Nimiq 输入验证错误漏洞

Nimiq is an open-source implementation of the Albatross protocol in Rust. Prior to Nimiq 1.3.0, there was a vulnerability related to input validation. This vulnerability stemmed from the use of BitSet.len in SkipBlockProof::verify, which calculates the for slot checks. This process involves...

ONE 输入验证错误漏洞

ONE is a high-performance edge-side neural network inference framework developed by Samsung. Versions prior to ONE 1.30.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from integer overflows during the calculation of tensor replication sizes, which could...

uutils coreutils 输入验证错误漏洞

uutils coreutils is a cross-platform core command-line toolset developed by Uutils Open Source. uutils coreutils has a vulnerability related to input validation. This vulnerability arises from the comm utility consuming data from unconventional file inputs before performing comparison operations...

PT-2026-34473

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 12.3 through 18.9.5 GitLab CE/EE versions 18.10 through 18.10.3 GitLab CE/EE versions 18.11 through 18.11.0 Description An issue exists where improper input validation could allow an authenticated user to cause a denial o...

ONE 输入验证错误漏洞

ONE is a high-performance edge-side neural network inference framework developed by Samsung. Versions of ONE prior to 1.30.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from integer overflows during the calculation of the copy size for output tensors,...

uutils coreutils 输入验证错误漏洞

uutils coreutils is a cross-platform core command-line toolset developed by Uutils Open Source. uutils coreutils has a vulnerability related to input validation errors. This vulnerability stems from a cut logic error, which incorrectly interprets two-byte literal strings as empty delimiters. This...

Spring Security 输入验证错误漏洞

Spring Security is a security framework developed by Spring OpenSource that includes authentication and authorization features. Vulnerabilities in input validation exist in versions 6.3.0 to 6.3.14, 6.4.0 to 6.4.14, 6.5.0 to 6.5.9, and 7.0.0 to 7.0.4 of Spring Security. These vulnerabilities stem...

uutils coreutils 输入验证错误漏洞

uutils coreutils is a cross-platform core command-line tool set developed by Uutils Open Source. uutils coreutils has a vulnerability related to input validation. This vulnerability stems from an error in the env function; when the -S option is used, the command-line parameters are not properly...

fprime 输入验证错误漏洞

fprime is an open-source flight software and embedded system framework developed by NASA. Versions of fprime prior to 4.2.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from boundary-checking use of U32 addition, which allowed overflow bypasses, and the...

Raindrop.io Bookmark Manager Web App 输入验证错误漏洞

Raindrop.io Bookmark Manager Web App is a cloud-based bookmark management application developed by the Russian company Raindrop.io. Version 5.6.76.0 of Raindrop.io Bookmark Manager Web App contains a vulnerability related to input validation. This vulnerability stems from insufficient validation ...

📄 esiclivre 0.2.2 SQL Injection

The password reset functionality in esiclivre is affected by multiple vulnerabilities. The cpfcnpj parameter is vulnerable to Blind SQL injection due to improper input handling. Additionally, the endpoint lacks CSRF protection, input validation, and rate limiting, enabling attackers to perform us...

ONE 输入验证错误漏洞

ONE is a high-performance edge-side neural network inference framework developed by Samsung. Versions of ONE prior to 1.30.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from a lack of operator boundary validation, which could lead to out-of-bounds code...

PT-2026-34522

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 18.11 through 18.11.0 Description Improper input validation in the Mermaid sandbox could allow an authenticated user to load unauthorized content into another user's browser. Recommendations Update to version 18.11.1...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013721)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013721 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: fix input validation logic for actionmeta Fix condition to check 'greater or equal' to...

ONE 输入验证错误漏洞

ONE is a high-performance edge-side neural network inference framework developed by Samsung. Versions of ONE prior to 1.30.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from integer overflows during the calculation of the temporary buffer’s initial siz...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013417)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013417 advisory. Improper input validation in some IntelR Graphics Drivers for Windows before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user t...

GitLab 18.11 < 18.11.1 (CVE-2026-3254)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.11 before 18.11.1 that under certain conditions could have allowed an authenticated user to load unauthorized content into...

GStreamer: GStreamer: Remote Code Execution via heap-based buffer overflow in JPEG parser

A flaw was found in GStreamer. A remote attacker can exploit a heap-based buffer overflow vulnerability in the GStreamer JPEG parser by providing a specially crafted JPEG file. This issue is caused by improper validation of Huffman table lengths, which can lead to arbitrary code execution in the...

EUVD-2025-209543

HTML injection vulnerability in PHP Point of Sale v19.4. This vulnerability allows an attacker to render HTML in the victim's browser due to a lack of proper validation of user input by sending a request to '/reports/generate/specificcustomer', ussing 'startdateformatted' y 'enddateformatted'...

Exploit for Improper Input Validation in Apache Tomcat

No d...