CVE-2024-13625

The Tube Video Ads Lite WordPress plugin through 1.5.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

PT-2025-6712 · Effectmatrix · Effectmatrix Total Video Converter Command Line

Name of the Vulnerable Software and Affected Versions: Effectmatrix Total Video Converter Command Line TVCC version 2.50 Description: A stack-based buffer overflow issue exists when an overly long string is passed to the -f parameter. This can lead to memory corruption, potentially allowing...

CVE-2024-52612 SolarWinds Platform Reflected Cross-Site Scripting Vulnerability

SolarWinds Platform is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input parameters. This vulnerability requires authentication by a high- privileged account to be exploitable...

SolarWinds Platform 安全漏洞

SolarWinds Platform is a unified monitoring, observability, and service management platform from SolarWinds USA. A security vulnerability exists in SolarWinds Platform versions prior to 2025.1 that stems from insufficient input parameter cleanup and is susceptible to a reflective cross-site...

PT-2025-2158 · WordPress · Wpforms

Name of the Vulnerable Software and Affected Versions: WPForms – Easy Form Builder for WordPress versions up to, and including, 1.9.3.1 Description: The issue is related to Stored Cross-Site Scripting via the fieldHTML parameter due to insufficient input sanitization and output escaping. This...

CVE-2024-56455

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2024-56452

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2024-56454

CVE-2024-56454 affects Huawei HarmonyOS, specifically the glTF model loader in the 3D engine module. The root cause is a failure to properly verify input parameters during glTF model loading, which can lead to an availability impact if exploited. The CVSS v3.1 vector indicates a local attack with...

PT-2025-3296 · Unknown · 3D Engine Module

Name of the Vulnerable Software and Affected Versions: 3D engine module affected versions not specified Description: The issue concerns the lack of verification of input parameters during the loading of glTF models in the 3D engine module. Successful exploitation of this issue may impact...

CVE-2024-33041

Memory corruption when input parameter validation for number of fences is missing for fence frame IOCTL calls,...

CVE-2024-33041 Use of Out-of-range Pointer Offset in Computer Vision

Memory corruption when input parameter validation for number of fences is missing for fence frame IOCTL calls,...

CVE-2020-12487

Due to the flaws in the verification of input parameters, the attacker can input carefully constructed commands to make the ABE service execute some commands with root privilege...

CVE-2020-12487 Command Execution Vulnerability in ABE service

Due to the flaws in the verification of input parameters, the attacker can input carefully constructed commands to make the ABE service execute some commands with root privilege...

CVE-2020-12487 Command Execution Vulnerability in ABE service

Due to the flaws in the verification of input parameters, the attacker can input carefully constructed commands to make the ABE service execute some commands with root privilege...

CVE-2020-12487

CVE-2020-12487 affects vivo ABE service. Description: flaw in verification of input parameters allows an attacker to craft commands that cause the ABE service to execute commands with root privileges. Documented exposure includes root-level command execution with an attack vector requiring user i...

PT-2024-38093 · Unknown · Dingo Dlibra

Name of the Vulnerable Software and Affected Versions: DInGO dLibra software versions 6.0 through 6.3.19 Description: The issue is related to improper neutralization of input during web page generation, allowing a Reflected Cross-Site Scripting XSS attack. This occurs in the filter parameter of t...

CVE-2024-51521

Input parameter verification vulnerability in the background service module Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2024-51521

Summary (CVE-2024-51521): This entry concerns an input-parameter verification vulnerability in Huawei HarmonyOS’ background service module. The impact is availability disruption on successful exploitation, with several sources noting a laxity/type-checking issue in the background task/service com...

CVE-2024-51521

Input parameter verification vulnerability in the background service module Impact: Successful exploitation of this vulnerability may affect availability...

PT-2024-34685 · Huawei · Harmonyos

Name of the Vulnerable Software and Affected Versions: Software affected versions not specified Description: The issue is related to an input parameter verification vulnerability in the background service module. Successful exploitation of this vulnerability may affect availability...