6730 matches found
CVE-2025-55058
CVE-2025-55058 is tied to CWE-20 Improper Input Validation. Public records (NVD, Red Hat, EUVD, CVE list, CNNVD) cite an input validation error, with CNNVD naming Maxum Rumpus FTP Server as affected (version 9.0.12) in their entry. Evidence does not consistently specify vendor/product coverage ac...
Improper Input Validation
@nubosoftware/node-static is vulnerable to improper input validation.The vulnerability is due to the package failing to handle null-byte %00 input correctly, which allows an attacker to trigger an exception and crash the server...
PT-2025-47182
Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description The software suffers from improper input validation. This can lead to potential security risks. Recommendations At the moment, there is no information about a...
Devolutions Server <= 2025.2.15.0 Improper Input Validation (DEVO-2025-0015) (CVE-2025-11958)
The version of Devolutions Server installed on the remote host is prior or equal to 2025.2.15.0 and is, therefore, affected by an improper authorization vulnerability: - An improper input validation in the Security Dashboard ignored-tasks API of Devolutions Server 2025.2.15.0 and earlier allows a...
Improper Input Validation
mkdocs-include-markdown-plugin is vulnerable to improper input validation. The vulnerability is due to unvalidated input colliding with substitution placeholders, which allows an attacker to manipulate included Markdown content and potentially inject or alter data...
Improper Input Validation
github.com/opencontainers/runc is vulnerable to improper input validation. The vulnerability is due to insufficient verification of the bind-mount source /dev/null, which allows an attacker to exploit it via arbitrary mount manipulation, leading to host information disclosure, denial of service,...
CVE-2025-33000
Improper input validation for some Intel QuickAssist Technology before version 2.6.0 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This result ma...
HP Integrated Lights-Out Improper Input Validation (CVE-2018-7105)
A security vulnerability in HPE Integrated Lights-Out 5 iLO 5 for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 iLO 4 prior to v2.61, HPE Integrated Lights-Out 3 iLO 3 prior to v1.90 could be remotely exploited to execute arbitrary code leading to disclosure of information. This...
Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2024-26596)
net: dsa: netdevpriv dereference before check on non-DSA netdevice events. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503958;...
HP Integrated Lights-Out Improper Input Validatio (CVE-2022-28629)
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 iLO 5 firmware versions: Prior to 2.71. A low privileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and availabilit...
HP Integrated Lights-Out Improper Input Validation (CVE-2022-28634)
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 iLO 5 firmware versions: Prior to 2.71. A highly privileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and...
HP Integrated Lights-Out Improper Input Validation (CVE-2022-28638)
An isolated local disclosure of information and potential isolated local arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability were discovered in HPE Integrated Lights-Out 5 iLO 5 in Version: 2.71. Hewlett Packard Enterprise h...
Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2020-13631)
SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2025-21758)
ipv6: mcast: add RCU protection to mldnewpack mldnewpack can be called without RTNL or RCU being held. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...
Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2025-21712)
md/md-bitmap: vulnerability caused by bitmapgetstats can be called even if the bitmap is destroyed or not fully initialized, leading to a kernel crash, which is fixed by synchronizing bitmapgetstats with bitmapinfo.mutex. This plugin only works with Tenable.ot. Please visit...
Siemens SIMATIC S7-1500 Improper Validation of Specified Type of Input (CVE-2024-35809)
In the Linux kernel, the following vulnerability has been resolved: PCI/PM: Drain runtime-idle callbacks before driver removal. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2024-56570)
In the Linux kernel, the following vulnerability has been resolved: ovl: Filter invalid inodes with missing lookup function Add a check to the ovldentryweird function to prevent the processing of directory inodes that lack the lookup function.This is important because such inodes can cause errors...
HP Integrated Lights-Out Improper Input Validation (CVE-2022-28639)
A remote potential adjacent denial of service DoS and potential adjacent arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability were discovered in HPE Integrated Lights-Out 5 iLO 5 in Version: 2.71. Hewlett Packard Enterprise h...
Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2025-21766)
ipv4: use RCU protection in iprtupdatepmtu. iprtupdatepmtu must use RCU protection to make sure the net structure it reads does not disappear. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2018-19591)
In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function. This plugin only works with Tenable.ot. Please visit...