154 matches found
PT-2026-41837
Name of the Vulnerable Software and Affected Versions Escargot version 590345cc6258317c5da850d846ce6baaf2afc2d3 Description An improper check for unusual or exceptional conditions in Samsung Open Source Escargot allows for input data manipulation. Recommendations At the moment, there is no...
SAMSUNG Escargot 代码问题漏洞
SAMSUNG Escargot is a memory-optimized JavaScript engine developed by South Korea’s Samsung Corporation. It is suitable for mid-range devices such as smartphones, tablets, and TVs. SAMSUNG Escargot has a code vulnerability that stems from improper exception or special case handling, which may lea...
PT-2026-41838
Name of the Vulnerable Software and Affected Versions Escargot version 590345cc6258317c5da850d846ce6baaf2afc2d3 Description Improper check or handling of exceptional conditions in Samsung Open Source Escargot allows for input data manipulation. Recommendations At the moment, there is no informati...
CVE-2025-14341
DivvyDrive Information Technologies’ DivvyDrive contains a vulnerability (CVE-2025-14341) due to improperly controlled modification of dynamically-determined object attributes, causing Excessive Allocation/Resource Flooding. Affected versions are 4.8.2.19 prior to 4.8.3.2. The issue has NETWORK a...
CVE-2025-14341 Input Data Manipulation in DivvyDrive Information Technologies' DivvyDrive
Improperly controlled modification of Dynamically-Determined object attributes, Allocation of resources without limits or throttling vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Excessive Allocation, Flooding. This issue affects DivvyDrive: from 4.8.2.19 before...
CVE-2025-14341 Input Data Manipulation in DivvyDrive Information Technologies' DivvyDrive
Improperly controlled modification of Dynamically-Determined object attributes, Allocation of resources without limits or throttling vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Excessive Allocation, Flooding. This issue affects DivvyDrive: from 4.8.2.19 before...
CVE-2026-35053
OneUptime prior to v10.0.42 exposes unauthenticated access in the Worker service ManualAPI endpoints GET /workflow/manual/run/:workflowId and POST /workflow/manual/run/:workflowId, allowing an attacker who can obtain or guess a workflowId to trigger arbitrary workflow execution with attacker-cont...
EUVD-2026-15568
Authentication Bypass by Spoofing vulnerability in WP Swings Subscriptions for WooCommerce subscriptions-for-woocommerce allows Input Data Manipulation.This issue affects Subscriptions for WooCommerce: from n/a through = 1.8.10...
CVE-2026-24372
Authentication Bypass by Spoofing vulnerability in WP Swings Subscriptions for WooCommerce subscriptions-for-woocommerce allows Input Data Manipulation.This issue affects Subscriptions for WooCommerce: from n/a through = 1.8.10...
CVE-2026-24372 WordPress Subscriptions for WooCommerce plugin <= 1.8.10 - Bypass Vulnerability vulnerability
Authentication Bypass by Spoofing vulnerability in WP Swings Subscriptions for WooCommerce subscriptions-for-woocommerce allows Input Data Manipulation.This issue affects Subscriptions for WooCommerce: from n/a through = 1.8.10...
CVE-2026-24372
CVE-2026-24372 affects the WordPress plugin Subscriptions for WooCommerce up to version 1.8.10, where an Authentication Bypass by Spoofing plus Input Data Manipulation vulnerability exists. The issue is confirmed across multiple sources (NVD/Red Hat/CVEs lists) with CVSS v3.1 base score 7.5 (HIGH...
PT-2026-27854
Name of the Vulnerable Software and Affected Versions Subscriptions for WooCommerce versions through 1.8.10 Description An authentication bypass by spoofing issue exists in WP Swings Subscriptions for WooCommerce. This allows for input data manipulation. The issue impacts the Subscriptions for...
GHSA-27QJ-9GVP-8RH9 Packetbeat does not properly validate an array index in multiple protocol parser components
Improper Validation of Array Index CWE-129 in multiple protocol parser components in Packetbeat can lead Denial of Service via Input Data Manipulation CAPEC-153. An attacker with the ability to send specially crafted, malformed network packets to a monitored network interface can trigger...
Packetbeat does not properly validate an array index in multiple protocol parser components
Improper Validation of Array Index CWE-129 in multiple protocol parser components in Packetbeat can lead Denial of Service via Input Data Manipulation CAPEC-153. An attacker with the ability to send specially crafted, malformed network packets to a monitored network interface can trigger...
BIT-KIBANA-2026-26937 Uncontrolled Resource Consumption in Kibana Leading to Denial of Service
Uncontrolled Resource Consumption CWE-400 in the Timelion component in Kibana can lead Denial of Service via Input Data Manipulation CAPEC-153...
BIT-ELK-2026-26937 Uncontrolled Resource Consumption in Kibana Leading to Denial of Service
Uncontrolled Resource Consumption CWE-400 in the Timelion component in Kibana can lead Denial of Service via Input Data Manipulation CAPEC-153...
BIT-ELK-2026-26934 Improper Validation of Specified Quantity in Input in Kibana Leading to Denial of Service
Improper Validation of Specified Quantity in Input CWE-1284 in Kibana can allow an authenticated attacker with view-only privileges to cause a Denial of Service via Input Data Manipulation CAPEC-153. An attacker can send a specially crafted, malformed payload causing excessive resource consumptio...
CVE-2026-26932
Improper Validation of Array Index CWE-129 in the PostgreSQL protocol parser in Packetbeat can lead Denial of Service via Input Data Manipulation CAPEC-153. An attacker can send a specially crafted packet causing a Go runtime panic that terminates the Packetbeat process. This vulnerability requir...
EUVD-2026-8872
Uncontrolled Resource Consumption CWE-400 in the Timelion component in Kibana can lead Denial of Service via Input Data Manipulation CAPEC-153...
CVE-2026-26937
Uncontrolled Resource Consumption CWE-400 in the Timelion component in Kibana can lead Denial of Service via Input Data Manipulation CAPEC-153...