CVE-2018-11857

CVE-2018-11857 involves improper input validation in the WLAN encrypt/decrypt module in Qualcomm Snapdragon Mobile, causing a buffer copy vulnerability. Affected are SD 835, 845, and 850-based devices. The entry indicates local attack potential with high impact to confidentiality, integrity, and ...

CVE-2018-11856

Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 835, SD 845, SD 850...

CVE-2018-11857

Improper input validation in WLAN encrypt/decrypt module can lead to a buffer copy in Snapdragon Mobile in version SD 835, SD 845, SD 850...

CVE-2018-11873

Improper input validation leads to buffer overwrite in the WLAN function that handles WLAN roam buffer in Snapdragon Mobile in version SD 845...

CVE-2018-11873

CVE-2018-11873 affects Qualcomm Snapdragon Mobile SD 845 WLAN roam-buffer handling. The issue arises from improper input validation, enabling a buffer overwrite in the WLAN component. CVSS data in the NVD indicates local access, low attack complexity, no authentication, and high impact on confide...

CVE-2018-5914

Improper input validation in TZ led to array out of bound in TZ function while accessing the peripheral details using the incoming data in Snapdragon Mobile, Snapdragon Wear version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660...

Input validation

Improper input validation in TZ led to array out of bound in TZ function while accessing the peripheral details using the incoming data in Snapdragon Mobile, Snapdragon Wear version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660...

CVE-2017-18171

Improper input validation for GATT data packet received in Bluetooth Controller function can lead to possible memory corruption in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD...

Improper Input Validation

Fastjson allows remote attackers to execute arbitrary code via a crafted JSON request, as demonstrated by a crafted rmi:// URI in the dataSourceName field of HTTP POST data to the Pippo /json URI, which is mishandled in AjaxApplication.java...

GHSA-V596-FWHQ-8X48 Improper Input Validation in org.springframework.security:spring-security-core, org.springframework.security:spring-security-core , and org.springframework:spring-core

Spring Security Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before 4.3.14 and 5.0.x before 5.0.3 does not consider URL path parameters when processing security constraints. By adding a URL path parameter with special encodings, an...

GHSA-M956-FRF4-M2WR Ansible is vulnerable to an improper input validation in Ansible's handling of data sent from client systems

Ansible before versions 2.1.4.0, 2.2.1.0 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use this flaw to...

CVE-2018-12478

A Improper Input Validation vulnerability in Open Build Service allows remote attackers to extract files from the system where the service runs. Affected releases are openSUSE Open Build Service: status of is unknown...

Input validation

A Improper Input Validation vulnerability in Open Build Service allows remote attackers to cause DoS by specifying crafted request IDs. Affected releases are openSUSE Open Build Service: versions prior to 01b015ca2a320afc4fae823465d1e72da8bd60df...

CVE-2018-12474

Improper input validation in obs-service-tarscm of Open Build Service allows remote attackers to cause access and extract information outside the current build or cause the creation of file in attacker controlled locations. Affected releases are openSUSE Open Build Service: versions prior to...

CVE-2018-12479

A Improper Input Validation vulnerability in Open Build Service allows remote attackers to cause DoS by specifying crafted request IDs. Affected releases are openSUSE Open Build Service: versions prior to 01b015ca2a320afc4fae823465d1e72da8bd60df...

DEBIAN-CVE-2018-12479

A Improper Input Validation vulnerability in Open Build Service allows remote attackers to cause DoS by specifying crafted request IDs. Affected releases are openSUSE Open Build Service: versions prior to 01b015ca2a320afc4fae823465d1e72da8bd60df...

CVE-2018-12479

A Improper Input Validation vulnerability in Open Build Service allows remote attackers to cause DoS by specifying crafted request IDs. Affected releases are openSUSE Open Build Service: versions prior to 01b015ca2a320afc4fae823465d1e72da8bd60df...

CVE-2018-12479 Request controller allows to create requests with arbitrary request IDs

A Improper Input Validation vulnerability in Open Build Service allows remote attackers to cause DoS by specifying crafted request IDs. Affected releases are openSUSE Open Build Service: versions prior to 01b015ca2a320afc4fae823465d1e72da8bd60df...

CVE-2018-12479

CVE-2018-12479 pertains to the Open Build Service (OBS) used in openSUSE. The vulnerability is an Improper Input Validation flaw that enables remote attackers to cause a DoS by specifying crafted request IDs. The affected releases are the Open Build Service versions prior to 01b015ca2a320afc4fae8...

CVE-2018-12478

CVE-2018-12478 affects the Open Build Service (OBS) used by openSUSE. The vulnerability is described as an improper input validation flaw that could allow remote attackers to extract files from the system hosting OBS. Affected releases are listed as openSUSE Open Build Service with status unknown...