MISP 跨站脚本漏洞

MISP is an open source software solution. The product is used to collect, store, distribute and share cybersecurity metrics and has features such as threat cybersecurity event analysis and malware analysis. A cross-site scripting vulnerability exists in MISP version 2.4.128. The vulnerability ste...

CVE-2021-1218

A vulnerability in the web management interface of Cisco Smart Software Manager satellite could allow an authenticated, remote attacker to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the URL parameters in an HTTP request that is sent to an...

Cisco Webex Meetings Open Redirect Vulnerability

Cisco Webex Meetings provides affordable enterprise virtual meeting solutions. An open redirect vulnerability exists in the Web management interface of Cisco Webex Meetings. The vulnerability stems from improper validation of the input of URL parameters in an HTTP request. An attacker could explo...

Cisco Webex Meetings 输入验证错误漏洞

Cisco Webex Meetings provides affordable enterprise virtual meeting solutions. An open redirect vulnerability exists in the Web management interface of Cisco Webex Meetings. The vulnerability stems from improper validation of the input of URL parameters in an HTTP request. An attacker could explo...

Huawei Mate 30 Buffer Overflow Vulnerability (CNVD-2021-05397)

Huawei Mate 30 is a smartphone from the Chinese company Huawei Huawei. The Huawei Mate 30 suffers from a buffer overflow vulnerability that can be exploited by an attacker by sending a crafted packet with specific parameters to the target device. Due to insufficient validation of the parameters, ...

USN-4675-1 horizon vulnerability

Pritam Singh discovered that OpenStack Horizon incorrectly validated certain parameters. An attacker could possibly use this issue to cause OpenStack Horizon to redirect to a malicious URL...

USN-4675-1: OpenStack Horizon vulnerability

Pritam Singh discovered that OpenStack Horizon incorrectly validated certain parameters. An attacker could possibly use this issue to cause OpenStack Horizon to redirect to a malicious URL...

Design/Logic Flaw

In functions charginglimitcurrentwrite and charginglimittimewrite in /SM8250QMaster/android/vendor/oppocharger/oppo/oppocharger.c have not checked the parameters, which causes a vulnerability...

CVE-2020-35851

HGiga MailSherlock does not validate specific parameters properly. Attackers can use the vulnerability to launch Command inject attacks remotely and execute arbitrary commands of the system...

CVE-2020-35741

HGiga MailSherlock does not validate user parameters on multiple login pages. Attackers can use the vulnerability to inject JavaScript syntax for XSS attacks...

CVE-2020-35741

HGiga MailSherlock contains a cross-site scripting (XSS) vulnerability: it does not validate user parameters on multiple login pages, allowing an attacker to inject JavaScript syntax. The CVE entry CVE-2020-35741 is documented across multiple sources (NVD and CNVD) with this behavior. Impact deta...

MailSherlock 跨站脚本漏洞

HGiga MailSherlock is an email archiving and auditing system that provides a complete email security solution. A cross-site scripting vulnerability exists in HGiga MailSherlock. The vulnerability stems from MailSherlock failing to properly validate specific URL parameters. An attacker can exploit...

Xinuos Openserver Cross-Site Scripting Vulnerability

Xinuos Openserver is a FreeBSD-based operating system from the American company Xinuos. Xinuo suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client data in the application parameter section. A remote attacker can exploit this vulnerability by...

Xinuos Openserver 跨站脚本漏洞

Xinuos Openserver is a FreeBSD-based operating system from the American company Xinuos. Xinuo suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client data in the application parameter section. A remote attacker can exploit this vulnerability by...

CVE-2020-29565

An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allow someone to supply a malicious URL in Horizon that can cause an automatic redirect to the provid...

CVE-2020-29565

An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allow someone to supply a malicious URL in Horizon that can cause an automatic redirect to the provid...

ILIAS Remote Code Execution Vulnerability

ILIAS is a powerful open source learning management system for developing and implementing web-based e-learning. A remote code execution vulnerability exists in ILIAS 6.4. The vulnerability stems from a parameter validation error on Magpie RSS data. An attacker can exploit this vulnerability to...

Memory corruption

The frame touch module does not make validity judgments on parameter lengths when processing specific parameters,which caused out of the boundary when memory access.The vulnerability eventually leads to a local DOS on the device...

CVE-2020-11162

u'Possible buffer overflow in MHI driver due to lack of input parameter validation of EOT events received from MHI device side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,...

Buffer overflow

u'Possible buffer overflow in MHI driver due to lack of input parameter validation of EOT events received from MHI device side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,...