The vulnerability of the Cypress WICED BT Bluetooth Classic stack implementation for the CYW20735B1 device arises due to insufficient validation of input data. This allows a malicious actor to trigger a service failure.

The vulnerability of the Cypress WICED BT Bluetooth Classic stack implementation for the CYW20735B1 device exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to cause service failure...

Netscaut nGeniusONE FDSQueryService Function Cross-Site Scripting Vulnerability

Netscout NgeniusOne is a centralized application and network performance management solution from Netscout, Inc. A cross-site scripting vulnerability exists in Netscaut nGeniusONE in version 6.3.0 build 1196 and earlier, which stems from a lack of validation of user input data and filtering of...

The vulnerability of the microprogrammed logic controller Schneider Electric Modicon M340, related to insufficient validation of input data, allows a intruder to trigger a service failure.

The vulnerability of the microprogramming software of Schneider Electric’s Modicon M340 relates to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to trigger a service failure by sending specially crafted GET requests to port 80...

EyouCMS directory traversal vulnerability

EyouCms is a free and open source enterprise content management system based on the TP5.0 framework that focuses on the needs of enterprise website users. The vulnerability stems from a lack of input data validation for the tpldir, filename, type, and nid parameters. An attacker could use this...

EyouCMS Cross-Site Scripting Vulnerability (CNVD-2021-82428)

EyouCms is a free and open source enterprise content management system based on the TP5.0 framework that focuses on the needs of enterprise website users. The vulnerability stems from the lack of validation of input data in Eyoucms. An attacker could use this vulnerability to inject malicious cod...

The vulnerability of the Thunderbird email client, which exists due to insufficient validation of input data, allows attackers to trigger a service failure.

The vulnerability of the Thunderbird email client exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures due to corrupted headers...

Security Bulletin: A vulnerability has been identified in IBM Cloud Pak for Applications v4.3 that exposes an input data validation attack.

Summary A vulnerability has been identified in IBM Cloud Pak for Applications v4.3 that exposes an input data validation attack. Vulnerability Details CVEID: CVE-2021-20366 DESCRIPTION: IBM Cloud Pak for Applications is vulnerable to cross-site scripting. This vulnerability allows users to embed...

The vulnerability of the software platform for conducting marketing campaigns in Adobe Campaign Classic arises from insufficient validation of input data. This allows attackers to disclose sensitive information that should be protected.

The vulnerability of the Adobe Campaign Classic software platform for conducting marketing campaigns exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

The vulnerability of the Ceph storage system, related to insufficient validation of input data, allows attackers to compromise the integrity of the data.

The vulnerability of the Ceph storage system is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to compromise the integrity of the data...

The vulnerability of the software platform for developing and managing online stores Magento Commerce arises from insufficient validation of input data. This allows attackers to access confidential information.

The vulnerability of the Magento Commerce software platform for developing and managing online stores exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to confidential information...

The vulnerability of the xen-netback component in the Linux operating system allows a hacker to increase their privileges or expose sensitive information.

The vulnerability of the xen-netback component in the Linux operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to increase their privileges or disclose sensitive information...

The vulnerability of Microsoft Windows Defender operating system allows a hacker to trigger a service failure.

The vulnerability of Microsoft Windows Defender operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow attackers to cause service failures...

The vulnerability of the kind-of application software library “Aurora Center” is related to insufficient validation of input data, allowing attackers to trigger service failures.

The vulnerability of the kind-of application software library Aurora Center is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the Apache Thrift application programming library at Aurora Center, related to insufficient input data validation, allows attackers to trigger service failures.

The vulnerability of the Apache Thrift application programming interface at Aurora Center is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability of the Exim message transfer agent, related to insufficient validation of input data, allows attackers to circumvent security restrictions set by users.

The vulnerability of the Exim message transfer agent is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to circumvent security restrictions set by the user...

The vulnerability of the Windows Desktop Bridge application converter in Microsoft Windows operating systems allows a hacker to trigger a service failure.

The vulnerability of the Windows Desktop Bridge application converter in Microsoft Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of the VideoLAN VLC media player lies in its lack of proper input data validation, allowing a hacker to execute arbitrary code.

The vulnerability of the VideoLAN VLC media player exists due to insufficient checking of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created playback list...

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Foundation, and Microsoft SharePoint Enterprise Server packages lies in insufficient input data validation, which allows attackers to trigger service failures.

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Foundation, and Microsoft SharePoint Enterprise Server is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...

Security Bulletin: NVIDIA GPU Display Driver - April 2021

NVIDIA has released a software security update for NVIDIA GPU Display Driver. This update addresses issues that may lead to code execution, denial of service, escalation of privileges, and information disclosure. To protect your system, download and install this software update through the NVIDIA...

The vulnerability of the graphical component of the Qualcomm Android operating system allows a hacker to execute arbitrary code.

The vulnerability of the graphical component of the Qualcomm Android operating system is related to insufficient validation of input data. Exploiting this vulnerability allows a hacker to execute arbitrary code using an application installed on the device...