6712 matches found
CVE-2026-27282
CVE-2026-27282 affects ColdFusion versions 2023.18, 2025.6 and earlier. The issue is an Improper Input Validation vulnerability that can bypass security features, potentially allowing unauthorized access. Exploitation requires user interaction. The CVSS details indicate a high impact on integrity...
CVE-2026-27282 ColdFusion | Improper Input Validation (CWE-20)
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue requires us...
CVE-2026-27304
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction...
CVE-2026-27304 ColdFusion | Improper Input Validation (CWE-20)
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction...
CVE-2026-27304 ColdFusion | Improper Input Validation (CWE-20)
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction...
CVE-2026-27306 ColdFusion | Improper Input Validation (CWE-20)
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Attacker requires elevated privileges. Exploitation of this issue requires user interaction in that a victim...
CVE-2026-27306
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Attacker requires elevated privileges. Exploitation of this issue requires user interaction in that a victim...
EUVD-2026-22534
Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally...
EUVD-2026-22402
Improper input validation in Microsoft PowerShell allows an authorized attacker to elevate privileges locally...
CVE-2026-26143
Improper input validation in Microsoft PowerShell allows an unauthorized attacker to bypass a security feature locally...
Improper Validation of Specified Quantity in Input
Overview PowerShell is a package containing the PowerShell global tool Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input in the IsSafeValueVisitor function when SkipLimitCheck is true and used with Import-PowerShellDataFile. An attacker can...
CVE-2026-33826
Improper input validation in Windows Active Directory allows an authorized attacker to execute code over an adjacent network...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to Improper Input Validation in Apache Tomcat [CVE-2026-24734]
Summary IBM Watson Speech Services Cartridge is vulnerable to Improper Input Validation in Apache Tomcat, due to a failure to complete verification or freshness checks on the OCSP response which could allow certificate revocation to be bypassed CVE-2026-24734. Apache Tomcat is used in our speech...
CVE-2026-2403
CWE-1284 Improper Validation of Specified Quantity in Input vulnerability exists that could cause Event and Data Log truncation impacting log integrity when a Web Admin user alters the POST /logsettings request payload...
CVE-2026-2403
CWE-1284 Improper Validation of Specified Quantity in Input vulnerability exists that could cause Event and Data Log truncation impacting log integrity when a Web Admin user alters the POST /logsettings request payload...
CVE-2026-2403
The CVE describes an input validation flaw (CWE-1284) where improper validation of a specified quantity in the POST /logsettings payload by a Web Admin user can lead to Event and Data Log truncation, compromising log integrity. Exploitation details are not provided beyond the admin payload manipu...
Windows BitLocker Security Feature Bypass Vulnerability
Improper input validation in Windows BitLocker allows an unauthorized attacker to bypass a security feature locally...
PowerShell Elevation of Privilege Vulnerability
Improper input validation in Microsoft PowerShell allows an authorized attacker to elevate privileges locally...
Windows Hello Security Feature Bypass Vulnerability
Improper input validation in Windows Hello allows an unauthorized attacker to bypass a security feature over a network...
Azure Monitor Agent Elevation of Privilege Vulnerability
Improper input validation in Azure Monitor Agent allows an authorized attacker to elevate privileges locally...