5308 matches found
Mozilla Firefox Input Validation Error Vulnerability (CNVD-2020-34652)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in versions of Mozilla Firefox prior to 76. An attacker could exploit the vulnerability to bypass content security policies...
Mozilla Firefox and Firefox ESR Input Validation Error Vulnerability (CNVD-2020-34653)
Mozilla Firefox and Mozilla Firefox ESR are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser. A security vulnerability exists in Mozilla Firefox ESR versions prior to 68.8 an...
MariaDB Connector/C OK Packet Content Validation Error Vulnerability
MariaDB is a free and open source database management system from the MariaDB Foundation and a forked version of MySQL using the Maria storage engine.Connector/C is one of the connectors used to connect C/C++ applications to MariaDB and MySQL databases. A security vulnerability exists in the...
SANE Backends epsonds component input validation error vulnerability
SANE Backends is an application programming interface API and communication protocol for regulating communication between software and digital imaging devices. An input validation error vulnerability exists in the 'epsondsnetread' function in SANE Backends versions prior to 1.0.30. An attacker...
Moodle Input Validation Error Vulnerability (CNVD-2020-39018)
Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. An input validation error vulnerability exists in Moodle. An attacker can exploit this vulnerability to remotely execute code with the...
MyLittleAdmin Input Validation Error Vulnerability
Mylittletools MyLittleAdmin is a Web-based MS SQL administration tool from MyLittleTools Mylittletools France. A security vulnerability exists in MyLittleAdmin version 3.8 in the administration tool, which stems from the fact that the program uses the same hardcoded machineKey for all user...
HPE Superdome Flex Server Input Validation Error Vulnerability
HPE Superdome Flex Server is a modular server product from Hewlett Packard Enterprise HPE. A security vulnerability exists in the RMC component in versions prior to HPE Superdome Flex Server 3.25.46 2020-5-12. An attacker could exploit the vulnerability to elevate privileges...
IBM Spectrum Scale Input Validation Error Vulnerability (CNVD-2020-30674)
IBM Spectrum Scale is a scalable data and file management solution from IBM USA based on IBM GPFS, an enterprise file management system optimized for petabyte-scale storage management. The product supports helping clients reduce storage costs while improving security and management efficiency in...
DPDK Input Validation Error Vulnerability
DPDK is a data plane development kit for Linux-based platforms. It supports the execution of packet processing on multiple CPU architectures. An input validation error vulnerability exists in DPDK version 17.05 and later. The vulnerability originates from a network system or product that does not...
VanDyke Software SecureCRT Input Validation Error Vulnerability
VanDyke Software SecureCRT is a suite of SSH, Telnet client and virtual terminal software from VanDyke Software, USA. An input validation error vulnerability exists in VanDyke Software SecureCRT versions prior to 8.7.2, which can be exploited by remote attackers to execute arbitrary code...
Bitdefender Engines Input Validation Error Vulnerability
Bitdefender Engines is an antivirus engine from the Romanian company Bitdefender. An input validation error vulnerability exists in the cevakrnl.rv0 module in Bitdefender Engines versions prior to 7.84063, which can be exploited by an attacker to cause a denial of service...
FreeRDP Input Validation Error Vulnerability (CNVD-2020-28988)
FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. FreeRDP suffers from an input validation error vulnerability that stems from a network system or product not properly validating incoming data, which can be exploited by an attacker to cause an...
Cellebrite UFED Input Validation Error Vulnerability
Cellebrite UFED is a universal forensic product from Cellebrite Israel. The product is mainly used for data extraction, transmission and analysis of devices. An input validation error vulnerability exists in Cellebrite UFED versions 5.0 through 7.5.0.845, which can be exploited by an attacker to...
FreeRDP Input Validation Error Vulnerability
FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. FreeRDP is vulnerable to an input validation error. The vulnerability stems from a network system or product that does not properly validate incoming data. An attacker can exploit the vulnerability ...
Apache Camel Input Validation Error Vulnerability
Apache Camel is the United States Apache Apache Software Foundation of a set of open source based on Enterprise Integration Pattern Enterprise Integration Pattern, referred to as EIP integration framework. The framework provides Enterprise Integration Pattern Java objects POJO implementation , an...
Storefront 3.12 - SAML authentication is not working.when using IDP like Forge Rock
Storefront 3.12 - SAML authentication is not working with IDP like Forge Rock. Error Message on Store Front Page Error Message: "There was a Failure with mapped account." Following Error message is thrown in the Event Viewer The security token failed validation...
Cellebrite Restricted Desktop Escape and Escalation of User Privilege
Vulnerability Details Affected Vendor: Cellebrite Affected Product: UFED Affected Version: 5.0 - 7.5.0.845 Platform: Embedded Windows CWE Classification: CWE-269: Improper Privilege Management, CWE-20: Input Validation Error CVE ID: CVE-2020-12798 2. Vulnerability Description Cellebrite UFED...
Microsoft ASP.NET Core Input Validation Error Vulnerability
Microsoft Visual Studio and Microsoft ASP.NET Core are both products of Microsoft Corporation, USA. Microsoft Visual Studio is a family of development tool suites and a largely complete development toolset that includes most of the tools needed throughout the software lifecycle. Microsoft ASP.NET...
Cellebrite UFED 7.5.0.845 Desktop Escape / Privilege Escalation Vulnerability
Cellebrite UFED device implements local operating system policies that can be circumvented to obtain a command prompt. From there privilege escalation is possible using public exploits. Versions 5.0 through 7.5.0.845 are affected. Title: Cellebrite Restricted Desktop Escape and Escalation of User...
Palo Alto Networks PAN-OS Input Validation Error Vulnerability
Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks for its firewall appliances. An input validation error vulnerability exists in the configuration daemon in Palo Alto Networks PAN-OS. An attacker could exploit this vulnerability with a specially crafted request to...