639 matches found
OpenEXR 输入验证错误漏洞
OpenEXR is an open standard for high dynamic range image HDR file format, open-sourced by the Academy Software Foundation. Versions 3.4.0 to 3.4.9, 3.3.0 to 3.3.9, and 3.2.0 to 3.2.7 of OpenEXR contain a input validation vulnerability. This vulnerability stems from line 1722 of the...
EUVD-2026-23884
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper input validation vulnerability. A high privileged attacker with remote access could potentially exploit this...
ChurchCRM 输入验证错误漏洞
ChurchCRM is an open-source CRM system developed for churches. Versions of ChurchCRM prior to 7.0.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from the presence of links throughout the application. When authenticated users accessed and clicked the...
Vulnerabilities fixed in Citrix Netscaler ADC and Netscaler Gateway
Citrix has fixed vulnerabilities in their software related to insufficient input validation and a race condition in session management. The input validation vulnerability occurs because the software does not correctly check for input sizes or limits, which can lead to memory overreads. This can...
CVE-2026-4427
...
Security Bulletin: Multiple Vulnerabilities in IBM Edge Application Manager
Summary Multiple vulnerabilities were addressed in IBM Edge Application Manager 5.0.2 Vulnerability Details CVEID:CVE-2026-24842 DESCRIPTION: node-tar,a Tar for Node.js, contains a vulnerability in versions prior to 7.5.7 where the security check for hardlink entries uses different path resolutio...
llama.cpp 输入验证错误漏洞
Llama.cpp is a multimodal model developed by Georgi Gerganov. Prior versions of llama.cpp b8146 contained an input validation vulnerability; this vulnerability stemmed from an integer overflow in the ggufinitfromfileimpl function, which could lead to writing outside the buffer boundaries...
pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID
A flaw was found in pyasn1, a generic ASN.1 library for Python. A remote attacker could exploit this vulnerability by sending a specially crafted RELATIVE-OID with excessive continuation octets. This input validation vulnerability leads to memory exhaustion, resulting in a Denial of Service DoS f...
pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID
A flaw was found in pyasn1, a generic ASN.1 library for Python. A remote attacker could exploit this vulnerability by sending a specially crafted RELATIVE-OID with excessive continuation octets. This input validation vulnerability leads to memory exhaustion, resulting in a Denial of Service DoS f...
EUVD-2026-9472
A vulnerability in the SAML 2.0 single sign-on SSO feature of Cisco Secure Firewall ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the SAML feature and access sensitive,...
Apache Superset 安全漏洞
Apache Superset is a modern big data exploration and visualization platform from the Apache Foundation that allows users to easily and quickly build dashboards using a simple no-code visualization builder and a state-of-the-art SQL editor. Apache Superset has an input validation vulnerability in...
CVE-2025-15330
Tanium addressed an improper input validation vulnerability in Deploy...
CVE-2026-24936 An improper input validation vulnerability was found in ADM while joining a AD Domain.
When a specific function is enabled while joining a AD Domain from ADM, an improper input parameters validation vulnerability in a specific CGI program allowing an unauthenticated remote attacker to write arbitrary data to any file on the system. By exploiting this vulnerability, attackers can...
ESPHome Input Validation Vulnerability
ESPHome is an open-source system for configuring and managing smart hardware. It is used to control Esp8266/Esp32 hardware, enabling home automation control. The version 2025.9.0 to 2025.12.6 of ESPHome contains a vulnerability related to input validation errors. This vulnerability stems from...
RustCrypto: Elliptic Curves 输入验证错误漏洞
RustCrypto: Elliptic Curves is a Rust cryptographic library open-sourced by Rust Crypto. An input validation error vulnerability exists in RustCrypto: Elliptic Curves version 0.14.0-pre.0 and 0.14.0-rc.0, which stems from an unchecked slice-and-dice operation performed on an input buffer...
CVE-2023-25691
Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions before 8.10.0...
CVE-2023-31289
Pexip Infinity before 31.2 has Improper Input Validation for signalling, allowing remote attackers to trigger an abort...
CVE-2022-23108
Jenkins Badge Plugin 1.9 and earlier does not escape the description and does not check for allowed protocols when creating a badge, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-33752
CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code...
CVE-2020-24649
A remote bytemessageresource transformentity" input validation code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...