Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-21322

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-02 Mar, 2021 | 03:35
Updated At-03 Aug, 2024 | 18:09
Rejected At-
Credits

Prefix escape

fastify-http-proxy is an npm package which is a fastify plugin for proxying your http requests to another server, with hooks. By crafting a specific URL, it is possible to escape the prefix of the proxied backend service. If the base url of the proxied server is `/pub/`, a user expect that accessing `/priv` on the target service would not be possible. In affected versions, it is possible. This is fixed in version 4.3.1.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:02 Mar, 2021 | 03:35
Updated At:03 Aug, 2024 | 18:09
Rejected At:
▼CVE Numbering Authority (CNA)
Prefix escape

fastify-http-proxy is an npm package which is a fastify plugin for proxying your http requests to another server, with hooks. By crafting a specific URL, it is possible to escape the prefix of the proxied backend service. If the base url of the proxied server is `/pub/`, a user expect that accessing `/priv` on the target service would not be possible. In affected versions, it is possible. This is fixed in version 4.3.1.

Affected Products
Vendor
fastify
Product
fastify-http-proxy
Versions
Affected
  • < 4.3.1
Problem Types
TypeCWE IDDescription
CWECWE-20CWE-20 Improper Input Validation
Type: CWE
CWE ID: CWE-20
Description: CWE-20 Improper Input Validation
Metrics
VersionBase scoreBase severityVector
3.110.0CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
Version: 3.1
Base score: 10.0
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/fastify/fastify-http-proxy/security/advisories/GHSA-c4qr-gmr9-v23w
x_refsource_CONFIRM
https://www.npmjs.com/package/fastify-http-proxy
x_refsource_MISC
https://github.com/fastify/fastify-http-proxy/commit/02d9b43c770aa16bc44470edecfaeb7c17985016
x_refsource_MISC
Hyperlink: https://github.com/fastify/fastify-http-proxy/security/advisories/GHSA-c4qr-gmr9-v23w
Resource:
x_refsource_CONFIRM
Hyperlink: https://www.npmjs.com/package/fastify-http-proxy
Resource:
x_refsource_MISC
Hyperlink: https://github.com/fastify/fastify-http-proxy/commit/02d9b43c770aa16bc44470edecfaeb7c17985016
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/fastify/fastify-http-proxy/security/advisories/GHSA-c4qr-gmr9-v23w
x_refsource_CONFIRM
x_transferred
https://www.npmjs.com/package/fastify-http-proxy
x_refsource_MISC
x_transferred
https://github.com/fastify/fastify-http-proxy/commit/02d9b43c770aa16bc44470edecfaeb7c17985016
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/fastify/fastify-http-proxy/security/advisories/GHSA-c4qr-gmr9-v23w
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.npmjs.com/package/fastify-http-proxy
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/fastify/fastify-http-proxy/commit/02d9b43c770aa16bc44470edecfaeb7c17985016
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:02 Mar, 2021 | 04:15
Updated At:08 Mar, 2021 | 16:38

fastify-http-proxy is an npm package which is a fastify plugin for proxying your http requests to another server, with hooks. By crafting a specific URL, it is possible to escape the prefix of the proxied backend service. If the base url of the proxied server is `/pub/`, a user expect that accessing `/priv` on the target service would not be possible. In affected versions, it is possible. This is fixed in version 4.3.1.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Secondary3.110.0CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 10.0
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches

fastify-http-proxy_project
fastify-http-proxy_project
>>fastify-http-proxy>>Versions before 4.3.1(exclusive)
cpe:2.3:a:fastify-http-proxy_project:fastify-http-proxy:*:*:*:*:*:node.js:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarysecurity-advisories@github.com
CWE ID: CWE-20
Type: Primary
Source: security-advisories@github.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://github.com/fastify/fastify-http-proxy/commit/02d9b43c770aa16bc44470edecfaeb7c17985016security-advisories@github.com
Patch
Third Party Advisory
https://github.com/fastify/fastify-http-proxy/security/advisories/GHSA-c4qr-gmr9-v23wsecurity-advisories@github.com
Third Party Advisory
https://www.npmjs.com/package/fastify-http-proxysecurity-advisories@github.com
Product
Third Party Advisory
Hyperlink: https://github.com/fastify/fastify-http-proxy/commit/02d9b43c770aa16bc44470edecfaeb7c17985016
Source: security-advisories@github.com
Resource:
Patch
Third Party Advisory
Hyperlink: https://github.com/fastify/fastify-http-proxy/security/advisories/GHSA-c4qr-gmr9-v23w
Source: security-advisories@github.com
Resource:
Third Party Advisory
Hyperlink: https://www.npmjs.com/package/fastify-http-proxy
Source: security-advisories@github.com
Resource:
Product
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

1065Records found

CVE-2021-21321
Matching Score-10
Assigner-GitHub, Inc.
ShareView Details
Matching Score-10
Assigner-GitHub, Inc.
CVSS Score-10||CRITICAL
EPSS-1.82% / 76.33%
||
7 Day CHG~0.00%
Published-02 Mar, 2021 | 03:35
Updated-03 Aug, 2024 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Prefix escape

fastify-reply-from is an npm package which is a fastify plugin to forward the current http request to another server. In fastify-reply-from before version 4.0.2, by crafting a specific URL, it is possible to escape the prefix of the proxied backend service. If the base url of the proxied server is "/pub/", a user expect that accessing "/priv" on the target service would not be possible. In affected versions, it is possible. This is fixed in version 4.0.2.

Action-Not Available
Vendor-fastify-reply-from_projectfastify
Product-fastify-reply-fromfastify-reply-from
CWE ID-CWE-20
Improper Input Validation
CVE-2019-19249
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.24% / 65.80%
||
7 Day CHG~0.00%
Published-25 Nov, 2019 | 16:47
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Controllers/InvitationsController.cs in QueryTree before 3.0.99-beta mishandles invitations.

Action-Not Available
Vendor-querytreeappn/a
Product-querytreen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2019-19495
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.29% / 90.02%
||
7 Day CHG~0.00%
Published-08 Jan, 2020 | 17:05
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The web interface on the Technicolor TC7230 STEB 01.25 is vulnerable to DNS rebinding, which allows a remote attacker to configure the cable modem via JavaScript in a victim's browser. The attacker can then configure the cable modem to port forward the modem's internal TELNET server, allowing external access to a root shell.

Action-Not Available
Vendor-technicolorn/a
Product-tc7230_steb_firmwaretc7230_stebn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2019-20041
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.59% / 90.58%
||
7 Day CHG-0.07%
Published-27 Dec, 2019 | 07:14
Updated-05 Aug, 2024 | 02:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

wp_kses_bad_protocol in wp-includes/kses.php in WordPress before 5.3.1 mishandles the HTML5 colon named entity, allowing attackers to bypass input sanitization, as demonstrated by the javascript&colon; substring.

Action-Not Available
Vendor-n/aDebian GNU/LinuxWordPress.org
Product-wordpressdebian_linuxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2026-16117
Matching Score-4
Assigner-ce714d77-add3-4f53-aff5-83d477b104bb
ShareView Details
Matching Score-4
Assigner-ce714d77-add3-4f53-aff5-83d477b104bb
CVSS Score-10||CRITICAL
EPSS-Not Assigned
Published-18 Jul, 2026 | 13:08
Updated-18 Jul, 2026 | 14:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
@fastify/http-proxy vulnerable to prefix escape via URL-encoded characters

Impact: @fastify/http-proxy versions up to and including 11.5.0 fail to rewrite the request prefix when the prefix segment is URL-encoded. Fastify's router URL-decodes paths for route matching, but request.url retains the original encoded form, and the prefix-rewrite step uses a literal string replace against the decoded prefix. A request that encodes one or more characters of the configured prefix therefore matches the route but skips the rewrite, so the raw encoded path is forwarded to the upstream unchanged. The upstream then decodes the path and serves it, letting an attacker reach upstream paths that the proxy was configured to hide via rewritePrefix, including internal or administrative endpoints. Patches: upgrade to @fastify/http-proxy 11.6.0. Workarounds: none.

Action-Not Available
Vendor-@fastify/http-proxy
Product-@fastify/http-proxy
CWE ID-CWE-20
Improper Input Validation
CVE-2019-1971
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8.1||HIGH
EPSS-3.58% / 88.09%
||
7 Day CHG~0.00%
Published-08 Aug, 2019 | 07:35
Updated-20 Nov, 2024 | 17:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Enterprise NFV Infrastructure Software Command Injection Vulnerability

A vulnerability in the web portal of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to perform a command injection attack and execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation by the web portal framework. An attacker could exploit this vulnerability by providing malicious input during web portal authentication. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-enterprise_network_function_virtualization_infrastructureCisco Enterprise NFV Infrastructure Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-20
Improper Input Validation
CVE-2019-19398
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-9.8||CRITICAL
EPSS-1.43% / 70.06%
||
7 Day CHG~0.00%
Published-26 Dec, 2019 | 18:24
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

M5 lite 10 with versions of 8.0.0.182(C00) have an insufficient input validation vulnerability. Due to the input validation logic is incorrect, an attacker can exploit this vulnerability to modify the memory of the device by doing a series of operations. Successful exploit may lead to malicious code execution.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-m5_lite_10m5_lite_10_firmwareM5 lite 10
CWE ID-CWE-20
Improper Input Validation
CVE-2019-17132
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-11.78% / 95.62%
||
7 Day CHG~0.00%
Published-04 Oct, 2019 | 11:36
Updated-05 Aug, 2024 | 01:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

vBulletin through 5.5.4 mishandles custom avatars.

Action-Not Available
Vendor-vbulletinn/a
Product-vbulletinn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-20
Improper Input Validation
CVE-2023-23560
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-13.87% / 96.11%
||
7 Day CHG-1.09%
Published-23 Jan, 2023 | 00:00
Updated-02 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In certain Lexmark products through 2023-01-12, SSRF can occur because of a lack of input validation.

Action-Not Available
Vendor-n/aLexmark International, Inc.
Product-xm7355_firmwarexc8163_firmwaremx321cx431_firmwaremx521_firmwarems823_firmwarecx923_firmwarecx860b2442_firmwaremx822mb2546ms826_firmwareb2442ms521_firmwarexm3142cs927xc6152_firmwaremx721ms826cx920mc2425m1242_firmwarec2326_firmwarexc4153_firmwarexc9335_firmwarems821ms822xc4342ms821_firmwaremx822_firmwarec2325xc4150_firmwarexm1246_firmwarecx923mx721_firmwarexm7355b2865cx622c4150_firmwarexc4240mc2640_firmwarecx820_firmwareb3340_firmwarecs439cx421_firmwaremx722xm1242_firmwaremx421mx722_firmwarecx924xc2235_firmwaremb2770xm3250_firmwarexc9445mx431xc9265_firmwaremx432_firmwarec2535_firmwaremx622c9235mc3326_firmwarexm7370cs331cx522_firmwaremc3224mx826cx860_firmwarexm7370_firmwarems622_firmwarecx725_firmwaremx421_firmwarecx825_firmwarexc8155c2326mc2535mc2325_firmwaremb2236xc2326cs827m1342mx321_firmwarecs421_firmwarexc8160cx924_firmwarecs921_firmwaremc3224_firmwarexc2235cs521mx522_firmwarexm1246mb2236_firmwarecx727ms321_firmwareb2236_firmwarems621xc4140c3326b2650xm3142_firmwarexc9455_firmwarecx727_firmwarecs820_firmwarexc4143ms825mb2650_firmwarecx944_firmwarexc9445_firmwarems825_firmwarexc9235_firmwarexc9255_firmwarexc8155_firmwareb3340mx931_firmwarems431xc9245_firmwarecx421b2236ms321cs725xc4352xc9255cs725_firmwarems331_firmwarems431_firmwarecx820cs728_firmwarexc9245xc8160_firmwarecx825xc6153_firmwarems823mc2535_firmwarecs923_firmwaremb3442cs622cx622_firmwarecx431b2650_firmwaremx826_firmwarecx921_firmwarec3326_firmwarexc4140_firmwaremc3426_firmwarecs727_firmwarems622xm3250cx922mx521cx725xc4153c6160_firmwaremb2442mx931xm1342_firmwarexc4352_firmwaremb2650c2240_firmwarecx522xc6152xc9335xc9465mb3442_firmwarexc4150b3442m5255_firmwarecs927_firmwarexm5365mx331xm1342b2865_firmwareb2338cx625_firmwarem5255mb2338_firmwarecs720cx921cs827_firmwarexc4240_firmwarecs521_firmwarec6160cs431_firmwarexc9455xm5365_firmwarec2425xc6153c3426cs923m3250_firmwaremx622_firmwarem3250cs431m1342_firmwarexc9465_firmwarec2425_firmwarem5270_firmwarecs439_firmwarems822_firmwarecx944ms725xc8163mc2325b2546ms331m1246_firmwarecx922_firmwaremx331_firmwarexc9235xm1242mb2442_firmwarecs820ms621_firmwarecs728cs421cs622_firmwarec9235_firmwaremb2546_firmwaremc2640cx331xc9225c3224_firmwarem5270mx432b3442_firmwaremx522cs331_firmwarecx331_firmwaremc2425_firmwarecx625c2240cx920_firmwaremc3326mx431_firmwarems421xc9265cs921c3224cs727ms725_firmwarems421_firmwaremb2770_firmwaremc3426m1246xc4143_firmwarec2535b2338_firmwaremb2338xc2326_firmwarexc9225_firmwarec2325_firmwarexc4342_firmwarem1242cs720_firmwareb2546_firmwarec4150ms521c3426_firmwaren/a
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2007-5035
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.35% / 68.30%
||
7 Day CHG~0.00%
Published-24 Sep, 2007 | 00:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PHP remote file inclusion vulnerability in html/modules/extranet_profile/main.php in openEngine 1.9 beta1 allows remote attackers to execute arbitrary PHP code via a URL in the this_module_path parameter. NOTE: this issue is disputed by CVE because PHP encounters a fatal function-call error on a direct request for the file, before reaching the include statement

Action-Not Available
Vendor-openenginen/a
Product-openenginen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-12652
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.11% / 89.64%
||
7 Day CHG~0.00%
Published-10 Jul, 2019 | 14:10
Updated-09 Jun, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libpng before 1.6.32 does not properly check the length of chunks against the user limit.

Action-Not Available
Vendor-libpngn/aNetApp, Inc.
Product-active_iq_unified_managerlibpngn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-12240
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-13.88% / 96.11%
||
7 Day CHG~0.00%
Published-28 Sep, 2017 | 07:00
Updated-21 Apr, 2026 | 18:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||Apply updates per vendor instructions.

The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the DHCP relay subsystem of the affected software. An attacker could exploit this vulnerability by sending a crafted DHCP Version 4 (DHCPv4) packet to an affected system. A successful exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. Cisco Bug IDs: CSCsm45390, CSCuw77959.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-1100-lte_integrated_services_routerasr_901-6cz-ft-acatalyst_3650-8x24pd-lasr_1023catalyst_3650-48fq8800_8-slotcatalyst_3850-48p-ecatalyst_3850-12xs-easr_920-24sz-m_router111x_integrated_services_router8102-64hasr_9000catalyst_3650-8x24uq-ecatalyst_3650-8x24pd-ecatalyst_3650-24pd-ecatalyst_3850-48u1803_integrated_service_routercatalyst_3850-48p-scatalyst_3650-12x48uz-e1100-4gltena_integrated_services_routerasr_99061100-4p_integrated_services_routerasr_920-24tz-mcatalyst_3650-48tq-ecatalyst_3650-24pdcatalyst_3650-48ps-e8201catalyst_3650-48fd-scatalyst_3850-12s-s9800-80catalyst_3650-24ps-sioscatalyst_3850-48f-e1101_integrated_services_router1802_integrated_service_router1841_integrated_service_routerasr_901-6cz-f-a1100-6g_integrated_services_router8818asr_901s-2sg-f-ahcatalyst_3650-48fs-e1100-4g_integrated_services_router8218catalyst_3850-12x48uasr_1001-hxcatalyst_3650-48ts-scatalyst_3650-12x48uq-ecatalyst_3650-48pq-easr_9901asr_99108800_18-slotcatalyst_3850-24t-lasr_1004catalyst_3850-48xscatalyst_3650-48td-e1801_integrated_service_router8201-32fhasr_902asr_9006catalyst_3650-12x48fd-sasr_901-6cz-ft-dcatalyst_3850-48t-ecatalyst_3850-48u-s8804catalyst_3850-24xu-scatalyst_3650-48pd-scatalyst_3650-12x48ur-scatalyst_3650-48ts-lasr_1000-xasr_901s-3sg-f-ahcatalyst_3650-12x48urcatalyst_3650-48td-l1861_integrated_service_routercatalyst_3650-48fqm-lasr_920-4sz-a_rcatalyst_3850-24s-ecatalyst_3650-48pd-lcatalyst_3650-48ps-lasr_914catalyst_3650-48ts-easr_920-12sz-im_router8208asr_901-6cz-fs-dcatalyst_3650-48fq-sasr_1002-x_r8800_12-slotasr_1002-hx1120_integrated_services_routercatalyst_3850-48xs-ecatalyst_3650-24ps-l9800-lcatalyst_3850-24ucatalyst_3650-48fqm-scatalyst_3650-24ts-scatalyst_3650-12x48ur-lasr_920-4sz-dcatalyst_3650-12x48uzcatalyst_3650-24pd-scatalyst_3650-24ts-lcatalyst_3650-48pd-e8808catalyst_3850-48t-lcatalyst_3850-24xu-lcatalyst_3850-24xuasr_920-10sz-pd_routerasr_920-4sz-aasr_1001-x4221_integrated_services_router422_integrated_services_router1921_integrated_services_routerasr_1002asr_1001catalyst_3650-24td-sasr_9071100_integrated_services_routerasr_9904catalyst_3650-48fq-lasr_1006catalyst_3650-8x24uq-scatalyst_3650-24pdm-sasr_1009-xcatalyst_3850-24xscatalyst_3650-48tq-scatalyst_3850-12s-ecatalyst_3650-12x48uq-scatalyst_3650-24pdm-ecatalyst_3650-12x48uqcatalyst_3850-32xs-easr_901-6cz-fs-aasr_1001-x_rcatalyst_3650-12x48uq-lcatalyst_3850-24pw-sasr_1006-xcatalyst_3650catalyst_3650-24pdm-lasr_920-12cz-a_router1101-4p_integrated_services_routerasr_9010catalyst_3650-24pd-l1100-8p_integrated_services_routercatalyst_3850-16xs-e1111x_integrated_services_routerasr_901-12c-ft-dasr_900catalyst_3850-48xs-f-e8812asr_90011100-4gltegb_integrated_services_router1131_integrated_services_router1109-4p_integrated_services_routerasr_920-10sz-pd_rcatalyst_3650-48fs-sasr_9902catalyst_3650-48fqmcatalyst_3850-24u-lasr_1013catalyst_3650-24pdmcatalyst_3850-24p-sasr_920-24sz-m_rcatalyst_3650-48fs-lcatalyst_3850-48u-easr_920-12cz-dcatalyst_3650-24ts-e1812_integrated_service_router9800-clcatalyst_3850-24p-lcatalyst_3850-32xs-scatalyst_3650-8x24uq1109-2p_integrated_services_routerasr_9912catalyst_3850-48u-lcatalyst_3850-24xs-ecatalyst_3850-48pw-scatalyst_3650-12x48ur-easr_901-4c-ft-d8800_4-slotcatalyst_3650-24td-lcatalyst_3850asr_10008101-32fhcatalyst_3650-24td-ecatalyst_3850-48xs-sasr_920-24sz-m9800-40catalyst_3650-48fq-ecatalyst_3650-8x24uq-lasr_920-24sz-imasr_920-12cz-d_rcatalyst_3650-48fqm-easr_903asr_920u-12sz-im1941_integrated_services_routerasr_920-12sz-imcatalyst_3650-48tq-lasr_1000-esp100catalyst_3850-48xs-f-sasr_901s-2sg-f-dcatalyst_3650-12x48uz-lasr_920-12cz-d_routerasr_920-24tz-m_rcatalyst_3850-24t-e4000_integrated_services_routercatalyst_3850-nm-2-40g1000_integrated_services_routerasr_99031941w_integrated_services_router8831asr_901-4c-f-dcatalyst_3650-48fd-ecatalyst_3850-48f-lcatalyst_3850-12xs-s8212asr_9922catalyst_3650-48pq-sasr_1000-esp200-xcatalyst_3650-48fd-lasr_1002-hx_rasr_902u8202asr_920-4sz-d_rasr_1002-xcatalyst_3850-48f-sasr_901s-3sg-f-dcatalyst_3850-24t-scatalyst_3850-24xu-ecatalyst_3850-24p-easr_920-24sz-im_routerasr_901-6cz-f-dasr_920-24sz-im_rcatalyst_3850-48p-lcatalyst_3650-24ps-easr_920-12sz-im_r1111x-8p_integrated_services_routercatalyst_3650-8x24pd-sasr_920-10sz-pd1906c_integrated_services_routerasr_9000vasr_920-24tz-m_routercatalyst_3650-12x48fd-lcatalyst_3850-24s-s1109_integrated_services_router1905_integrated_services_routerasr_920-12cz-a_rasr_901s-4sg-f-dasr_1001-hx_rcatalyst_3650-12x48uz-scatalyst_3850-nm-8-10gcatalyst_3850-24u-sasr_901-12c-f-dasr_9920catalyst_3650-48pq-lcatalyst_3650-48ps-s8101-32hcatalyst_3850-16xs-s1160_integrated_services_routerasr_1000-esp100-xcatalyst_3850-24u-ecatalyst_3850-48t-scatalyst_3650-12x48fd-ecatalyst_3650-48td-sasr_920-4sz-d_routerasr_920-12cz-a1811_integrated_service_routerasr_920-4sz-a_routercatalyst_3850-24xs-sCisco IOS and IOS XEIOS and IOS XE Software
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2017-12187
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-3.35% / 87.31%
||
7 Day CHG~0.00%
Published-24 Jan, 2018 | 15:00
Updated-29 Aug, 2025 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

Action-Not Available
Vendor-X.Org FoundationDebian GNU/Linux
Product-debian_linuxx_serverxorg-x11-server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-391
Unchecked Error Condition
CVE-2017-12182
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-4.23% / 89.91%
||
7 Day CHG~0.00%
Published-24 Jan, 2018 | 15:00
Updated-29 Aug, 2025 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

Action-Not Available
Vendor-X.Org FoundationDebian GNU/Linux
Product-debian_linuxx_serverxorg-x11-server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-391
Unchecked Error Condition
CVE-2017-12939
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.73% / 90.84%
||
7 Day CHG~0.00%
Published-18 Aug, 2017 | 13:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability was identified in all Windows versions of Unity Editor, e.g., before 5.3.8p2, 5.4.x before 5.4.5p5, 5.5.x before 5.5.4p3, 5.6.x before 5.6.3p1, and 2017.x before 2017.1.0p4.

Action-Not Available
Vendor-unity3dn/aMicrosoft Corporation
Product-windowsunity_editorn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-12181
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-4.23% / 89.91%
||
7 Day CHG~0.00%
Published-24 Jan, 2018 | 15:00
Updated-29 Aug, 2025 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

Action-Not Available
Vendor-X.Org FoundationDebian GNU/Linux
Product-debian_linuxx_serverxorg-x11-server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-391
Unchecked Error Condition
CVE-2017-12183
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-4.23% / 89.91%
||
7 Day CHG~0.00%
Published-24 Jan, 2018 | 15:00
Updated-29 Aug, 2025 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

Action-Not Available
Vendor-X.Org FoundationDebian GNU/Linux
Product-debian_linuxx_serverxorg-x11-server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-391
Unchecked Error Condition
CVE-2017-12176
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-4.17% / 89.76%
||
7 Day CHG~0.00%
Published-24 Jan, 2018 | 15:00
Updated-29 Aug, 2025 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

Action-Not Available
Vendor-X.Org FoundationDebian GNU/Linux
Product-debian_linuxx_serverxorg-x11-server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-391
Unchecked Error Condition
CVE-2017-12184
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-4.17% / 89.76%
||
7 Day CHG~0.00%
Published-24 Jan, 2018 | 15:00
Updated-29 Aug, 2025 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

Action-Not Available
Vendor-X.Org FoundationDebian GNU/Linux
Product-debian_linuxx_serverxorg-x11-server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-391
Unchecked Error Condition
CVE-2017-12178
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-4.17% / 89.76%
||
7 Day CHG~0.00%
Published-24 Jan, 2018 | 15:00
Updated-29 Aug, 2025 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

Action-Not Available
Vendor-X.Org FoundationDebian GNU/Linux
Product-debian_linuxx_serverxorg-x11-server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-391
Unchecked Error Condition
CVE-2017-12611
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-88.02% / 99.75%
||
7 Day CHG~0.00%
Published-20 Sep, 2017 | 17:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack.

Action-Not Available
Vendor-The Apache Software Foundation
Product-strutsApache Struts
CWE ID-CWE-20
Improper Input Validation
CVE-2017-12180
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-4.23% / 89.91%
||
7 Day CHG~0.00%
Published-24 Jan, 2018 | 15:00
Updated-29 Aug, 2025 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

Action-Not Available
Vendor-X.Org FoundationDebian GNU/Linux
Product-debian_linuxx_serverxorg-x11-server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-391
Unchecked Error Condition
CVE-2017-12185
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-4.17% / 89.76%
||
7 Day CHG~0.00%
Published-24 Jan, 2018 | 15:00
Updated-29 Aug, 2025 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

Action-Not Available
Vendor-n/aX.Org FoundationDebian GNU/Linux
Product-debian_linuxx_servern/a
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-391
Unchecked Error Condition
CVE-2017-12186
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-4.30% / 90.05%
||
7 Day CHG~0.00%
Published-24 Jan, 2018 | 15:00
Updated-29 Aug, 2025 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

Action-Not Available
Vendor-X.Org FoundationDebian GNU/Linux
Product-debian_linuxx_serverxorg-x11-server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-391
Unchecked Error Condition
CVE-2024-28103
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.4||MEDIUM
EPSS-0.66% / 47.36%
||
7 Day CHG~0.00%
Published-04 Jun, 2024 | 19:47
Updated-06 Dec, 2024 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Action Pack is missing security headers on non-HTML responses

Action Pack is a framework for handling and responding to web requests. Since 6.1.0, the application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This vulnerability is fixed in 6.1.7.8, 7.0.8.2, and 7.1.3.3.

Action-Not Available
Vendor-Ruby on Rails
Product-railsrailsrails
CWE ID-CWE-20
Improper Input Validation
CVE-2017-12795
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.29% / 81.30%
||
7 Day CHG~0.00%
Published-10 May, 2019 | 14:31
Updated-05 Aug, 2024 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenMRS openmrs-module-htmlformentry 3.3.2 is affected by: (Improper Input Validation).

Action-Not Available
Vendor-openmrsn/a
Product-openmrs-module-htmlformentryn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-11346
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-43.27% / 98.58%
||
7 Day CHG~0.00%
Published-16 Jul, 2017 | 23:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Zoho ManageEngine Desktop Central before build 100092 allows remote attackers to execute arbitrary code via vectors involving the upload of help desk videos.

Action-Not Available
Vendor-n/aZoho Corporation Pvt. Ltd.
Product-manageengine_desktop_centraln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2023-24033
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-34.55% / 98.24%
||
7 Day CHG~0.00%
Published-13 Mar, 2023 | 00:00
Updated-03 Mar, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Samsung Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T512 baseband modem chipsets do not properly check format types specified by the Session Description Protocol (SDP) module, which can lead to a denial of service.

Action-Not Available
Vendor-n/aSamsung
Product-exynos_modem_5123_firmwareexynos_modem_5123exynos_980_firmwareexynos_auto_t5123_firmwareexynos_modem_5300exynos_modem_5300_firmwareexynos_1080exynos_auto_t5123exynos_1080_firmwareexynos_980n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-11673
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.70% / 84.28%
||
7 Day CHG~0.00%
Published-27 Jul, 2017 | 06:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Reporter.exe in Acunetix 8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed PRE file, related to a "User Mode Write AV starting at reporter!madTraceProcess."

Action-Not Available
Vendor-acunetixn/a
Product-web_vulnerability_scannern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2005-1787
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-12.35% / 95.75%
||
7 Day CHG~0.00%
Published-31 May, 2005 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

setup.php in phpStat 1.5 allows remote attackers to bypass authentication and gain administrator privileges by setting the $check variable.

Action-Not Available
Vendor-phpstatn/a
Product-phpstatn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-1161
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-7.3||HIGH
EPSS-1.49% / 71.29%
||
7 Day CHG~0.00%
Published-17 Apr, 2017 | 21:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM API Connect 5.0.6.0 could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation of URLs for the Developer Portal. By crafting a malicious URL, an attacker could exploit this vulnerability to execute arbitrary commands on the system with the privileges of the www-data user. IBM X-Force ID: 122956.

Action-Not Available
Vendor-IBM Corporation
Product-api_connectAPI Connect
CWE ID-CWE-20
Improper Input Validation
CVE-2017-1002157
Matching Score-4
Assigner-Fedora Project
ShareView Details
Matching Score-4
Assigner-Fedora Project
CVSS Score-9.8||CRITICAL
EPSS-2.80% / 84.87%
||
7 Day CHG~0.00%
Published-10 Jan, 2019 | 21:00
Updated-16 Sep, 2024 | 16:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

modulemd 1.3.1 and earlier uses an unsafe function for processing externally provided data, leading to remote code execution.

Action-Not Available
Vendor-Fedora ModularityRed Hat, Inc.
Product-modulemdmodulemd
CWE ID-CWE-242
Use of Inherently Dangerous Function
CWE ID-CWE-20
Improper Input Validation
CVE-2017-1001003
Matching Score-4
Assigner-46fe6300-5254-4a98-9594-a9567bec8179
ShareView Details
Matching Score-4
Assigner-46fe6300-5254-4a98-9594-a9567bec8179
CVSS Score-9.8||CRITICAL
EPSS-1.69% / 74.49%
||
7 Day CHG~0.00%
Published-27 Nov, 2017 | 14:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

math.js before 3.17.0 had an issue where private properties such as a constructor could be replaced by using unicode characters when creating an object.

Action-Not Available
Vendor-mathjs_projectmath.js
Product-mathjsmath.js
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CVE-2007-5737
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.38% / 82.05%
||
7 Day CHG~0.00%
Published-30 Oct, 2007 | 23:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unrestricted file upload vulnerability in component/upload.jsp in Korean GHBoard allows remote attackers to upload arbitrary files via unspecified vectors, probably involving a direct request.

Action-Not Available
Vendor-ghlabn/a
Product-korean_ghboardn/a
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2017-1000423
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.39% / 82.07%
||
7 Day CHG~0.00%
Published-02 Jan, 2018 | 20:00
Updated-17 Sep, 2024 | 02:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

b2evolution version 6.6.0 - 6.8.10 is vulnerable to input validation (backslash and single quote escape) in basic install functionality resulting in unauthenticated attacker gaining PHP code execution on the victim's setup.

Action-Not Available
Vendor-b2evolutionn/a
Product-b2evolutionn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-10615
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-9.8||CRITICAL
EPSS-2.46% / 82.59%
||
7 Day CHG~0.00%
Published-13 Oct, 2017 | 17:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos: Potential remote code execution vulnerability in PAM

A vulnerability in the pluggable authentication module (PAM) of Juniper Networks Junos OS may allow an unauthenticated network based attacker to potentially execute arbitrary code or crash daemons such as telnetd or sshd that make use of PAM. Affected Juniper Networks Junos OS releases are: 14.1 from 14.1R5 prior to 14.1R8-S4, 14.1R9; 14.1X53 prior to 14.1X53-D50 on EX and QFX series; 14.2 from 14.2R3 prior to 14.2R7-S8, 14.2R8; No other Junos OS releases are affected by this issue. No other Juniper Networks products are affected by this issue.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-ex4500ex8200-vcex4550ex6200ex3200ex8200ex3300-vcjunosex4600ex4300-vcex3300ex4600-vcex4200-vcex4200ex4500-vcex4300ex4550-vcJunos OS
CWE ID-CWE-20
Improper Input Validation
CVE-2017-0915
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-9.8||CRITICAL
EPSS-5.71% / 92.15%
||
7 Day CHG~0.00%
Published-21 Mar, 2018 | 20:00
Updated-05 Aug, 2024 | 13:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Gitlab Community Edition version 10.2.4 is vulnerable to a lack of input validation in the GitlabProjectsImportService resulting in remote code execution.

Action-Not Available
Vendor-Debian GNU/LinuxGitLab Inc.
Product-debian_linuxgitlabGitLab Community and Enterprise Editions
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-20
Improper Input Validation
CVE-2017-0249
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.3||HIGH
EPSS-4.17% / 89.76%
||
7 Day CHG~0.00%
Published-12 May, 2017 | 14:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An elevation of privilege vulnerability exists when the ASP.NET Core fails to properly sanitize web requests.

Action-Not Available
Vendor-Microsoft Corporation
Product-microsoft.aspnetcore.mvc.formatters.jsonmicrosoft.aspnetcore.mvc.localizationmicrosoft.aspnetcore.mvc.corsmicrosoft.aspnetcore.mvc.formatters.xmlmicrosoft.aspnetcore.mvc.razor.hostmicrosoft.aspnetcore.mvc.webapicompatshimsystem.net.http.winhttphandlermicrosoft.aspnetcore.mvc.apiexplorermicrosoft.aspnetcore.mvc.viewfeaturessystem.net.websockets.clientasp.net_model_view_controllermicrosoft.aspnetcore.mvc.taghelpersmicrosoft.aspnetcore.mvc.abstractionssystem.net.securitymicrosoft.aspnetcore.mvc.dataannotationssystem.net.httpsystem.text.encodings.webmicrosoft.aspnetcore.mvc.razorASP.NET Core
CWE ID-CWE-20
Improper Input Validation
CVE-2007-5095
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-15.17% / 96.37%
||
7 Day CHG~0.00%
Published-26 Sep, 2007 | 22:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Windows Media Player (WMP) 9 on Windows XP SP2 invokes Internet Explorer to render HTML documents contained inside some media files, regardless of what default web browser is configured, which might allow remote attackers to exploit vulnerabilities in software that the user does not expect to run, as demonstrated by the HTMLView parameter in an .asx file.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_media_playerwindows_xpn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2024-23469
Matching Score-4
Assigner-SolarWinds
ShareView Details
Matching Score-4
Assigner-SolarWinds
CVSS Score-9.6||CRITICAL
EPSS-17.87% / 96.84%
||
7 Day CHG~0.00%
Published-17 Jul, 2024 | 14:26
Updated-10 Sep, 2024 | 17:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SolarWinds Access Rights Manager Exposed Dangerous Method Remote Code Execution Vulnerability

SolarWinds Access Rights Manager (ARM) is susceptible to a Remote Code Execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to perform the actions with SYSTEM privileges.

Action-Not Available
Vendor-SolarWinds Worldwide, LLC.
Product-access_rights_managerAccess Rights Manageraccess_rights_manager
CWE ID-CWE-20
Improper Input Validation
CVE-2017-1000039
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.62% / 83.77%
||
7 Day CHG~0.00%
Published-13 Jul, 2017 | 20:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Framadate version 1.0 is vulnerable to Formula Injection in the CSV Export resulting possible Information Disclosure and Code Execution

Action-Not Available
Vendor-framasoftn/a
Product-framadaten/a
CWE ID-CWE-20
Improper Input Validation
CVE-2024-23483
Matching Score-4
Assigner-Zscaler, Inc.
ShareView Details
Matching Score-4
Assigner-Zscaler, Inc.
CVSS Score-7||HIGH
EPSS-0.75% / 50.75%
||
7 Day CHG~0.00%
Published-06 Aug, 2024 | 15:30
Updated-07 Aug, 2024 | 21:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local Privilege Escalation via lack of input validation

An Improper Input Validation vulnerability in Zscaler Client Connector on MacOS allows OS Command Injection. This issue affects Zscaler Client Connector on MacOS <4.2.

Action-Not Available
Vendor-Zscaler, Inc.
Product-client_connectorClient Connectorclient_connector
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-0916
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-9.8||CRITICAL
EPSS-5.71% / 92.15%
||
7 Day CHG~0.00%
Published-21 Mar, 2018 | 20:00
Updated-05 Aug, 2024 | 13:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Gitlab Community Edition version 10.3 is vulnerable to a lack of input validation in the system_hook_push queue through web hook component resulting in remote code execution.

Action-Not Available
Vendor-Debian GNU/LinuxGitLab Inc.
Product-debian_linuxgitlabGitLab Community and Enterprise Editions
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-20
Improper Input Validation
CVE-2024-23790
Matching Score-4
Assigner-OTRS AG
ShareView Details
Matching Score-4
Assigner-OTRS AG
CVSS Score-3.5||LOW
EPSS-0.25% / 16.74%
||
7 Day CHG~0.00%
Published-29 Jan, 2024 | 09:21
Updated-17 Jun, 2025 | 21:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Missing file type check in avatar picture upload

Improper Input Validation vulnerability in the upload functionality for user avatars allows functionality misuse due to missing check of filetypes. This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023 through 2023.1.1.

Action-Not Available
Vendor-OTRS AG
Product-otrsOTRS
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-354
Improper Validation of Integrity Check Value
CVE-2016-9157
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-3.26% / 86.95%
||
7 Day CHG~0.00%
Published-05 Dec, 2016 | 08:09
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to cause a Denial of Service condition and potentially lead to unauthenticated remote code execution by sending specially crafted packets to port 19234/TCP.

Action-Not Available
Vendor-n/aSiemens AG
Product-sicam_pas\/pqsSiemens SICAM PAS through V8.08
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-284
Improper Access Control
CVE-2016-9156
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-7.3||HIGH
EPSS-1.51% / 71.63%
||
7 Day CHG~0.00%
Published-05 Dec, 2016 | 08:09
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to upload, download, or delete files in certain parts of the file system by sending specially crafted packets to port 19235/TCP.

Action-Not Available
Vendor-n/aSiemens AG
Product-sicam_pas\/pqsSiemens SICAM PAS through V8.08
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-284
Improper Access Control
CVE-2016-8869
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-97.43% / 99.89%
||
7 Day CHG~0.00%
Published-04 Nov, 2016 | 21:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4 allows remote attackers to gain privileges by leveraging incorrect use of unfiltered data when registering on a site.

Action-Not Available
Vendor-n/aJoomla!
Product-joomla\!n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-9901
Matching Score-4
Assigner-Mozilla Corporation
ShareView Details
Matching Score-4
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.92% / 85.46%
||
7 Day CHG~0.00%
Published-11 Jun, 2018 | 21:00
Updated-25 Nov, 2025 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HTML tags received from the Pocket server will be processed without sanitization and any JavaScript code executed will be run in the "about:pocket-saved" (unprivileged) page, giving it access to Pocket's messaging API through HTML injection. This vulnerability affects Firefox ESR < 45.6 and Firefox < 50.1.

Action-Not Available
Vendor-Red Hat, Inc.Mozilla Corporation
Product-enterprise_linux_eusenterprise_linux_ausfirefoxenterprise_linux_desktopenterprise_linux_serverenterprise_linux_workstationFirefoxFirefox ESR
CWE ID-CWE-20
Improper Input Validation
CVE-2016-9023
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.25% / 66.03%
||
7 Day CHG~0.00%
Published-31 Dec, 2020 | 02:13
Updated-06 Aug, 2024 | 02:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Exponent CMS before 2.6.0 has improper input validation in cron/find_help.php.

Action-Not Available
Vendor-exponentcmsn/a
Product-exponent_cmsn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2007-5832
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.36% / 68.58%
||
7 Day CHG~0.00%
Published-05 Nov, 2007 | 19:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in selectLanguage.do in SSL-Explorer before 0.2.15 allows remote attackers to inject (1) headers or (2) body data in an HTTP transaction, a different vulnerability than CVE-2007-2907. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-ssl-explorern/a
Product-ssl-explorern/a
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 21
  • 22
  • Next
Details not found