The vulnerability of the command interpreter in Moxa EDR-810, EDR-G902, EDR-G903, and TN-4900 router software allows a perpetrator to execute arbitrary code.

The vulnerability of the command interpreter in Moxa EDR-810, EDR-G902, EDR-G903, and TN-4900 router software-based web services is related to errors in processing input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

JVN#29657972: TP-Link RE300 V1 tdpServer vulnerable to improper processing of its input

tdpServer of TP-Link RE300 V1 improperly processes its input, possibly resulting to crash CWE-228. Impact An attacker may be able to cause a denial-of-service DoS condition of the product's OneMesh function. Solution Update the software Update the software to the latest version according to the...

PT-2023-3929 · Mysql Server +3 · Mysql Server +3

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.27 and prior Description: The issue is related to errors in processing input data in the MySQL Server product, specifically in the Server: Replication component. It allows a high-privileged attacker with network acce...

The vulnerability of the Siveillance Video Mobile Server software relates to errors in processing input data for Active Directory accounts. This allows a intruder to gain full access to the software.

The vulnerability of the Siveillance Video Mobile Server software relates to errors in processing input data for Active Directory accounts. Exploiting this vulnerability can allow a malicious actor to gain full access to the software...

PT-2022-5263 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 19.1R3-S9 Junos OS versions 19.2 prior to 19.2R3-S6 Junos OS versions 19.3 prior to 19.3R3-S7 Junos OS versions 19.4 prior to 19.4R2-S7, 19.4R3-S8 Junos OS versions 20.1 prior to 20.1R3-S5 Junos OS versions 20.2 pri...

The vulnerability of the Microsoft Exchange Server, related to errors in processing input data in the OWA interface, allows a perpetrator to perform an SSRF attack.

The vulnerability of Microsoft Exchange Server is related to errors in processing input data in the OWA interface. Exploiting this vulnerability can allow a malicious actor to execute an SSRF attack remotely...

The vulnerability in the implementation of the Internet Key Exchange (IKE) protocol in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Internet Key Exchange IKE protocol implementation in Windows operating systems is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted IKEv1 packets...

CVE-2022-33185. Several commands in Brocade Fabric OS use unsafe string function to process user input

Security Advisory ID : BSA-2022-2078 Component : FOS Revision : 1.1 Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, v9.1.0 use unsafe string functions to process user input. Authenticated local attackers could abuse these vulnerabilities to exploit stack-based buffer...

The vulnerability in the isolated iframe of the Thunderbird email client allows a hacker to circumvent existing security restrictions.

The vulnerability of the isolated iframe environment in the Thunderbird email client is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions by sending specially crafted electronic emails...

The vulnerability of the Thunderbird email client, related to errors in processing input data, allows a hacker to circumvent existing security restrictions.

The vulnerability of the Thunderbird email client is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions by sending a specially crafted email with the iframe srcdoc attribute...

CVE-2022-1405

CNCSoft: All versions prior to 1.01.32 does not properly sanitize input while processing a specific project file, allowing a possible stack-based buffer overflow condition...

Design/Logic Flaw

Delta Electronics CNCSoft All versions prior to 1.01.32 does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds read condition...

The vulnerability of the API interface of the code deployment, management, and collaboration tool based on Git Bitbucket Server and Data Center allows a hacker to execute arbitrary code.

The vulnerability of the API interface for code deployment, management, and collaboration based on Git Bitbucket Server and Data Center is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted HTTP...

The vulnerability of the XMLRPC API interface of the Movable Type content management system allows attackers to execute arbitrary commands.

The vulnerability of the XMLRPC API interface of the Movable Type content management system is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

Laravel 代码问题漏洞

Laravel is a web application framework from the Laravel team.Laravel version 5.1 contains a deserialization vulnerability that stems from insecure deserialization processing of serialized data submitted by the application at the time of receipt, which can be exploited by an attacker to remotely...

The vulnerability of the Microsoft Visual Studio software, related to errors in processing input data, allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft Visual Studio software relates to errors in processing input data. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code by running the malicious file with the user’s permission...

The vulnerability in the web interface for managing microprogrammed software routers of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN allows a malicious actor to execute arbitrary code in the context of the root user or to cause service interruptions. This vulnerability is related to errors in the processing of input data.

The vulnerability of the web-based management interface for Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN software lies in errors during the processing of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the root user or cause...

CVE-2022-32547

In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application...

The vulnerability of the Atlassian Confluence Server web server and the Confluence Data Center’s date processing system, related to errors in handling input data, allows a perpetrator to execute arbitrary code.

The vulnerability of the Atlassian Confluence Server web server and the Confluence Data Center are related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

CVE-2022-22673

This issue was addressed with improved checks. This issue is fixed in iOS 15.5 and iPadOS 15.5. Processing a large input may lead to a denial of service...