186 matches found
The vulnerability of the WDAC OLE DB driver for SQL Server on the Windows operating system allows a hacker to execute arbitrary code.
The vulnerability of the WDAC OLE DB driver for SQL Server on the Windows operating system is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Skype for Consumer instant messaging program, related to insufficient input data validation, allows a hacker to execute arbitrary code.
The vulnerability of the Skype for Consumer instant messaging program is related to insufficient validation of entered data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
PT-2024-13363 · Algosec · Algosec Fireflow
Name of the Vulnerable Software and Affected Versions: Algosec FireFlow versions A32.20 through A32.60 Description: The issue is related to improper input validation in the VisualFlow workflow editor via the Name, Description, and Configuration File fields. This allows an attacker to initiate an...
The vulnerability of the Log Management component of the Oracle Enterprise Manager Base Platform allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the Log Management component of the Oracle Enterprise Manager Base Platform relates to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information through...
The vulnerability of the GVCP discapper, a traffic analysis tool for computer networks by Wireshark, allows a hacker to cause a service failure.
The vulnerability of the GVCP discapper of the Wireshark network traffic analyzer is related to insufficient verification of input data. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
CVE-2023-48395
Kaifa Technology WebITR is an online attendance system, it has insufficient validation for user input within a special function. A remote attacker with regular user privilege can exploit this vulnerability to inject arbitrary SQL commands to read database...
PT-2023-7878 · Unknown · Itpison Omicard Edm
Name of the Vulnerable Software and Affected Versions: ITPison OMICARD EDM affected versions not specified Description: The SMS-related function in ITPison OMICARD EDM has insufficient validation for user input, allowing an unauthenticated remote attacker to inject arbitrary SQL commands. This ca...
The vulnerability of the MSHTML platform in Windows operating systems allows a hacker to execute arbitrary code.
The vulnerability of the MSHTML platform in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted email...
The vulnerability of the Static Routing Configuration Handler component in the Ubiquiti EdgeRouter software allows a attacker to execute arbitrary commands.
The vulnerability of the Static Routing Configuration Handler component in Ubiquiti EdgeRouter software exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...
The vulnerability of the CMPappBP component in CODESYS software products allows a hacker to trigger a service failure.
The vulnerability of the CMPappBP component in CODESYS software products is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
The vulnerability of the Microsoft .NET Framework software, related to insufficient validation of input data, allows attackers to escalate their privileges.
The vulnerability of the Microsoft .NET Framework software platform is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...
The vulnerability of the httpd component of the microprogramming software for Wi-Fi routers from ASUS, ASUS RT-AX88U, allows a hacker to trigger a service failure.
The vulnerability of the httpd component of the microprogramming-based Wi-Fi router software from ASUS, the RT-AX88U, exists due to insufficient testing of input data. Exploiting this vulnerability could allow a remote attacker to execute a “denial-of-service” attack...
The vulnerability of the Pragmatic General Multicast (PGM) protocol implementation in Windows operating systems allows a hacker to execute arbitrary code.
The vulnerability of the Pragmatic General Multicast protocol implementation in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the Remote Procedure Call (RPC) technology in Windows operating systems allows a perpetrator to trigger a service failure.
The vulnerability of the Remote Procedure Call RPC technology in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures remotely...
CVE-2023-20119
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, formerly known as Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the...
Judging Management System SQL注入漏洞
Judging Management System is a judging management system. Judging Management System has a SQL injection vulnerability in version v.1.0. The vulnerability is related to the critid parameter of the editcriteria.php file, and is due to the program not performing strict filter validation of user inpu...
The vulnerability of Microsoft Office packages, related to insufficient validation of input data, allows a hacker to execute arbitrary code.
The vulnerability of Microsoft Office packages is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...
The vulnerability of the GUI component of the Oracle Application Object Library in the Oracle E-Business Suite, a system for automating business activities in enterprises, allows a perpetrator to trigger service failures or gain access to read, modify, add, or delete data.
The vulnerability of the GUI component of the Oracle Application Object Library in the Oracle E-Business Suite system for enterprise automation activities is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures or gain...
The vulnerability of the Web Server component of the Oracle BI Publisher software, which is used for creating reports, allows a hacker to disclose protected information.
The vulnerability of the Web Server component of the Oracle BI Publisher software exists due to insufficient verification of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose sensitive information through HTTP requests...
The vulnerability of the Delta Electronics InfraSuite Device Master software in monitoring devices in real time, due to insufficient validation of input data, allows attackers to exploit their privileges.
The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...