MIK.starlight input validation error vulnerability (CNVD-2021-69611)

MIK.starlight is the departmental access and creation dashboard, reporting and planning environment. MIK.starlight is vulnerable to an input validation error, which could allow an attacker to access arbitrary path files...

iPortalis 输入验证错误漏洞

iPortalis is providing management of Microsoft licenses, costs, governance and reporting capabilities. An input validation error vulnerability exists in iPortalis iCS that stems from not adding a valid privilege authentication to a UserRoleKey=request. An attacker could gain domain administrative...

Zoho ManageEngine ADSelfService Plus Input Validation Error Vulnerability (CNVD-2021-88251)

ZOHO zoho manageengine adselfservice plus is the United States zoho ZOHO company's set of Web-based end-user password management software . An input validation error vulnerability exists in Zoho ManageEngine ADSelfService Plus, which can be exploited by an attacker to cause a CAPTCHA bypass...

CGAL 输入验证错误漏洞

Laurent Rineau CGAL is an open source application from Laurent Rineau. It provides access to geometric algorithms in the form of C libraries. Laurent Rineau CGAL suffers from a security vulnerability that can be exploited by an attacker to cause out-of-range reads and type obfuscation via a...

ZOHO ManageEngine Log360 代码问题漏洞

ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. The solution helps you mitigate security threats, detect persistent attack attempts, detect suspicious user activity, and comply with regulatory requirements.An input...

IBM AIX 输入验证错误漏洞

IBM AIX is an open standards-based UNIX operating system developed by IBM for the IBM Power architecture. A denial of service vulnerability exists in IBM AIX version 7.1, 7.2, and VIOS version 3.1. A local attacker could exploit this vulnerability to cause a denial of service...

Omron CX-One Stack Buffer Overflow (CVE-2020-27261)

A stack-based overflow exists in the CX-Position module of OMRON CX-One. The vulnerability is due to input validation error when processing NCI configuration files...

GitLab 输入验证错误漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug list, and more. An input validation error vulnerability exists in GitLab...

Apple iPadOS 输入验证错误漏洞

Apple iPadOS is a suite of operating systems for the iPad tablet computer from Apple USA. An input validation error vulnerability exists in multiple Apple products, which can be exploited by a local attacker to cause unexpected application termination or arbitrary code execution. The vulnerabilit...

Apple 多款产品输入验证错误漏洞

Apple iOS and others are products of Apple Inc.Apple iOS is an operating system developed for mobile devices.Apple tvOS is a smart TV operating system.Apple watchOS is a smart watch operating system. An input validation error vulnerability exists in multiple Apple products, which could allow an...

F5 BIG-IP输入验证错误漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. The F5 BIG IP TMM GTP denial of service vulnerability, where an undisclosed GTP message is associated with a GTP irule or GTP...

Apple macOS 输入验证错误漏洞

Apple macOS is a proprietary operating system developed by Apple Inc. for Mac computers. Apple macOS suffers from an input validation error vulnerability that can be exploited by local attackers to increase their privileges. The following products and versions are affected: iPhone 6s and above,...

F5 BIG-IP 输入验证错误漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in the F5 BIG-IP TMM, which can be exploited by attackers to cause a denial of servi...

F5 BIG-IP输入验证错误漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. The F5 BIG IP AWS denial of service vulnerability occurs when the Data Plane Development Kit DPDK/Elastic Network Adapter ENA...

Apple iTunes 输入验证错误漏洞

Apple iTunes is a suite of media player applications from Apple, Inc. that are used to play and manage digital music and video files. An input validation error vulnerability exists in Apple iTunes U versions prior to 3.8.3, where an attacker could cause arbitrary javascript code execution via a...

F5 BIG-IP 输入验证错误漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. F5 BIG-IP compression driver denial of service vulnerability, on platforms using Intel QuickAssist Technology QAT compression...

F5 BIG-IP输入验证错误漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. The F5 TMUI SCTP denial of service vulnerability could cause TMM to terminate when an SCTP profile with multiple paths is...

Apple macOS Big Sur 输入验证错误漏洞

Apple macOS Big Sur is a mobile application app from Apple USA Inc. Apple macOS Big Sur Help Viewer suffers from an input validation error vulnerability that originates from a maliciously created URL that could lead to the execution of JavaScript.The following products and versions are...

F-secure Atlant 输入验证错误漏洞

F-secure Atlant is a platform for building applications that can scan and detect malicious files from the Finnish company F-Secure F-Secure. An input validation error vulnerability exists in F-Secure Atlant that stems from the product not validating when scanning files. An attacker could use this...

Mediatek 芯片输入验证错误漏洞

Mediatek chips are smartphone chipsets from China's MediaTek Mediatek. There is no information about this vulnerability yet, so stay tuned to CNNVD or vendor announcements...