Horner Automation Cscape

1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low skill level to exploit Vendor: Horner Automation Equipment: Cscape Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device being accessed, allow the attacker to read...

Advantech WebAccess/SCADA

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: WebAccess/SCADA Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a stack buffer overflow condition. 3...

UBUNTU-CVE-2018-19295

Sylabs Singularity 2.4 to 2.6 allows local users to conduct Improper Input Validation attacks...

Input validation

Sylabs Singularity 2.4 to 2.6 allows local users to conduct Improper Input Validation attacks...

CVE-2018-19295

Sylabs Singularity 2.4 to 2.6 allows local users to conduct Improper Input Validation attacks...

CVE-2018-19295

CVE-2018-19295 affects Sylabs Singularity 2.4–2.6. The issue is tied to improper handling of mount namespaces, enabling local users to escalate privileges due to how mount points were joined or propagated. Public records in OSV/USN/SUSE advisories indicate a fix in Singularity 2.6.1 (openSUSE/SUS...

CVE-2018-19295

Sylabs Singularity 2.4 to 2.6 allows local users to conduct Improper Input Validation attacks...

CVE-2018-5917

Possible buffer overflow in OEM crypto function due to improper input validation in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130...

Siemens S7-400 CPUs (Update B)

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

CVE-2018-9362

In processMessagePart of InboundSmsHandler.java, there is a possible remote denial of service due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions:...

WordPress 4.3.x < 4.3.11 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A DOM-based cross-site scripting XSS vulnerability exists in the uploadSizeError function within file wp-includes/js/plupload/handlers.js when handling overly large file...

GHSA-J7C4-2XJ8-WM7R Improper Input Validation in kdcproxy

python-kdcproxy before 0.3.2 allows remote attackers to cause a denial of service via a large POST request...

Improper Input Validation in kdcproxy

python-kdcproxy before 0.3.2 allows remote attackers to cause a denial of service via a large POST request...

Yi Technology Home Camera 27US Firmware Downgrade Vulnerability

Summary An exploitable firmware downgrade vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted file can cause a logic flaw, resulting in a firmware downgrade. An attacker can insert an SD card to trigger this vulnerability. Tested Versions...

CVE-2018-11884

Improper input validation leads to buffer overflow while processing network list offload command in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660...

CVE-2018-11873

Improper input validation leads to buffer overwrite in the WLAN function that handles WLAN roam buffer in Snapdragon Mobile in version SD 845...

Input validation

Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 835, SD 845, SD 850...

Input validation

Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 845, SD 850, SDA660...

CVE-2018-11856

CVE-2018-11856 is a Qualcomm Snapdragon vulnerability describing improper input validation that leads to a buffer overwrite in the WLAN/WMI handling function on Snapdragon Mobile platforms (SD 835, 845, 850). The issue is triggered within the WLAN component during processing of WMI commands. The ...

CVE-2018-11873

CVE-2018-11873 affects Qualcomm Snapdragon Mobile SD 845 WLAN roam-buffer handling. The issue arises from improper input validation, enabling a buffer overwrite in the WLAN component. CVSS data in the NVD indicates local access, low attack complexity, no authentication, and high impact on confide...