Lucene search
K

639 matches found

CNVD
CNVD
added 2020/10/25 12:0 a.m.3 views

Input validation vulnerability in several Apple products

Apple iOS is an operating system developed for mobile devices.Apple watchOS is an operating system for smartwatches.Apple iPadOS is an operating system for iPad tablets.Apple iOS is an operating system developed for mobile devices.Apple watchOS is an operating system for smartwatches.Apple watchO...

9.4CVSS6.6AI score0.04729EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/10/08 12:0 a.m.5 views

The vulnerability in the implementation of the Control and Provisioning of Wireless Access Points (CAPWAP) protocol for the Cisco IOS XE operating system on Cisco Catalyst 9800 Series network devices allows a attacker to cause a service failure.

The vulnerability of the Control and Provisioning of Wireless Access Points CAPWAP implementation for the Cisco IOS XE operating system on Cisco Catalyst 9800 Series network devices is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to...

7.4CVSS6.9AI score0.00458EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2020/09/11 12:0 a.m.3 views

SAP 3D Visual Enterprise Viewer Input Validation Error Vulnerability (CNVD-2020-74930)

SAP 3D Visual Enterprise Viewer is an application from SAP Germany. This product increases resource utilization by extending the uptime of essential products and assets whenever and wherever they are needed. A security vulnerability exists in SAP 3D visual Enterprise Viewer version-9 that...

4.3CVSS6.7AI score0.01623EPSS
Exploits0References1
CNVD
CNVD
added 2020/06/04 12:0 a.m.4 views

Multiple Cisco Products Input Validation Error Vulnerability (CNVD-2020-31997)

Cisco 809 Industrial Integrated Services Routers are products of Cisco Corporation.Cisco 809 Industrial Integrated Services Routers are industrial integrated multi-service routers.Cisco 829 Industrial Integrated Services Routers are industrial integrated multi-service routers.Cisco 1000 Series...

8.1CVSS7.7AI score0.00703EPSS
Exploits0References1
Kaspersky
Kaspersky
added 2020/05/26 12:0 a.m.71 views

KLA11790 Multiple vulnerabilities in Apple iCloud

Multiple vulnerabilities were found in Apple iCloud. Malicious users can exploit these vulnerabilities to perform cross-site scripting attack, execute arbitrary code, obtain sensitive information, cause denial of service. Below is a complete list of vulnerabilities: 1. A logic vulnerability in...

9.8CVSS9.3AI score0.77246EPSS
Exploits5References5
CNVD
CNVD
added 2020/05/11 12:0 a.m.4 views

Pip Input Validation Error Vulnerability

Pip is a set of tools for installing and managing Python packages. An input validation error vulnerability exists in the --extra-index-url option in Pip all versions. An attacker can exploit this vulnerability to execute arbitrary code on a system with the help of a specially crafted request...

7.8CVSS7.5AI score0.01736EPSS
Exploits0References1
NVD
NVD
added 2020/04/28 4:15 a.m.27 views

CVE-2020-5565

Improper input validation vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows a remote authenticated attacker to alter the application's data via the applications 'Workflow' and 'MultiReport'...

4.3CVSS4.4AI score0.00773EPSS
Exploits0References2
CVE
CVE
added 2020/03/15 10:3 p.m.52 views

CVE-2019-6696

CVE-2019-6696 is a FortiOS URL-redirect vulnerability caused by improper input validation on the admin webUI password-change page. Connected sources confirm it affects FortiOS 5.x (>=5.4.0), 6.x (prior to 6.0.9), and 6.2.x (prior to 6.2.2). The issue allows an attacker to perform an URL redire...

6.1CVSS6.2AI score0.00698EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2020/03/10 8:15 p.m.26 views

CVE-2019-19298

A vulnerability has been identified in SiNVR/SiVMS Video Server All versions = V5.0.0 V5.0.2. The streaming service default port 5410/tcp of the SiVMS/SiNVR Video Server contains a input validation vulnerability, that could allow an unauthenticated remote attacker to cause a Denial-of-Service...

7.5CVSS7.6AI score0.01864EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/03/10 7:16 p.m.25 views

CVE-2019-19298

A vulnerability has been identified in SiNVR/SiVMS Video Server All versions = V5.0.0 V5.0.2. The streaming service default port 5410/tcp of the SiVMS/SiNVR Video Server contains a input validation vulnerability, that could allow an unauthenticated remote attacker to cause a Denial-of-Service...

7.5CVSS7.4AI score0.01864EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2020/02/24 7:31 a.m.56 views

CVE-2018-1000873

Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-of-service DoS. This attack appear to be exploitable via The victim deserializes malicious input, specifically very large values in the...

6.5CVSS5.3AI score0.04758EPSS
Exploits1References2
Prion
Prion
added 2020/02/17 8:15 p.m.24 views

Input validation

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have an input validation vulnerability where the IPSec module does not validate a field in a specific messag...

5CVSS7.4AI score0.00745EPSS
Exploits0References1Affected Software3
Huawei
Huawei
added 2020/02/12 12:0 a.m.59 views

Security Advisory - Input Validation Vulnerability in Huawei Products

Products Switches Routers WLAN Storage See All Solutions Cloud Data Center Enterprise Networking Intelligent Computing Solutions by Industry See All Services Training and Certification Industry Cloud Enablement Service Improvement Service Customer Support Service See All Partner Find a Partner...

7.2AI score0.00745EPSS
Exploits0Affected Software3
NVD
NVD
added 2020/01/24 5:15 p.m.43 views

CVE-2020-6962

In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center CIC Versions 4.X and 5.X, CARESCAPE Telemetry Server Version 4.3, CARESCAPE Central Station CSCS Versions 1.X CARESCAPE Central Station CSCS Versions 2.X, B450 Version 2.X, B6...

10CVSS9.7AI score0.04932EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2020/01/14 11:11 p.m.10 views

CVE-2020-0646

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Injection Vulnerability'...

8.2AI score0.99222EPSS
Exploits5References2
NVD
NVD
added 2019/12/05 5:15 p.m.28 views

CVE-2019-7193

This improper input validation vulnerability allows remote attackers to inject arbitrary code to the system. To fix the vulnerability, QNAP recommend updating QTS to their latest versions...

10CVSS9.6AI score0.14367EPSS
Exploits6References3
BDU FSTEC
BDU FSTEC
added 2019/11/25 12:0 a.m.6 views

The vulnerability of Microprogramming Software: Intel Converged Security and Manageability Engine (CSME), Intel Trusted Execution Engine (TXE), and Intel Dynamic Application Loader (DAL) arises from insufficient validation of input data, allowing attackers to disclose protected information.

The vulnerability of Microprogramming Software: Intel Converged Security and Manageability Engine CSME, Intel Trusted Execution Engine TXE, and Intel Dynamic Application Loader DAL is related to insufficient verification of input data. Exploiting this vulnerability can allow attackers to disclose...

4.1CVSS6.5AI score0.00346EPSS
Exploits0References2Affected Software3
Debian
Debian
added 2019/11/10 5:24 p.m.165 views

[SECURITY] [DLA 1986-1] ruby-haml security update

Package : ruby-haml Version : 4.0.5-2+deb8u1 CVE ID : CVE-2017-1002201 In haml, when using user input to perform tasks on the server, characters like " must be escaped properly. In this case, the character was missed. An attacker can manipulate the input to introduce additional attributes,...

6.1CVSS6.8AI score0.01452EPSS
Exploits1
NVD
NVD
added 2019/11/08 7:15 p.m.22 views

CVE-2019-3426

The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by the input validation vulnerability. An attacker could exploit this vulnerability for unauthorized operations...

8.8CVSS8.7AI score0.01021EPSS
Exploits0References1
CNVD
CNVD
added 2019/10/24 12:0 a.m.4 views

Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerability

The Cisco SPA100 Series Analog Telephone Adapters ATAs are an SPA100 series analog telephone adapter. A remote code execution vulnerability exists in the Cisco SPA100 Series Analog Telephone Adapters that stems from not properly validating user input submitted to the web-based management interfac...

8CVSS8.5AI score0.00578EPSS
Exploits0References1
Rows per page
Query Builder