EUVD-2021-7069

Malicious code in bioql PyPI...

CVE-2025-20273

The CVE-2025-20273 vulnerability affects Cisco Unified Intelligent Contact Management Enterprise web-based management interface. It is an XSS flaw caused by insufficient input validation that can be triggered when a user clicks a crafted link, allowing an unauthenticated, remote attacker to execu...

PT-2024-9152 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Description: The issue is related to insufficient validation of user input in the SSH subsystem, allowing an authenticated, remote attacker to execute operating...

CVE-2024-20356

CVE-2024-20356 affects Cisco’s Integrated Management Controller (IMC) web-based UI. Affected component: CIMC web interface; root cause: insufficient input validation enabling authenticated, Administrator-level attackers to perform command injection and elevate to root. Documented impact: remote c...

ROS-2-2099

2.2099 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

ROS-2-1644

2.1644 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

Cisco Small Business RV160 and RV260 Series VPN Routers Remote Command Execution Vulnerability

A vulnerability in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to...

Cisco Firepower Management Center Arbitrary Log File Write Vulnerability (cisco-sa-alfo-tHwFDmTE)

According to its self-reported version, Cisco Firepower Management Center is affected by an arbitrary file write vulnerability due to insufficient user input validation. An unauthenticated, remote attacker can exploit this to write arbitrary entries in the application's log file on the remote hos...

Pulse Connect Secure Arbitrary File Read Vulnerability (CVE-2019-11510)

According to its self-reported version, the version of Pulse Connect Secure running on the remote host is prior to 8.1R15.1, 8.2.x 8.2R12.1, 8.3.x 8.3R7.1 or 9.x prior to 9.0R3.4. It is, therefore, affected by an arbitrary file read vulnerability due to insufficient user input validation. An...

Security Bulletin: Cross-site scripting vulnerability in IBM Business Process Manager (BPM) Process Center (CVE-2015-0101)

Summary Insufficient user input validation in IBM Business Process Manager's Process Center can lead to a cross-site scripting exposure. Vulnerability Details CVEID: CVE-2015-0101 DESCRIPTION: IBM Business Process Manager Process Centeris vulnerable to cross-site scripting, caused by improper...

Cisco WebEx Meetings Server User Enumeration Vulnerability

A vulnerability in the Forgot Password process of the Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to enumerate a valid administrator account. The vulnerability is due to insufficient user input validation. An attacker could exploit this vulnerability by submitting...

HP Intelligent Management Center iNodeMngChecker.exe Buffer Overflow (CVE-2011-1867)

A remote code execution vulnerability has been reported in the HP Intelligent Management Center User Access Manager UAM and Endpoint Admission Defense EAD. The vulnerability is due to insufficient user input data validation by the application. A remote attacker could exploit this vulnerability by...

ROS-2-1919

2.1919 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...