Cisco Firepower Management Center 输入验证错误漏洞

Cisco Firepower Management Center FMC is the next generation firewall management center software from Cisco. A security vulnerability exists in Cisco Firepower Management Center Software, which is caused by improper validation of the input of HTTP request parameters. An attacker can exploit this...

AUVESY Versiondog Input Validation Error Vulnerability

AUVESY Versiondog, an automated production data and change management software solution from AUVESY Germany, is vulnerable to an input validation error that stems from the fact that the affected product's operating system service does not validate any given parameter, which could be exploited by ...

AUVESY Versiondog 输入验证错误漏洞

AUVESY Versiondog, an automated production data and change management software solution from AUVESY Germany, is vulnerable to an input validation error that stems from the fact that the affected product's operating system service does not validate any given parameter, which could be exploited by ...

Huntflow Enterprise 注入漏洞

Huntflow Enterprise is an efficient recruitment software from the Russian company Huntflow. Huntflow Enterprise suffers from an injection vulnerability that stems from an LDAP injection vulnerability in /account/login in Huntflow Enterprise prior to version 3.10.6 that could allow an...

CVE-2021-31988

A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and Line Feed CRLF control characters and include arbitrary SMTP headers in the generated test email...

Design/Logic Flaw

A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients...

CVE-2021-31987

A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients...

CVE-2021-31986

CVE-2021-31986 affects Axis OS; root cause is improper validation of user-controlled SMTP notification parameters, leading to a heap-based buffer overflow with potential crashes and data leakage. In Axis OS, affected tracks/versions include AXIS OS Active track 10.7 and 10.8, AXIS OS 2016 LTS tra...

Axis Os 缓冲区错误漏洞

Axis Os is an edge device operating system from Axis of Sweden. A security vulnerability exists in AXIS OS 6.40 or later that stems from not properly validating control parameters related to SMTP notifications. This could lead to a buffer overflow and data leakage...

PT-2021-19616 · Axis Communications +1 · Axis Os +3

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a user-controlled parameter in the SMTP test functionality that is not correctly validated. This allows an attacker to bypass...

CVE-2021-37104

There is a server-side request forgery vulnerability in HUAWEI P40 versions 10.1.0.118C00E116R3P3. This vulnerability is due to insufficient validation of parameters while dealing with some messages. A successful exploit could allow the attacker to gain access to certain resource which the attack...

SUSE-SU-2021:3211-1 Security update for nodejs14

This update for nodejs14 fixes the following issues: - CVE-2021-3672: Fixed missing input validation on hostnames bsc1188881. - CVE-2021-22931: Fixed improper handling of untypical characters in domain names bsc1189370. - CVE-2021-22940: Use after free on close http2 on stream canceling bsc118936...

CVE-2021-34723

A vulnerability in a specific CLI command that is run on Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the configuration database of an affected device. This vulnerability is due to insufficient validation of specific CLI command...

Cisco IOS XE SD-WAN Software 安全漏洞

Cisco IOS XE SD-WAN Software is a Cisco software for network management software-defined networking for the Cisco IOS XE network operating system. A security vulnerability exists in Cisco IOS XE SD-WAN Software, which is caused by insufficient validation of CLI command parameters. An attacker cou...

Xiaomi AX3600 Command Injection Vulnerability

Xiaomi AX3600 is a router.A command injection vulnerability exists in the xqnetwork.lua addMeshNode interface, which is caused by insufficient parameter validation. An attacker could use this vulnerability to inject commands to execute with administrator privileges...

Solarwinds Orion Platform跨站脚本漏洞

Solarwinds Orion Platform is a network fault and network performance management platform from Solarwinds, Inc. The platform provides real-time monitoring and analysis of network devices, as well as support for customized web interfaces, multiple user comments, and map-based views of the entire...

CVE-2021-37417

Zoho ManageEngine ADSelfService Plus version 6103 and prior allows CAPTCHA bypass due to improper parameter validation...

CVE-2021-37417

Zoho ManageEngine ADSelfService Plus version 6103 and prior allows CAPTCHA bypass due to improper parameter validation...

Input validation

Zoho ManageEngine ADSelfService Plus version 6103 and prior allows CAPTCHA bypass due to improper parameter validation...

SUSE-SU-2021:2875-1 Security update for nodejs12

This update for nodejs12 fixes the following issues: Update to 12.22.5: - CVE-2021-3672/CVE-2021-22931: Improper handling of untypical characters in domain names bsc1189370, bsc1188881 - CVE-2021-22940: Use after free on close http2 on stream canceling bsc1189368 - CVE-2021-22939: Incomplete...