The vulnerability of TLS and SSL Mbed TLS implementations lies in errors in the certificate validation process, which allows attackers to compromise the integrity of data.

The vulnerability of TLS and SSL Mbed TLS implementations is related to the incorrect use of the revocationDate check. Exploiting this vulnerability allows a remote attacker to compromise the integrity of data...

Vulnerability of the Node.js software platform’s Relative Distinguished Name (RDN) component, which allows attackers to perform spoofing attacks

The vulnerability of the Relative Distinguished Name RDN component in the Node.js software platform is related to errors in the certificate validation process. Exploiting this vulnerability allows attackers to perform spear-phishing attacks remotely...

The vulnerability of the Windows Certificate component in Windows operating systems allows attackers to carry out spoofing attacks.

The vulnerability of the Windows Certificate component in Windows operating systems is related to errors in the certificate validation process. Exploiting this vulnerability can allow attackers to carry out spoofing attacks...

Xwiki Platform 输入验证错误漏洞

Xwiki Platform is a Wiki platform for creating Web collaboration applications from the French company Xwiki. XWiki Platform is vulnerable to input validation errors, which can be exploited by attackers to redirect users to malicious sites for phishing and other attacks...

Oracle Java SE和Oracle GraalVM 输入验证错误漏洞

Oracle Java SE is an Oracle Corporation USA product for developing and deploying Java applications on desktops, servers, and embedded devices and in real-time environments.Oracle Java SE is vulnerable to an input validation error that could be exploited by an attacker to potentially cause an...

Adobe Reader 2017 Security Update (APSB22-01) - Mac OS X

Adobe Acrobat Reader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobatreader";...

The vulnerability of the `wheel.pillar_roots.write` component in the configuration management system and the remote execution of SaltStack Salt, which is related to errors in data validation, allows a perpetrator to execute arbitrary code.

The vulnerability of the wheel.pillarroots.write component in the configuration management system and the remote execution of SaltStack Salt are related to errors during data validation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

GitLab 输入验证错误漏洞

GitLab is a self-hosted, Git version control system project repository application developed in Ruby on Rails by GitLab, Inc. GitLab CE/EE is vulnerable to input validation errors, which can be exploited to cause high CPU usage...

Squid 信任管理问题漏洞

Squid is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. Squid suffers from a trust management issue vulnerability that stems from incorrect certificate validation. An attacke...

The vulnerability of the Git-based software platform for collaborative code development on GitLab relates to errors in the certificate validation process, which allows attackers to compromise data integrity.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to errors in the certificate validation process. Exploiting this vulnerability allows a malicious actor to compromise the integrity of data...

The vulnerability of the HTTP interface of Grandstream UCM6200 microprogrammed router software allows a attacker to execute arbitrary commands with root privileges.

The vulnerability of the HTTP interface of Grandstream UCM6200 microprogrammed router software is related to input validation errors. Exploiting this vulnerability allows an attacker to execute arbitrary commands with root privileges remotely...

CVE-2020-9000

An issue was discovered in iPortalis iCS 7.1.13.0. Attackers can send a sequence of requests to rapidly cause .NET Input Validation errors. This increases the size of the log file on the remote server until memory is exhausted, therefore consuming the maximum amount of resources triggering a deni...

Microsoft Windows Defender Multiple RCE Vulnerabilities (Jul 2021)

This host is missing a critical security update according to Microsoft Security Updates released for Microsoft Windows Defender Protection Engine dated 13-07-2021. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...

Foxit PhantomPDF 缓冲区错误漏洞

Foxit PhantomPDF is China's Foxit Foxit company a PDF document reader. A memory corruption vulnerability exists in Foxit PhantomPDF when processing U3D objects in PDF files. The vulnerability stems from the program not properly validating user input. An attacker could exploit this vulnerability t...

The vulnerability in the web interface of the Cisco Unified Communications Manager IM & Presence Service allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Cisco Unified Communications Manager IM & Presence Service web interface is related to input validation errors. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

Apple Mac OS X Security Updates (HT212147)-02

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Google Android Titan-M Component Input Validation Error Vulnerability

Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA in the U.S. Titan-M is one of the security components. A security vulnerability exists in the Titan-M component of Google Android. An attacker can exploit the vulnerability to elevate privileges...

The vulnerability of the Apache NetBeans application environment update system, related to errors in the certificate validation process, allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the Apache NetBeans application environment update system is related to errors in the certificate validation process. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and integrity of the protected information...

The vulnerability of the application control tool. Windows Defender Application Control (WDAC), a PowerShell Core automation tool, allows a hacker to execute arbitrary code.

The vulnerability of the application control tool, Windows Defender Application Control WDAC, a PowerShell Core automation tool, is related to errors during command validation. Exploiting this vulnerability allows an attacker to execute arbitrary code...

The vulnerability of VMware Workspace One’s software lies in authentication process errors, which allow attackers to gain unauthorized access to protected information.

The vulnerability of VMware Workspace One software is related to errors in the certificate validation process. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...