19 matches found
EUVD-2024-48819
Malicious code in bioql PyPI...
EUVD-2023-44402
Malicious code in bioql PyPI...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the dataAddonlayouts and dataAddonlayoutsexcept parameters in the /apprain/developer/addons/update/dialogs process. An attacker can execute arbitrary scripts in the context of a user's browser by submitting...
CVE-2023-3769
Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication,...
CVE-2023-3768
Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication,...
PT-2025-20706 · Ооо "Юзергейт" · Usergate Next-Generation Firewall
Уязвимость сервиса HTTP-Proxy программного обеспечения межсетевого экрана UserGate Next-Generation Firewall NGFW существует из-за отсутствия мер по проверке вводимых данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, читать произвольные файлы...
CVE-2024-7988
A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™ that allows a threat actor to execute arbitrary code with System privileges. This vulnerability exists due to the lack of proper data input validation, which allows files to be overwritten...
CVE-2024-7988
CVE-2024-7988 affects Rockwell Automation ThinManager ThinServer. The vulnerability stems from improper input validation, enabling remote code execution with SYSTEM privileges by uploading or overwriting files. Affected ThinManager ThinServer versions include 11.1.0–11.1.7, 11.2.0–11.2.8, 12.0.0–...
CVE-2024-7988 ThinManager® ThinServer™ Information Disclosure and Remote Code Execution Vulnerabilities
A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™ that allows a threat actor to execute arbitrary code with System privileges. This vulnerability exists due to the lack of proper data input validation, which allows files to be overwritten...
CVE-2024-7988 ThinManager® ThinServer™ Information Disclosure and Remote Code Execution Vulnerabilities
A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™ that allows a threat actor to execute arbitrary code with System privileges. This vulnerability exists due to the lack of proper data input validation, which allows files to be overwritten...
CVE-2023-20005
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due...
CVE-2023-3769 Vulnerability in Ingeteam's INGEPAC EF
Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication,...
CVE-2023-3769 Vulnerability in Ingeteam's INGEPAC EF
Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication,...
CVE-2023-3768
Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication,...
CVE-2023-3768 Vulnerability in Ingeteam's INGEPAC EF/DA
Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication,...
CVE-2023-3768
CVE-2023-3768 affects Ingeteam’s INGEPAC EF/DA family (e.g., INGEPAC DA3451 firmware 0.29.2.42 and INGEPAC FC5066 firmware 9.0.22.6+6.1.1.22+5.3.1.1). The root cause is an input validation error that could enable an attacker with network access to perform fuzzing against MMS protocol handling, en...
The vulnerability of Microsoft Exchange Server’s mail server, related to insufficient validation of input data, allows attackers to trigger service failures.
The vulnerability of Microsoft Exchange Server is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
EMS Master Calendar 8.0.0.20180520 - Cross-Site Scripting
EMS Master Calendar 8.0.0.20180520 - Cross-Site Scripting Exploit Title: EMS Master Calendar alert'XSS'xyz...
cURL/libcURL Remote Input Validation
Binary data 6903.prm...