CVE-2018-11930

Improper input validation on input data which is used to locate and copy the additional IEs in WLAN function can lead to potential integer truncation issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607,...

CVE-2018-11930

Improper input validation on input data which is used to locate and copy the additional IEs in WLAN function can lead to potential integer truncation issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607,...

CVE-2018-11927

Improper input validation on input which is used as an array index will lead to an out of bounds issue while processing AP find event from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...

Exploit for Improper Input Validation in Redhat Openshift

This is a pre-built vulnerable environment based on Docker-Compose, provided by the Vulhub project. The project is designed to help users learn about vulnerabilities and improve their defensive skills. The repository contains a collection of vulnerable environments, each with its own Docker-Compo...

Design/Logic Flaw

A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network EPN Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the underlying operating system. This vulnerability exist because t...

CVE-2019-1790

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with valid administrator credentials to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to...

GHSA-WV67-9JQ7-8R69 Improper Input Validation and Buffer Over-read in mqtt-packet

A specifically malformed MQTT Subscribe packet crashes MQTT Brokers using the mqtt-packet module versions 3.5.1, 4.0.0 - 4.1.3, 5.0.0 - 5.6.1, 6.0.0 - 6.1.2 for decoding...

Seagate NAS OS Cross-Site Scripting Vulnerability

Seagate NAS OS is a NAS Network Attached Storage operating system from Seagate USA. A cross-site scripting vulnerability exists in the API error page in Seagate NAS OS version 4.3.15.1. The vulnerability stems from a lack of proper validation of client data by the WEB application. An attacker cou...

CVE-2017-12795

OpenMRS openmrs-module-htmlformentry 3.3.2 is affected by: Improper Input Validation...

CVE-2017-12795

CVE-2017-12795 affects OpenMRS OpenMRS module-htmlformentry 3.3.2 with an improper input validation vulnerability. Root cause and exact vulnerable component are not elaborated beyond the module name; impact is described generally as a validation error, with CVSS indicating high to critical severi...

Out-of-bounds

In heap of spaces.h, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure when processing a proxy auto config file with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android...

Rockwell Automation/Allen-Bradley CompactLogix and Compact GuardLogix <= 30.014 Improper Input Validation (ICSA-18-172-02)

Binary data 720132.prm...

Siemens SCALANCE X Switches Improper Input Validation

Binary data 720136.prm...

Improper Input Validation

IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security...

Atlassian Confluence < 6.6.12 / 6.7.x < 6.12.3 / 6.13.x < 6.13.3 / 6.14.x < 6.14.2 Multiple Vulnerabilities

Binary data 700661.prm...

GHSA-QX2V-J445-G354 Improper Input Validation in Google TensorFlow

Memcpy parameter overlap in Google Snappy library 1.1.4, as used in Google TensorFlow before 1.7.1, could result in a crash or read from other parts of process memory...

Valve: [Source Engine] Material path truncation leads to Remote Code Execution

Title: Source Engine Material path truncation leads to Remote Code Execution Scope: .exe Weakness: Improper Input Validation Severity: High 7.1 Link: https://hackerone.com/reports/544096 Date: 2019-04-20 12:18:09 +0000 By: @nyancat0131 Details: Summary The handler of matcrosshairedit command...

Cisco Email Security Appliance Content Filter Bypass Vulnerability

A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass configured content filters on the device. The vulnerability is due to improper input validation of the email body. An attacker...

VulnCheck KEV: CVE-2018-0296

Cisco Adaptive Security Appliance ASA contains an improper input validation vulnerability with HTTP URLs. Exploitation could allow an attacker to cause a denial-of-service DoS condition or information disclosure...

PT-2019-18310 · Foxit · Foxit Studio Photo

Name of the Vulnerable Software and Affected Versions: Foxit Studio Photo version 3.6.6 Description: This issue allows remote attackers to execute arbitrary code on vulnerable installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The...