Lucene search
K

54 matches found

Vulnrichment
Vulnrichment
added 2023/04/05 12:0 a.m.15 views

CVE-2023-20102 Cisco Secure Network Analytics Remote Code Execution Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into syst...

8.8CVSS7.9AI score0.01005EPSS
Exploits0References1
NVD
NVD
added 2023/01/03 7:15 p.m.19 views

CVE-2022-45143

The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or...

7.5CVSS7.5AI score0.02505EPSS
Exploits0References3
Prion
Prion
added 2023/01/03 7:15 p.m.34 views

Design/Logic Flaw

The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or...

5CVSS7.3AI score0.02505EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2023/01/03 6:12 p.m.118 views

CVE-2022-45143

The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or...

7.5CVSS8.3AI score0.02505EPSS
Exploits0
OSV
OSV
added 2023/01/03 6:12 p.m.19 views

CVE-2022-45143 Apache Tomcat: JsonErrorReportValve escaping

The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or...

7.5CVSS6.9AI score0.02505EPSS
Exploits0References5
Apache Tomcat
Apache Tomcat
added 2022/11/14 12:0 a.m.47 views

Fixed in Apache Tomcat 10.1.2

Low: Apache Tomcat JsonErrorReportValve injection CVE-2022-45143 The JsonErrorReportValve did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or...

7.5CVSS7.5AI score0.02505EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2022/05/08 12:0 a.m.14 views

Fortinet FortiNAC SQL Injection Vulnerability

Fortinet FortiNAC is a network access control solution from Fortinet, Inc. Fortinet FortiNAC versions 8.3.7 through 9.2.2 are vulnerable to SQL injection, a vulnerability that originates when user-provided data is not sufficiently cleaned and can be exploited to send ad-hoc requests to affected...

8.8CVSS4.6AI score0.00777EPSS
Exploits0References1
Prion
Prion
added 2022/04/15 5:15 a.m.22 views

Sql injection

An issue was discovered in Asterisk through 19.x and Certified Asterisk through 16.8-cert13. The funcodbc module provides possibly inadequate escaping functionality for backslash characters in SQL queries, resulting in user-provided data creating a broken SQL query or possibly a SQL injection. Th...

7.5CVSS9.8AI score0.06976EPSS
Exploits0References5Affected Software3
Github Security Blog
Github Security Blog
added 2022/04/12 9:29 p.m.23 views

Denial of service

The use of String.toatom/1 in PowAssent is susceptible to denial of service attacks. In PowAssent.Phoenix.AuthorizationController a value is fetched from the user provided params, and String.toatom/1 is used to convert the binary value to an atom so it can be used to fetch the provider...

6.5CVSS2.4AI score0.01082EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2022/04/12 9:29 p.m.17 views

GHSA-5653-437F-5HMC Denial of service

The use of String.toatom/1 in PowAssent is susceptible to denial of service attacks. In PowAssent.Phoenix.AuthorizationController a value is fetched from the user provided params, and String.toatom/1 is used to convert the binary value to an atom so it can be used to fetch the provider...

6.5CVSS5.8AI score0.01082EPSS
Exploits0References6
Fedora
Fedora
added 2022/03/26 3:34 p.m.8 views

[SECURITY] Fedora 36 Update: librttopo-1.1.0-8.fc36

The RT Topology Library exposes an API to create and manage standard ISO 13249 aka SQL/MM topologies using user-provided data stores...

1.4AI score
Exploits0
OSV
OSV
added 2022/01/12 10:43 p.m.55 views

GHSA-29GP-2C3M-3J6M Sandbox Escape by math function in smarty

Impact Template authors could run arbitrary PHP code by crafting a malicious math string. If a math string is passed through as user provided data to the math function, external users could run arbitrary PHP code by crafting a malicious math string. Patches Please upgrade to 4.0.2 or 3.1.42 or...

8.1CVSS8.8AI score0.01927EPSS
Exploits0References14
Veracode
Veracode
added 2021/11/01 3:45 a.m.15 views

Remote Code Execution (RCE)

aaptjs is vulnerable to remote code execution. The vulnerability exists because of lack of sanitization of user-provided data in the add function, allowing an attacker to provide malicious code via its filePath parameter...

9.8CVSS5.5AI score0.0181EPSS
Exploits1References2Affected Software1
Veracode
Veracode
added 2021/09/06 7:7 a.m.16 views

Arbitrary File Extraction

elfinder.netcore is vulnerable to arbitrary file extraction. Lack of secure validation of user-provided data to the ExtractAsync method allows attacker to extract arbitrary files...

9.8CVSS3.8AI score0.01431EPSS
Exploits1References2Affected Software1
Veracode
Veracode
added 2021/09/06 6:35 a.m.17 views

Path Traversal

elfinder.netcore is vulnerable to path traversal. Lack of sanitization of user-provided data to the Path.Combine... method allows attacker to input malicious characters to access files and directories outside the destination folder...

9.8CVSS5.1AI score0.0167EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2021/06/09 7:15 a.m.28 views

CVE-2020-11306

Possible integer overflow in RPMB counter due to lack of length check on user provided data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking...

7.8CVSS0.00184EPSS
Exploits0References1
Prion
Prion
added 2021/06/09 7:15 a.m.19 views

Integer overflow

Possible integer overflow in RPMB counter due to lack of length check on user provided data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking...

4.6CVSS7.8AI score0.00184EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/07/01 2:40 p.m.28 views

CVE-2020-5905

In version 11.6.1-11.6.5.2 of the BIG-IP system Configuration utility Network WCCP page, the system does not sanitize all user-provided data before display...

5.1AI score0.00681EPSS
Exploits0References2
Veracode
Veracode
added 2020/06/11 6:32 a.m.21 views

Remote Code Execution (RCE)

access-policy is vulnerable to remote code execution RCE. The attack is possible because user-provided data is directly executed by the eval in the template function without validation...

9.8CVSS3.3AI score0.02512EPSS
Exploits1References1Affected Software1
Veracode
Veracode
added 2020/05/04 1:11 a.m.27 views

Crosss-Site Scripting (XSS)

wordpress is vulnerable to cross-site scripting XSS. The stats method of class-wp-object-cache.php does not sanitize the user-provided data, allowing an attacker to inject malicious script to be executed when a user loads the page...

6.1CVSS2.8AI score0.02139EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder