626 matches found
The vulnerability of the Undertow software package from Red Hat JBoss Enterprise Application Platform allows a hacker to trigger a service failure.
The vulnerability of the Undertow software package from Red Hat JBoss Enterprise Application Platform exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...
PT-2024-4884 · Oracle · Oracle Commerce Platform
Name of the Vulnerable Software and Affected Versions: Oracle Commerce Platform versions 11.3.0 through 11.3.2 Description: The issue is related to insufficient input validation in the Oracle Commerce Platform, allowing an unauthenticated attacker with network access via HTTP to compromise the...
The vulnerability of HP OfficeJet Pro printer’s microprogramming software, related to insufficient validation of input data, allows a perpetrator to trigger a service failure.
The vulnerability of HP OfficeJet Pro printer’s microprogramming software is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures remotely...
The vulnerability of the Windows Standards-Based Storage Management service in Windows operating systems allows a hacker to cause a service failure.
The vulnerability of the Windows Standards-Based Storage Management service in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures using specially created data...
The vulnerability of the ODBC driver for Windows operating systems allows a hacker to execute arbitrary code.
The vulnerability of the ODBC driver for Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
CVE-2024-25994
An unauthenticated remote attacker can upload a arbitrary script file due to improper input validation. The upload destination is fixed and is write only...
PT-2024-22140 · Grav · Grav
Name of the Vulnerable Software and Affected Versions: Grav versions prior to 1.7.43 Description: The issue arises due to insufficient permission validation and inadequate file name validation, allowing users who can write a page to use the frontmatter feature. This can lead to remote code...
CVE-2023-28512
IBM Watson CP4D Data Stores 4.6.0, 4.6.1, and 4.6.2 could allow an attacker with specific knowledge about the system to manipulate data due to improper input validation. IBM X-Force ID: 250396...
AnythingLLM Security Vulnerability
AnythingLLM is a business-compliant document chatbot. AnythingLLM has a security vulnerability that stems from the lack of any validation and is capable of including malicious links into submitted document links in the workspace...
The vulnerability of the printer troubleshooting tool from Microsoft, which addresses errors in printer functionality due to insufficient input data verification, allows a perpetrator to execute arbitrary code.
The vulnerability of the Microsoft Printer Metadata Troubleshooter Tool relates to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability of the PayDroid operating system arises from insufficient validation of input data, allowing a hacker to execute arbitrary code.
The vulnerability of the PayDroid operating system exists due to insufficient checks on input data. Exploiting this vulnerability could allow a hacker to execute arbitrary code...
The vulnerability of the Setup sub-component, part of the Admin component in Oracle Knowledge Management, a system for automating business processes within the Oracle E-Business Suite, allows an attacker to gain access to read, modify, add, or delete data.
The vulnerability of the Setup sub-component and the Admin component of Oracle Knowledge Management, a system for automating business processes within the Oracle E-Business Suite, exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating...
Vulnerability of the Server component: The Optimizer component of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.
The vulnerability of the Oracle MySQL Server component of the database management system’s optimizer is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...
The vulnerabilities of the microprogramming software for thermal scanning systems—FeverWarn ESP32, FeverWarn RaspberryPi, and the FeverWarn DataHub RaspberryPi system for centralized data storage and management—allow a intruder to execute arbitrary commands or trigger failures.
The vulnerabilities of the microprogramming software for thermal scanning systems—FeverWarn ESP32, FeverWarn RaspberryPi, and the FeverWarn DataHub RaspberryPi system for centralized data storage and management—are related to insufficient validation of input data. Exploiting these vulnerabilities...
WordPress plugin Contact Form Entries Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in the WordPress plugin...
Vulnerability of the Server component: The Oracle MySQL Server component of the RAPID database management system, which allows a hacker to cause a service failure.
The vulnerability of the Oracle MySQL Server component of the RAPID database management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...
Vulnerability of the Server component: The Oracle MySQL Server database management system’s options, which allow a hacker to cause a service failure.
Vulnerability of the Server component: The Oracle MySQL Server component of the database management system has vulnerabilities related to insufficient validation of input data. Exploiting these vulnerabilities can allow attackers to cause service interruptions...
OpenText AppBuilder Security Vulnerability
OpenText AppBuilder is an application from OpenText Canada. A security vulnerability exists in OpenText AppBuilder versions 21.2 through 23.2 that originates from incorrect input validation and allows probing of system files...
The vulnerability of the chroot environment manager used for creating RPM packages for Mock allows for arbitrary code execution due to insufficient input validation.
The vulnerability of the chroot environment manager used for creating RPM packages for Mock is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Atlassian Confluence Server web server and the Confluence Data Center’s date center, related to insufficient validation of input data, allows a hacker to execute arbitrary code.
The vulnerability of the Atlassian Confluence Server web server and the Confluence Data Center are related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...