EUVD-2020-17752

Malware in sbrugna...

CVE-2021-26788

Oryx Embedded CycloneTCP 1.7.6 to 2.0.0, fixed in 2.0.2, is affected by incorrect input validation, which may cause a denial of service DoS. To exploit the vulnerability, an attacker needs to have TCP connectivity to the target system. Receiving a maliciously crafted TCP packet from an...

ROS-20250403-07

A vulnerability in the InnoDB component of the Oracle MySQL Server database management system is related to a flaw in the authorization procedure as a result of incorrect input data validation. authorization procedure as a result of incorrect input data verification. Exploitation of the...

ROS-20241202-02

Vulnerability of drivers/virt/acrn components of the Linux operating system kernel is related to errors of post-release usage errors in the acrnvmmemsegunmap and acrnvmvmrammap functions in the drivers/virt/acrn/mm.c. Exploitation of the vulnerability could allow an attacker to escalate privilege...

ROS-20241112-12

A vulnerability in the drm/vmwgfx components of the Linux operating system kernel is related to memory corruption in the vmwducursormobsize and vmwducursorplanecleanupfb functions in the drivers/gpu/drm/vmwgfx/vmwgfxkms.c. Exploitation of the vulnerability could allow an attacker to elevate the...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from the inclusion of an incorrect input validation in the WLAN Explorer...

Incorrect Input Validation

Apache Traffic Server is vulnerable to Incorrect Input Validation. The vulnerability is caused due to Invalid Accept-Encoding header. This can lead to fail cache lookup and force forwarding requests...

SuiteCRM Security Breach

SuiteCRM is a customer relationship management system from the SuiteCRM team. SuiteCRM has a security vulnerability that stems from incorrect input validation, which leads to an SQL injection vulnerability in the EmailUIAjax message counting controller...

Google Android elevation of privilege vulnerability (CNVD-2024-24360)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that is due to incorrect input validation in multiple locations. An attacker can exploit the vulnerability to escalate privileges...

RHEL 6 : mariadb,_mysql (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mariadb, mysql: Incorrect input validation allowing code execution via mysqldump CVE-2017-3600 - Rejected...

Laragon Security Vulnerabilities

Laragon is a portable, isolated, fast and powerful general-purpose development environment for PHP, Node.js, Python, Java, Go, Ruby. Laragon has a security vulnerability that stems from incorrect input validation, which can be exploited by an attacker to remotely execute code RCE...

Algosec FireFlow Cross-Site Scripting Vulnerability

AlgoSec FireFlow is a security application from AlgoSec USA, Inc. It is used to automate the security policy change lifecycle, from submitting a change request to reviewing the changes made. A security vulnerability exists in Algosec FireFlow that stems from incorrect input validation...

MachineSense FeverWarn Input Validation Error Vulnerability

MachineSense FeverWarn is a temperature detection device from MachineSense. MachineSense FeverWarn has an input validation error vulnerability that stems from incorrect validation of input...

Dell SmartFabric Storage Software Elevation of Privilege Vulnerability

Dell SmartFabric Storage Software is a stand-alone storage software solution from Dell USA. An elevation of privilege vulnerability exists in Dell SmartFabric Storage Software that originates from the inclusion of incorrect input validation. An attacker could exploit the vulnerability to elevate...

CVE-2022-47878

Incorrect input validation for the default-storage-path in the settings page in Jedox 2020.2.5 allows remote, authenticated users to specify the location as Webroot directory. Consecutive file uploads can lead to the execution of arbitrary code. NOTE: The vendor states that the vulnerability...

Google Pixel 缓冲区错误漏洞

Google Pixel is a smartphone from Google, an American company. Google Pixel suffers from a security vulnerability that stems from incorrect input validation and possible out-of-bounds reads...

Google Pixel 安全漏洞

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a security vulnerability that stems from incorrect input validation that could potentially change the name of the installed package...

Huawei HarmonyOS Integer Overflow Vulnerability (CNVD-2022-44616)

Huawei HarmonyOS is an operating system from Huawei China. An integer overflow vulnerability exists in Huawei HarmonyOS version 2.0, which provides a microkernel-based, full-scenario distributed operating system. The vulnerability stems from incorrect input validation in the kernel module of...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a security vulnerability that stems from incorrect input validation in settings, which can be exploited by an attacker to escalate privileges...

Google Android Input Validation Error Vulnerability (CNVD-2022-16337)

Google Android is a Linux-based open source operating system from Google, Inc. The Google Android input validation error vulnerability stems from incorrect input validation. An attacker could exploit the vulnerability to perform arbitrary memory writes and code execution...