CVE-2018-1000068

An improper input validation vulnerability exists in Jenkins versions 2.106 and earlier, and LTS 2.89.3 and earlier, that allows an attacker to access plugin resource files in the META-INF and WEB-INF directories that should not be accessible, if the Jenkins home directory is on a case-insensitiv...

CVE-2018-1000068

An improper input validation vulnerability exists in Jenkins versions 2.106 and earlier, and LTS 2.89.3 and earlier, that allows an attacker to access plugin resource files in the META-INF and WEB-INF directories that should not be accessible, if the Jenkins home directory is on a case-insensitiv...

CVE-2017-8973

An improper input validation vulnerability in HPE Matrix Operating Environment version 7.6 LR1 was found...

Input validation

An improper input validation vulnerability in HPE Insight Control version 7.6 LR1 was found...

CVE-2016-0300

IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 might allow remote attackers to access arbitrary JSP pages via vectors related to improper input validation. IBM X-Force ID: 111412...

CVE-2017-12377

ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking...

Input validation

An Improper Input Validation issue was discovered in Nari PCS-9611 relay. An improper input validation vulnerability has been identified that affects a service within the software that may allow a remote attacker to arbitrarily read/access system resources and affect the availability of the syste...

CVE-2018-5447

An Improper Input Validation issue was discovered in Nari PCS-9611 relay. An improper input validation vulnerability has been identified that affects a service within the software that may allow a remote attacker to arbitrarily read/access system resources and affect the availability of the syste...

CVE-2018-5447

An Improper Input Validation issue was discovered in Nari PCS-9611 relay. An improper input validation vulnerability has been identified that affects a service within the software that may allow a remote attacker to arbitrarily read/access system resources and affect the availability of the syste...

CVE-2018-5447

The CVE-2018-5447 issue affects the Nari PCS-9611 relay (line protection/control device) with an improper input validation vulnerability (CWE-20) that may allow a remote attacker to arbitrarily read/access system resources and impact availability. Affected products include all PCS-9611 versions; ...

Nari PCS-9611 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low skill level to exploit. Vendor : Nari Equipment : PCS-9611 Vulnerability : Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-18-025-01 Nari PCS-9611 that...

PowerDNS Recursor DNSSEC Signatures Vulnerability (2018-01)

Improper input validation bugs in DNSSEC validators components in PowerDNS allow attacker in man-in-the-middle position to deny existence of some data in DNS via packet replay. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

PowerDNS Improper Input Validation Vulnerability

PowerDNS is a cross-platform open source DNS service component of the Dutch company PowerDNS , it supports the use of Access mdb files to record DNS information in Windows systems , in Linux/Unix systems to use MySQL to record DNS information.DNSSEC validators components DNSSEC validators compone...

CVE-2018-1000002

Improper input validation bugs in DNSSEC validators components in Knot Resolver prior version 1.5.2 allow attacker in man-in-the-middle position to deny existence of some data in DNS via packet replay...

CVE-2018-1000003

Improper input validation bugs in DNSSEC validators components in PowerDNS version 4.1.0 allow attacker in man-in-the-middle position to deny existence of some data in DNS via packet replay...

CVE-2018-1000002

Improper input validation bugs in DNSSEC validators components in Knot Resolver prior version 1.5.2 allow attacker in man-in-the-middle position to deny existence of some data in DNS via packet replay...

CVE-2018-1000003

Improper input validation bugs in DNSSEC validators components in PowerDNS version 4.1.0 allow attacker in man-in-the-middle position to deny existence of some data in DNS via packet replay...

Siemens SIMATIC WinCC Add-On (Update A)

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: SIMATIC WinCC Add-On Vulnerabilities: Stack-based Buffer Overflow, Improper Input Validation, Improper Restriction of Operations within the Bounds of a Memory Buffer, Security Features, Improper...

ICSA-18-023-02 Siemens Industrial Products (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit Vendor: Siemens Equipment: Industrial Products Vulnerabilities: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...

AssetView and AssetView PLATINUM contain multiple vulnerabilities

Overview AssetView and AssetView PLATINUM provided by Hammock Corporation contain 2 vulnerabilities listed below. Use of Hard-coded Cryptographic Key CWE-321 - CVE-2017-10866 Improper Input Validation CWE-20 - CVE-2017-10867 Muneaki Nishimura of of Recruit Technologies Co.,Ltd. RED TEAM reported...