AZL-54434 CVE-2024-45338 affecting package kube-vip-cloud-provider for versions less than 0.0.10-3

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...

The vulnerability of the Squid proxy server, related to errors in processing input data, allows a hacker to cause a service failure.

The vulnerability of the Squid proxy server is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to cause service interruptions by sending specially crafted ESI packets...

The vulnerability of the Core server component of Oracle WebLogic Server, a software platform of Oracle Fusion Middleware, allows an attacker to gain full access to the vulnerable software.

The vulnerability of the Core server component of Oracle WebLogic Server, a software platform of Oracle Fusion Middleware, is related to errors in processing input data. Exploiting this vulnerability allows an attacker, operating remotely, to gain full access to the vulnerable software by sending...

ROS-20241015-16

A vulnerability in the Networking component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect authorization. Exploitation of the vulnerability could allow an attacker acting remotely to impact data integrity ...

The vulnerability of Microsoft Windows operating system consoles allows a perpetrator to execute arbitrary code.

The vulnerability of Microsoft Windows operating system consoles relates to errors in processing input data. Exploiting this vulnerability allows an attacker to execute arbitrary code, provided that the user downloads a specially crafted MSC file...

CVE-2024-34577

Cross-site scripting vulnerability exists in WRC-X3000GS2-B, WRC-X3000GS2-W, WRC-X3000GS2A-B and WRC-X3000GST2-B due to improper processing of input values in easysetup.cgi. If a user views a malicious web page while logged in to the product, an arbitrary script may be executed on the user's web...

CVE-2024-34577

Cross-site scripting vulnerability exists in WRC-X3000GS2-B, WRC-X3000GS2-W, WRC-X3000GS2A-B and WRC-X3000GST2-B due to improper processing of input values in easysetup.cgi. If a user views a malicious web page while logged in to the product, an arbitrary script may be executed on the user's web...

CVE-2024-34577

Cross-site scripting vulnerability exists in WRC-X3000GS2-B, WRC-X3000GS2-W, WRC-X3000GS2A-B and WRC-X3000GST2-B due to improper processing of input values in easysetup.cgi. If a user views a malicious web page while logged in to the product, an arbitrary script may be executed on the user's web...

CVE-2024-42412

Cross-site scripting vulnerability exists in ELECOM wireless access points due to improper processing of input values in menu.cgi. If a user views a malicious web page while logged in to the product, an arbitrary script may be executed on the user's web browser...

CVE-2024-40743

The stripImages and stripIframes methods didn't properly process inputs, leading to XSS vectors...

CVE-2024-40743

CVE-2024-40743 affects Joomla core Outputfilter::stripImages and Outputfilter::stripIframes: inputs are not properly processed, enabling XSS vectors. Root cause is improper handling in stripImages/stripIframes; impact is XSS exposure as described in multiple sources (e.g., BIT-JOOMLA-2024-40743, ...

PT-2024-29022 · Joomla +2 · Joomla! +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue arises from the stripImages and stripIframes methods not properly processing inputs, which leads to XSS vectors. There is no information...

The vulnerability of the Permission Model component of the Node.js software platform, which allows a perpetrator to compromise data integrity

The vulnerability of the Permission Model component in the Node.js software platform is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to compromise the integrity of data...

ROS-20240611-13

Vulnerability in clone/clonefrom components of Python library for interacting with git repositories GitPython is associated with errors in input processing. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code by injecting a specially crafted URL int...

Zoom Workplace Buffer Overflow Vulnerability

Zoom Workplace is an AI-first collaboration platform from Zoom that integrates core features such as team communication, meetings, document collaboration, and a built-in AI Companion smart assistant to boost productivity. Zoom Workplace suffers from a buffer overflow vulnerability that stems from...

ROS-20240521-09

A vulnerability in the JSSE component of the Oracle Java SE software platform and Oracle GraalVM virtual machine. Enterprise Edition is related to the lack of message integrity checking. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information or...

ROS-20240521-11

A vulnerability in the JSSE component of the Oracle Java SE software platform and Oracle GraalVM virtual machine. Enterprise Edition is related to the lack of message integrity checking. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information or...

ROS-20240521-10

A vulnerability in the JSSE component of the Oracle Java SE software platform and Oracle GraalVM virtual machine. Enterprise Edition is related to the lack of message integrity checking. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information or...

The vulnerability of the ANSI Escape Sequence Handler component in the WinRAR file archiver allows a hacker to trigger a service failure or replace the display on the screen.

The vulnerability of the ANSI Escape Sequence Handler component in the WinRAR file archiver is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to remotely cause service failures or replace the display on the screen...

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to execute arbitrary code.

The vulnerability of the Core component of the Oracle VM VirtualBox software is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...