CVE-2022-48356

The facial recognition module has a vulnerability in input parameter verification. Successful exploitation of this vulnerability may cause failed facial recognition...

Denial of service

The facial recognition module has a vulnerability in input parameter verification. Successful exploitation of this vulnerability may cause failed facial recognition...

CVE-2022-48356

The facial recognition module has a vulnerability in input parameter verification. Successful exploitation of this vulnerability may cause failed facial recognition...

PT-2023-15733 · Unknown · Facial Recognition Module

Name of the Vulnerable Software and Affected Versions: Facial recognition module affected versions not specified Description: The issue concerns a vulnerability in input parameter verification within the facial recognition module. This vulnerability may lead to failed facial recognition upon...

CVE-2022-48356

The CVE-2022-48356 issue concerns Huawei HarmonyOS’ facial recognition module, where a flaw in input parameter verification allows exploitation that can render the face feature unavailable. The vulnerability is tied to the facial recognition component and is described across multiple sources (inc...

CVE-2022-48356

The facial recognition module has a vulnerability in input parameter verification. Successful exploitation of this vulnerability may cause failed facial recognition...

Axiell Iguana CMS 安全漏洞

Axiell Iguana CMS is a control-based platform from Axiell Inc. for personalizing and communicating with customers. Axiell Iguana CMS has a security vulnerability that originates from an input error in the url parameter on imageProxy.type.php. An attacker exploiting the vulnerability is able to...

CVE-2022-43396 Apache Kylin: Command injection by Useless configuration

In the fix for CVE-2022-24697, a blacklist is used to filter user input commands. But there is a risk of being bypassed. The user can control the command by controlling the kylin.engine.spark-cmd parameter of conf...

PT-2022-25944 · WordPress · Contest Gallery Pro +1

Name of the Vulnerable Software and Affected Versions: Contest Gallery WordPress plugin versions prior to 19.1.5.1 Contest Gallery Pro WordPress plugin versions prior to 19.1.5.1 Description: The issue arises from the failure to escape the cg option id POST parameter before it is concatenated to ...

Security Bulletin: The IBM Data Studio Help System may display debug information if an input parameter is out of range.

Abstract IBM Data Studio version 3.1.1 and 3.2 include Eclipse 3.6 components that provide functionality to display the help. These components have a potential vulnerability where debug information may be displayed if an input parameter is out of range. Content VULNERABILITY DETAILS: CVE ID:...

DEBIAN-CVE-2018-25047

In Smarty before 3.1.47 and 4.x before 4.2.1, libs/plugins/function.mailto.php allows XSS. A web page that uses smartyfunctionmailto, and that could be parameterized using GET or POST input parameters, could allow injection of JavaScript code by a user...

Governance wrong vote

Lines of code Vulnerability details Description There is a function vote in OlympusGovernance smart contract. This function must accept a vote for or against a proposal. But it is possible that someone will wote not for the proposal he expected: this is possible to activate another proposal using...

CVE-2022-1220

The FoxyShop WordPress plugin before 4.8.2 does not sanitise and escape a parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...

CVE-2022-30916

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the AspSetTelnetDebug parameter at /goform/aspForm...

MINMAX SQL注入漏洞

MINMAX is a high power density 10W DC-DC converter for space-critical applications from China-based MINMAX. MINMAX is vulnerable to SQL injection, which can be exploited by attackers to cause a sql injection issue through manipulation of the id parameter in /newsDia.php...

CVE-2021-22531

A bug exist in the input parameter of Access Manager that allows supply of invalid character to trigger cross-site scripting vulnerability. This affects NetIQ Access Manager 4.5 and 5.0...

Cross site scripting

A bug exist in the input parameter of Access Manager that allows supply of invalid character to trigger cross-site scripting vulnerability. This affects NetIQ Access Manager 4.5 and 5.0...

CVE-2021-22531

The CVE-2021-22531 issue affects NetIQ Access Manager 4.5 and 5.0. Affected component: input parameter handling in Access Manager. Root cause: improper handling allows supply of an invalid character, enabling cross-site scripting (XSS). Impact: XSS vulnerability in affected deployments. Exploitat...

CVE-2022-1392

The Videos sync PDF WordPress plugin through 1.7.4 does not validate the p parameter before using it in an include statement, which could lead to Local File Inclusion issues...

GHSA-HPX4-XJP7-M4VR Stored cross-site scripting in Snipe-IT

Snipe-IT prior to version 5.4.3 is vulnerable to stored cross-site scripting because the input to the checkedoutto parameter is not escaped. The vulnerability is capable of stealing a user's cookie...