DEBIAN-CVE-2022-46768

Arbitrary file read vulnerability exists in Zabbix Web Service Report Generation, which listens on the port 10053. The service does not have proper validation for URL parameters before reading the files...

CVE-2022-46768

Arbitrary file read vulnerability exists in Zabbix Web Service Report Generation, which listens on the port 10053. The service does not have proper validation for URL parameters before reading the files...

Zabbix 输入验证错误漏洞

Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring and application monitoring. Zabbix Web Service Report Generation has a security vulnerability that stems from its service does not properly validate URL parameters...

CVE-2022-43723

A vulnerability has been identified in SICAM PAS/PQS All versions = 7.0 V8.06. Affected software does not properly validate the input for a certain parameter in the s7ontcp.dll. This could allow an unauthenticated remote attacker to send messages and create a denial of service condition as the...

CVE-2022-3720

The Event Monster WordPress plugin before 1.2.0 does not validate and escape some parameters before using them in SQL statements, which could lead to SQL Injection exploitable by high privilege users...

CVE-2022-20926

A vulnerability in the web management interface of the Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. The vulnerability is due to insufficient validation of user-supplied parameters for...

CVE-2022-44556

Missing parameter type validation in the DRM module. Successful exploitation of this vulnerability may affect availability...

CVE-2022-44556

Missing parameter type validation in the DRM module. Successful exploitation of this vulnerability may affect availability...

Input validation

Missing parameter type validation in the DRM module. Successful exploitation of this vulnerability may affect availability...

CVE-2022-44556

Missing parameter type validation in the DRM module. Successful exploitation of this vulnerability may affect availability...

CVE-2022-44556

CVE-2022-44556 involves missing parameter type validation in the DRM module, with DoS impacting availability. Connected sources tie the vulnerability to Huawei EMUI (Android-based) and report that Huawei EMUI 12.0.0 is affected by a DRM‑module parameter validation issue. Root cause is described a...

PT-2022-5476 · Cisco · Cisco Email Security Appliance +1

Name of the Vulnerable Software and Affected Versions: Cisco Email Security Appliance affected versions not specified Cisco Secure Email and Web Manager affected versions not specified Description: A vulnerability in the web-based management interface could allow an authenticated, remote attacker...

Api2Cart Bridge Connector < 1.2.0 - Unauthenticated RCE

The plugin does not validate some parameters which could lead to RCE...

CVE-2022-20933

A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation of...

Better Messages < 1.9.10.69 - Subscriber+ SSRF

The plugin does not validate a parameter before making a request to it, which could allow users with a role as low as subscriber to perform SSRF attacks...

CVE-2022-23770

This vulnerability could allow a remote attacker to execute remote commands with improper validation of parameters of certain API constructors. Remote attackers could use this vulnerability to execute malicious commands such as directory traversal...

CVE-2022-23770 WISA Smart Wing CMS Remote Command Execution Vulnerability

This vulnerability could allow a remote attacker to execute remote commands with improper validation of parameters of certain API constructors. Remote attackers could use this vulnerability to execute malicious commands such as directory traversal...

CVE-2022-23770 WISA Smart Wing CMS Remote Command Execution Vulnerability

This vulnerability could allow a remote attacker to execute remote commands with improper validation of parameters of certain API constructors. Remote attackers could use this vulnerability to execute malicious commands such as directory traversal...

Denial Of Service (DoS)

fis-gtm is vulnerable to denial of service. The vulnerability exists due to lack of parameter validation in calls to memcpy in strtok in srunix/ztimeoutroutines.c which allows attackers to attempt to read from a NULL pointer...

Spoofing

The Migration, Backup, Staging WordPress plugin before 0.9.76 does not sanitise and validate a parameter before using it to read the content of a file, allowing high privilege users to read any file from the web server via a Traversal attack...