627 matches found
CVE-2023-20128
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker to inject and execute arbitrary commands on the underlying operating system of an affected device. These vulnerabilitie...
CVE-2023-20117
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker to inject and execute arbitrary commands on the underlying operating system of an affected device. These vulnerabilitie...
CVE-2023-20068
A vulnerability in the web-based management interface of Cisco Prime Infrastructure Software could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface on an affected device. This vulnerability is due to insufficient...
Cisco Small Business 跨站脚本漏洞
Cisco Small Business is a switch from Cisco USA. A security vulnerability exists in the Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325, which stems from insufficient validation of inputs to the web-based management interface...
The vulnerability of the Power Monitoring Expert software allows a intruder to view and modify the equipment settings.
The vulnerability of the Power Monitoring Exper software-related software is related to insufficient verification of input data. Exploiting this vulnerability allows a remote attacker to view and modify the settings of the equipment...
The vulnerability of the Protected Extensible Authentication Protocol (PEAP) implementation in Windows operating systems allows a perpetrator to execute arbitrary code.
The vulnerability of the Protected Extensible Authentication Protocol PEAP implementation in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted PEAP packets...
The vulnerability of Microsoft Visual Studio, a software development tool, stems from insufficient validation of input data. This allows attackers to trigger service failures.
The vulnerability of the Microsoft Visual Studio software development tool is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
SUSE CVE-2009-0800
Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file...
SUSE CVE-2016-9587
Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use this flaw to execute...
Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.
The vulnerability of the MySQL Server component of the database management system involves insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...
The vulnerability of the InnoDB component of the MySQL Database Server allows a perpetrator to gain unauthorized access for reading, modifying, or deleting data, or to cause service failures.
The vulnerability of the InnoDB component in the MySQL Database Management System is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to read, modify, or delete data, or to cause service failures...
The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud, related to insufficient validation of input data, allow attackers to execute arbitrary code.
The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud are related to insufficient validation of input data. Exploiting these vulnerabilities can allow attackers to execute arbitrary code...
PT-2023-1195 · Oracle · Oracle Communications Convergence
Name of the Vulnerable Software and Affected Versions: Oracle Communications Convergence versions 3.0.3.1.0 Description: The issue is related to insufficient input validation in the Admin Configuration component of Oracle Communications Convergence, part of Oracle Communications Applications. Thi...
The vulnerability of the implementation of the Simple Network Management Protocol (SNMP) for microprogrammable network interface controllers in Cisco Adaptive Security Appliances (ASA) and Cisco Firepower Threat Defense (FTD) allows a attacker to induce a service failure.
The vulnerability of the implementation of the Simple Network Management Protocol SNMP for micro-programmed network interface controllers in Cisco Adaptive Security Appliances ASA and Cisco Firepower Threat Defense FTD exists due to insufficient validation of input data. Exploiting this...
PT-2023-13115 · Unknown · Config Manager
Name of the Vulnerable Software and Affected Versions: Config Manager affected versions not specified Description: The issue is related to a possible command injection in Config Manager due to improper input validation. This could lead to remote escalation of privilege, with user execution...
The CSV import function in JSM Insight’s data processing center for Atlassian Jira Server and Data Center is vulnerable, allowing attackers to perform SSRF attacks.
The vulnerability of the CSV import function in JSM Insight, a data processing tool for Atlassian Jira Server and Data Center, is related to insufficient validation of requests at the server side. Exploiting this vulnerability could allow a malicious actor to perform an SSRF attack remotely...
The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition, Microsoft SharePoint Enterprise Server, and Microsoft SharePoint Foundation lies in insufficient input data validation, allowing an attacker to execute arbitrary code.
The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition, Microsoft SharePoint Enterprise Server, and Microsoft SharePoint Foundation relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrar...
The vulnerability of the Microsoft Office Graphics component in the Microsoft 365 Apps for Enterprise suite allows a perpetrator to execute arbitrary code.
The vulnerability of the Microsoft Office Graphics component in the Microsoft 365 Apps for Enterprise suite is related to insufficient input validation. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially created file...
CVE-2022-45113
Improper validation of syntactic correctness of input vulnerability exist in Movable Type series. Having a user to access a specially crafted URL may allow a remote unauthenticated attacker to set a specially crafted URL to the Reset Password page and conduct a phishing attack. Affected...
The vulnerability of the OLE DB driver for SQL Server on the Windows operating system allows a hacker to execute arbitrary code.
The vulnerability of the OLE DB driver for SQL Server on the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...