ROS-20260216-73-0025

A vulnerability in the Zabbix IT infrastructure monitoring system is related to insufficient server-side request validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain read access to the data...

Liman security vulnerabilities

Liman is an open-source application developed by Liman MYS. It allows for the remote and secure management of all servers, clients, and network devices within an organization. Version 0.7 of Liman contains a security vulnerability caused by insufficient request validation, which may lead to...

EUVD-2018-14294

Malware in sbrugna...

EUVD-2023-43018

Malicious code in bioql PyPI...

The vulnerability of the ColdFusion software platform, related to insufficient validation of incoming requests, allows attackers to trigger service failures.

The vulnerability of the ColdFusion software platform is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...

CVE-2023-39286

A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2304.102 could allow an unauthenticated attacker to perform a Cross Site Request Forgery CSRF attack due to insufficient request validation. A successful exploit could allow an attacker to provide a...

Cross-site Request Forgery (CSRF)

wallabag is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to insufficient request validation, allowing attackers to arbitrarily delete user accounts via the /account/delete endpoint...

The vulnerability of the IBM InfoSphere Information Server software platform, related to insufficient validation of incoming requests, allows a hacker to execute an SSRF attack.

The vulnerability of the IBM InfoSphere Information Server software integration platform is related to insufficient testing of incoming requests. Exploiting this vulnerability could allow a malicious actor to execute an SSRF attack remotely...

The vulnerability of the Apache HTTP Server web server is related to insufficient checking of incoming requests, which allows attackers to perform SSRF attacks.

The vulnerability of the Apache HTTP Server is related to insufficient checking of incoming requests. Exploiting this vulnerability allows a malicious actor to perform an SSRF attack remotely...

The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce Webhooks lies in insufficient validation of incoming requests. This allows attackers to execute arbitrary code.

The vulnerability of programming platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce Webhooks is related to insufficient verification of incoming requests. Exploiting this vulnerability allows a malicious actor to execute arbitrary...

The vulnerability of the ReportLab Python library for creating PDF files allows attackers to gain access to confidential data.

The vulnerability of the ReportLab Python library for creating PDF files is related to insufficient validation of incoming requests. Exploiting this vulnerability can allow an attacker operating remotely to gain access to confidential data...

The vulnerability of the XWiki platform, a collaborative web application, lies in its insufficient validation of incoming requests. This allows attackers to gain unauthorized access to cookies files.

The vulnerability of the XWiki Platform lies in the insufficient verification of incoming requests. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to cookies files...

The vulnerability of the modVulnerabilityProtect module in the Trend Micro Apex Central security monitoring and management tool allows a threat actor to expose protected information.

The vulnerability of the modVulnerabilityProtect module of the Trend Micro Apex Central security management tool is related to insufficient checking of incoming requests. Exploiting this vulnerability can allow a malicious actor to expose the protected information...

The vulnerability of the Apache OFBiz resource planning software lies in its insufficient validation of incoming requests, allowing a hacker to execute arbitrary code.

The vulnerability of the Apache OFBiz resource planning software lies in insufficient validation of incoming requests. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code...

The vulnerability of the CreateAttachmentFromUri method in the Microsoft Exchange Server mail server allows a hacker to disclose protected information.

The vulnerability of the CreateAttachmentFromUri method in Microsoft Exchange Server’s mail server is related to insufficient validation of incoming requests. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

The vulnerability of the WireMock software for creating virtual HTTP services lies in its insufficient checking of incoming requests. This allows attackers to redirect POST requests to arbitrary servers.

The vulnerability of the WireMock software for creating virtual HTTP services is related to insufficient checking of incoming requests. Exploiting this vulnerability allows a malicious actor to redirect POST requests to arbitrary servers...

CVE-2023-39286

A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2304.102 could allow an unauthenticated attacker to perform a Cross Site Request Forgery CSRF attack due to insufficient request validation. A successful exploit could allow an attacker to provide a...

CVE-2023-39286

A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2304.102 could allow an unauthenticated attacker to perform a Cross Site Request Forgery CSRF attack due to insufficient request validation. A successful exploit could allow an attacker to provide a...

The vulnerability of NextCloud Mail’s email client, related to insufficient validation of incoming requests, allows attackers to scan internal services and servers accessible from the local network of the NextCloud server.

The vulnerability of NextCloud Mail’s email client stems from insufficient validation of incoming requests. Exploiting this vulnerability allows a malicious actor to scan internal services and servers accessible from the local network of the NextCloud server...

The vulnerability of the VMware Workspace One application management platform, related to insufficient validation of incoming requests, allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the VMware Workspace One application management platform lies in the insufficient verification of incoming requests. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality and integrity of the protected information through specially crafted...