OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs.
The Waybox Enel X web management application contains a PHP-type juggling vulnerability that may allow a brute force process and under certain conditions bypass authentication.
Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to perform privilege escalation via a crafted Chrome Extension. (Chromium security severity...
A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attac...
ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely...
Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized data to be injected in an Aspect device. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Seri...
Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.01 allows Attacker to execute arbitrary code remotely