FreeBSD Security Advisory - FreeBSD-SA-26:21.ptrace

FreeBSD Security Advisory - ptracePTSCREMOTE failed to properly validate parameters for the syscall2 and syscall2 meta-system calls. As a result, a user with the ability to debug a process may trigger arbitrary code execution in the kernel, even if the target process has no special privileges...

CVE-2021-26381

Improper system call parameter validation in the Trusted OS may allow a malicious driver to perform mapping or unmapping operations on a large number of pages, potentially resulting in kernel memory corruption...

CVE-2021-26381

Improper system call parameter validation in the Trusted OS may allow a malicious driver to perform mapping or unmapping operations on a large number of pages, potentially resulting in kernel memory corruption...

CVE-2025-14499

IceWarp gmaps Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of IceWarp. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

EUVD-2008-7061

Malware in sbrugna...

CVE-2025-51969

A SQL Injection vulnerability exists in the product.php page of PuneethReddyHC Online Shopping System Advanced 1.0. This flaw is present in the productid GET parameter, which is not properly validated before being included in a SQL statement...

FormosaSoft ee-class 安全漏洞

FormosaSoft ee-class is a recording software from China-based FormosaSoft. A security vulnerability exists in versions prior to FormosaSoft ee-class 20240326.13r14494, which stems from failure to properly validate certain page parameters, which could allow a remote attacker with regular privilege...

Cisco NX-OS Software 操作系统命令注入漏洞

Cisco NX-OS Software is a set of data center-grade operating system software for switches from the U.S. company Cisco Cisco. A command injection vulnerability exists in Cisco NX-OS Software, which arises from insufficient validation of parameters passed to specific configuration CLI commands, and...

CVE-2023-41194

D-Link DAP-1325 HNAP SetAPLanSettings SubnetMask Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability...

Huawei HarmonyOS Security Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a security vulnerability that stems from insufficient validation of parameters. An attacker exploiting this vulnerability can...

Zabbix 输入验证错误漏洞

Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring and application monitoring. Zabbix Web Service Report Generation has a security vulnerability that stems from its service does not properly validate URL parameters...

VulnCheck KEV: CVE-2022-0441

The MasterStudy LMS WordPress plugin before 2.7.6 does to validate some parameters given when registering a new account, allowing unauthenticated users to register as an admin...

CVE-2021-1306

A vulnerability in the restricted shell of Cisco Evolved Programmable Network EPN Manager, Cisco Identity Services Engine ISE, and Cisco Prime Infrastructure could allow an authenticated, local attacker to identify directories and write arbitrary files to the file system. This vulnerability is du...

CVE-2019-1717

A vulnerability in the web-based management interface of Cisco Video Surveillance Manager could allow an unauthenticated, remote attacker to access sensitive information. The vulnerability is due to improper validation of parameters handled by the web-based management interface. An attacker could...

Design/Logic Flaw

Unvalidated parameter vulnerability in the remote log viewing capability in Intel Security McAfee Agent 5.0.x versions prior to 5.0.4.449 allows remote attackers to pass unexpected input parameters via a URL that was not completely validated...