Lucene search
K

35 matches found

NVD
NVD
added 2023/10/16 8:15 p.m.23 views

CVE-2023-3155

The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to Arbitrary File Read and Delete due to a lack of input parameter validation in the galleryedit function, allowing an attacker to access arbitrary resources on the server...

7.2CVSS6.9AI score0.00812EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/10/16 7:39 p.m.32 views

CVE-2023-3155 NextGEN Gallery < 3.39 - Admin+ Arbitrary File Read and Delete

The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to Arbitrary File Read and Delete due to a lack of input parameter validation in the galleryedit function, allowing an attacker to access arbitrary resources on the server...

7.2AI score0.00812EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2023/08/09 12:0 a.m.5 views

PT-2023-4338 · Softing · Softing Edgeaggregator

Name of the Vulnerable Software and Affected Versions: Softing edgeAggregator affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. User interaction is required to exploit this issue, where th...

10CVSS8.9AI score0.01188EPSS
Exploits0References6
NVD
NVD
added 2023/07/04 12:15 a.m.32 views

CVE-2023-25521

NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause execution with unnecessary privileges by leveraging a weakness whereby proper input parameter validation is not performed. A successful exploit of this vulnerability may lead to denial of service, information...

7.8CVSS7.5AI score0.00148EPSS
Exploits0References1
Prion
Prion
added 2023/07/04 12:15 a.m.27 views

Design/Logic Flaw

NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause execution with unnecessary privileges by leveraging a weakness whereby proper input parameter validation is not performed. A successful exploit of this vulnerability may lead to denial of service, information...

4.3CVSS8AI score0.00148EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2023/07/03 11:27 p.m.10 views

CVE-2023-25521

NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause execution with unnecessary privileges by leveraging a weakness whereby proper input parameter validation is not performed. A successful exploit of this vulnerability may lead to denial of service, information...

7.5CVSS6.7AI score0.00148EPSS
Exploits0References1
CNVD
CNVD
added 2022/02/13 12:0 a.m.23 views

Huawei Emui Out-of-Bounds Access Vulnerability

Huawei Emui is an Android-based mobile operating system developed by Huawei, a Chinese company. An out-of-bounds access vulnerability exists in Huawei EMUI version 12.0.0, which stems from the system's lax input parameter validation in the audio component. An attacker can exploit the vulnerabilit...

9.8CVSS9.4AI score0.00796EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/08/02 12:0 a.m.4 views

多款Qualcomm产品输入验证错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc., and is often fabricated on the surface of semiconductor wafers. A security vulnerability exists in Qualcomm chips that stems from improper...

8.4CVSS7.3AI score0.00148EPSS
Exploits0References6
NVD
NVD
added 2020/11/02 7:15 a.m.24 views

CVE-2020-11162

u'Possible buffer overflow in MHI driver due to lack of input parameter validation of EOT events received from MHI device side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,...

7.8CVSS8AI score0.00186EPSS
Exploits0References2
Prion
Prion
added 2020/11/02 7:15 a.m.28 views

Buffer overflow

u'Possible buffer overflow in MHI driver due to lack of input parameter validation of EOT events received from MHI device side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,...

4.6CVSS7.9AI score0.00186EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/11/02 6:21 a.m.44 views

CVE-2020-11162

u'Possible buffer overflow in MHI driver due to lack of input parameter validation of EOT events received from MHI device side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,...

8AI score0.00186EPSS
Exploits0References1
NVD
NVD
added 2019/06/06 7:29 p.m.23 views

CVE-2019-3723

Dell EMC OpenManage Server Administrator OMSA versions prior to 9.1.0.3 and prior to 9.2.0.4 contain a web parameter tampering vulnerability. A remote unauthenticated attacker could potentially manipulate parameters of web requests to OMSA to create arbitrary files with empty content or delete th...

9.1CVSS9.3AI score0.01848EPSS
Exploits0References2
Prion
Prion
added 2019/06/06 7:29 p.m.12 views

Input validation

Dell EMC OpenManage Server Administrator OMSA versions prior to 9.1.0.3 and prior to 9.2.0.4 contain a web parameter tampering vulnerability. A remote unauthenticated attacker could potentially manipulate parameters of web requests to OMSA to create arbitrary files with empty content or delete th...

6.4CVSS9.1AI score0.01848EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/06/06 7:14 p.m.168 views

CVE-2019-3723

CVE-2019-3723 affects Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4. The flaw is a web parameter tampering vulnerability arising from improper input parameter validation, allowing a remote unauthenticated attacker to manipulate web request paramete...

9.1CVSS9.3AI score0.01848EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/08/07 3:29 p.m.2 views

CVE-2017-12478

It was discovered that the api/storage web interface in Unitrends Backup UB before 10.0.0 has an issue in which one of its input parameters was not validated. A remote attacker could use this flaw to bypass authentication and execute arbitrary commands with root privilege on the target system...

9.8CVSS6.1AI score0.78269EPSS
Exploits12References3
Rows per page
Query Builder