Input validation

Improper input validation for some IntelR XeonR Processors may allow a privileged user to potentially enable denial of service via local access...

ROS-2-1788

2.1788 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

SUSE-SU-2021:2598-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: - Update to version 2.32.3: - CVE-2021-21775: Fixed a use-after-free vulnerability in the way certain events are processed for ImageLoader objects. A specially crafted web page can lead to a potential information leak and further memory...

PT-2020-2440

Name of the Vulnerable Software and Affected Versions JSON gem versions 2.2.0 and earlier Ruby versions 2.4 through 2.4.9 Ruby versions 2.5 through 2.5.7 Ruby versions 2.6 through 2.6.5 Description The JSON gem for Ruby has an Unsafe Object Creation issue due to insufficient input validation. Thi...

FreeBSD : buildbot -- CRLF injection in Buildbot login and logout redirect code (5536ea5f-6814-11e9-a8f7-0050562a4d7b)

A CRLF can be injected in Location header of /auth/login and /auth/logout This is due to lack of input validation in the buildbot redirection code. It was not found a way to impact Buildbot product own security through this vulnerability, but it could be used to compromise other sites hosted on t...

Claroline 1.8.9 exercise/exercise.php URL XSS

No description provided by source. source: http://www.securityfocus.com/bid/30269/info Claroline is prone to multiple input-validation vulnerabilities: 1. Multiple cross-site scripting vulnerabilities. 2. A remote URI-redirection vulnerability. An attacker may leverage these issues to execute...