CVE-2026-44262

Scramble generates API documentation for Laravel project. From 0.13.2 to before 0.13.22, when documentation endpoints are publicly accessible and validation rules reference user-controlled input, request supplied data may be evaluated during documentation generation, leading to execution of...

CVE-2026-0599 Unbounded External Image Fetch in Validation Leads to Resource-Exhaustion DoS in huggingface/text-generation-inference

A vulnerability in huggingface/text-generation-inference version 3.3.6 allows unauthenticated remote attackers to exploit unbounded external image fetching during input validation in VLM mode. The issue arises when the router scans inputs for Markdown image links and performs a blocking HTTP GET...

CLSA-2025-1761074747 kernel: Fix of 39 CVEs

nfs: fix UAF in direct writes CVE-2024-26958 - NFSD: Fix the behavior of READ near OFFSETMAX CVE-2022-48827 - thermal: core: prevent potential string overflow CVE-2023-52868 - ath5k: fix OOB in ath5keepromreadpcalinfo5111 CVE-2021-47633 - RDMA/cma: Ensure rdmaaddrcancel happens before issuing...

PT-2025-34165

Name of the Vulnerable Software and Affected Versions sha.js versions through 2.4.11 Description An improper input validation vulnerability exists in sha.js, allowing for input data manipulation. This flaw can lead to hash collisions and potentially private key extraction, threatening web...

CVE-2024-4211

Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - ALM job config has been discovered in OpenText Application Automation...

CVE-2022-35993

TensorFlow is an open source platform for machine learning. When SetSize receives an input setshape that is not a 1D tensor, it gives a CHECK fails that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit cf70b79d2662c0d3c6af74583641e345fc939467. The fix...

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service. Lack of proper validation of input arguments to tf.rawops.QuantizeAndDequantizeV4Grad leads to CHECK-failure, causing an applicaiton crash...

CVE-2021-30318

Improper validation of input when provisioning the HDCP key can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables...

Prototype Pollution in ts-nodash

ts-nodash before version 1.2.7 is vulnerable to Prototype Pollution via the Merge function due to lack of validation input...

CVE-2021-23403

All versions of package ts-nodash are vulnerable to Prototype Pollution via the Merge function due to lack of validation input...

CVE-2021-23403 Prototype Pollution

All versions of package ts-nodash are vulnerable to Prototype Pollution via the Merge function due to lack of validation input...

UBUNTU-CVE-2021-21366

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. xmldom versions 0.4.0 and older do not correctly preserve system identifiers, FPIs or namespaces when repeatedly parsing and serializing maliciously crafted documents. This may lead to unexpect...

Omise: ████.

input validation...

CVE-2020-3460

A vulnerability in the web-based management interface of Cisco Data Center Network Manager DCNM could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. The vulnerability exists because the web-based management interface does no...

usrsctp: Buffer overflow in AUTH chunk input validation

A flaw was found in Mozilla Firefox and Thunderbird. When parsing and validating SCTP chunks in WebRTC a memory buffer overflow could occur leading to memory corruption and an exploitable crash. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

KLA11721 Multiple vulnerabilities in Opera

Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, obtain sensitive information, cause denial of service, spoof user interface. Below is a complete list of vulnerabilities: 1. A implementation...

CVE-2019-1010004

An out-of-bounds read vulnerability was found in sox, due to insufficient validation of input data. An attacker could abuse this flaw by crafting a sound file that can cause the system to crash when read by sox or by an application using the sox library...

CVE-2018-4462

A validation issue was addressed with improved input sanitization. This issue affected versions prior to macOS Mojave 10.14.2...

Joomla! 'Beatz' Component Multiple Cross Site Scripting Vulnerabilities

This host is running Joomla Beatz component and is prone to multiple cross site scripting vulnerabilities. OpenVAS Vulnerability Test $Id: secpodjoomlabeatzcommultxssvuln.nasl 5958 2017-04-17 09:02:19Z teissa $ Joomla! 'Beatz' Component Multiple Cross Site Scripting Vulnerabilities Authors: Racha...

CentOS Update for speex CESA-2008:0235 centos4 i386

Check for the Version of speex OpenVAS Vulnerability Test CentOS Update for speex CESA-2008:0235 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...