An unauthenticated attacker who can connect to the Web Services feature (HTTP TCP port 80) can …

An unauthenticated attacker who can connect to TCP port 9100 can issue a Printer Job Language (…

Improper Neutralization of Special Elements used in an OS Command in bookmarking function of Ne…

When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using …

An Improper Neutralization of Special Elements in Query vulnerability exists in the 1st Gen. Pe…

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could al…

Jetty is a java based web server and servlet engine. Nonstandard cookie parsing in Jetty may al…

A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and in…

Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It …

In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, erroneous parsin…

A user controlled parameter related to SMTP test functionality is not correctly validated makin…

In Administrate (rubygem) before version 0.13.0, when sorting by attributes on a dashboard, the…

A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-O…

A user controlled parameter related to SMTP test functionality is not correctly validated makin…

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software cou…

An attacker can pass a malicious malformed token which causes unexpected memory to be consumed …

Improper validation of syntactic correctness of input in Microsoft Exchange Server allows an un…

A flaw was found in Keycloak. A remote, unauthenticated attacker can send a specially crafted X…

Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, …

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could al…

An Improper Validation of Syntactic Correctness of Input vulnerability in the kernel of Juniper…

FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the password-based log…

Parse Server is an open source backend that can be deployed to any infrastructure that can run …

Erik de Jong, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API ftptest.cg…

Improper input validation in the user management function of web interface in Aten PE6208 2.3.2…

An Improper Validation of Syntactic Correctness of Input vulnerability in the Routing Protocol …

A Denial of Service (Dos) vulnerability in Nozomi Networks Guardian, caused by improper input v…

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) federated server 10.5, 11.1, …

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable t…

An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwardin…

An Improper Validation of Syntactic Correctness of Input vulnerability in Packet Forwarding En…

A Denial of Service (Dos) vulnerability in Nozomi Networks Guardian and CMC, due to improper in…

WhoDB is an open source database management tool. In affected versions the application is vulne…

An Improper Validation of Syntactic Correctness of Input vulnerability in Intrusion Detection a…

A vulnerability has been identified in SIMATIC S7-1200 CPU 1211C AC/DC/Rly (6ES7211-1BE40-0XB0)…

Flowise is a drag & drop user interface to build a customized large language model flow. Prior …

An authenticated administrator can upload a SAML configuration file with the wrong format, with…

A low privileged remote attacker can corrupt the webserver users storage on the device by setti…

New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset managemen…

A vulnerability was identified in the email parsing library due to improper handling of special…