Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

401 matches found

Positive Technologies
Positive Technologiesadded 2023/05/09 12:0 a.m.1 views

PT-2023-2690 · Microsoft · Teams

Name of the Vulnerable Software and Affected Versions: Microsoft Teams affected versions not specified Description: The issue is related to insufficient validation of incoming requests in Microsoft Teams, which could allow a remote attacker to gain unauthorized access to information...

7.8CVSS9.4AI score0.00295EPSS
Exploits0References4
BDU FSTEC
BDU FSTECadded 2023/05/02 12:0 a.m.1 views

Vulnerability of EVlink City’s parking charging station software. EVlink Parking and EVlink Smart Wallbox have a flaw related to insufficient validation of incoming requests, allowing intruders to redirect requests to unintended network targets.

Vulnerability of EVlink City’s parking charging station software. EVlink Parking and EVlink Smart Wallbox have a flaw related to insufficient validation of incoming requests, allowing intruders to redirect requests to unintended network targets...

9.3CVSS7.7AI score0.00195EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2023/04/03 2:38 p.m.6 views

CVE-2023-1124 Shopping Cart & eCommerce Store < 5.4.3 - Admin+ LFI

The Shopping Cart & eCommerce Store WordPress plugin before 5.4.3 does not validate HTTP requests, allowing authenticated users with admin privileges to perform LFI attacks...

6.9AI score0.01077EPSS
Exploits2References1
BDU FSTEC
BDU FSTECadded 2023/03/28 12:0 a.m.2 views

The vulnerability of the PHP programming language, related to insufficient validation of incoming requests, allows attackers to gain access to confidential data and compromise its integrity.

The vulnerability of the programming language PHP is related to insufficient checking of incoming requests. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to confidential data and compromise its integrity...

7.8CVSS7.2AI score0.0144EPSS
Exploits2References6Affected Software3
BDU FSTEC
BDU FSTECadded 2023/03/06 12:0 a.m.1 views

The vulnerability of NextCloud Mail’s email client, related to insufficient validation of incoming requests, allows attackers to scan internal services and servers accessible from the local network of the NextCloud server.

The vulnerability of NextCloud Mail’s email client stems from insufficient validation of incoming requests. Exploiting this vulnerability allows a malicious actor to scan internal services and servers accessible from the local network of the NextCloud server...

4.3CVSS5.5AI score0.00779EPSS
Exploits1References7Affected Software1
SUSE CVE
SUSE CVEadded 2023/02/15 4:34 a.m.6 views

SUSE CVE-2018-0886

The Credential Security Support Provider protocol CredSSP in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code...

7CVSS8.6AI score0.90997EPSS
Exploits4References12
BDU FSTEC
BDU FSTECadded 2023/01/30 12:0 a.m.1 views

The vulnerability of the web service for Lexmark printer devices allows a perpetrator to execute arbitrary codes.

The vulnerability of the New Lexmark Device printers’ web service is related to insufficient validation of requests on the server side. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

9CVSS8.1AI score0.0154EPSS
Exploits1References2
BDU FSTEC
BDU FSTECadded 2023/01/18 12:0 a.m.1 views

The vulnerability of the LibreOffice Unoconv document conversion tool, related to insufficient validation of incoming requests, allows a perpetrator to gain access to confidential data.

The vulnerability of the LibreOffice Unoconv document conversion tool is related to insufficient checking of incoming requests. Exploiting this vulnerability allows a malicious actor to gain access to confidential data...

7.8CVSS7.2AI score0.00438EPSS
Exploits1References9Affected Software4
Positive Technologies
Positive Technologiesadded 2023/01/17 12:0 a.m.5 views

PT-2023-14847 · Panasonic · Panasonic Sanyo Cctv Network Cameras

Name of the Vulnerable Software and Affected Versions: Panasonic Sanyo CCTV Network Cameras versions 1.02-05 and 2.03-0x Description: The issue allows an attacker to perform changes with administrator level privileges by exploiting a CSRF vulnerability. Recommendations: For versions 1.02-05, upda...

8.8CVSS8.6AI score0.00109EPSS
Exploits1References6
Veracode
Veracodeadded 2022/12/14 7:17 a.m.15 views

Denial Of Service (DoS)

typo3 is vulnerable to Denial Of Service DoS. The vulnerability exists due to the lack of http request validation in the PageContentErrorHandler.php which allows an attacker to cause an application crash...

7.5CVSS7.4AI score0.00433EPSS
Exploits0References6Affected Software2
Veracode
Veracodeadded 2022/12/08 11:11 a.m.17 views

Denial Of Service (DoS)

libp2p is vulnerable to denial of service. The vulnerability is due to improper validation in the number of requests, which results in the host OS killing the process...

7.5CVSS7.1AI score0.00353EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2022/11/23 12:0 a.m.8 views

CVE-2022-45149

A vulnerability was found in Moodle which exists due to insufficient validation of the HTTP request origin in course redirect URL. A user's CSRF token was unnecessarily included in the URL when being redirected to a course they have just restored. A remote attacker can trick the victim to visit a...

6.8AI score0.00303EPSS
Exploits0References6
RedHat Linux
RedHat Linuxadded 2022/11/08 9:23 a.m.3 views

xorg-x11-server: X.Org Server ProcXkbSetGeometry out-of-bounds access

A flaw was found in the Xorg-x11-server. An out-of-bounds access issue can occur in the ProcXkbSetGeometry function due to improper validation of the request length...

7.8CVSS5.7AI score0.00037EPSS
Exploits0References4
BDU FSTEC
BDU FSTECadded 2022/11/07 12:0 a.m.1 views

The vulnerability of the library for working with SVG images in Apache Batik, related to insufficient validation of incoming requests, allows a hacker to execute arbitrary Java code.

The vulnerability of the Apache Batik library for working with SVG images is related to insufficient validation of incoming requests. Exploiting this vulnerability allows a malicious actor to execute arbitrary Java code remotely...

7.8CVSS7.5AI score0.00541EPSS
Exploits0References9Affected Software5
CNNVD
CNNVDadded 2022/10/17 12:0 a.m.2 views

ipTIME NAS 跨站请求伪造漏洞

ipTIME NAS is a wireless router product from South Korea's ipTIME Corporation that provides NAS network attached storage. A security vulnerability exists in ipTIME NAS that stems from a lack of validation of POST requests sent to a page. An attacker can exploit this vulnerability to delete user...

8.8CVSS8.1AI score0.00141EPSS
Exploits0References2
BDU FSTEC
BDU FSTECadded 2022/10/12 12:0 a.m.1 views

The vulnerability of the Build Handler component of the Jenkins Git plugin allows a perpetrator to perform arbitrary actions on a vulnerable device.

The vulnerability of the Build Handler component in the Jenkins Git plugin is related to insufficient validation of the authenticity of executed requests. Exploiting this vulnerability allows a malicious actor to perform arbitrary actions on the vulnerable device by manipulating the requests made...

6.4CVSS7.7AI score0.00515EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTECadded 2022/09/26 12:0 a.m.2 views

The vulnerability of the mechanism for checking tokens on the Apache Struts software platform allows a perpetrator to carry out a CSRF attack.

The vulnerability of the token verification mechanism in the Apache Struts software framework is related to insufficient validation of the authenticity of executed requests. Exploiting this vulnerability allows a malicious actor to carry out a CSRF attack remotely...

8.3CVSS7.7AI score0.03235EPSS
Exploits0References7Affected Software2
ATTACKERKB
ATTACKERKBadded 2022/08/19 9:15 a.m.4 views

CVE-2022-2075

In affected versions of Octopus Deploy it is possible to perform a Regex Denial of Service targeting the build information request validation...

7.5CVSS5.9AI score0.00482EPSS
Exploits0References2Affected Software1
Prion
Prionadded 2022/08/19 9:15 a.m.18 views

Design/Logic Flaw

In affected versions of Octopus Deploy it is possible to perform a Regex Denial of Service targeting the build information request validation...

5CVSS7.4AI score0.00482EPSS
Exploits0References1Affected Software1
CNNVD
CNNVDadded 2022/08/19 12:0 a.m.1 views

Octopus Deploy 安全漏洞

Octopus Deploy is an automation tool for .NET, Java, and other application development and deployment from Octopus Deploy Australia. A security vulnerability exists in Octopus Deploy that stems from performing a regular expression denial of service against build information request validation...

7.5CVSS7.3AI score0.00482EPSS
Exploits0References2
Rows per page
Query Builder