Lucene search
+L

639 matches found

CNNVD
CNNVD
added 2026/04/21 12:0 a.m.14 views

OpenEXR 输入验证错误漏洞

OpenEXR is an open standard for high dynamic range image HDR file format, open-sourced by the Academy Software Foundation. Versions 3.4.0 to 3.4.9, 3.3.0 to 3.3.9, and 3.2.0 to 3.2.7 of OpenEXR contain a input validation vulnerability. This vulnerability stems from line 1722 of the...

8.4CVSS5.9AI score0.00427EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/20 6:31 p.m.4 views

EUVD-2026-23884

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper input validation vulnerability. A high privileged attacker with remote access could potentially exploit this...

7.2CVSS6.1AI score0.00441EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.8 views

ChurchCRM 输入验证错误漏洞

ChurchCRM is an open-source CRM system developed for churches. Versions of ChurchCRM prior to 7.0.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from the presence of links throughout the application. When authenticated users accessed and clicked the...

5.8AI score0.00043EPSS
Exploits0References1
NCSC
NCSC
added 2026/03/23 1:43 p.m.6 views

Vulnerabilities fixed in Citrix Netscaler ADC and Netscaler Gateway

Citrix has fixed vulnerabilities in their software related to insufficient input validation and a race condition in session management. The input validation vulnerability occurs because the software does not correctly check for input sizes or limits, which can lead to memory overreads. This can...

9.8CVSS5.8AI score0.83996EPSS
Exploits7References1
Cvelist
Cvelist
added 2026/03/19 2:24 p.m.23 views

CVE-2026-4427

...

0.00086EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/17 3:46 a.m.9 views

Security Bulletin: Multiple Vulnerabilities in IBM Edge Application Manager

Summary Multiple vulnerabilities were addressed in IBM Edge Application Manager 5.0.2 Vulnerability Details CVEID:CVE-2026-24842 DESCRIPTION: node-tar,a Tar for Node.js, contains a vulnerability in versions prior to 7.5.7 where the security check for hardlink entries uses different path resolutio...

8.2CVSS6.8AI score0.00628EPSS
Exploits3Affected Software1
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.8 views

llama.cpp 输入验证错误漏洞

Llama.cpp is a multimodal model developed by Georgi Gerganov. Prior versions of llama.cpp b8146 contained an input validation vulnerability; this vulnerability stemmed from an integer overflow in the ggufinitfromfileimpl function, which could lead to writing outside the buffer boundaries...

7.8CVSS6AI score0.00177EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/03/10 5:20 a.m.12 views

pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID

A flaw was found in pyasn1, a generic ASN.1 library for Python. A remote attacker could exploit this vulnerability by sending a specially crafted RELATIVE-OID with excessive continuation octets. This input validation vulnerability leads to memory exhaustion, resulting in a Denial of Service DoS f...

7.5CVSS5.7AI score0.00679EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/03/06 4:36 p.m.5 views

pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID

A flaw was found in pyasn1, a generic ASN.1 library for Python. A remote attacker could exploit this vulnerability by sending a specially crafted RELATIVE-OID with excessive continuation octets. This input validation vulnerability leads to memory exhaustion, resulting in a Denial of Service DoS f...

7.5CVSS5.7AI score0.00679EPSS
Exploits0References7
EUVD
EUVD
added 2026/03/04 6:31 p.m.3 views

EUVD-2026-9472

A vulnerability in the SAML 2.0 single sign-on SSO feature of Cisco Secure Firewall ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the SAML feature and access sensitive,...

6.1CVSS5.8AI score0.00264EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/24 12:0 a.m.10 views

Apache Superset 安全漏洞

Apache Superset is a modern big data exploration and visualization platform from the Apache Foundation that allows users to easily and quickly build dashboards using a simple no-code visualization builder and a state-of-the-art SQL editor. Apache Superset has an input validation vulnerability in...

7.1CVSS5.8AI score0.00348EPSS
Exploits0References2
NVD
NVD
added 2026/02/05 7:15 p.m.6 views

CVE-2025-15330

Tanium addressed an improper input validation vulnerability in Deploy...

8.8CVSS0.00339EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/03 3:50 a.m.3 views

CVE-2026-24936 An improper input validation vulnerability was found in ADM while joining a AD Domain.

When a specific function is enabled while joining a AD Domain from ADM, an improper input parameters validation vulnerability in a specific CGI program allowing an unauthenticated remote attacker to write arbitrary data to any file on the system. By exploiting this vulnerability, attackers can...

9.5CVSS5.7AI score0.00779EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/19 12:0 a.m.9 views

ESPHome Input Validation Vulnerability

ESPHome is an open-source system for configuring and managing smart hardware. It is used to control Esp8266/Esp32 hardware, enabling home automation control. The version 2025.9.0 to 2025.12.6 of ESPHome contains a vulnerability related to input validation errors. This vulnerability stems from...

7.5CVSS5.8AI score0.00273EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/10 12:0 a.m.6 views

RustCrypto: Elliptic Curves 输入验证错误漏洞

RustCrypto: Elliptic Curves is a Rust cryptographic library open-sourced by Rust Crypto. An input validation error vulnerability exists in RustCrypto: Elliptic Curves version 0.14.0-pre.0 and 0.14.0-rc.0, which stems from an unchecked slice-and-dice operation performed on an input buffer...

7.5CVSS6.6AI score0.00279EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/09 12:41 p.m.10 views

CVE-2023-25691

Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions before 8.10.0...

9.8CVSS6.8AI score0.01583EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:33 p.m.10 views

CVE-2023-31289

Pexip Infinity before 31.2 has Improper Input Validation for signalling, allowing remote attackers to trigger an abort...

7.5CVSS7.1AI score0.00615EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:53 a.m.13 views

CVE-2022-23108

Jenkins Badge Plugin 1.9 and earlier does not escape the description and does not check for allowed protocols when creating a badge, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS5.4AI score0.00839EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:52 a.m.10 views

CVE-2022-33752

CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code...

9.8CVSS7.6AI score0.01736EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:50 a.m.9 views

CVE-2020-24649

A remote bytemessageresource transformentity" input validation code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

10CVSS7.5AI score0.04229EPSS
Exploits0References1
Rows per page
Query Builder