containing U...

5.3CVSS5.4AI score0.00198EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/10 4:32 p.m.6 views

Improper Validation of Specified Quantity in Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input in the libnfszdrstring function in lib/libnfs-zdr.c when connecting to a specially crafted NFS server. An attacker can cause an integer overflow and potentially execute arbitrary code o...

7.6CVSS6.2AI score0.00192EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/10 1:13 a.m.6 views

Improper Validation of Specified Quantity in Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input in the retrytopic-attempts header. An attacker can manipulate retry routing and backoff behavior by sending crafted headers with out-of-range attempt counts. Remediation Upgrade...

7.1CVSS5.3AI score0.0024EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

SAP NetWeaver ABAP Platform 安全漏洞

SAP NetWeaver ABAP Platform is an integrated technology platform developed by the German company SAP. There is a security vulnerability in SAP NetWeaver ABAP Platform, which stems from improper validation of RFC protocols. This vulnerability allows unauthorized attackers to send specially crafted...

9.8CVSS5.7AI score0.00437EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/06/06 4:14 a.m.6 views

SUSE CVE-2024-22119

The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section...

5.4CVSS5.8AI score0.00659EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.10 views

CVE-2026-7471

GitLab has remediated an issue in GitLab EE affecting all versions from 18.8 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with control of a virtual registry upstream to make requests to internal hosts due to improper validation...

3.5CVSS5.5AI score0.00171EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.10 views

CVE-2026-1184

GitLab has remediated an issue in GitLab EE affecting all versions from 11.9 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause denial of service by uploading a specially crafted file due to improper validation...

7.5CVSS5.5AI score0.00331EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:13 p.m.9 views

CVE-2026-40383

An improper validation of user-supplied input leads to a local file inclusion vulnerability...

9.8CVSS5.4AI score0.00482EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/05 8:59 a.m.10 views

CVE-2026-49777

Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pro for WooCommerce allows Malicious Software Implanted. This issue affects Product Slider Pro for WooCommerce: from n/a before 3.5.4...

10CVSS5.4AI score0.01656EPSS
Exploits3References2
NVD
NVD
added 2026/06/01 7:16 p.m.16 views

CVE-2026-9330

IBM WebSphere Application Server 9.0, and 8.5 is affected by an improper validation of user-supplied data during deserialization using the SAML Web Single Sign-On component. This could result in remote code execution via a crafted HTTP request when combined with a suitable gadget chain...

8.5CVSS0.00487EPSS
Exploits0References1
NVD
NVD
added 2026/05/28 10:16 a.m.20 views

CVE-2026-47074

Improper Certificate Validation vulnerability in ex-aws exawssns ExAws.SNS, ExAws.SNS.PublicKeyCache modules allows Signature Spoofing by Improper Validation. This vulnerability is associated with program files lib/exaws/sns.ex, lib/exaws/sns/publickeycache.ex and program routines...

8.7CVSS0.00226EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/28 9:5 a.m.15 views

CVE-2026-47074 ex_aws_sns SigningCertURL not validated in verify_message/1

Improper Certificate Validation vulnerability in ex-aws exawssns ExAws.SNS, ExAws.SNS.PublicKeyCache modules allows Signature Spoofing by Improper Validation. This vulnerability is associated with program files lib/exaws/sns.ex, lib/exaws/sns/publickeycache.ex and program routines...

8.7CVSS5.8AI score0.00226EPSS
Exploits0References4
NVD
NVD
added 2026/05/27 11:16 a.m.16 views

CVE-2026-42744

Improper Validation of Specified Quantity in Input vulnerability in Ads by WPQuads Ads by WPQuads quick-adsense-reloaded allows Manipulating Hidden Fields.This issue affects Ads by WPQuads: from n/a through = 3.0.2...

6.5CVSS0.00207EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/27 12:47 a.m.10 views

Improper Validation of Specified Quantity in Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input in the rsa key exchange process when handling an extremely short premaster secret sent to a server using an RSA key backed by a PKCS11 token. An attacker can access sensitive informatio...

8.8CVSS5.8AI score0.00727EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.15 views

PT-2026-43653

Improper Validation of Specified Quantity in Input vulnerability in Ads by WPQuads Ads by WPQuads quick-adsense-reloaded allows Manipulating Hidden Fields.This issue affects Ads by WPQuads: from n/a through = 3.0.2...

6.5CVSS5.8AI score0.00207EPSS
Exploits0References2
NVD
NVD
added 2026/05/26 5:16 p.m.18 views

CVE-2026-40383

An improper validation of user-supplied input leads to a local file inclusion vulnerability...

9.8CVSS0.00482EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/26 4:45 p.m.37 views

CVE-2026-35222 Joomla! Core - [20260507] - Authenticated blind SQLi in com_tags

Improperly validated order clauses lead to a SQL injection vulnerability in comtags...

6.9CVSS0.0031EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 4:45 p.m.9 views

CVE-2026-35222

Improperly validated order clauses lead to a SQL injection vulnerability in comtags...

6.9CVSS5.9AI score0.0031EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/26 4:45 p.m.11 views

EUVD-2026-31885

An improper validation of the search parameter of the commedia files API endpoint leads to a path traversal vulnerability...

5.9CVSS5.8AI score0.00445EPSS
Exploits0References1
Rows per page
Query Builder