182 matches found
The vulnerability of the Identity Manager software component, used for managing and controlling access to corporate resources and IBM Security Verify Governance applications, allows a perpetrator to execute arbitrary commands.
The vulnerability of the Identity Manager software component, which is used for managing and controlling access to corporate resources and applications in IBM Security Verify Governance, stems from insufficient validation of arguments passed to the command process. Exploiting this vulnerability...
Vulnerability of web servers of microprogramming software: Siemens SICAM CP-8031 and CP-8050 control modules, allowing attackers to execute arbitrary code.
The vulnerability of the web server of the microprogramming software for the processor module controllers Siemens SICAM CP-8031 and CP-8050 is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotel...
The vulnerability of the mySCADA myPRO industrial process visualization and control system lies in insufficient validation of the arguments transmitted in commands, allowing a hacker to execute arbitrary code in the operating system.
The vulnerability of the mySCADA myPRO industrial process visualization and control system is related to insufficient verification of the arguments sent in commands. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code in the operating system...
The vulnerability of the mySCADA myPRO industrial process visualization and control system lies in insufficient validation of the arguments transmitted in commands, allowing a hacker to execute arbitrary code in the operating system.
The vulnerability of the mySCADA myPRO industrial process visualization and control system is related to insufficient verification of the arguments sent in commands. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code in the operating system...
CVE-2023-26487
Vega’s CVE-2023-26487 is a cross-site scripting vulnerability in the lassoAppend function. The issue stems from the first argument not being strictly typed as an array, allowing objects with a push function (potentially via event.view) to be passed and used in the push call, enabling XSS vectors ...
CVE-2023-20050
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI commands. An...
CVE-2023-20050
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI commands. An...
SUSE CVE-2010-4254
Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used, does not properly validate arguments to generic methods, which allows remote attackers to bypass generic constraints, and possibly execute arbitrary code, via a crafted method call...
The vulnerability in the built-in operating system Cradlepoint NetCloud (NCOS) arises from insufficient validation of arguments passed in commands, allowing a malicious actor to execute arbitrary code.
The vulnerability of the built-in operating system Cradlepoint NetCloud NCOS is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows an attacker to execute arbitrary code by rebooting the device and accessing the BIOS...
PT-2025-40220
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the network block device nbd module related to incomplete validation of arguments passed through ioctl calls. Specifically, the issue arises from...
The vulnerability of the command-line interface of the FortiExtender signal booster software arises from insufficient validation of arguments passed in commands, allowing attackers to execute arbitrary commands.
The vulnerability of the command-line interface of the FortiExtender signal booster software relates to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the PDF creation library pdfkit, related to insufficient validation of arguments passed to the command, allows attackers to execute arbitrary commands.
The vulnerability of the pdfkit library for creating PDF files is related to insufficient checking of arguments passed to the command. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...
kernel: udmabuf: validate ubuf->pagecount
A vulnerability was found in the Linux kernel in the udmabufcreate function. An improper user-provided argument validation can lead to a ZEROPTR value being passed to the sgallocappendtablefrompages function, which attempts a dereference and leads to a kernel crash...
VulnCheck KEV: CVE-2020-16875
A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. Exploitation of the vulnerability requires an...
GSD-2022-1006202 video: fbdev: i740fb: Check the argument of i740_calc_vclk()
video: fbdev: i740fb: Check the argument of i740calcvclk This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.291 by commit...
GSD-2022-1005458 video: fbdev: i740fb: Check the argument of i740_calc_vclk()
video: fbdev: i740fb: Check the argument of i740calcvclk This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.63 by commit...
PT-2022-4151 · Siemens · Teamcenter
Name of the Vulnerable Software and Affected Versions: Teamcenter versions prior to V12.4.0.15 Teamcenter versions prior to V13.0.0.10 Teamcenter versions prior to V13.1.0.10 Teamcenter versions prior to V13.2.0.9 Teamcenter versions prior to V13.3.0.5 Teamcenter versions prior to V14.0.0.2...
The vulnerability of the Apache Spark framework’s interface, allowing a perpetrator to execute arbitrary commands
The vulnerability of the Apache Spark framework interface is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...
The vulnerability of the NPM’s npm-dependency-versions versioning tool allows a attacker to execute any command they desire.
The vulnerability of the NPM dependency-versions versioning tool is related to insufficient checking of arguments passed to the command. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...
The vulnerability of the mailcap module in the Python programming language allows a hacker to execute any command they desire.
The vulnerability of the mailcap module in the Python programming language lies in insufficient checking of arguments passed in commands. Exploiting this vulnerability allows an attacker to execute any command remotely...