CVE-2025-41024

Stored Cross-Site Scripting XSS in Poultry Farm Management System v1.0 due to the lack of proper validation of user input by sending a POST request. The relationship between parameters and assigned identifiers is as follows: 'companyaddress', 'companyemail', 'companyname', 'country', 'mobilenumbe...

CVE-2025-8661

A stored Cross-Site Scripting vulnerability XSS occurs when the server does not properly validate or encode the data entered by the user...

CVE-2025-8661

CVE-2025-8661 is described as a stored Cross-Site Scripting (XSS) vulnerability in Symantec PGP Encryption 11.0.1, arising from improper validation/encoding of user-supplied data. Per the initial entry, the CVSS 3.1 base score is 6.1 (Medium) with Network attack vector, user interaction required,...

CVE-2024-52362

IBM App Connect Enterprise Certified Container 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, and 12.8 could allow an authenticated user to cause a denial of service in the App Connect flow due to improper...

CVE-2024-40721

The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can cause the TCBServiSign to load a DLL from an arbitrary path...

PT-2024-28999 · Changing Information Technology · Tcbservisign Windows Version

Name of the Vulnerable Software and Affected Versions: TCBServiSign Windows Version from CHANGING Information Technology affected versions not specified Description: The issue concerns improper validation of server-side input in a specific API. This can be exploited by unauthenticated remote...

ZTE ZAIP-AIE SQL注入漏洞

ZTE ZAIP-AIE is a product of China's ZTE Corporation ZTE. The ZTE ZAIP-AIE suffers from a security vulnerability that stems from a lack of input validation on the server and a SQL injection vulnerability that allows an attacker to trigger an attack by constructing a malicious request, which in tu...

CVE-2019-11253

Improper input validation in the Kubernetes API server in versions v1.0-1.12 and versions prior to v1.13.12, v1.14.8, v1.15.5, and v1.16.2 allows authorized users to send malicious YAML or JSON payloads, causing the API server to consume excessive CPU or memory, potentially crashing and becoming...

PT-2021-2904 · Oracle +10 · Mysql Server +9

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 5.7.33 and prior MySQL Server versions 8.0.23 and prior Description: The issue is related to insufficient input validation in the InnoDB component of the MySQL Server. It allows a remote attacker to cause a denial of...

RedHat Linux 6.x - X Font Server Buffer Overflow (Denial of Service)

RedHat Linux 6.x - X Font Server Buffer Overflow Denial of Service // source: https://www.securityfocus.com/bid/1111/info A denial of service exists in the X11 font server shipped with RedHat Linux 6.x. Due to improper input validation, it is possible for any user to crash the X fontserver. This...