Samsung SMR 缓冲区错误漏洞

Samsung SMR is a system patch package from South Korea's Samsung Samsung. Samsung SMR Apr-2022 Release 1 is vulnerable to an input validation error, which can be exploited by attackers for out-of-bounds writes...

Huawei HarmonyOS DFX module input validation error vulnerability

Huawei HarmonyOS is an operating system from Huawei China. A vulnerability exists in the Huawei HarmonyOS DFX module due to an input validation error. The vulnerability stems from the presence of improper validation of integrity check values in the DFX module. An attacker could exploit this...

Aruba Instant 输入验证错误漏洞

Aruba Instant is a wireless network from Aruba USA. provides the only Wi-Fi solution that is easy to set up. An input validation error vulnerability exists in Aruba Instant On 1930 switches due to insufficient validation of user-supplied input. A remote attacker could pass specially crafted input...

Cisco Web Security Appliance 输入验证错误漏洞

The Cisco Web Security Appliance WSA is a web security appliance from Cisco USA. The appliance provides SaaS-based access control, real-time web reporting and tracking, and development of security policies. The Cisco Web Security Appliance WSA suffers from an input validation error vulnerability...

MediaWiki 输入验证错误漏洞

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. MediaWiki suffers from an input validation error vulnerability that stems from insufficient...

FreeBSD 输入验证错误漏洞

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. FreeBSD suffers from an input validation error vulnerability that stems from an integer overflow in netmap's nmreqcopyin function. A local user can trigger the integer overflow and execute arbitrary code with elevated...

MediaWiki 输入验证错误漏洞

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. MediaWiki suffers from an input validation error vulnerability that stems from insufficient...

Orangehrm 输入验证错误漏洞

Orangehrm is a human resource management system HRM from Orangehrm USA. The system supports personnel information management, leave management, time and attendance management and recruitment management, etc. Orangehrm version 4.10 has a Referer header injection redirection vulnerability, no...

Orangehrm 输入验证错误漏洞

Orangehrm is a human resource management system HRM from Orangehrm, Inc. The system supports personnel information management, leave management, attendance management and recruitment management, etc. Orangehrm version 4.10 has an input validation error vulnerability, which stems from vulnerabilit...

Softwarebuero Zauner ARC 安全漏洞

Softwarebuero Zauner ARC is an application. softwarebuero Zauner ARC version 4.2.0.4 contains an input validation error vulnerability that stems from improper case-sensitive handling, which could be exploited by an attacker to cause easier password guessing...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. A vulnerability exists in the Huawei HarmonyOS DFX module due to an input validation error. The vulnerability stems from the presence of improper validation of integrity check values in the DFX module. An attacker could exploit this...

Medialize URI.js 输入验证错误漏洞

Medialize URI.js is a Javascript-based code library that can be used to efficiently splice URLs from the Medialize team. A security vulnerability exists in medialize/uri.js, no information about the vulnerability is available at this time, please keep watching CNNVD or vendor announcements...

MicroWorld Technologies eScan Anti-Virus 输入验证错误漏洞

MicroWorld Technologies eScan Anti-Virus is an Internet security solution from MicroWorld Technologies, USA. It provides virus protection for enterprise and home SOHO users. The MicroWorld Technologies eScan Anti-Virus is prone to an input validation error vulnerability that originates from inval...

GitLab 输入验证错误漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. GitLab is vulnerable to an input validation error vulnerability that exists du...

GitLab Community Edition和GitLab Enterprise Edition输入验证错误漏洞

GitLab Enterprise Edition is a content management system.GitLab Community Edition is a community edition of GitLab from GitLab, Inc. An input validation error vulnerability exists in GitLab Community Edition CE and Enterprise Edition EE due to insufficient validation of user-supplied input in the...

NETGEAR R6700v3 Input Validation Error Vulnerability

NETGEAR R6700v3 is the Nighthawk AC1750 Smart Dual Band Gigabit Router from Netgear USA. The NETGEAR R6700v3 suffers from an input validation error vulnerability that lacks proper validation of user-supplied data. An attacker can exploit the vulnerability to execute arbitrary code...

Google Android 输入验证错误漏洞

Google Android is a Linux-based open source operating system from Google, Inc. Google Android is vulnerable to an information disclosure vulnerability that results from improper input validation in messaging. An attacker could use this vulnerability to obtain sensitive information...

NETGEAR R6700输入验证错误漏洞

NETGEAR R6700v3 is the Nighthawk AC1750 Smart Dual Band Gigabit Router from Netgear USA. The NETGEAR R6700v3 suffers from an input validation error vulnerability that lacks proper validation of user-supplied data. An attacker can exploit the vulnerability to execute arbitrary code...

Oracle MySQL Buffer Overflow Vulnerability (CNVD-2022-25202)

Oracle MySQL Server is a relational database from Oracle Corporation. A buffer error vulnerability exists in MySQL Server due to an input validation error in the Server:Optimizer component in MySQL Server. A remote attacker could exploit this vulnerability to corrupt or delete data...

Apache Apisix 输入验证错误漏洞

Apache Apisix is a cloud-native microservices API gateway service from the Apache Foundation. The software is based on OpenResty and etcd, with dynamic routing and plugin hot-loading for API management in microservices systems. An attacker could use this vulnerability to bypass the bodyschema...