VulnCheck KEV: CVE-2022-29499

The Service Appliance component in Mitel MiVoice Connect allows remote code execution due to incorrect data validation...

The vulnerability of HEVC Video Extensions relates to insufficient input data validation, allowing attackers to execute arbitrary code.

The vulnerability of HEVC Video Extensions relates to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Adobe Bridge file manager, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Bridge file manager is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

74cms 跨站脚本漏洞

74cms is a PHP and MySQL-based online recruitment system from China Xunyi Technology Company. 74cmsSE version v3.5.1 contains a cross-site scripting vulnerability that originates from the path /company/account/safety/trade lack of data validation filtering of user-supplied data and output. An...

74cms 跨站脚本漏洞

74cms is a PHP and MySQL-based online recruitment system from China Xunyi Technology Company. 74cmsSE version v3.5.1 contains a cross-site scripting vulnerability that originates from the path /company/viewbebrowsed/total missing data validation filters for user-supplied data and output. An...

The vulnerability of the Intel Ethernet ixgbe driver for Linux allows a hacker to trigger a service failure.

The vulnerability of the Intel Ethernet ixgbe driver for Linux exists due to insufficient testing of input data. Exploiting this vulnerability can allow attackers to cause service failures...

The vulnerability relates to the signature verification function of Authenticode for the Windows operating system, allowing a perpetrator to execute arbitrary code.

The vulnerability of the Authenticode signature verification function in the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

Contec SolarView Compact 跨站脚本漏洞

Contec SolarView Compact is an application from Contec Japan, Inc. Contec SolarView Compact v6.0 contains a cross-site scripting vulnerability that originates in the component SolarAiConf.php, which lacks a data validation filter for user-supplied data and output. An attacker could exploit this...

The vulnerability of the hardware virtualization system of the Windows Hyper-V operating system from Microsoft allows a perpetrator to trigger a service failure.

The vulnerability of the Windows Hyper-V hardware virtualization system of the Microsoft operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure using specially created data...

The vulnerability of the Adobe Bridge file manager, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Bridge file manager is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

Haraj has cross-site scripting vulnerability

A cross-site scripting vulnerability exists in Haraj v3.7, a buying and selling platform from Haraj Saudi Arabia. The vulnerability stems from a lack of data validation filtering of user-supplied data and output in some DM components. An attacker could exploit this vulnerability to execute...

Online Fire Reporting System跨站脚本漏洞

Online Fire Reporting System is an online fire reporting system from Carlo Montero's personal developer. Online Fire Reporting System v1.0 is vulnerable to a cross-site scripting vulnerability that originates in /ofrs/classes/Master.php due to a lack of data validation of user-supplied The...

NocoDB Cross-Site Scripting Vulnerability

NocoDB is an open source Airtable replacement. Convert any MySql, PostgreSql, Sql Server, Sqlite, and MariaDb into a smart spreadsheet.A cross-site scripting vulnerability exists in versions of NocoDB prior to 0.91.7, which stems from a lack of data validation filtering of user-supplied data and...

WordPress Age Gate plugin跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plug-in. WordPress Age Gate plugin 2.1.70 and earlier versions are vulnerable to a cross-site scripting vulnerability...

SAP 3D Visual Enterprise Viewer PCX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

SAP 3D Visual Enterprise Viewer PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

SAP 3D Visual Enterprise Viewer PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

SAP 3D Visual Enterprise Viewer CGM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

Haraj v3.7 跨站脚本漏洞

A cross-site scripting vulnerability exists in Haraj v3.7, a buying and selling platform from Haraj Saudi Arabia. The vulnerability stems from a lack of data validation filtering of user-supplied data and output in some DM components. An attacker could exploit this vulnerability to execute...

Adobe Bridge PCX File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PCX...