Proofpoint Enterprise Protection 输入验证错误漏洞

Proofpoint Enterprise Protection is an application from Proofpoint, Inc. provides functionality to protect email. An input validation error vulnerability exists in Proofpoint Enterprise Protection that stems from incorrect input validation...

RHEL 6 : git (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - git: cvsserver command injection CVE-2017-14867 - git: Heap overflow in git archive, git log --format...

DNF5 输入验证错误漏洞

DNF5 is a command line package manager from rpm-software-management open source. An input validation error vulnerability exists in DNF5 that stems from the fact that dnf5 does not check for problems in directories controlled by non-root users...

Lunary Input Validation Error Vulnerability

lunary is a production toolkit for LLM. An input validation error vulnerability exists in lunary that stems from improper validation of email addresses during the registration process and can be exploited by an attacker to create multiple accounts with the same email address by changing the case ...

JFrog Artifactory 输入验证错误漏洞

JFrog Artifactory is an open source, general-purpose Artifact repository manager from Israel's JFrog that supports clustered and high-availability Docker registries and provides an end-to-end solution for automating artifacts for tracking from development to production. JFrog Artifactory has an...

QNAP Systems QTS、QuTS hero和QuTScloud 输入验证错误漏洞

QNAP Systems QuTScloud and others are products of China-based Weilian Technology QNAP Systems.QNAP Systems QuTScloud is a cloud-optimized version of the QNAP NAS operating system.QNAP Systems QTS is an operating system for entry- to mid-range QNAP NAS use. QNAP Systems QuTS hero is an operating...

Hyperion 输入验证错误漏洞

Hyperion is an open source bias or ambient lighting implementation of the Hyperion project. An input validation error vulnerability exists in Hyperion version 2.0.15 that stems from the presence of a Unicode conversion vulnerability that could allow an attacker to send Unicode characters with a...

Tenda AC500 fromDhcpListClient method list1 parameter buffer overflow vulnerability

Tenda AC500 is the wireless controller device introduced, designed for small and medium-sized businesses, with support for managing wireless networks across VLANs. A buffer overflow vulnerability exists in the Tenda AC500, which stems from the list1 parameter of the fromDhcpListClient method...

SolarWinds Platform 输入验证错误漏洞

SolarWinds Platform is a unified monitoring, observability, and service management platform from U.S.-based SolarWinds, Inc. An input validation error vulnerability exists in SolarWinds Platform that stems from an attacker being able to redirect a user to a different domain when using URL...

AnythingLLM 输入验证错误漏洞

AnythingLLM is a document chatbot that meets business requirements. AnythingLLM suffers from an input validation error vulnerability that stems from a failure to properly clean user-supplied input, allowing an attacker to read and delete arbitrary files on the server...

AnythingLLM 输入验证错误漏洞

AnythingLLM is a document chatbot that meets business requirements. AnythingLLM suffers from an input validation error vulnerability that stems from allowing an attacker to delete all existing users and potentially create new administrator users without a password, leading to unauthorized access...

WordPress Plugin Freshdesk 输入验证错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. An input validation error...

Gradio 输入验证错误漏洞

Gradio is an open source Python library that is a way to demonstrate machine learning models through a friendly web interface. Gradio suffers from an input validation error vulnerability that stems from the presence of a server-side request forgery vulnerability that allows an attacker to scan an...

Apache Zeppelin Input Validation Error Vulnerability (CNVD-2024-17934)

Apache Zeppelin is a Web-based open source laptop application from the Apache USA Foundation. The program supports interactive data analysis and collaborative documentation. Apache Zeppelin suffers from an input validation error vulnerability that can be exploited by an attacker to view a server...

Apache Zeppelin Input Validation Error Vulnerability (CNVD-2024-17937)

Apache Zeppelin is a Web-based open source laptop application from the Apache USA Foundation. The program supports interactive data analysis and collaborative documentation. Apache Zeppelin suffers from an input validation error vulnerability that can be exploited by an attacker to execute a...

Apache Zeppelin Input Validation Error Vulnerability (CNVD-2024-17935)

Apache Zeppelin is a Web-based open source laptop application from the Apache USA Foundation. The program supports interactive data analysis and collaborative documentation. Apache Zeppelin has an input validation error vulnerability that can be exploited by an attacker to cause a denial of servi...

AnythingLLM 输入验证错误漏洞

AnythingLLM is a document chatbot that meets business requirements. AnythingLLM has an input validation error vulnerability that stems from an incorrect input validation vulnerability that allows an attacker to escalate privileges by disabling Multi-User Mode...

WordPress Plugin App Builder 输入验证错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. An input validation error vulnerability...

Apache Traffic Server Input Validation Error Vulnerability (CNVD-2024-20834)

Apache Traffic Server ATS is the United States Apache Apache Foundation's set of scalable HTTP proxy and caching server. Apache Traffic Server suffers from an input validation error vulnerability that stems from continuation frame flooding in the HTTP/2 stack, which can be exploited by an attacke...

Apache CloudStack Input Validation Error Vulnerability (CNVD-2024-20836)

Apache CloudStack is a suite of Infrastructure as a Service IaaS cloud computing platforms from the Apache Foundation in the United States. The platform is primarily used to deploy and manage large networks of virtual machines. Apache CloudStack suffers from an input validation error vulnerabilit...