Synology Web Station Input Validation Error Vulnerability

Synology Web Station is an application that supports the creation of personal web sites by Synology Inc. of Taiwan, China. An input validation error vulnerability exists in Synology Web Station. An attacker could exploit this vulnerability to conduct a phishing attack with the help of a specially...

PHP Scripts Mall Amazon Affiliate Store Input Validation Error Vulnerability

PHP Scripts Mall Amazon Affiliate Store is an online e-store system by PHP Scripts Mall India. An input validation error vulnerability exists in PHP Scripts Mall Amazon Affiliate Store version 2.1.6, which can be exploited by attackers to tamper with payment amounts...

Drupal cross-site scripting vulnerability (CNVD-2019-12155)

Drupal is an open source content management system developed by the Drupal community using the PHP language. A cross-site scripting vulnerability exists in Drupal version 7 prior to 7.65, version 8.6 prior to 8.6.13, and version 8.5 prior to 8.5.14, which stems from a lack of proper validation of...

Elasticsearch Winlogbeat Input Validation Error Vulnerability

Elasticsearch Winlogbeat is an open source tool for sending Windows event logs to Elasticsearch from the Dutch company Elasticsearch. A security vulnerability exists in Elasticsearch Winlogbeat versions prior to 5.6.16 and prior to 6.6.2. An attacker can exploit the vulnerability by injecting...

CVE-2019-6731

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion ...

Intel Converged Security and Management Engine Input Validation Error Vulnerability

The Intel Converged Security and Management Engine CSME is a security management engine from Intel Corporation, USA.Intel AMT is one of the active management technology modules. An input validation error vulnerability exists in Intel Converged Security and Management Engine. An attacker could...

Intel Server Platform Services Input Validation Error Vulnerability

Intel Server Platform Services SPS is a server platform services program from Intel Corporation in the U.S. The HECI subsystem is one of the host embedded controller interface subsystems. An input validation error vulnerability exists in Intel Server Platform Services that stems from the program...

Intel Graphics Driver Kernel Mode Driver Input Validation Error Vulnerability

Intel Graphics Driver for Windows is an Intel graphics driver for the Windows platform.Kernel Mode Driver is one of the kernel mode drivers. A security vulnerability exists in the Kernel Mode Driver of the Intel Graphics Driver for Windows platform, which arises from the program not performing...

IBM Content Navigator Input Validation Error Vulnerability

IBM Content Navigator is a Web client from IBM USA. The product supports searching and processing documents stored in content servers from a Web browser. An input validation error vulnerability exists in IBM Content Navigator version 3.0 Continuous Delivery. An attacker can exploit the...

NVIDIA Windows GPU Display Driver Input Validation Error Vulnerability

The NVIDIA Windows GPU Display Driver is a display driver for Windows systems. An array index reference vulnerability exists in the kernel mode layer nvlddmkm.sys create context command DDI DxgkDdiCreateContext in the NVIDIA Windows GPU display driver. The vulnerability stems from the product usi...

CVE-2019-1681

A vulnerability in the TFTP service of Cisco Network Convergence System 1000 Series software could allow an unauthenticated, remote attacker to retrieve arbitrary files from the targeted device, possibly resulting in information disclosure. The vulnerability is due to improper validation of...

Cscape Input Validation Error Vulnerability

Cscape is an application that can program the full range of OCS. An input validation error vulnerability exists in Cscape 9.80 SP4 and earlier versions. The vulnerability can be exploited by an attacker to read confidential information and remotely execute arbitrary code via a specially crafted P...

Oracle GoldenGate Manager Command Stack Buffer Overflow (CVE-2018-2913)

A stack-based buffer overflow exists in Oracle GoldenGate Manager. The vulnerability is due an input validation error when processing overly long command name. Successful exploitation could lead to arbitrary code execution...

Eclipse OpenJ9 Input Validation Error Vulnerability

clipse OpenJ9 is a Java application engine from the Eclipse Foundation. The product is primarily used to run Java applications. An input validation error vulnerability exists in Eclipse OpenJ9 version 0.11.0, which arises from a networked system or product that does not properly validate input...

Oracle GoldenGate Manager Command Tab Parsing Denial of Service (CVE-2018-2912)

A denial of service vulnerability exists in Oracle GoldenGate Manager. The vulnerability is due to an input validation error when parsing a command which is not correctly separated by TAB characters. Successful exploitation could lead to a crash of the Manager service, causing a denial-of-service...

Cisco SD-WAN Solution Input Validation Error Vulnerability

Cisco vBond Orchestrator Software and other products are from Cisco. cisco vBond Orchestrator Software is a set of security network extension management software. vEdge 100 Series Routers is a 100 series router product. SD-WAN Solution is a set of network extension solution running in it. An inpu...

CVE-2018-17692

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Denial Of Service (DoS)

redhat certificatesystem is vulnerable to denial of service. An input validation error was found in Red Hat Certificate System's handling of client provided certificates. If the certreq field is not present in a certificate an assertion error is triggered causing a denial of service...

The vulnerability of the Cisco Data Center Network Manager system arises from errors in checking user requests in the management interface. This allows attackers to disclose or modify sensitive information that is protected by the system.

The vulnerability of the Cisco Data Center Network Manager system relates to errors in checking user requests in the management interface. Exploiting this vulnerability can allow a malicious actor to disclose or modify sensitive information...

Wireshark Security Updates (wnpa-sec-2019-01) - Mac OS X

Wireshark is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"...