EUVD-2020-24903

Malware in sbrugna...

EUVD-2009-1189

Malware in sbrugna...

EUVD-2021-30120

Malicious code in bioql PyPI...

CVE-2023-46906

juzaweb = 3.4 is vulnerable to Incorrect Access Control, resulting in an application outage after a 500 HTTP status code. The payload in the timezone field was not correctly validated...

CVE-2025-3218

IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 is vulnerable to authentication and authorization attacks due to incorrect validation processing in IBM i Netserver. A malicious actor could use the weaknesses, in conjunction with brute force authentication attacks or to bypass authority restrictions, to access...

CVE-2025-21994

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix incorrect validation for numaces field of smbacl parsedcal validate numaces to allocate posixacestatearray. if numaces ULONGMAX / sizeofstruct smbace It is an incorrect validation that we can create an array of size...

CVE-2025-21994 ksmbd: fix incorrect validation for num_aces field of smb_acl

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix incorrect validation for numaces field of smbacl parsedcal validate numaces to allocate posixacestatearray. if numaces ULONGMAX / sizeofstruct smbace It is an incorrect validation that we can create an array of size...

CVE-2024-55470

Oqtane Framework 6.0.0 is vulnerable to Incorrect Access Control. By manipulating the entityid parameter, attackers can bypass passcode validation and successfully log into the application or access restricted data without proper authorization. The lack of server-side validation exacerbates the...

Cisco IOS XR Software CLI Arbitrary File Read Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to read any file in the file system of the underlying Linux operating system. The attacker must have valid credentials on the affected device. This vulnerability is due to incorrect validation of the...

Incorrect Validation

github.com/cometbft/cometbft/light is vulnerable to Incorrect Validation. The vulnerability is due to incomplete validation of the ProposerPriority field in the ValidatorSet retrieved from RPC endpoints, which can lead to inconsistencies in the proposer selection algorithm and potentially cause t...

CVE-2024-7553 Accessing Untrusted Directory May Allow Local Privilege Escalation

Incorrect validation of files loaded from a local untrusted directory may allow local privilege escalation if the underlying operating systems is Windows. This may result in the application executing arbitrary behaviour determined by the contents of untrusted files. This issue affects MongoDB...

RHEL 7 : Red Hat Enterprise Linux OpenStack Platform (RHSA-2019:0916)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0916 advisory. OpenStack Networking neutron is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main functi...

RHEL 7 : openstack-neutron (RHSA-2019:0935)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0935 advisory. OpenStack Networking neutron is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its ma...

CVE-2023-3770

Incorrect validation vulnerability of the data entered, allowing an attacker with access to the network on which the affected device is located to use the discovery port protocol 1925/UDP to obtain device-specific information without the need for authentication...

CVE-2023-3770

Incorrect validation vulnerability of the data entered, allowing an attacker with access to the network on which the affected device is located to use the discovery port protocol 1925/UDP to obtain device-specific information without the need for authentication...

CVE-2023-3770

CVE-2023-3770 describes an incorrect input validation vulnerability in Ingeteam’s INGEPAC DA devices. The flaw allows an attacker on the same network to use the UDP discovery port (1925/UDP) to obtain device‑specific information without authentication. Affected component is the data validation on...

CVE-2023-3770 Vulnerability in Ingeteam's INGEPAC DA

Incorrect validation vulnerability of the data entered, allowing an attacker with access to the network on which the affected device is located to use the discovery port protocol 1925/UDP to obtain device-specific information without the need for authentication...

Oracle Linux 8 : python3 (ELSA-2020-1764)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1764 advisory. - Security fix for CVE-2019-16056 Resolves: rhbz1750776 - Security fix for CVE-2018-20852 Resolves: rhbz1741553 Tenable has extracted the preceding...

A Remote InterchainTokenService will not be able to call _execute() because incorrect validation of hashes due to wrong conversion of address to lowercase

Lines of code Vulnerability details Proof of Concept The ASCII table contains letters, numbers, control characters, and other symbols. Each character is assigned a unique 7-bit code. ASCII is an acronym for American Standard Code for Information Interchange. The ASCII code for uppercase 'A' is 65...

Dell EMC ECS Encryption Issue Vulnerability

The Dell EMC ECS is a storage device from Dell USA. A cryptographic issue vulnerability exists in Dell EMC ECS versions prior to 3.8.0.2, which stems from incorrect validation of cryptographic signatures. An attacker exploiting this vulnerability could modify the subject data of a request...