6726 matches found
EUVD-2026-5316
When a specific function is enabled while joining a AD Domain from ADM, an improper input parameters validation vulnerability in a specific CGI program allowing an unauthenticated remote attacker to write arbitrary data to any file on the system. By exploiting this vulnerability, attackers can...
Progress Software Kemp LoadMaster listapikeys Command Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Progress Software Kemp LoadMaster. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of user data passed to the listapikeys command. The...
CVE-2025-57793
Explorance Blue versions prior to 8.14.9 contain a SQL injection vulnerability caused by insufficient validation of user-supplied input in a web application component. Crafted input can be executed as part of backend database queries. The issue is exploitable without authentication, significantly...
CVE-2026-24347
Improper input validation in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to manipulate files in the /tmp directory...
CVE-2026-0925
Tanium addressed an improper input validation vulnerability in Discover...
CVE-2026-24347
Improper input validation in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to manipulate files in the /tmp directory...
CVE-2026-24347
Improper input validation in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to manipulate files in the /tmp directory...
CVE-2026-24347
CVE-2026-24347 : The Red Hat/NVD/NVD enrichment entries describe an improper input validation in the Admin UI of EZCast Pro II (version 1.17478.146) that allows an attacker to manipulate files in the /tmp directory. This is tied to the EZCast Pro II dongle/application and is actionable via the Ad...
PT-2026-4906
Name of the Vulnerable Software and Affected Versions EZCast Pro II version 1.17478.146 Description A flaw exists in the Admin UI that does not properly validate input. This allows attackers to manipulate files within the /tmp directory. Recommendations Update to a newer version that contains a f...
CVE-2026-0925
Tanium addressed an improper input validation vulnerability in Discover...
EUVD-2026-4676
Tanium addressed an improper input validation vulnerability in Discover...
CVE-2026-0925 Tanium addressed an improper input validation vulnerability in Discover.
Tanium addressed an improper input validation vulnerability in Discover...
PT-2026-4800
Tanium addressed an improper input validation vulnerability in Discover...
Tanium Discover security vulnerabilities
Tanium Discover is an asset scanning module developed by the American company Tanium. Tanium Discover has a security vulnerability, which stems from improper input validation...
CVE-2026-24307
Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network...
Exploit for Improper Input Validation in N8N
No d...
Improper Input Validation
Overview websocket-server is an A simple fully working websocket-server in Python with no external dependencies Affected versions of this package are vulnerable to Improper Input Validation via the WebSocketServer.messagereceived component. An attacker can access sensitive information or trigger...
Exploit for Improper Input Validation in Cacti
CVE-2...
CVE-2026-23886 Swift W3C TraceContext has malformed HTTP header that can cause a crash
Swift W3C TraceContext is a Swift implementation of the W3C Trace Context standard, and Swift OTel is an OpenTelemetry Protocol OTLP backend for Swift Log, Swift Metrics, and Swift Distributed Tracing. Prior to Swift W3C TraceContext version 1.0.0-beta.5 and Swift OTel version 1.0.4, a...
BIT-ELK-2026-0543 Improper Input Validation in Kibana Email Connector Leading to Excessive Allocation
Improper Input Validation CWE-20 in Kibana's Email Connector can allow an attacker to cause an Excessive Allocation CAPEC-130 through a specially crafted email address parameter. This requires an attacker to have authenticated access with view-level privileges sufficient to execute connector...