The vulnerability of the microprogrammed software of Arris routers such as TG2482A, TG2492, and SBG10 allows a hacker to execute arbitrary code.

The vulnerability of the microprogrammed software of Arris routers such as TG2482A, TG2492, and SBG10 is related to errors in processing input data. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code by sending a specially crafted request...

SUSE CVE-2006-2480

Format string vulnerability in Dia 0.94 allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code by triggering errors or warnings, as demonstrated via format string specifiers in a .bmp filename. NOTE: the original exploit was demonstrated through a...

The vulnerability of the software for server-based web applications, LiteSpeed and OpenLiteSpeed, allows a perpetrator to execute arbitrary code.

The vulnerability of the LiteSpeed and OpenLiteSpeed web application server software relates to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the ImageMagick graphic editor lies in errors during the processing of input data, allowing attackers to gain access to protected information.

The vulnerability of the ImageMagick graphic editor is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to gain access to protected information using the “profile” parameter...

The vulnerability of the NAT library in Juniper Networks Junos operating systems for Juniper Networks SRX Series and MX Series devices allows a attacker to trigger a system failure and restart of the device.

The vulnerability of the NAT library in Juniper Networks’ Junos devices from the SRX Series and MX Series is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to trigger a system failure and restart the device...

The vulnerability of ManageEngine’s software products is related to errors in processing input data, which allow attackers to execute arbitrary code.

The vulnerability of ManageEngine’s software is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted SAML request remotely...

The vulnerability of the EndType parameter in the web interface of the POWER METER SICAM Q100 microprogramming system allows a hacker to disable the device (with subsequent automatic reboot) or execute arbitrary code.

The vulnerability of the EndType parameter in the web interface of the POWER METER SICAM Q100 measurement software is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to disable the device remotely, causing it to shut down automatically, or execute...

CVE-2022-46906

Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS...

CVE-2022-46904

Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Self-XSS...

CVE-2022-46903

Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Stored XSS...

Cross site scripting

Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS...

CVE-2022-46904

Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Self-XSS...

PT-2022-28005 · Websoft · Websoft Hcm

Name of the Vulnerable Software and Affected Versions: WebSoft HCM version 2021.2.3.327 Description: The issue arises from insufficient processing of user input, allowing an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser. This includes scripts i...

CVE-2022-46906

Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS...

CVE-2022-46905

CVE-2022-46905 affects WebSoft HCM 2021.2.3.327. The vulnerability stems from insufficient processing of user input, enabling an unauthenticated attacker to inject arbitrary HTML tags (including JavaScript) into pages processed by the user’s browser, resulting in reflected XSS. The available docu...

CVE-2022-46904

The CVE-2022-46904 affects WebSoft HCM 2021.2.3.327. The vulnerability arises from insufficient processing of user input in WebSoft HCM, allowing an authenticated attacker to inject arbitrary HTML into pages processed by the user’s browser, enabling Self-XSS. Concrete details across connected sou...

CVE-2022-41783

tdpServer of TP-Link RE300 V1 improperly processes its input, which may allow an attacker to cause a denial-of-service DoS condition of the product's OneMesh function...

CVE-2022-41783

tdpServer of TP-Link RE300 V1 improperly processes its input, which may allow an attacker to cause a denial-of-service DoS condition of the product's OneMesh function...

CVE-2022-41783

TP-Link RE300 V1 is affected by CVE-2022-41783 due to improper processing of input by the tdpServer, which may allow an attacker to trigger a denial-of-service (DoS) in the OneMesh function. Connected sources identify the affected component as tdpServer and confirm DoS as the primary impact, with...

The vulnerability of the command interpreter in Moxa EDR-810, EDR-G902, EDR-G903, TN-4900, and TN-5916 router microprogramming devices allows attackers to execute arbitrary code.

The vulnerability of the command interpreter in Moxa EDR-810, EDR-G902, EDR-G903, TN-4900, and TN-5916 microprogrammed service routers stems from errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted HTTP/HTT...