PT-2023-4051

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 11.0.19, 17.0.7, 20.0.1 Oracle GraalVM Enterprise Edition versions 20.3.10, 21.3.6, 22.3.2 Oracle GraalVM for JDK versions 17.0.7, 20.0.1 Description The issue is related to errors in processing input data in the Utilit...

PT-2023-4055 · Mysql Server +7 · Mysql Server +7

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.33 and prior Description: The issue is related to errors in processing input data in the MySQL Server product, specifically in the Server: DDL component. This can be exploited by a high-privileged attacker with netwo...

PT-2023-2848 · 1с · 1С-Битрикс

Name of the Vulnerable Software and Affected Versions: 1С-Битрикс: Управление сайтом affected versions not specified Description: The issue is related to errors in processing input data in the built-in code editor of the 1С-Битрикс: Управление сайтом content management system. Exploitation of thi...

PT-2023-2660 · Oracle · Oracle Solaris

Name of the Vulnerable Software and Affected Versions: Oracle Solaris version 10 Description: The issue is related to errors in processing input data in the Core component of the Oracle Solaris operating system. Exploitation of this issue can allow an attacker to execute arbitrary code, potential...

SUSE CVE-2006-2480

Format string vulnerability in Dia 0.94 allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code by triggering errors or warnings, as demonstrated via format string specifiers in a .bmp filename. NOTE: the original exploit was demonstrated through a...

CVE-2022-46904

Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Self-XSS...

CVE-2022-46906

Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS...

CVE-2022-46903

Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Stored XSS...

Cross site scripting

Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS...

CVE-2022-46905

CVE-2022-46905 affects WebSoft HCM 2021.2.3.327. The vulnerability stems from insufficient processing of user input, enabling an unauthenticated attacker to inject arbitrary HTML tags (including JavaScript) into pages processed by the user’s browser, resulting in reflected XSS. The available docu...

CVE-2022-46906

Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS...

PT-2022-28005 · Websoft · Websoft Hcm

Name of the Vulnerable Software and Affected Versions: WebSoft HCM version 2021.2.3.327 Description: The issue arises from insufficient processing of user input, allowing an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser. This includes scripts i...

CVE-2022-46904

The CVE-2022-46904 affects WebSoft HCM 2021.2.3.327. The vulnerability arises from insufficient processing of user input in WebSoft HCM, allowing an authenticated attacker to inject arbitrary HTML into pages processed by the user’s browser, enabling Self-XSS. Concrete details across connected sou...

CVE-2022-46904

Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Self-XSS...

CVE-2022-41783

tdpServer of TP-Link RE300 V1 improperly processes its input, which may allow an attacker to cause a denial-of-service DoS condition of the product's OneMesh function...

CVE-2022-41783

TP-Link RE300 V1 is affected by CVE-2022-41783 due to improper processing of input by the tdpServer, which may allow an attacker to trigger a denial-of-service (DoS) in the OneMesh function. Connected sources identify the affected component as tdpServer and confirm DoS as the primary impact, with...

CVE-2022-41783

tdpServer of TP-Link RE300 V1 improperly processes its input, which may allow an attacker to cause a denial-of-service DoS condition of the product's OneMesh function...

JVN#29657972: TP-Link RE300 V1 tdpServer vulnerable to improper processing of its input

tdpServer of TP-Link RE300 V1 improperly processes its input, possibly resulting to crash CWE-228. Impact An attacker may be able to cause a denial-of-service DoS condition of the product's OneMesh function. Solution Update the software Update the software to the latest version according to the...

PT-2023-3929 · Mysql Server +3 · Mysql Server +3

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.27 and prior Description: The issue is related to errors in processing input data in the MySQL Server product, specifically in the Server: Replication component. It allows a high-privileged attacker with network acce...

PT-2022-5263 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 19.1R3-S9 Junos OS versions 19.2 prior to 19.2R3-S6 Junos OS versions 19.3 prior to 19.3R3-S7 Junos OS versions 19.4 prior to 19.4R2-S7, 19.4R3-S8 Junos OS versions 20.1 prior to 20.1R3-S5 Junos OS versions 20.2 pri...