IBM QRadar SIEM Cross-Site Scripting Vulnerability (CNVD-2021-94164)

IBM QRadar SIEM is a solution from IBM America that leverages security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, etc. A cross-site...

The vulnerability of Cisco’s software algorithm, related to insufficient validation of input data, allows a perpetrator to trigger a service failure.

The vulnerability of Cisco software algorithms is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

The vulnerability of the 3D viewer, which involves a lack of input data verification, allows a perpetrator to execute arbitrary code.

The vulnerability of the 3D viewer software is related to the lack of checks on input data during the processing of 3MF files. Exploiting this vulnerability can allow attackers to execute arbitrary code using a specially created malicious file or a specially created malicious link...

Snipe-IT Cross-Site Scripting Vulnerability (CNVD-2022-19842)

Snipe-IT is an open source IT asset/license management system. Snipe-IT has a cross-site scripting vulnerability that stems from the product's web generation page not validating the input data, which could be exploited by an attacker to cause client-side code execution...

多款 Yamaha 跨站脚本漏洞

Yamaha NVR500 and others are products of Yamaha Corporation, Japan.Yamaha NVR500 is an enterprise router.Yamaha RTX810 is a Gigabit VPN Virtual Private Network router.Yamaha FWX120 is a firewall product. A cross-site scripting vulnerability exists in multiple Yamaha products, which originates fro...

The vulnerability of the stats-over-http plugin in the Apache Traffic Server web server allows a hacker to cause a service failure.

The vulnerability of the stats-over-http plugin in the Apache Traffic Server web server is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability may allow a malicious actor to cause service interruptions remotely...

Kirby Cross-Site Scripting Vulnerability (CNVD-2021-95256)

Kirby is a file-based content management system CMS. Kirby suffers from a cross-site scripting vulnerability that stems from the product's failure to validate input data, which could be exploited by attackers to execute client-side code...

Google Chrome input security bypass vulnerability

Google Chrome is a web browser from Google, Inc. A security vulnerability exists in Google Chrome, which stems from the product's mishandling of input data. An attacker could use this vulnerability to bypass security restrictions...

MedData Hbys SQL Injection Vulnerability

A SQL injection vulnerability exists in MedData Hbys, a healthcare software from MedData, Inc. The vulnerability stems from the product's failure to effectively filter special characters in input data. An unauthenticated attacker could obtain sensitive information through this vulnerability...

MedData Hbys SQL Injection Vulnerability (CNVD-2021-89683)

A SQL injection vulnerability exists in MedData Hbys, a healthcare software from MedData, Inc. The vulnerability stems from the fact that the product does not effectively filter special characters in input data. An unauthenticated attacker could obtain sensitive information through this...

Cross site scripting

An Out-of-bounds Read vulnerability exists in the DGN file reading procedure in Open Design Alliance Drawings SDK before 2022.11. Crafted data in a DGN file and lack of verification of input data can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability t...

BusyBox code issue vulnerability

A code issue vulnerability exists in Busybox, a set of applications containing several linux commands and tools developed by Denis Vlasenko, a Ukrainian personal developer, which stems from the fact that the product's man applet does not handle certain input data appropriately. An attacker could...

Mozilla Firefox Security Advisory (MFSA2014-90) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to insufficient input data validation. This vulnerability allows attackers to gain unauthorized access to protected information.

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to insufficient validation of input data. Exploiting these vulnerabilities can allow unauthorized actors to gain...

WordPress Plugin SQL Injection Vulnerability (CNVD-2021-101473)

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress Plugin is a WordPress open source application plugin. SQL injection vulnerability exists in the Wordpress...

WordPress Similar Posts Plugin Code Injection Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A code injection vulnerability exists in WordPress Similar Posts plugin 3.1.5 and earlier versions, which...

The vulnerability of the TCP/IP protocol implementation in Microsoft Windows operating systems allows a perpetrator to cause service failures.

The vulnerability of the TCP/IP protocol implementation in Microsoft Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the Mac OS X operating system arises from insufficient checks on the data entered by users in the kernel subsystem of the operating system. This allows attackers to trigger a service failure.

The vulnerability of the Mac OS X operating system arises from insufficient checks on the data entered by users in the kernel subsystem of the operating system. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

The vulnerability of Microsoft Excel editors, related to errors in processing input data, allows a hacker to execute arbitrary code.

The vulnerability of Microsoft Excel editors is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

PT-2021-4642 · Microsoft · Office Excel +1

Name of the Vulnerable Software and Affected Versions: Microsoft Excel affected versions not specified Description: The issue is related to a security feature bypass in Microsoft Excel, which can be exploited to allow an attacker to execute arbitrary code. This can be achieved due to errors in...