Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-1041

Summary
Assigner-avaya
Assigner Org ID-9d670455-bdb5-4cca-a883-5914865f5d96
Published At-10 Jun, 2025 | 06:05
Updated At-10 Jun, 2025 | 20:00
Rejected At-
Credits

Avaya Call Management System RCE vulnerability

An improper input validation discovered in Avaya Call Management System could allow an unauthorized remote command via a specially crafted web request. Affected versions include 18.x, 19.x prior to 19.2.0.7, and 20.x prior to 20.0.1.0.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:avaya
Assigner Org ID:9d670455-bdb5-4cca-a883-5914865f5d96
Published At:10 Jun, 2025 | 06:05
Updated At:10 Jun, 2025 | 20:00
Rejected At:
▼CVE Numbering Authority (CNA)
Avaya Call Management System RCE vulnerability

An improper input validation discovered in Avaya Call Management System could allow an unauthorized remote command via a specially crafted web request. Affected versions include 18.x, 19.x prior to 19.2.0.7, and 20.x prior to 20.0.1.0.

Affected Products
Vendor
Avaya LLCAvaya
Product
Avaya Call Management System
Default Status
unaffected
Versions
Affected
  • From 18.0 before 19.2.0.7 (custom)
  • From 20.0 before 20.0.1.0 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-20CWE-20 Improper Input Validation
Type: CWE
CWE ID: CWE-20
Description: CWE-20 Improper Input Validation
Metrics
VersionBase scoreBase severityVector
3.19.9CRITICAL
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Version: 3.1
Base score: 9.9
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-253CAPEC-253 Remote Code Inclusion
CAPEC ID: CAPEC-253
Description: CAPEC-253 Remote Code Inclusion
Solutions

Configurations

Workarounds

Exploits

Credits

finder
Roberto Olivero
finder
Juan Ignacio Elola
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://support.avaya.com/css/public/documents/101093084
N/A
Hyperlink: https://support.avaya.com/css/public/documents/101093084
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:securityalerts@avaya.com
Published At:10 Jun, 2025 | 06:15
Updated At:30 Jul, 2025 | 17:59

An improper input validation discovered in Avaya Call Management System could allow an unauthorized remote command via a specially crafted web request. Affected versions include 18.x, 19.x prior to 19.2.0.7, and 20.x prior to 20.0.1.0.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.19.9CRITICAL
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 9.9
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches

Avaya LLC
avaya
>>call_management_system>>Versions from 18.0.0.1(inclusive) to 19.2.0.7(exclusive)
cpe:2.3:a:avaya:call_management_system:*:*:*:*:*:*:*:*
Avaya LLC
avaya
>>call_management_system>>Versions from 20.0(inclusive) to 20.0.1.0(exclusive)
cpe:2.3:a:avaya:call_management_system:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Secondarysecurityalerts@avaya.com
CWE ID: CWE-20
Type: Secondary
Source: securityalerts@avaya.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://support.avaya.com/css/public/documents/101093084securityalerts@avaya.com
Vendor Advisory
Hyperlink: https://support.avaya.com/css/public/documents/101093084
Source: securityalerts@avaya.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

583Records found

CVE-2023-3722
Matching Score-8
Assigner-Avaya, Inc.
ShareView Details
Matching Score-8
Assigner-Avaya, Inc.
CVSS Score-8.6||HIGH
EPSS-3.33% / 87.15%
||
7 Day CHG~0.00%
Published-19 Jul, 2023 | 19:56
Updated-22 Oct, 2024 | 19:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Avaya Aura Device Services Remote Code Execution

An OS command injection vulnerability was found in the Avaya Aura Device Services Web application which could allow remote code execution as the Web server user via a malicious uploaded file. This issue affects Avaya Aura Device Services version 8.1.4.0 and earlier.

Action-Not Available
Vendor-Avaya LLC
Product-aura_device_servicesAura Device Servicesaura_device_services
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-4196
Matching Score-8
Assigner-Avaya, Inc.
ShareView Details
Matching Score-8
Assigner-Avaya, Inc.
CVSS Score-10||CRITICAL
EPSS-0.59% / 43.76%
||
7 Day CHG~0.00%
Published-25 Jun, 2024 | 04:00
Updated-01 Oct, 2025 | 02:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Avaya IP Office Web Control RCE Vulnerability

An improper input validation vulnerability was discovered in Avaya IP Office that could allow remote command or code execution via a specially crafted web request to the Web Control component. Affected versions include all versions prior to 11.1.3.1.

Action-Not Available
Vendor-Avaya LLC
Product-ip_officeIP Officeip_office
CWE ID-CWE-782
Exposed IOCTL with Insufficient Access Control
CVE-2024-4197
Matching Score-8
Assigner-Avaya, Inc.
ShareView Details
Matching Score-8
Assigner-Avaya, Inc.
CVSS Score-9.9||CRITICAL
EPSS-0.78% / 51.35%
||
7 Day CHG~0.00%
Published-25 Jun, 2024 | 04:01
Updated-21 Jan, 2025 | 14:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Avaya IP Office One-X Portal File Upload Vulnerability

An unrestricted file upload vulnerability in Avaya IP Office was discovered that could allow remote command or code execution via the One-X component. Affected versions include all versions prior to 11.1.3.1.

Action-Not Available
Vendor-Avaya LLC
Product-ip_officeIP Officeip_office
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2008-5709
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9||HIGH
EPSS-3.35% / 87.20%
||
7 Day CHG~0.00%
Published-24 Dec, 2008 | 17:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in the web management interface in Avaya Communication Manager (CM) 3.1 before 3.1.4 SP2, 4.0 before 4.0.3 SP1, and 5.0 before 5.0 SP3 allow remote authenticated users to execute arbitrary code via unknown attack vectors in the (1) Set Static Routes and (2) Backup History components.

Action-Not Available
Vendor-n/aAvaya LLC
Product-communication_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2007-5556
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.47% / 70.46%
||
7 Day CHG~0.00%
Published-18 Oct, 2007 | 20:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Avaya VoIP Handset allows remote attackers to cause a denial of service (reboot) via crafted packets. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

Action-Not Available
Vendor-n/aAvaya LLC
Product-voip_handsetn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2007-5830
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.62% / 73.13%
||
7 Day CHG~0.00%
Published-05 Nov, 2007 | 19:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the administrative interface in Avaya Messaging Storage Server (MSS) 3.1 before SP1, and Message Networking (MN) 3.1, allows remote attackers to cause a denial of service via unspecified vectors related to "input validation."

Action-Not Available
Vendor-n/aAvaya LLC
Product-messaging_storage_servermessage_networkingn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-3081
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-3.06% / 85.98%
||
7 Day CHG~0.00%
Published-09 Jul, 2008 | 00:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified "input validation" vulnerabilities in the Web management interface (aka Messaging Administration interface) in Avaya Message Storage Server (MSS) 3.x and 4.0, and possibly Communication Manager 3.1.x, allow remote authenticated administrators to execute arbitrary commands as user vexvm via vectors related to (1) SFTP Remote Store configuration; (2) remote FTP storage settings; (3) name server lookup; (4) pinging another host; (5) TCP/IP Networking parameter configuration; (6) the external hosts configuration main page; (7) adding and changing external hosts; (8) Windows domain parameter configuration; (9) date, time, and NTP server configuration; (10) alarm settings; (11) the command line history form; (12) the maintenance form; and (13) the server events form.

Action-Not Available
Vendor-n/aAvaya LLC
Product-messaging_storage_servern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2025-43234
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.98% / 57.93%
||
7 Day CHG+0.07%
Published-29 Jul, 2025 | 23:35
Updated-02 Apr, 2026 | 19:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing a maliciously crafted texture may lead to unexpected app termination.

Action-Not Available
Vendor-Apple Inc.
Product-tvosvisionoswatchosmacosiphone_osipadosvisionOSmacOStvOSiOS and iPadOSwatchOS
CWE ID-CWE-20
Improper Input Validation
CVE-2025-43347
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.83% / 53.15%
||
7 Day CHG~0.00%
Published-15 Sep, 2025 | 22:34
Updated-02 Apr, 2026 | 19:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. An input validation issue was addressed.

Action-Not Available
Vendor-Apple Inc.
Product-tvosvisionoswatchosmacosiphone_osipadosvisionOSmacOStvOSiOS and iPadOSwatchOS
CWE ID-CWE-20
Improper Input Validation
CVE-2025-43253
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.72% / 49.45%
||
7 Day CHG+0.05%
Published-29 Jul, 2025 | 23:35
Updated-02 Apr, 2026 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. A malicious app may be able to launch arbitrary binaries on a trusted device.

Action-Not Available
Vendor-Apple Inc.
Product-macosmacOS
CWE ID-CWE-20
Improper Input Validation
CVE-2022-4427
Matching Score-4
Assigner-OTRS AG
ShareView Details
Matching Score-4
Assigner-OTRS AG
CVSS Score-6.5||MEDIUM
EPSS-0.71% / 49.21%
||
7 Day CHG~0.00%
Published-19 Dec, 2022 | 08:09
Updated-14 Apr, 2025 | 18:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Injection via OTRS Search API

Improper Input Validation vulnerability in OTRS AG OTRS, OTRS AG ((OTRS)) Community Edition allows SQL Injection via TicketSearch Webservice This issue affects OTRS: from 7.0.1 before 7.0.40 Patch 1, from 8.0.1 before 8.0.28 Patch 1; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.

Action-Not Available
Vendor-OTRS AG
Product-otrs((OTRS)) Community EditionOTRS
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2018-14009
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-38.44% / 98.39%
||
7 Day CHG~0.00%
Published-12 Jul, 2018 | 16:00
Updated-05 Aug, 2024 | 09:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Codiad through 2.8.4 allows Remote Code Execution, a different vulnerability than CVE-2017-11366 and CVE-2017-15689.

Action-Not Available
Vendor-codiadn/a
Product-codiadn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2020-5203
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.14% / 79.78%
||
7 Day CHG~0.00%
Published-11 Mar, 2020 | 13:28
Updated-04 Aug, 2024 | 08:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Fat-Free Framework 3.7.1, attackers can achieve arbitrary code execution if developers choose to pass user controlled input (e.g., $_REQUEST, $_GET, or $_POST) to the framework's Clear method.

Action-Not Available
Vendor-fatfreeframeworkn/a
Product-fat-free_frameworkn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-20
Improper Input Validation
CVE-2022-43515
Matching Score-4
Assigner-Zabbix
ShareView Details
Matching Score-4
Assigner-Zabbix
CVSS Score-5.3||MEDIUM
EPSS-1.21% / 64.62%
||
7 Day CHG~0.00%
Published-12 Dec, 2022 | 01:49
Updated-03 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
X-Forwarded-For header is active by default causes access to Zabbix sites in maintenance mode

Zabbix Frontend provides a feature that allows admins to maintain the installation and ensure that only certain IP addresses can access it. In this way, any user will not be able to access the Zabbix Frontend while it is being maintained and possible sensitive data will be prevented from being disclosed. An attacker can bypass this protection and access the instance using IP address not listed in the defined range.

Action-Not Available
Vendor-ZABBIX
Product-frontendFrontend
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-863
Incorrect Authorization
CVE-2022-43545
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-9.9||CRITICAL
EPSS-1.35% / 68.23%
||
7 Day CHG~0.00%
Published-08 Nov, 2022 | 00:00
Updated-03 Aug, 2024 | 13:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10). Affected devices do not properly validate the RecordType-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device.

Action-Not Available
Vendor-Siemens AG
Product-7kg9501-0aa01-2aa1_firmware7kg9501-0aa01-2aa17kg9501-0aa31-2aa17kg9501-0aa31-2aa1_firmwareSICAM P850POWER METER SICAM Q100SICAM P855
CWE ID-CWE-20
Improper Input Validation
CVE-2018-11574
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.90% / 77.16%
||
7 Day CHG~0.00%
Published-14 Jun, 2018 | 20:00
Updated-03 Dec, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation together with an integer overflow in the EAP-TLS protocol implementation in PPPD may cause a crash, information disclosure, or authentication bypass. This implementation is distributed as a patch for PPPD 0.91, and includes the affected eap.c and eap-tls.c files. Configurations that use the `refuse-app` option are unaffected.

Action-Not Available
Vendor-point-to-point_protocol_projectn/aCanonical Ltd.
Product-point-to-point_protocolubuntu_linuxn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-20
Improper Input Validation
CVE-2022-43546
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-9.9||CRITICAL
EPSS-1.50% / 71.23%
||
7 Day CHG~0.00%
Published-08 Nov, 2022 | 00:00
Updated-21 Oct, 2024 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10). Affected devices do not properly validate the EndTime-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device.

Action-Not Available
Vendor-Siemens AG
Product-7kg9501-0aa01-2aa1_firmware7kg9501-0aa01-2aa17kg9501-0aa31-2aa1_firmware7kg9501-0aa31-2aa1SICAM P850POWER METER SICAM Q100SICAM P855sicam_q100_firmwaresicam_p855_firmwaresicam_p850_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2022-43439
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-9.9||CRITICAL
EPSS-1.49% / 70.92%
||
7 Day CHG~0.00%
Published-08 Nov, 2022 | 00:00
Updated-09 Dec, 2025 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions < V2.50), POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) (All versions < V2.50), POWER METER SICAM Q100 (7KG9501-0AA31-0AA1) (All versions < V2.50), POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) (All versions < V2.50), SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-2AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA30-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA30-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA01-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA01-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA02-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA02-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA11-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA11-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA12-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA12-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA31-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA31-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA32-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA32-2AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA00-0AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA00-2AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA10-0AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA10-2AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA30-0AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA30-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA01-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA01-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA02-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA02-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA11-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA11-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA12-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA12-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA31-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA31-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA32-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA32-2AA0) (All versions < V3.10), SICAM T (All versions < V3.0). Affected devices do not properly validate the Language-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device.

Action-Not Available
Vendor-Siemens AG
Product-7kg9501-0aa31-2aa17kg9501-0aa31-2aa1_firmware7kg9501-0aa01-2aa1_firmware7kg9501-0aa01-2aa1SICAM P850SICAM TSICAM P855POWER METER SICAM Q100
CWE ID-CWE-20
Improper Input Validation
CVE-2020-7832
Matching Score-4
Assigner-KrCERT/CC
ShareView Details
Matching Score-4
Assigner-KrCERT/CC
CVSS Score-8.8||HIGH
EPSS-0.95% / 56.98%
||
7 Day CHG+0.03%
Published-07 Sep, 2021 | 14:47
Updated-04 Aug, 2024 | 09:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
RAONWIZ DEXT5 Upload remote code execution vulnerability

A vulnerability (improper input validation) in the DEXT5 Upload solution allows an unauthenticated attacker to download and execute an arbitrary file via AddUploadFile, SetSelectItem, DoOpenFile function.(CVE-2020-7832)

Action-Not Available
Vendor-dext5RAONWIZ (Laonwiz Co., Ltd.)Microsoft Corporation
Product-windowsdext5DEXT5 Upload
CWE ID-CWE-20
Improper Input Validation
CVE-2025-40836
Matching Score-4
Assigner-Ericsson
ShareView Details
Matching Score-4
Assigner-Ericsson
CVSS Score-8.7||HIGH
EPSS-0.42% / 33.60%
||
7 Day CHG~0.00%
Published-25 Sep, 2025 | 14:49
Updated-02 Oct, 2025 | 17:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ericsson Indoor Connect 8855 - Improper Input Validation Vulnerability

Ericsson Indoor Connect 8855 contains an improper input validation vulnerability which if exploited can allow an attacker to execute commands with escalated privileges.

Action-Not Available
Vendor-Ericsson
Product-indoor_connect_8855_firmwareindoor_connect_8855Indoor Connect 8855
CWE ID-CWE-20
Improper Input Validation
CVE-2022-42468
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-2.72% / 84.23%
||
7 Day CHG~0.00%
Published-26 Oct, 2022 | 00:00
Updated-07 May, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Flume prior to 1.11.0 has an Improper Input Validation (JNDI Injection) in JMSSource

Apache Flume versions 1.4.0 through 1.10.1 are vulnerable to a remote code execution (RCE) attack when a configuration uses a JMS Source with an unsafe providerURL. This issue is fixed by limiting JNDI to allow only the use of the java protocol or no protocol.

Action-Not Available
Vendor-The Apache Software Foundation
Product-flumeApache Flume
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2018-10103
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.07% / 89.44%
||
7 Day CHG~0.00%
Published-03 Oct, 2019 | 15:05
Updated-05 Aug, 2024 | 07:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-8980
Matching Score-4
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-4
Assigner-Debian GNU/Linux
CVSS Score-9.8||CRITICAL
EPSS-6.71% / 93.12%
||
7 Day CHG~0.00%
Published-04 Nov, 2019 | 20:27
Updated-06 Aug, 2024 | 08:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attackers to execute arbitrary code.

Action-Not Available
Vendor-php-gettext_projectn/aRed Hat, Inc.openSUSEFedora Project
Product-enterprise_linuxphp-gettextfedoraleapphp-gettext
CWE ID-CWE-20
Improper Input Validation
CVE-2020-15256
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.7||HIGH
EPSS-1.53% / 71.64%
||
7 Day CHG~0.00%
Published-19 Oct, 2020 | 21:25
Updated-04 Aug, 2024 | 13:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Prototype pollution in object-path

A prototype pollution vulnerability has been found in `object-path` <= 0.11.4 affecting the `set()` method. The vulnerability is limited to the `includeInheritedProps` mode (if version >= 0.11.0 is used), which has to be explicitly enabled by creating a new instance of `object-path` and setting the option `includeInheritedProps: true`, or by using the default `withInheritedProps` instance. The default operating mode is not affected by the vulnerability if version >= 0.11.0 is used. Any usage of `set()` in versions < 0.11.0 is vulnerable. The issue is fixed in object-path version 0.11.5 As a workaround, don't use the `includeInheritedProps: true` options or the `withInheritedProps` instance if using a version >= 0.11.0.

Action-Not Available
Vendor-object-path_projectmariocasciaro
Product-object-pathobject-path
CWE ID-CWE-471
Modification of Assumed-Immutable Data (MAID)
CWE ID-CWE-20
Improper Input Validation
CVE-2002-2444
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.61% / 72.94%
||
7 Day CHG~0.00%
Published-28 Oct, 2019 | 13:11
Updated-08 Aug, 2024 | 04:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Snoopy before 2.0.0 has a security hole in exec cURL

Action-Not Available
Vendor-snoopy_projectn/a
Product-snoopyn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-7705
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-12.35% / 95.70%
||
7 Day CHG~0.00%
Published-07 Aug, 2017 | 20:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.

Action-Not Available
Vendor-ntpn/aCitrix (Cloud Software Group, Inc.)Siemens AGNetApp, Inc.
Product-data_ontaptim_4r-ietim_4r-ie_dnp3_firmwareoncommand_performance_managerntptim_4r-ie_dnp3clustered_data_ontaponcommand_unified_managerxenservertim_4r-ie_firmwaren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-1000533
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-72.97% / 99.38%
||
7 Day CHG-2.89%
Published-26 Jun, 2018 | 16:00
Updated-05 Aug, 2024 | 12:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

klaussilveira GitList version <= 0.6 contains a Passing incorrectly sanitized input to system function vulnerability in `searchTree` function that can result in Execute any code as PHP user. This attack appear to be exploitable via Send POST request using search form. This vulnerability appears to have been fixed in 0.7 after commit 87b8c26b023c3fc37f0796b14bb13710f397b322.

Action-Not Available
Vendor-gitlistn/a
Product-gitlistn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-0147
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-18.55% / 96.90%
||
7 Day CHG~0.00%
Published-08 Mar, 2018 | 07:00
Updated-14 Jan, 2026 | 19:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-04-15||Apply updates per vendor instructions.

A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) prior to release 5.8 patch 9 could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit this vulnerability by sending a crafted serialized Java object. An exploit could allow the attacker to execute arbitrary commands on the device with root privileges. Cisco Bug IDs: CSCvh25988.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-secure_access_control_systemCisco Secure Access Control SystemSecure Access Control System (ACS)
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2018-0171
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-99.51% / 99.94%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-14 Jan, 2026 | 18:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosCisco IOS and IOS XEIOS and IOS XE
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-34111
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-1.52% / 71.54%
||
7 Day CHG~0.00%
Published-15 Jul, 2025 | 13:09
Updated-15 May, 2026 | 11:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tiki Wiki <= 15.1 ELFinder Unauthenticated File Upload RCE

An unauthenticated arbitrary file upload vulnerability exists in Tiki Wiki CMS Groupware version 15.1 and earlier via the ELFinder component's default connector (connector.minimal.php), which allows remote attackers to upload and execute malicious PHP scripts in the context of the web server. The vulnerable component does not enforce file type validation, allowing attackers to craft a POST request to upload executable PHP payloads through the ELFinder interface exposed at /vendor_extra/elfinder/.

Action-Not Available
Vendor-tikiTiki Software Community Association
Product-tikiwiki_cms\/groupwareWiki CMS Groupware
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-306
Missing Authentication for Critical Function
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2018-0125
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-54.76% / 98.90%
||
7 Day CHG~0.00%
Published-08 Feb, 2018 | 07:00
Updated-14 Jan, 2026 | 19:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-04-15||Apply updates per vendor instructions.

A vulnerability in the web interface of the Cisco RV132W ADSL2+ Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to an incomplete input validation on user-controlled input in an HTTP request to the targeted device. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary code as the root user and gain full control of the affected system or cause it to reload, resulting in a DoS condition. This vulnerability is fixed in firmware version 1.0.1.11 for the following Cisco products: RV132W ADSL2+ Wireless-N VPN Router and RV134W VDSL2 Wireless-AC VPN Router. Cisco Bug IDs: CSCvg92737, CSCvh60170.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-rv134wrv132wrv132w_firmwarerv134w_firmwareCisco RV132W and RV134WVPN Routers
CWE ID-CWE-20
Improper Input Validation
CVE-2010-4660
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.31% / 67.24%
||
7 Day CHG~0.00%
Published-20 Nov, 2019 | 15:41
Updated-07 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in statusnet through 2010 due to the way addslashes are used in SQL string escapes..

Action-Not Available
Vendor-statusstatusnet
Product-statusnetstatusnet
CWE ID-CWE-20
Improper Input Validation
CVE-2017-9034
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-5.98% / 92.42%
||
7 Day CHG~0.00%
Published-25 May, 2017 | 19:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows attackers to write to arbitrary files and consequently execute arbitrary code with root privileges by leveraging failure to validate software updates.

Action-Not Available
Vendor-n/aTrend Micro Incorporated
Product-serverprotectn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2024-7207
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.04% / 12.00%
||
7 Day CHG~0.00%
Published-19 Sep, 2024 | 22:17
Updated-30 Sep, 2024 | 19:03
Rejected-30 Sep, 2024 | 19:03
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Duplicate of CVE-2024-45806.

Action-Not Available
Vendor-envoyproxyRed Hat, Inc.
Product-envoyopenshift_service_mesh
CWE ID-CWE-20
Improper Input Validation
CVE-2022-39312
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.47% / 70.64%
||
7 Day CHG~0.00%
Published-25 Oct, 2022 | 00:00
Updated-22 Apr, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Dataease Mysql Data Source JDBC Connection Parameters Not Verified Leads to Deserialization Vulnerability

Dataease is an open source data visualization analysis tool. Dataease prior to 1.15.2 has a deserialization vulnerability. In Dataease, the Mysql data source in the data source function can customize the JDBC connection parameters and the Mysql server target to be connected. In `backend/src/main/java/io/dataease/provider/datasource/JdbcProvider.java`, the `MysqlConfiguration` class does not filter any parameters. If an attacker adds some parameters to a JDBC url and connects to a malicious mysql server, the attacker can trigger the mysql jdbc deserialization vulnerability. Through the deserialization vulnerability, the attacker can execute system commands and obtain server privileges. Version 1.15.2 contains a patch for this issue.

Action-Not Available
Vendor-DataEase (FIT2CLOUD Inc.)
Product-dataeasedataease
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2022-39266
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.7||CRITICAL
EPSS-1.09% / 61.27%
||
7 Day CHG~0.00%
Published-29 Sep, 2022 | 18:10
Updated-23 Apr, 2025 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
isolated-vm has vulnerable CachedDataOptions in API

isolated-vm is a library for nodejs which gives the user access to v8's Isolate interface. In versions 4.3.6 and prior, if the untrusted v8 cached data is passed to the API through CachedDataOptions, attackers can bypass the sandbox and run arbitrary code in the nodejs process. Version 4.3.7 changes the documentation to warn users that they should not accept `cachedData` payloads from a user.

Action-Not Available
Vendor-isolated-vm_projectlaverdet
Product-isolated-vmisolated-vm
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2010-2446
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.44% / 87.51%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 16:19
Updated-07 Aug, 2024 | 02:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Rbot Reaction plugin allows command execution

Action-Not Available
Vendor-ruby-rbotn/a
Product-rbotn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-40145
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-2.40% / 82.03%
||
7 Day CHG~0.00%
Published-21 Dec, 2022 | 15:23
Updated-15 Apr, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Karaf: JDBC JAAS LDAP injection

This vulnerable is about a potential code injection when an attacker has control of the target LDAP server using in the JDBC JNDI URL. The function jaas.modules.src.main.java.porg.apache.karaf.jass.modules.jdbc.JDBCUtils#doCreateDatasource use InitialContext.lookup(jndiName) without filtering. An user can modify `options.put(JDBCUtils.DATASOURCE, "osgi:" + DataSource.class.getName());` to `options.put(JDBCUtils.DATASOURCE,"jndi:rmi://x.x.x.x:xxxx/Command");` in JdbcLoginModuleTest#setup. This is vulnerable to a remote code execution (RCE) attack when a configuration uses a JNDI LDAP data source URI when an attacker has control of the target LDAP server.This issue affects all versions of Apache Karaf up to 4.4.1 and 4.3.7. We encourage the users to upgrade to Apache Karaf at least 4.4.2 or 4.3.8

Action-Not Available
Vendor-The Apache Software Foundation
Product-karafApache Karaf
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2022-39060
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.90% / 55.29%
||
7 Day CHG~0.00%
Published-31 Jan, 2023 | 00:00
Updated-27 Mar, 2025 | 18:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ChangingTec MegaServiSignAdapter - Improper Input Validation

ChangingTech MegaServiSignAdapter component has a vulnerability of improper input validation. An unauthenticated remote attacker can exploit this vulnerability to access and modify HKEY_CURRENT_USER subkey (ex: AutoRUN) in Registry where malicious scripts can be executed to take control of the system or to terminate the service.

Action-Not Available
Vendor-changingtecChangingTec
Product-megaservisignadapterMegaServiSignAdapter
CWE ID-CWE-20
Improper Input Validation
CVE-2022-39353
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.4||CRITICAL
EPSS-1.18% / 63.97%
||
7 Day CHG~0.00%
Published-02 Nov, 2022 | 00:00
Updated-22 Apr, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
xmldom allows multiple root nodes in a DOM

xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) `DOMParser` and `XMLSerializer` module. xmldom parses XML that is not well-formed because it contains multiple top level elements, and adds all root nodes to the `childNodes` collection of the `Document`, without reporting any error or throwing. This breaks the assumption that there is only a single root node in the tree, which led to issuance of CVE-2022-39299 as it is a potential issue for dependents. Update to @xmldom/xmldom@~0.7.7, @xmldom/xmldom@~0.8.4 (dist-tag latest) or @xmldom/xmldom@>=0.9.0-beta.4 (dist-tag next). As a workaround, please one of the following approaches depending on your use case: instead of searching for elements in the whole DOM, only search in the `documentElement`or reject a document with a document that has more then 1 `childNode`.

Action-Not Available
Vendor-xmldom_projectxmldomDebian GNU/Linux
Product-debian_linuxxmldomxmldom
CWE ID-CWE-1288
Improper Validation of Consistency within Input
CWE ID-CWE-20
Improper Input Validation
CVE-2017-4997
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-9.8||CRITICAL
EPSS-4.48% / 90.31%
||
7 Day CHG~0.00%
Published-29 Jun, 2017 | 17:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

EMC VASA Provider Virtual Appliance versions 8.3.x and prior has an unauthenticated remote code execution vulnerability that could potentially be exploited by malicious users to compromise the affected system.

Action-Not Available
Vendor-n/aDell Inc.
Product-emc_vasa_provider_virtual_applianceVASA Provider Virtual Appliance versions 8.3.x and prior
CWE ID-CWE-20
Improper Input Validation
CVE-2017-3881
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-98.98% / 99.92%
||
7 Day CHG~0.00%
Published-17 Mar, 2017 | 22:00
Updated-22 Apr, 2026 | 15:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-04-15||Apply updates per vendor instructions.

A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors: (1) the failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device; and (2) the incorrect processing of malformed CMP-specific Telnet options. An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device. This affects Catalyst switches, Embedded Service 2020 switches, Enhanced Layer 2 EtherSwitch Service Module, Enhanced Layer 2/3 EtherSwitch Service Module, Gigabit Ethernet Switch Module (CGESM) for HP, IE Industrial Ethernet switches, ME 4924-10GE switch, RF Gateway 10, and SM-X Layer 2/3 EtherSwitch Service Module. Cisco Bug IDs: CSCvd48893.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_2960l-16ts-llie_2000-16tc-g-e_industrial_ethernet_switchcatalyst_3560e-48pd-sfcatalyst_c2928-48tc-ccatalyst_3560v2-24pscatalyst_3560v2-24dcie_2000-4ts-g_industrial_ethernet_switchcatalyst_3560x-24t-scatalyst_2960s-48lpd-lcatalyst_2960s-48ts-scatalyst_2960-plus_24pc-lcatalyst_2960c-8tc-scatalyst_3560c-12pc-scatalyst_3560x-48u-scatalyst_2960x-48ts-llie_2000-4t_industrial_ethernet_switchcatalyst_2960-24lc-scatalyst_3550_24_pwrcatalyst_2960-24-scatalyst_2960-plus_48pst-lcatalyst_4500_supervisor_engine_ivioscatalyst_4500e_supervisor_engine_8-ecatalyst_3750x-24u-ecatalyst_2960xr-24pd-lcatalyst_2960x-48fpd-lcatalyst_3560g-24pscatalyst_2960xr-48td-icatalyst_3750x-12s-scatalyst_2360-48td-scatalyst_3560x-48pf-scatalyst_4948e_ethernet_switchenhanced_layer_2_etherswitch_service_modulecatalyst_2960l-48ps-llie_2000-4t-g_industrial_ethernet_switchcatalyst_2960s-48lps-lcatalyst_3750g-24tscatalyst_4500_supervisor_engine_6l-ecatalyst_2960xr-48lps-icatalyst_2960xr-24ts-lcatalyst_blade_switch_3130catalyst_3560x-24u-lcatalyst_2960-48pst-lcatalyst_2960-48tt-scatalyst_3560c-8pc-scatalyst_2960xr-48fps-lcatalyst_2960s-f24ps-lcatalyst_3560v2-48tscatalyst_2960g-24tc-lcatalyst_2960-plus_24pc-sie-4000-4t4p4g-e_industrial_ethernet_switchcatalyst_2960-24lt-lcatalyst_3750-24pscatalyst_3560x-24u-ecatalyst_3750x-48t-lenhanced_layer_2\/3_etherswitch_service_modulecatalyst_2350-48td-sdcatalyst_2960l-24ts-llie-4000-8gt4g-e_industrial_ethernet_switchie_2000-16tc_industrial_ethernet_switchcatalyst_2960s-24ps-lcatalyst_blade_switch_3020catalyst_2960g-48tc-lsm-x_layer_2\/3_etherswitch_service_modulecatalyst_3750x-24s-ecatalyst_4928_10_gigabit_ethernet_switchcatalyst_4948_10_gigabit_ethernet_switchie_2000-8tc-g-e_industrial_ethernet_switchcatalyst_3750x-48u-scatalyst_3560e-48pd-efcatalyst_3560e-24pd-scatalyst_2960-8tc-lcatalyst_2960-24pc-lcatalyst_2970g-24tembedded_service_2020_24tc_concatalyst_2960cg-8tc-lie-4010-16s12p_industrial_ethernet_switchie-4000-16gt4g-e_industrial_ethernet_switchcatalyst_2960xr-24ps-icatalyst_blade_switch_3120xcatalyst_3750x-48p-sie_2000-16ptc-g_industrial_ethernet_switchcatalyst_3560x-24t-lie-3010-16s-8pc_industrial_ethernet_switchcatalyst_2960-plus_48pst-scatalyst_2960-plus_24lc-sembedded_service_2020_con_bcatalyst_3560x-48t-scatalyst_3560x-24t-ecatalyst_2960s-f48ts-sie-4000-4tc4g-e_industrial_ethernet_switchembedded_service_2020_concatalyst_4500_supervisor_engine_6-ecatalyst_switch_module_3110catalyst_3560e-12d-scatalyst_3550_48_smicatalyst_3560-24pscatalyst_3560x-48u-ecatalyst_2960x-48lps-lcatalyst_2960-48tc-lcatalyst_3750x-48p-eie-4000-8gs4g-e_industrial_ethernet_switchcatalyst_2960s-24pd-lcatalyst_3560x-24p-scatalyst_blade_switch_3030catalyst_switch_module_3110xcatalyst_2960s-24ts-lcatalyst_3560cpd-8pt-scatalyst_3750g-16tdcatalyst_2918-24tc-ccatalyst_3560g-48tsie_3000-4tc_industrial_ethernet_switchcatalyst_2960-plus_24lc-lie-4000-4gc4gp4g-e_industrial_ethernet_switchie_3000-8tc_industrial_ethernet_switchcatalyst_3750e-48td-ecatalyst_3750x-48u-lcatalyst_3560e-48pd-sie_2000-16tc-g_industrial_ethernet_switchcatalyst_3750v2-24fsie_2000-4s-ts-g_industrial_ethernet_switchcatalyst_2960cx-8pc-lcatalyst_4948catalyst_3560-8pccatalyst_3560cx-12tc-scatalyst_3560e-48pd-eie-5000-16s12p_industrial_ethernet_switchcatalyst_3750x-24p-scatalyst_2960-24pc-scatalyst_3750x-48p-lcatalyst_3750x-24p-lcatalyst_2960c-8pc-lcatalyst_3750_metro_24-accatalyst_2960xr-48lps-lgigabit_ethernet_switch_module_\(cgesm\)catalyst_2960xr-48lpd-lcatalyst_2960s-f48fps-lcatalyst_3560x-48p-ecatalyst_2960x-48ts-lcatalyst_2960xr-48fps-icatalyst_3550_24_emicatalyst_3560e-24pd-eios_xecatalyst_4500_supervisor_engine_ii-plus-tsie_2000-8tc-g-n_industrial_ethernet_switchcatalyst_3750x-48pf-lie_2000-16tc-g-x_industrial_ethernet_switchcatalyst_2960x-24psq-lcatalyst_2960xr-24td-icatalyst_3560e-24td-ecatalyst_2960xr-48lpd-icatalyst_3750v2-48pscatalyst_2918-24tt-ccatalyst_3550_12tcatalyst_2960-48pst-sie-4000-4gs8gp4g-e_industrial_ethernet_switchcatalyst_3560-48tscatalyst_c2928-24lt-ccatalyst_3550_48_emicatalyst_3750g-24pscatalyst_2960-24tt-lcatalyst_2960l-8ts-llcatalyst_3750x-48pf-ecatalyst_3560x-48p-lcatalyst_3560e-12sd-eembedded_service_2020_ncpcatalyst_4500_supervisor_engine_v-10gecatalyst_3750_metro_24-dccatalyst_3560x-48pf-lcatalyst_2960cpd-8pt-lcatalyst_2960xr-48ts-icatalyst_2960l-24ps-llcatalyst_2960x-24ts-lcatalyst_4900mcatalyst_2960xr-24td-lcatalyst_3750e-48pd-scatalyst_2960xr-48fpd-lcatalyst_3560cx-8tc-scatalyst_3750-48pscatalyst_3560e-12sd-scatalyst_3560cx-12pd-sembedded_service_2020_24tc_ncp_bcatalyst_2960-48tt-lcatalyst_2960s-24td-lcatalyst_2960x-24ps-lcatalyst_2960xr-48ts-lcatalyst_3750x-48t-ecatalyst_2960-plus_24tc-lcatalyst_2960-plus_48tc-lcatalyst_3560e-24td-scatalyst_3560v2-24tsie_2000-4ts_industrial_ethernet_switchcatalyst_4000_supervisor_engine_vcatalyst_2960x-24pd-lcatalyst_3560cg-8pc-scatalyst_2960-24tc-lcatalyst_3560x-24p-eie-4000-8s4g-e_industrial_ethernet_switchcatalyst_2960-8tc-scatalyst_3750x-24u-lcatalyst_4500_supervisor_ii-plus-10gecatalyst_2928-24tc-ccatalyst_3560v2-48pscatalyst_2960xr-24pd-icatalyst_3750e-24td-scatalyst_4948e-f_ethernet_switchcatalyst_3560-12pc-scatalyst_2960s-48fps-lcatalyst_2975catalyst_3750x-24p-ecatalyst_3750-48tscatalyst_2960x-48td-lembedded_service_2020_24tc_ncpie_2000-24t67_industrial_ethernet_switchcatalyst_2960x-24ts-llcatalyst_3750x-24u-scatalyst_3550_24_fx_smicatalyst_3750e-24pd-ecatalyst_2970g-24tscatalyst_3750x-12s-ecatalyst_4500_supervisor_engine_ii-pluscatalyst_3560-24tscatalyst_3750-24fscatalyst_3560g-24tscatalyst_blade_switch_3040me_4924-10gecatalyst_2960-plus_24tc-scatalyst_3750g-48tsie-4000-16t4g-e_industrial_ethernet_switchcatalyst_2960xr-48td-lcatalyst_3560e-12d-ecatalyst_3560x-48pf-ecatalyst_2960s-f24ts-scatalyst_3750g-12scatalyst_3560-48psie-5000-12s12p-10g_industrial_ethernet_switchcatalyst_3750-24tscatalyst_3750e-48pd-ecatalyst_3750e-48td-sie_2000-8tc_industrial_ethernet_switchcatalyst_4000_supervisor_engine_icatalyst_3750g-24tie_2000-16t67_industrial_ethernet_switchie-4000-4s8p4g-e_industrial_ethernet_switchcatalyst_4500_supervisor_engine_vie-4000-8gt8gp4g-e_industrial_ethernet_switchcatalyst_2960-plus_48tc-scatalyst_3750x-24t-scatalyst_blade_switch_3032catalyst_2960s-f48lps-lembedded_service_2020_ncp_bcatalyst_2960xr-48fpd-icatalyst_3560x-48p-scatalyst_3750e-24pd-scatalyst_3560x-48u-lcatalyst_3560x-48t-ecatalyst_2918-48tt-ccatalyst_3560cx-8xpd-scatalyst_3750g-12s-sdcatalyst_2960x-48lpd-lcatalyst_3550_24_smicatalyst_2960-24tc-scatalyst_3560x-24u-scatalyst_3750e-48pd-sfcatalyst_3750v2-24pscatalyst_3750v2-24tscatalyst_3560g-48psrf_gateway_10catalyst_2960c-8tc-lie-4000-8t4g-e_industrial_ethernet_switchcatalyst_2960cpd-8tt-lcatalyst_2960s-24ts-sie_2000-8tc-g_industrial_ethernet_switchcatalyst_3560cx-8pc-scatalyst_2960-48tc-scatalyst_3750e-24td-eie-3010-24tc_industrial_ethernet_switchcatalyst_3560e-48td-sie-4010-4s24p_industrial_ethernet_switchcatalyst_3560x-48t-lcatalyst_2960x-24td-lcatalyst_switch_module_3012catalyst_2960c-12pc-lcatalyst_3750x-24t-lcatalyst_2960x-48fps-lcatalyst_3750e-48pd-efie_2000-8t67_industrial_ethernet_switchcatalyst_2960s-48fpd-lie_2000-16tc-g-n_industrial_ethernet_switchcatalyst_2960l-48ts-llcatalyst_2960pd-8tt-lcatalyst_3750g-48pscatalyst_2960cx-8tc-lcatalyst_2960s-f48ts-lcatalyst_3560cx-12pc-scatalyst_3750x-24s-scatalyst_3560cg-8tc-scatalyst_2960l-16ps-llie_2000-16t67p_industrial_ethernet_switchcatalyst_2350-48td-scatalyst_blade_switch_3120ie_2000-8t67p_industrial_ethernet_switchcatalyst_3750x-48pf-scatalyst_3560cx-8pt-scatalyst_2960s-48td-lcatalyst_3750x-24t-ecatalyst_2960g-8tc-lembedded_service_2020_24tc_con_bcatalyst_3750x-48u-ecatalyst_3750g-24ts-1ucatalyst_3550_12gcatalyst_2960s-f24ts-lcatalyst_3550_24_dc_smicatalyst_2960xr-24ts-icatalyst_3560x-24p-lcatalyst_3750v2-48tscatalyst_3750x-48t-scatalyst_2918-48tc-ccatalyst_4000_supervisor_engine_ivcatalyst_2960l-8ps-llcatalyst_2960xr-24ps-lcatalyst_2960s-48ts-lcatalyst_3560e-48td-eCisco IOS and IOS XE SoftwareIOS and IOS XE
CWE ID-CWE-20
Improper Input Validation
CVE-2020-4415
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-9.8||CRITICAL
EPSS-8.05% / 94.09%
||
7 Day CHG~0.00%
Published-23 Apr, 2020 | 13:10
Updated-17 Sep, 2024 | 00:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Spectrum Protect 7.1 and 8.1 server is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allow a remote attacker to execute arbitrary code on the system with the privileges of an administrator or user associated with the Spectrum Protect server or cause the Spectrum Protect server to crash. IBM X-Force ID: 179990.

Action-Not Available
Vendor-IBM Corporation
Product-spectrum_protectSpectrum Protect
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2017-18683
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.44% / 35.50%
||
7 Day CHG~0.00%
Published-07 Apr, 2020 | 14:22
Updated-05 Aug, 2024 | 21:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) software. SVoice allows Hare Hunting during application installation. The Samsung ID is SVE-2016-6942 (February 2017).

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-2784
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.78% / 75.55%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 17:41
Updated-06 Aug, 2024 | 05:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The papercrop gem before 0.3.0 for Ruby on Rails does not properly handle crop input.

Action-Not Available
Vendor-papercrop_projectn/a
Product-papercropn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-36784
Matching Score-4
Assigner-Israel National Cyber Directorate (INCD)
ShareView Details
Matching Score-4
Assigner-Israel National Cyber Directorate (INCD)
CVSS Score-9.8||CRITICAL
EPSS-1.05% / 60.22%
||
7 Day CHG~0.00%
Published-17 Nov, 2022 | 22:27
Updated-25 Apr, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Elsight – Elsight Halo Remote Code Execution (RCE)

Elsight – Elsight Halo  Remote Code Execution (RCE) Elsight Halo web panel allows us to perform connection validation. through the POST request : /api/v1/nics/wifi/wlan0/ping we can abuse DESTINATION parameter and leverage it to remote code execution.

Action-Not Available
Vendor-elsightElsight
Product-halo_firmwarehaloElsight Halo
CWE ID-CWE-20
Improper Input Validation
CVE-2022-36085
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.4||HIGH
EPSS-1.22% / 65.14%
||
7 Day CHG~0.00%
Published-08 Sep, 2022 | 13:30
Updated-22 Apr, 2025 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OPA Compiler: Bypass of WithUnsafeBuiltins using `with` keyword to mock functions

Open Policy Agent (OPA) is an open source, general-purpose policy engine. The Rego compiler provides a (deprecated) `WithUnsafeBuiltins` function, which allows users to provide a set of built-in functions that should be deemed unsafe — and as such rejected — by the compiler if encountered in the policy compilation stage. A bypass of this protection has been found, where the use of the `with` keyword to mock such a built-in function (a feature introduced in OPA v0.40.0), isn’t taken into account by `WithUnsafeBuiltins`. Multiple conditions need to be met in order to create an adverse effect. Version 0.43.1 contains a patch for this issue. As a workaround, avoid using the `WithUnsafeBuiltins` function and use the `capabilities` feature instead.

Action-Not Available
Vendor-openpolicyagentopen-policy-agent
Product-open_policy_agentopa
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2022-36450
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8||HIGH
EPSS-19.59% / 97.05%
||
7 Day CHG~0.00%
Published-25 Jul, 2022 | 06:15
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Obsidian 0.14.x and 0.15.x before 0.15.5 allows obsidian://hook-get-address remote code execution because window.open is used without checking the URL.

Action-Not Available
Vendor-obsidiann/a
Product-obsidiann/a
CWE ID-CWE-20
Improper Input Validation
CVE-2026-7803
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 27.77%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 19:15
Updated-02 Jul, 2026 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Flow Validation Bypass via Empty Component Type Field

IBM Langflow OSS 1.0.0 through 1.10.0 could allow arbitrary code execution due to improper validation of flow nodes with missing or empty component type fields.

Action-Not Available
Vendor-langflowIBM Corporation
Product-langflowLangflow OSS
CWE ID-CWE-20
Improper Input Validation
CVE-2022-33964
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.4||HIGH
EPSS-0.65% / 46.47%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-system_usage_reportIntel(R) SUR software
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 11
  • 12
  • Next
Details not found