4504 matches found
CP-Plus DVR 输入验证错误漏洞
CP-Plus DVR is a digital video recorder from CP-Plus. A security vulnerability exists in CP-Plus DVR that stems from incorrect input validation, which allows an unauthenticated, remote attacker to change the system time of a target device by sending a specially crafted HTTP request to the...
Kubernetes 输入验证错误漏洞
Kubernetes K8s is an open source system from the Cloud Native Computing Foundation for automating the deployment, scaling, and management of containerized applications. Kubernetes suffers from a security vulnerability that stems from the fact that a user who creates a Pod on a Windows node can...
OpenStack Horizon 输入验证错误漏洞
OpenStack Horizon is a Django-based project for OpenStack designed to provide complete OpenStack dashboards and an extensible framework for building new dashboards from reusable components. A security vulnerability exists in OpenStack Horizon versions 19.4.0 through 20.1.4 that stems from a...
Tengine 输入验证错误漏洞
Alibaba Tengine is a web server from the Chinese company Alibaba Group Alibaba. A security vulnerability exists in Tengine version 2.2.2, which stems from an integer overflow vulnerability. An attacker can exploit this vulnerability to cause sensitive information to be disclosed by sending a...
curl 输入验证错误漏洞
curl is a tool for transferring data from or to a server. An input validation error vulnerability exists in curl version 7.65.2, which stems from an integer overflow in tooloperate.c. The vulnerability is caused by an integer overflow in tooloperate.c...
Cisco Unified Contact Center Express Input Validation Error Vulnerability (CNVD-2023-93334)
Cisco Unified Contact Center Express Unified CCX is a customer relationship management component of a unified communications solution from Cisco. The component supports features such as self-service voice, call distribution, and customer access control. An input validation error vulnerability...
NTSC-CRT 输入验证错误漏洞
NTSC-CRT is an NTSC encode/decode in C89 by the LMP88959 individual developer. A security vulnerability exists in NTSC-CRT version 2.2.1 that stems from the presence of an integer overflow and out-of-bounds writes...
RubyGems 输入验证错误漏洞
RubyGems is a Ruby package manager from the RubyGems organization. The product is primarily used to distribute and manage Ruby packages. RubyGems suffers from an input validation error vulnerability that stems from insufficient input validation and allows malicious actors to replace files...
Cisco Unified Contact Center Express 输入验证错误漏洞
Cisco Unified Contact Center Express Unified CCX is a customer relationship management component of a unified communications solution from Cisco. The component supports features such as self-service voice, call distribution, and customer access control. An input validation error vulnerability...
Woodpecker 输入验证错误漏洞
Woodpecker is a community branch of the Drone CI system. An input validation error vulnerability exists in Woodpecker versions 1.0.0 through 1.0.2, which can be exploited by an attacker to publish incorrectly formatted Webhook data, resulting in repository data updates...
Huawei HarmonyOS PMS Module Input Validation Error Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from an input validation error vulnerability, which stems from the PMS module's lax validation of input parameters, and can be...
Adobe Acrobat Reader Input Validation Error Vulnerability (CNVD-2023-71749)
Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. Adobe Acrobat Reader has an input validation error vulnerability that can be exploited by an attacker to obtain NTLMv2 credentials...
Huawei HarmonyOS Security Restriction Bypass Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a security restriction bypass vulnerability that originates from an input validation error provided by the AMS module to the...
Intel Easy Streaming Wizard Input Validation Error Vulnerability
Intel Easy Streaming Wizard is a suite of streaming media delivery live streaming configuration software from IntelR Corporation. A security vulnerability exists in IntelR Easy Streaming Wizard that stems from improper input validation. An attacker could exploit the vulnerability to elevate...
IBM Security Verify Access Input Validation Error Vulnerability (CNVD-2023-68778)
IBM Security Verify Access ISAM is a service from International Business Machines IBM that improves user access security. The service enables secure and simple access to platforms such as web, mobile, IoT and cloud technologies through the use of risk-based access, single sign-on, integrated acce...
SAMSUNG Mobile devices buffer error vulnerability
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from South Korea's Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Aug-2023 Release 1 version, which stems from an incorrect input validation vulnerability in the...
Apache Traffic Server Input Validation Error Vulnerability
Apache Traffic Server ATS is a suite of scalable HTTP proxy and caching servers from the Apache Foundation in the United States. An input validation error vulnerability exists in Apache Traffic Server 9.2.1 and earlier versions that stems from the presence of an incorrect input validation...
Qualcomm Chip Input Validation Error Vulnerability
A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc. and are often manufactured on the surface of semiconductor wafers. The Qualcomm chip has a security vulnerability that originates from an...
SES Input Validation Error Vulnerability
SES is a JavaScript environment for securely executing arbitrary programs in Compartments. An input validation error vulnerability exists in SES, which stems from a security flaw in the confinement of guest applications that could be exploited by an attacker to steal information or execute...
AMD Ryzen Master Input Validation Error Vulnerability
AMD Ryzen Master is a software tool from UltraMicroelectronics AMD for managing and tuning the performance of AMD Ryzen processors. A security vulnerability exists in AMD Ryzen Master that stems from inadequate input buffer validation, which could allow a privileged attacker to perform memory rea...