35 matches found
CVE-2023-3155
The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to Arbitrary File Read and Delete due to a lack of input parameter validation in the galleryedit function, allowing an attacker to access arbitrary resources on the server...
CVE-2023-3155 NextGEN Gallery < 3.39 - Admin+ Arbitrary File Read and Delete
The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to Arbitrary File Read and Delete due to a lack of input parameter validation in the galleryedit function, allowing an attacker to access arbitrary resources on the server...
PT-2023-4338 · Softing · Softing Edgeaggregator
Name of the Vulnerable Software and Affected Versions: Softing edgeAggregator affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. User interaction is required to exploit this issue, where th...
CVE-2023-25521
NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause execution with unnecessary privileges by leveraging a weakness whereby proper input parameter validation is not performed. A successful exploit of this vulnerability may lead to denial of service, information...
Design/Logic Flaw
NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause execution with unnecessary privileges by leveraging a weakness whereby proper input parameter validation is not performed. A successful exploit of this vulnerability may lead to denial of service, information...
CVE-2023-25521
NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause execution with unnecessary privileges by leveraging a weakness whereby proper input parameter validation is not performed. A successful exploit of this vulnerability may lead to denial of service, information...
Huawei Emui Out-of-Bounds Access Vulnerability
Huawei Emui is an Android-based mobile operating system developed by Huawei, a Chinese company. An out-of-bounds access vulnerability exists in Huawei EMUI version 12.0.0, which stems from the system's lax input parameter validation in the audio component. An attacker can exploit the vulnerabilit...
多款Qualcomm产品输入验证错误漏洞
A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc., and is often fabricated on the surface of semiconductor wafers. A security vulnerability exists in Qualcomm chips that stems from improper...
CVE-2020-11162
u'Possible buffer overflow in MHI driver due to lack of input parameter validation of EOT events received from MHI device side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,...
Buffer overflow
u'Possible buffer overflow in MHI driver due to lack of input parameter validation of EOT events received from MHI device side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,...
CVE-2020-11162
u'Possible buffer overflow in MHI driver due to lack of input parameter validation of EOT events received from MHI device side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,...
CVE-2019-3723
Dell EMC OpenManage Server Administrator OMSA versions prior to 9.1.0.3 and prior to 9.2.0.4 contain a web parameter tampering vulnerability. A remote unauthenticated attacker could potentially manipulate parameters of web requests to OMSA to create arbitrary files with empty content or delete th...
Input validation
Dell EMC OpenManage Server Administrator OMSA versions prior to 9.1.0.3 and prior to 9.2.0.4 contain a web parameter tampering vulnerability. A remote unauthenticated attacker could potentially manipulate parameters of web requests to OMSA to create arbitrary files with empty content or delete th...
CVE-2019-3723
CVE-2019-3723 affects Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4. The flaw is a web parameter tampering vulnerability arising from improper input parameter validation, allowing a remote unauthenticated attacker to manipulate web request paramete...
CVE-2017-12478
It was discovered that the api/storage web interface in Unitrends Backup UB before 10.0.0 has an issue in which one of its input parameters was not validated. A remote attacker could use this flaw to bypass authentication and execute arbitrary commands with root privilege on the target system...