EUVD-2026-9472

A vulnerability in the SAML 2.0 single sign-on SSO feature of Cisco Secure Firewall ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the SAML feature and access sensitive,...

Apache Superset 安全漏洞

Apache Superset is a modern big data exploration and visualization platform from the Apache Foundation that allows users to easily and quickly build dashboards using a simple no-code visualization builder and a state-of-the-art SQL editor. Apache Superset has an input validation vulnerability in...

CVE-2025-15330

Tanium addressed an improper input validation vulnerability in Deploy...

CVE-2026-24936 An improper input validation vulnerability was found in ADM while joining a AD Domain.

When a specific function is enabled while joining a AD Domain from ADM, an improper input parameters validation vulnerability in a specific CGI program allowing an unauthenticated remote attacker to write arbitrary data to any file on the system. By exploiting this vulnerability, attackers can...

ESPHome Input Validation Vulnerability

ESPHome is an open-source system for configuring and managing smart hardware. It is used to control Esp8266/Esp32 hardware, enabling home automation control. The version 2025.9.0 to 2025.12.6 of ESPHome contains a vulnerability related to input validation errors. This vulnerability stems from...

RustCrypto: Elliptic Curves 输入验证错误漏洞

RustCrypto: Elliptic Curves is a Rust cryptographic library open-sourced by Rust Crypto. An input validation error vulnerability exists in RustCrypto: Elliptic Curves version 0.14.0-pre.0 and 0.14.0-rc.0, which stems from an unchecked slice-and-dice operation performed on an input buffer...

CVE-2023-25691

Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions before 8.10.0...

CVE-2023-31289

Pexip Infinity before 31.2 has Improper Input Validation for signalling, allowing remote attackers to trigger an abort...

CVE-2022-23108

Jenkins Badge Plugin 1.9 and earlier does not escape the description and does not check for allowed protocols when creating a badge, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

CVE-2022-33752

CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code...

CVE-2020-24649

A remote bytemessageresource transformentity" input validation code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

CVE-2024-34672

Improper input validation in SamsungVideoPlayer prior to versions 7.3.29.1 in Android 12, 7.3.36.1 in Android 13, and 7.3.41.230 in Android 14 allows local attackers to access video file of other users...

CVE-2023-25533

NVIDIA DGX H100 BMC contains a vulnerability in the web UI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to information disclosure, code execution, and escalation of privileges...

CVE-2022-42477

An improper input validation vulnerability CWE-20 in FortiAnalyzer version 7.2.1 and below, version 7.0.6 and below, 6.4 all versions may allow an authenticated attacker to disclose file system information via custom dataset SQL queries...

CVE-2022-27807

Improper input validation vulnerability in Link of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to disable to add Categories...

CVE-2022-27803

Improper input validation vulnerability in Space of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Space...

CVE-2025-1022

Versions of the package spatie/browsershot before 5.0.5 are vulnerable to Improper Input Validation in the setHtml function, invoked by Browsershot::html, which can be bypassed by omitting the slashes in the file URI e.g., file:../../../../etc/passwd. This is due to missing validations of the use...

Taguette 输入验证错误漏洞

Taguette is a qualitative research tool by the individual developer Remi Rampin. An input validation error vulnerability exists in Taguette 1.5.1 and prior versions, which stems from insufficient validation of the next parameter and could lead to phishing attacks...

AMD XOCL driver improper input validation vulnerability (CNVD-2025-29744)

AMD XOCL driver is a driver developed by AMD for OpenCL Open Computing Language, which is mainly used to support the performance optimization of AMD's GPUs in heterogeneous and parallel computing tasks. An improper input validation vulnerability exists in AMD XOCL driver, which can be exploited b...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-53197)

ALSA: usb-audio: vulnerability leading to out-of-bound accesses due to a bogus device providing an excessive bNumConfigurations value, which is fixed by ensuring proper allocation in usbgetconfiguration. This plugin only works with Tenable.ot. Please visit...