Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-21687

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-01 Feb, 2022 | 11:56
Updated At-05 May, 2025 | 16:34
Rejected At-
Credits

Command injection in gh-ost

gh-ost is a triggerless online schema migration solution for MySQL. Versions prior to 1.1.3 are subject to an arbitrary file read vulnerability. The attacker must have access to the target host or trick an administrator into executing a malicious gh-ost command on a host running gh-ost, plus network access from host running gh-ost to the attack's malicious MySQL server. The `-database` parameter does not properly sanitize user input which can lead to arbitrary file reads.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:01 Feb, 2022 | 11:56
Updated At:05 May, 2025 | 16:34
Rejected At:
▼CVE Numbering Authority (CNA)
Command injection in gh-ost

gh-ost is a triggerless online schema migration solution for MySQL. Versions prior to 1.1.3 are subject to an arbitrary file read vulnerability. The attacker must have access to the target host or trick an administrator into executing a malicious gh-ost command on a host running gh-ost, plus network access from host running gh-ost to the attack's malicious MySQL server. The `-database` parameter does not properly sanitize user input which can lead to arbitrary file reads.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
3.16.8MEDIUM
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Version: 3.1
Base score: 6.8
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/github/gh-ost/security/advisories/GHSA-rrp4-2xx3-mv29
x_refsource_CONFIRM
https://github.com/github/gh-ost/commit/a91ab042de013cfd8fbb633763438932d9080d8f
x_refsource_MISC
Hyperlink: https://github.com/github/gh-ost/security/advisories/GHSA-rrp4-2xx3-mv29
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/github/gh-ost/commit/a91ab042de013cfd8fbb633763438932d9080d8f
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/github/gh-ost/security/advisories/GHSA-rrp4-2xx3-mv29
x_refsource_CONFIRM
x_transferred
https://github.com/github/gh-ost/commit/a91ab042de013cfd8fbb633763438932d9080d8f
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/github/gh-ost/security/advisories/GHSA-rrp4-2xx3-mv29
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://github.com/github/gh-ost/commit/a91ab042de013cfd8fbb633763438932d9080d8f
Resource:
x_refsource_MISC
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-20CWE-20 Improper Input Validation
Type: CWE
CWE ID: CWE-20
Description: CWE-20 Improper Input Validation
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:01 Feb, 2022 | 12:15
Updated At:05 May, 2025 | 17:17

gh-ost is a triggerless online schema migration solution for MySQL. Versions prior to 1.1.3 are subject to an arbitrary file read vulnerability. The attacker must have access to the target host or trick an administrator into executing a malicious gh-ost command on a host running gh-ost, plus network access from host running gh-ost to the attack's malicious MySQL server. The `-database` parameter does not properly sanitize user input which can lead to arbitrary file reads.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.16.8MEDIUM
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Primary3.16.5MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
Type: Secondary
Version: 3.1
Base score: 6.8
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Type: Primary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Type: Primary
Version: 2.0
Base score: 4.3
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:P/I:N/A:N
CPE Matches

GitHub, Inc.
github
>>gh-ost>>Versions before 1.1.3(exclusive)
cpe:2.3:a:github:gh-ost:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE-20Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-20
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://github.com/github/gh-ost/commit/a91ab042de013cfd8fbb633763438932d9080d8fsecurity-advisories@github.com
Patch
Third Party Advisory
https://github.com/github/gh-ost/security/advisories/GHSA-rrp4-2xx3-mv29security-advisories@github.com
Third Party Advisory
https://github.com/github/gh-ost/commit/a91ab042de013cfd8fbb633763438932d9080d8faf854a3a-2127-422b-91ae-364da2661108
Patch
Third Party Advisory
https://github.com/github/gh-ost/security/advisories/GHSA-rrp4-2xx3-mv29af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Hyperlink: https://github.com/github/gh-ost/commit/a91ab042de013cfd8fbb633763438932d9080d8f
Source: security-advisories@github.com
Resource:
Patch
Third Party Advisory
Hyperlink: https://github.com/github/gh-ost/security/advisories/GHSA-rrp4-2xx3-mv29
Source: security-advisories@github.com
Resource:
Third Party Advisory
Hyperlink: https://github.com/github/gh-ost/commit/a91ab042de013cfd8fbb633763438932d9080d8f
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Third Party Advisory
Hyperlink: https://github.com/github/gh-ost/security/advisories/GHSA-rrp4-2xx3-mv29
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

163Records found

CVE-2021-37700
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-6.5||MEDIUM
EPSS-1.66% / 73.79%
||
7 Day CHG~0.00%
Published-12 Aug, 2021 | 20:45
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Clipboard-based DOM-XSS

@github/paste-markdown is an npm package for pasting markdown objects. A self Cross-Site Scripting vulnerability exists in the @github/paste-markdown before version 0.3.4. If the clipboard data contains the string `<table>`, a **div** is dynamically created, and the clipboard content is copied into its **innerHTML** property without any sanitization, resulting in improper execution of JavaScript in the browser of the victim (the user who pasted the code). Users directed to copy text from a malicious website and paste it into pages that utilize this library are affected. This is fixed in version 0.3.4. Refer the to the referenced GitHub Advisory for more details including an example exploit.

Action-Not Available
Vendor-paste-markdown_projectGitHub, Inc.
Product-paste-markdownpaste-markdown
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-22865
Matching Score-8
Assigner-GitHub, Inc. (Products Only)
ShareView Details
Matching Score-8
Assigner-GitHub, Inc. (Products Only)
CVSS Score-6.5||MEDIUM
EPSS-1.32% / 67.27%
||
7 Day CHG~0.00%
Published-02 Apr, 2021 | 17:25
Updated-03 Aug, 2024 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper access control in GitHub Enterprise Server leading to unauthorized read access to private repository metadata

An improper access control vulnerability was identified in GitHub Enterprise Server that allowed access tokens generated from a GitHub App's web authentication flow to read private repository metadata via the REST API without having been granted the appropriate permissions. To exploit this vulnerability, an attacker would need to create a GitHub App on the instance and have a user authorize the application through the web authentication flow. The private repository metadata returned would be limited to repositories owned by the user the token identifies. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.0.4 and was fixed in versions 3.0.4, 2.22.10, 2.21.18. This vulnerability was reported via the GitHub Bug Bounty program.

Action-Not Available
Vendor-GitHub, Inc.
Product-enterprise_serverGitHub Enterprise Server
CWE ID-CWE-285
Improper Authorization
CVE-2023-46645
Matching Score-8
Assigner-GitHub, Inc. (Products Only)
ShareView Details
Matching Score-8
Assigner-GitHub, Inc. (Products Only)
CVSS Score-6.8||MEDIUM
EPSS-0.79% / 51.80%
||
7 Day CHG~0.00%
Published-21 Dec, 2023 | 20:45
Updated-13 Sep, 2024 | 14:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Path traversal in GitHub Enterprise Server leading to arbitrary file reading when building a GitHub Pages site

A path traversal vulnerability was identified in GitHub Enterprise Server that allowed arbitrary file reading when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.7.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1. This vulnerability was reported via the GitHub Bug Bounty program.

Action-Not Available
Vendor-GitHub, Inc.
Product-enterprise_serverEnterprise Server
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-2469
Matching Score-6
Assigner-GitHub, Inc. (Products Only)
ShareView Details
Matching Score-6
Assigner-GitHub, Inc. (Products Only)
CVSS Score-8||HIGH
EPSS-1.62% / 73.06%
||
7 Day CHG~0.00%
Published-20 Mar, 2024 | 22:56
Updated-10 Apr, 2025 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote Code Execution in GitHub Enterprise Server Allowed Administrators to gain SSH access to the appliance

An attacker with an Administrator role in GitHub Enterprise Server could gain SSH root access via remote code execution. This vulnerability affected GitHub Enterprise Server version 3.8.0 and above and was fixed in version 3.8.17, 3.9.12, 3.10.9, 3.11.7 and 3.12.1. This vulnerability was reported via the GitHub Bug Bounty program.

Action-Not Available
Vendor-GitHub, Inc.
Product-Enterprise Serverenterprise_server
CWE ID-CWE-20
Improper Input Validation
CVE-2024-0507
Matching Score-6
Assigner-GitHub, Inc. (Products Only)
ShareView Details
Matching Score-6
Assigner-GitHub, Inc. (Products Only)
CVSS Score-6.5||MEDIUM
EPSS-65.80% / 99.17%
||
7 Day CHG~0.00%
Published-16 Jan, 2024 | 18:51
Updated-22 Oct, 2024 | 15:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege Escalation by Code Injection in the Management Console in GitHub Enterprise Server

An attacker with access to a Management Console user account with the editor role could escalate privileges through a command injection vulnerability in the Management Console. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in versions 3.11.3, 3.10.5, 3.9.8, and 3.8.13 This vulnerability was reported via the GitHub Bug Bounty program.

Action-Not Available
Vendor-GitHub, Inc.
Product-enterprise_serverEnterprise Serverenterprise_server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2020-5238
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-6.5||MEDIUM
EPSS-1.57% / 72.30%
||
7 Day CHG~0.00%
Published-01 Jul, 2020 | 23:05
Updated-04 Aug, 2024 | 08:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial of service in table parsing in cmark-gfm

The table extension in GitHub Flavored Markdown before version 0.29.0.gfm.1 takes O(n * n) time to parse certain inputs. An attacker could craft a markdown table which would take an unreasonably long time to process, causing a denial of service. This issue does not affect the upstream cmark project. The issue has been fixed in version 0.29.0.gfm.1.

Action-Not Available
Vendor-github_flavored_markdown_projectFedora ProjectGitHub, Inc.
Product-github_flavored_markdownfedoracmark-gfm
CWE ID-CWE-20
Improper Input Validation
CVE-2024-3646
Matching Score-6
Assigner-GitHub, Inc. (Products Only)
ShareView Details
Matching Score-6
Assigner-GitHub, Inc. (Products Only)
CVSS Score-8||HIGH
EPSS-1.74% / 74.99%
||
7 Day CHG~0.00%
Published-19 Apr, 2024 | 14:21
Updated-02 Sep, 2025 | 19:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Management Console

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the instance when configuring the chat integration. Exploitation of this vulnerability required access to the GitHub Enterprise Server instance and access to the Management Console with the editor role. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.12.2, 3.11.8, 3.10.10, and 3.9.13. This vulnerability was reported via the GitHub Bug Bounty program.

Action-Not Available
Vendor-GitHub, Inc.
Product-enterprise_serverEnterprise Serverenterprise_server
CWE ID-CWE-20
Improper Input Validation
CVE-2012-5814
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.8||MEDIUM
EPSS-0.57% / 42.96%
||
7 Day CHG~0.00%
Published-04 Nov, 2012 | 22:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Weberknecht, as used in GitHub Gaug.es and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

Action-Not Available
Vendor-roderick_baiern/aGitHub, Inc.
Product-gaug.esweberknechtn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2024-2443
Matching Score-6
Assigner-GitHub, Inc. (Products Only)
ShareView Details
Matching Score-6
Assigner-GitHub, Inc. (Products Only)
CVSS Score-9.1||CRITICAL
EPSS-2.09% / 79.29%
||
7 Day CHG~0.00%
Published-20 Mar, 2024 | 23:04
Updated-04 Sep, 2025 | 15:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper input validation vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Management Console

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when configuring GeoJSON settings. Exploitation of this vulnerability required access to the GitHub Enterprise Server instance and access to the Management Console with the editor role. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.13 and was fixed in versions 3.8.17, 3.9.12, 3.10.9, 3.11.7, and 3.12.1. This vulnerability was reported via the GitHub Bug Bounty program.

Action-Not Available
Vendor-GitHub, Inc.
Product-enterprise_serverGitHub Enterprise Serverenterprise_server
CWE ID-CWE-20
Improper Input Validation
CVE-2024-1359
Matching Score-6
Assigner-GitHub, Inc. (Products Only)
ShareView Details
Matching Score-6
Assigner-GitHub, Inc. (Products Only)
CVSS Score-9.1||CRITICAL
EPSS-2.27% / 80.95%
||
7 Day CHG~0.00%
Published-13 Feb, 2024 | 18:52
Updated-09 May, 2025 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement Console

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when setting up an HTTP proxy. Exploitation of this vulnerability required access to the GitHub Enterprise Server instance and access to the Management Console with the editor role. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.11.5, 3.10.7, 3.9.10, and 3.8.15. This vulnerability was reported via the GitHub Bug Bounty program https://bounty.github.com .

Action-Not Available
Vendor-GitHub, Inc.
Product-enterprise_serverEnterprise Server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-1355
Matching Score-6
Assigner-GitHub, Inc. (Products Only)
ShareView Details
Matching Score-6
Assigner-GitHub, Inc. (Products Only)
CVSS Score-9.1||CRITICAL
EPSS-2.36% / 81.72%
||
7 Day CHG~0.00%
Published-13 Feb, 2024 | 18:51
Updated-24 Mar, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement Console

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via the actions-console docker container while setting a service URL. Exploitation of this vulnerability required access to the GitHub Enterprise Server instance and access to the Management Console with the editor role. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.11.5, 3.10.7, 3.9.10, and 3.8.15. This vulnerability was reported via the GitHub Bug Bounty program.

Action-Not Available
Vendor-GitHub, Inc.
Product-enterprise_serverEnterprise Server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-1354
Matching Score-6
Assigner-GitHub, Inc. (Products Only)
ShareView Details
Matching Score-6
Assigner-GitHub, Inc. (Products Only)
CVSS Score-8||HIGH
EPSS-1.72% / 74.68%
||
7 Day CHG~0.00%
Published-13 Feb, 2024 | 18:50
Updated-08 May, 2025 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement Console

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via the `syslog-ng` configuration file. Exploitation of this vulnerability required access to the GitHub Enterprise Server instance and access to the Management Console with the editor role. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.11.5, 3.10.7, 3.9.10, and 3.8.15. This vulnerability was reported via the GitHub Bug Bounty program.

Action-Not Available
Vendor-GitHub, Inc.
Product-enterprise_serverEnterprise Server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-1378
Matching Score-6
Assigner-GitHub, Inc. (Products Only)
ShareView Details
Matching Score-6
Assigner-GitHub, Inc. (Products Only)
CVSS Score-9.1||CRITICAL
EPSS-2.34% / 81.53%
||
7 Day CHG~0.00%
Published-13 Feb, 2024 | 18:54
Updated-16 Aug, 2024 | 19:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement Console

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via nomad templates when configuring SMTP options. Exploitation of this vulnerability required access to the GitHub Enterprise Server instance and access to the Management Console with the editor role. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.11.5, 3.10.7, 3.9.10, and 3.8.15. This vulnerability was reported via the GitHub Bug Bounty program https://bounty.github.com .

Action-Not Available
Vendor-GitHub, Inc.
Product-enterprise_serverEnterprise Serverenterprise_server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-1372
Matching Score-6
Assigner-GitHub, Inc. (Products Only)
ShareView Details
Matching Score-6
Assigner-GitHub, Inc. (Products Only)
CVSS Score-9.1||CRITICAL
EPSS-2.27% / 80.95%
||
7 Day CHG~0.00%
Published-13 Feb, 2024 | 18:54
Updated-09 May, 2025 | 18:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement Console

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when configuring SAML settings. Exploitation of this vulnerability required access to the GitHub Enterprise Server instance and access to the Management Console with the editor role. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.11.5, 3.10.7, 3.9.10, and 3.8.15. This vulnerability was reported via the GitHub Bug Bounty program https://bounty.github.com .

Action-Not Available
Vendor-GitHub, Inc.
Product-enterprise_serverEnterprise Server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-1369
Matching Score-6
Assigner-GitHub, Inc. (Products Only)
ShareView Details
Matching Score-6
Assigner-GitHub, Inc. (Products Only)
CVSS Score-9.1||CRITICAL
EPSS-2.27% / 80.95%
||
7 Day CHG~0.00%
Published-13 Feb, 2024 | 18:53
Updated-27 Aug, 2024 | 19:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement Console

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when setting the username and password for collectd configurations. Exploitation of this vulnerability required access to the GitHub Enterprise Server instance and access to the Management Console with the editor role. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.11.5, 3.10.7, 3.9.10, and 3.8.15. This vulnerability was reported via the GitHub Bug Bounty program https://bounty.github.com .

Action-Not Available
Vendor-GitHub, Inc.
Product-enterprise_serverEnterprise Serverenterprise_server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-1374
Matching Score-6
Assigner-GitHub, Inc. (Products Only)
ShareView Details
Matching Score-6
Assigner-GitHub, Inc. (Products Only)
CVSS Score-9.1||CRITICAL
EPSS-2.63% / 83.67%
||
7 Day CHG~0.00%
Published-13 Feb, 2024 | 18:54
Updated-09 May, 2025 | 18:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement Console

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via nomad templates when configuring audit log forwarding. Exploitation of this vulnerability required access to the GitHub Enterprise Server instance and access to the Management Console with the editor role. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.11.5, 3.10.7, 3.9.10, and 3.8.15. This vulnerability was reported via the GitHub Bug Bounty program https://bounty.github.com .

Action-Not Available
Vendor-GitHub, Inc.
Product-enterprise_serverEnterprise Server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2006-1729
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-2.23% / 80.62%
||
7 Day CHG~0.00%
Published-14 Apr, 2006 | 10:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.

Action-Not Available
Vendor-n/aCanonical Ltd.Mozilla Corporation
Product-firefoxmozilla_suiteubuntu_linuxseamonkeyn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-5284
Matching Score-4
Assigner-Mozilla Corporation
ShareView Details
Matching Score-4
Assigner-Mozilla Corporation
CVSS Score-7.4||HIGH
EPSS-2.37% / 81.78%
||
7 Day CHG~0.00%
Published-22 Sep, 2016 | 22:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org signed by an arbitrary built-in Certification Authority.

Action-Not Available
Vendor-n/aMozilla Corporation
Product-firefoxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2026-5885
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-6.5||MEDIUM
EPSS-0.24% / 14.62%
||
7 Day CHG~0.00%
Published-08 Apr, 2026 | 21:20
Updated-13 Apr, 2026 | 21:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation of untrusted input in WebML in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationGoogle LLCLinux Kernel Organization, Inc
Product-linux_kernelchromewindowsmacosChrome
CWE ID-CWE-20
Improper Input Validation
CVE-2019-9414
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-5.9||MEDIUM
EPSS-0.56% / 42.78%
||
7 Day CHG~0.00%
Published-27 Sep, 2019 | 18:05
Updated-04 Aug, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wpa_supplicant, there is a possible man in the middle vulnerability due to improper input validation of the basicConstraints field of intermediary certificates. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111893041

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-20
Improper Input Validation
CVE-2025-30294
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-6.8||MEDIUM
EPSS-11.54% / 95.50%
||
7 Day CHG+1.13%
Published-08 Apr, 2025 | 20:02
Updated-04 Sep, 2025 | 15:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ColdFusion | Improper Input Validation (CWE-20)

ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Input Validation vulnerability that could result in a security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security protections and gain unauthorized read access. Exploitation of this issue does not require user interaction and scope is changed.

Action-Not Available
Vendor-Adobe Inc.
Product-coldfusionColdFusion
CWE ID-CWE-20
Improper Input Validation
CVE-2016-6465
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-1.56% / 72.15%
||
7 Day CHG~0.00%
Published-14 Dec, 2016 | 00:37
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances and Cisco Web Security Appliances could allow an unauthenticated, remote attacker to bypass user filters that are configured for an affected device. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for both virtual and hardware versions of the following Cisco products: Cisco Email Security Appliances (ESAs) that are configured to use message or content filters that scan incoming email attachments; Cisco Web Security Appliances (WSAs) that are configured to use services that scan accessed web content. More Information: CSCva90076, CSCvb06764. Known Affected Releases: 10.0.0-125 8.5.7-042 9.7.2-047.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-email_security_applianceCisco AsyncOS
CWE ID-CWE-20
Improper Input Validation
CVE-2015-2156
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-5.43% / 91.74%
||
7 Day CHG~0.00%
Published-18 Oct, 2017 | 15:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0.28.Final, and 4.1.x before 4.1.0.Beta5 and Play Framework 2.x before 2.3.9 might allow remote attackers to bypass the httpOnly flag on cookies and obtain sensitive information by leveraging improper validation of cookie name and value characters.

Action-Not Available
Vendor-lightbendplayframeworkn/aThe Netty Project
Product-play_frameworknettyn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-23998
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-6.2||MEDIUM
EPSS-0.58% / 43.31%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 17:40
Updated-03 Aug, 2024 | 03:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control vulnerability in Camera prior to versions 11.1.02.16 in Android R(11), 10.5.03.77 in Android Q(10) and 9.0.6.68 in Android P(9) allows untrusted applications to take a picture in screenlock status.

Action-Not Available
Vendor-Google LLCSamsungSamsung Electronics
Product-cameraandroidSamsung Camera
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-863
Incorrect Authorization
CVE-2015-2412
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-4.3||MEDIUM
EPSS-17.85% / 96.81%
||
7 Day CHG~0.00%
Published-14 Jul, 2015 | 21:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Internet Explorer 10 and 11 allows remote attackers to read arbitrary local files via a crafted pathname, aka "Internet Explorer Information Disclosure Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_explorern/a
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2015-0626
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-1.08% / 60.96%
||
7 Day CHG~0.00%
Published-19 Feb, 2015 | 00:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SOAP interface in Cisco Hosted Collaboration Solution (HCS) allows remote attackers to obtain access to system-management tools via crafted Challenge SOAP calls, aka Bug ID CSCuc38114.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-hosted_collaboration_solutionn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-3352
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-2.82% / 84.86%
||
7 Day CHG~0.00%
Published-30 Aug, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) 2008.3_SP9 and earlier does not properly consider whether a session is a problematic NULL session, which allows remote attackers to obtain sensitive information via crafted packets, related to an "iFrame vulnerability," aka Bug ID CSCuh84801.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-cloud_portaln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-2146
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-1.26% / 65.88%
||
7 Day CHG~0.00%
Published-22 Sep, 2016 | 17:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Zone-Based Firewall (ZBFW) functionality in Cisco IOS, possibly 15.4 and earlier, and IOS XE, possibly 3.13 and earlier, mishandles zone checking for existing sessions, which allows remote attackers to bypass intended resource-access restrictions via spoofed traffic that matches one of these sessions, aka Bug IDs CSCun94946 and CSCun96847.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosios_xen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-3310
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-1.20% / 64.53%
||
7 Day CHG~0.00%
Published-10 Jul, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The File Transfer feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center does not verify that a requested file was an offered file, which allows remote attackers to read arbitrary files via a modified request, aka Bug IDs CSCup62442 and CSCup58463.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-webex_meetings_serverwebex_meeting_centern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2023-36563
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-20.72% / 97.22%
||
7 Day CHG-0.16%
Published-10 Oct, 2023 | 17:08
Updated-28 Oct, 2025 | 14:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-10-31||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Microsoft WordPad Information Disclosure Vulnerability

Microsoft WordPad Information Disclosure Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1507windows_11_22h2windows_server_2012windows_server_2008windows_10_21h2windows_server_2022windows_10_1607windows_10_22h2windows_10_1809windows_server_2019windows_11_21h2windows_server_2016Windows 11 version 21H2Windows Server 2016 (Server Core installation)Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2019 (Server Core installation)Windows 10 Version 22H2Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2012 (Server Core installation)Windows Server 2022Windows Server 2019Windows 10 Version 1507Windows 10 Version 1607Windows 10 Version 21H2Windows Server 2008 Service Pack 2Windows Server 2012 R2Windows 10 Version 1809Windows 11 version 22H2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server 2008 R2 Service Pack 1Windows Server 2016WordPad
CWE ID-CWE-20
Improper Input Validation
CVE-2014-1369
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.99% / 58.17%
||
7 Day CHG~0.00%
Published-01 Jul, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit in Apple Safari before 6.1.5 and 7.x before 7.0.5 allows user-assisted remote attackers to access file: URLs by leveraging a URL drag operation that originates at a crafted web site.

Action-Not Available
Vendor-n/aApple Inc.
Product-safarin/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-0034
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-7.41% / 93.68%
||
7 Day CHG~0.00%
Published-07 Jul, 2014 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SecurityTokenService (STS) in Apache CXF before 2.6.12 and 2.7.x before 2.7.9 does not properly validate SAML tokens when caching is enabled, which allows remote attackers to gain access via an invalid SAML token.

Action-Not Available
Vendor-n/aThe Apache Software FoundationRed Hat, Inc.
Product-jboss_enterprise_application_platformcxfn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-0033
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-9.89% / 94.99%
||
7 Day CHG~0.00%
Published-26 Feb, 2014 | 11:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

org/apache/catalina/connector/CoyoteAdapter.java in Apache Tomcat 6.0.33 through 6.0.37 does not consider the disableURLRewriting setting when handling a session ID in a URL, which allows remote attackers to conduct session fixation attacks via a crafted URL.

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-tomcatn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-4059
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-6.5||MEDIUM
EPSS-1.26% / 66.14%
||
7 Day CHG~0.00%
Published-23 Dec, 2021 | 00:45
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient data validation in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Action-Not Available
Vendor-Fedora ProjectGoogle LLCDebian GNU/Linux
Product-chromedebian_linuxfedoraChrome
CWE ID-CWE-20
Improper Input Validation
CVE-2019-13750
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-6.5||MEDIUM
EPSS-2.21% / 80.40%
||
7 Day CHG~0.00%
Published-10 Dec, 2019 | 21:01
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML page.

Action-Not Available
Vendor-Canonical Ltd.Google LLCRed Hat, Inc.Fedora ProjectDebian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxenterprise_linux_for_scientific_computingdebian_linuxchromeenterprise_linux_workstationfedoraenterprise_linux_desktopChrome
CWE ID-CWE-20
Improper Input Validation
CVE-2021-36006
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-3.3||LOW
EPSS-1.75% / 75.15%
||
7 Day CHG~0.00%
Published-20 Aug, 2021 | 18:10
Updated-23 Apr, 2025 | 19:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Photoshop MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability

Adobe Photoshop versions 21.2.9 (and earlier) and 22.4.2 (and earlier) are affected by an Improper input validation vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Adobe Inc.Apple Inc.Microsoft Corporation
Product-windowsphotoshopmacosPhotoshop
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-665
Improper Initialization
CVE-2019-13707
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-5.5||MEDIUM
EPSS-0.45% / 36.05%
||
7 Day CHG~0.00%
Published-25 Nov, 2019 | 14:22
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation of untrusted input in intents in Google Chrome on Android prior to 78.0.3904.70 allowed a local attacker to leak files via a crafted application.

Action-Not Available
Vendor-openSUSEGoogle LLC
Product-chromebackportsChrome
CWE ID-CWE-20
Improper Input Validation
CVE-2021-36014
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-3.3||LOW
EPSS-1.86% / 76.72%
||
7 Day CHG~0.00%
Published-20 Aug, 2021 | 18:10
Updated-23 Apr, 2025 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Media Encoder MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability

Adobe Media Encoder version 15.2 (and earlier) is affected by an uninitialized pointer vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to read arbitrary file system information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Adobe Inc.Microsoft Corporation
Product-windowsmedia_encoderMedia Encoder
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-824
Access of Uninitialized Pointer
CVE-2021-34322
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-5.5||MEDIUM
EPSS-1.15% / 63.11%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The JPEG2K_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing J2K files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13416)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2021-31412
Matching Score-4
Assigner-Vaadin Ltd.
ShareView Details
Matching Score-4
Assigner-Vaadin Ltd.
CVSS Score-5.3||MEDIUM
EPSS-1.32% / 67.30%
||
7 Day CHG~0.00%
Published-24 Jun, 2021 | 11:33
Updated-16 Sep, 2024 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Possible route enumeration in production mode via RouteNotFoundError view in Vaadin 10, 11-14, and 15-19

Improper sanitization of path in default RouteNotFoundError view in com.vaadin:flow-server versions 1.0.0 through 1.0.14 (Vaadin 10.0.0 through 10.0.18), 1.1.0 prior to 2.0.0 (Vaadin 11 prior to 14), 2.0.0 through 2.6.1 (Vaadin 14.0.0 through 14.6.1), and 3.0.0 through 6.0.9 (Vaadin 15.0.0 through 19.0.8) allows network attacker to enumerate all available routes via crafted HTTP request when application is running in production mode and no custom handler for NotFoundException is provided.

Action-Not Available
Vendor-vaadinVaadin
Product-flowvaadinflow-serverVaadin
CWE ID-CWE-1295
Debug Messages Revealing Unnecessary Information
CWE ID-CWE-20
Improper Input Validation
CVE-2026-14100
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.5||MEDIUM
EPSS-0.23% / 13.63%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 22:39
Updated-01 Jul, 2026 | 18:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient data validation in NetworkCache in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)

Action-Not Available
Vendor-Microsoft CorporationGoogle LLCApple Inc.Linux Kernel Organization, Inc
Product-chromewindowsmacoslinux_kernelChrome
CWE ID-CWE-20
Improper Input Validation
CVE-2026-11140
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.5||MEDIUM
EPSS-0.23% / 13.63%
||
7 Day CHG~0.00%
Published-04 Jun, 2026 | 23:05
Updated-08 Jun, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds read in Chromecast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

Action-Not Available
Vendor-Microsoft CorporationLinux Kernel Organization, IncGoogle LLCApple Inc.
Product-linux_kernelwindowsmacoschromeChrome
CWE ID-CWE-20
Improper Input Validation
CVE-2026-13816
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.5||MEDIUM
EPSS-0.27% / 17.87%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 22:37
Updated-01 Jul, 2026 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation of untrusted input in File Input in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Google LLC
Product-Chrome
CWE ID-CWE-20
Improper Input Validation
CVE-2003-1350
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-2.08% / 79.24%
||
7 Day CHG~0.00%
Published-14 Oct, 2007 | 19:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

List Site Pro 2.0 allows remote attackers to hijack user accounts by inserting a "|" (pipe), which is used as a field delimiter, into the bannerurl field.

Action-Not Available
Vendor-list_site_pron/a
Product-list_site_pron/a
CWE ID-CWE-20
Improper Input Validation
CVE-2026-13889
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.5||MEDIUM
EPSS-0.30% / 21.35%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 22:38
Updated-01 Jul, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Side-channel information leakage in WebAuthentication in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

Action-Not Available
Vendor-Google LLC
Product-Chrome
CWE ID-CWE-20
Improper Input Validation
CVE-2026-14022
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.5||MEDIUM
EPSS-0.30% / 21.62%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 22:38
Updated-01 Jul, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation of untrusted input in Network in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

Action-Not Available
Vendor-Google LLC
Product-Chrome
CWE ID-CWE-20
Improper Input Validation
CVE-2026-13847
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.5||MEDIUM
EPSS-0.28% / 19.94%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 22:37
Updated-02 Jul, 2026 | 14:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Apple Inc.Google LLC
Product-chromeiphone_osChrome
CWE ID-CWE-20
Improper Input Validation
CVE-2026-14021
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.5||MEDIUM
EPSS-0.25% / 15.89%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 22:38
Updated-01 Jul, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient policy enforcement in StorageAccessAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

Action-Not Available
Vendor-Google LLC
Product-Chrome
CWE ID-CWE-20
Improper Input Validation
CVE-2012-4072
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.61% / 44.79%
||
7 Day CHG~0.00%
Published-20 Sep, 2013 | 16:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The KVM subsystem in Cisco Unified Computing System (UCS) relies on a hardcoded X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers, and read keyboard and mouse events, by leveraging knowledge of this certificate's private key, aka Bug ID CSCte90327.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_computing_systemn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2026-13893
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.5||MEDIUM
EPSS-0.26% / 17.31%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 22:38
Updated-02 Jul, 2026 | 16:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation of untrusted input in WebUI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via malicious network traffic. (Chromium security severity: Medium)

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found