The vulnerability of the Python programming language’s cryptography interpreter lies in errors in the certificate validation process, which allows attackers to execute a type of “man-in-the-middle” attack.

The vulnerability of the Python programming language’s cryptography interpreter is related to errors in the certificate validation process. Exploiting this vulnerability could allow a malicious actor to carry out a “man-in-the-middle” attack...

The vulnerability of the Bouncy Castle cryptographic protection mechanism lies in errors during the certificate validation process, which allows attackers to disclose the protected information.

The vulnerability of the Bouncy Castle cryptographic protection mechanism is related to errors in the certificate validation process. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose the protected information...

The vulnerability of the X509_VERIFY_PARAM_add0_policy() function in the OpenSSL library allows a attacker to perform a man-in-the-middle attack.

The vulnerability of the X509VERIFYPARAMadd0policy function in the OpenSSL library is related to errors in the certificate validation process. Exploiting this vulnerability could allow a remote attacker to execute a “man-in-the-middle” attack...

Google Pixel 缓冲区错误漏洞

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a security vulnerability that stems from incorrect input validation, which could result in out-of-bounds reads, which could lead to local information leaks...

Vulnerability of FortiOS operating systems and FortiProxy proxy servers in protecting against Internet attacks, related to errors in the certificate validation process, allowing attackers to execute “man-in-the-middle” type attacks.

The vulnerability of the FortiOS operating systems and the FortiProxy proxy server for protection against Internet attacks is related to errors in the certificate validation process. Exploiting this vulnerability allows a malicious actor to execute a “man-in-the-middle” attack remotely...

The vulnerability of the WorkSource function in Android operating systems, which allows a hacker to increase their privileges

The vulnerability of the WorkSource function in Android operating systems is related to errors in the certificate validation process. Exploiting this vulnerability can allow attackers to enhance their privileges...

SUSE CVE-2007-6242

Unspecified vulnerability in Adobe Flash Player 9.0.48.0 and earlier might allow remote attackers to execute arbitrary code via unknown vectors, related to "input validation errors."...

SUSE CVE-2008-4824

Multiple unspecified vulnerabilities in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0 allow remote attackers to execute arbitrary code via unknown vectors related to "input validation errors."...

Sewio Real-Time Location System (RTLS) Studio 输入验证错误漏洞

Sewio Real-Time Location System RTLS Studio is a real-time location system from Sewio, Inc. An input validation error vulnerability exists in Sewio Real-Time Location System RTLS Studio versions 2.0.0 through 2.6.2, which stems from susceptibility to incorrect input validation of user input to...

Rockwell Automation controllers 输入验证错误漏洞

Rockwell Automation controllers are a series of controllers from Rockwell Automation. A denial of service vulnerability exists in Rockwell Automation controllers, which stems from its controllers mishandling of incorrectly formatted CIP requests, and can be exploited by an attacker to cause a maj...

The vulnerability of the configuration management system and remote execution capabilities of SaltStack Salt, related to errors in the certificate validation process, allows a perpetrator to carry out a “man-in-the-middle” attack.

The vulnerability of the configuration management system and the remote execution of operations in SaltStack Salt is related to errors in the certificate validation process. Exploiting this vulnerability could allow a malicious actor to carry out a “man-in-the-middle” attack...

The vulnerability of the SupportAssist component in the network operating system SmartFabric OS10 allows a perpetrator to gain access to protected information by carrying out “man-in-the-middle” attacks.

The vulnerability of the SupportAssist component in the SmartFabric OS10 network operating system is related to errors in the certificate validation process. Exploiting this vulnerability can allow an attacker to gain access to protected information by conducting “man-in-the-middle” attacks using...

IBM DataPower Gateway 代码问题漏洞

IBM DataPower Gateway is a set of security and integration platforms from IBM USA designed specifically for mobile, cloud, application programming interface API, web, service-oriented architecture SOA, B2B and cloud workloads. The platform protects, integrates and optimizes access across channels...

Google TensorFlow Input Validation Error Vulnerability (CNVD-2022-44177)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. An input validation error vulnerability exists in Google TensorFlow versions prior to 2.9.0, prior to 2.8.1, prior to 2.7.2, and prior to 2.6.4, which stems from the fact that...

Apple Mac OS X Security Update (HT213255)

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (May 2022)

This host is missing a critical security update according to Microsoft Office Click-to-Run updates SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

The vulnerability of the Elcomplus SmartPPT SCADA server, related to input validation errors, allows attackers to write arbitrary files to arbitrary locations within the file system.

The vulnerability of the Elcomplus SmartPPT SCADA server is related to input validation errors. Exploiting this vulnerability allows a malicious actor to write arbitrary files to arbitrary locations in the file system using a specially created HTTP request...

Microsoft Kerberos for Windows 输入验证错误漏洞

Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. A remote code execution vulnerability exists in Microsoft Windows Kerberos. The vulnerability stems from failure to properly process input data and can be exploited by an attacker to...

Microsoft Windows 输入验证错误漏洞

Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. A remote code execution vulnerability exists in Microsoft Windows Upgrade Assistant. The vulnerability stems from improper handling of input data and can be exploited by an attacker to...

The vulnerability of TLS and SSL Mbed TLS implementations lies in errors in the certificate validation process, which allows attackers to compromise the integrity of data.

The vulnerability of TLS and SSL Mbed TLS implementations is related to the incorrect use of the revocationDate check. Exploiting this vulnerability allows a remote attacker to compromise the integrity of data...