CWE-20: Improper Input Validation

This CVE describes a command injection vulnerability in the tj-actions/verify-changed-files GitHub Action. Attackers can inject malicious commands thr...

This vulnerability allows authenticated users of Foundry Issues to submit malformed data that causes a denial of service, disrupting frontend function...

CVE-2022-3767 is a vulnerability in GitLab's DAST analyzer where missing validation allows custom request headers to be sent with every request regard...

This vulnerability allows a malicious Android application (APK) to load a specially crafted model into the Qualcomm CDSP (Compute DSP), potentially co...

This vulnerability allows attackers to launch arbitrary activities with system privileges on Samsung devices due to improper input validation in Setti...

An unauthenticated attacker can send specially crafted HTTP requests to FortiMail's web server CGI facilities to manipulate the script interpreter's e...

A denial-of-service vulnerability in Reolink RLC-410W cameras allows attackers to cause device reboots by sending specially crafted HTTP requests to t...

This vulnerability allows remote attackers to cause a denial of service by sending a specially crafted HTTP request to the Reolink RLC-410W camera's c...

This vulnerability allows remote attackers to cause a denial of service by sending a specially crafted HTTP request to the Reolink RLC-410W camera's c...

A denial-of-service vulnerability in Reolink RLC-410W cameras allows attackers to cause device reboots via specially crafted HTTP requests targeting t...

A denial-of-service vulnerability in Reolink RLC-410W cameras allows attackers to cause device reboots by sending specially crafted HTTP requests with...

A denial-of-service vulnerability in Reolink RLC-410W cameras allows attackers to cause device reboots by sending specially crafted HTTP requests to t...

This vulnerability allows remote attackers to cause a denial of service by sending a specially crafted HTTP request to the Reolink RLC-410W camera's c...

A denial-of-service vulnerability in Reolink RLC-410W cameras allows attackers to cause device reboots by sending specially crafted HTTP requests to t...

A denial-of-service vulnerability in Reolink RLC-410W cameras allows attackers to cause device reboots by sending specially crafted HTTP requests to t...

A denial-of-service vulnerability in Reolink RLC-410W cameras allows attackers to cause device reboots by sending specially crafted HTTP requests to t...

A denial-of-service vulnerability in Reolink RLC-410W cameras allows attackers to cause device reboots by sending specially crafted HTTP requests to t...

A denial-of-service vulnerability in Reolink RLC-410W cameras allows attackers to cause device reboots via specially crafted HTTP requests targeting t...

This vulnerability allows remote attackers to cause a denial of service by sending a specially crafted HTTP request to the cgiserver.cgi JSON command ...

CVE-2021-44411 is a denial-of-service vulnerability in Reolink RLC-410W cameras where a specially crafted HTTP request to the cgiserver.cgi JSON parse...

This vulnerability allows remote attackers to cause a denial of service by sending a specially crafted HTTP request to the Reolink RLC-410W camera's c...

This vulnerability allows remote attackers to cause a denial of service by sending a specially crafted HTTP request to the cgiserver.cgi JSON command ...

A denial-of-service vulnerability in Reolink RLC-410W cameras allows attackers to cause device reboots via specially crafted HTTP requests to the cgis...

This vulnerability allows remote attackers to cause a denial of service by sending a specially crafted HTTP request to the Reolink RLC-410W camera's c...

A denial-of-service vulnerability in Reolink RLC-410W cameras allows attackers to cause device reboots by sending specially crafted HTTP requests to t...

A denial-of-service vulnerability in Reolink RLC-410W cameras allows attackers to cause device reboots by sending specially crafted HTTP requests to t...

This vulnerability allows remote attackers to cause a denial of service by sending a specially crafted HTTP request to the Reolink RLC-410W camera's c...

A denial-of-service vulnerability in Reolink RLC-410W camera firmware allows attackers to cause device reboots via specially crafted HTTP requests to ...

A denial-of-service vulnerability in Reolink RLC-410W cameras allows attackers to cause device reboots via specially crafted HTTP requests to the cgis...

A denial-of-service vulnerability in Reolink RLC-410W cameras allows attackers to cause device reboots via specially crafted HTTP requests targeting t...

This vulnerability allows remote attackers to cause a denial of service by sending a specially crafted HTTP request to the Reolink RLC-410W camera's c...

This vulnerability allows remote attackers to cause a denial of service by sending a specially crafted HTTP request to the Reolink RLC-410W camera's c...

A denial-of-service vulnerability in Reolink RLC-410W cameras allows attackers to cause device reboots by sending specially crafted HTTP requests to t...

A denial-of-service vulnerability in Reolink RLC-410W cameras allows attackers to cause device reboots via specially crafted HTTP requests targeting t...

A denial-of-service vulnerability in Reolink RLC-410W cameras allows attackers to cause device reboots by sending specially crafted HTTP requests to t...

A denial-of-service vulnerability in Reolink RLC-410W cameras allows attackers to cause device reboots via specially crafted HTTP requests targeting t...

This vulnerability in Samsung's Dressroom app allows local attackers to read and write arbitrary files without proper permissions due to improper inte...

This vulnerability in Samsung's LDFW (likely a device firmware component) allows attackers to execute arbitrary code due to improper input validation....

This vulnerability allows authenticated administrators in Zscaler Internet Access (ZIA) to execute backend functions through improper input validation...

This Broken Object Level Authorization vulnerability in Onlook web application allows authenticated attackers to modify, delete, or manipulate tags on...

This CVE describes an Improper Input Validation vulnerability in Adobe Commerce that allows authenticated admin attackers to read arbitrary files from...

This vulnerability in Qualcomm Core services allows information disclosure when processing Diag commands. Attackers could potentially access sensitive...

A critical input validation flaw in TOBY-L2 cellular modules allows attackers with physical serial access to execute arbitrary operating system comman...

This vulnerability allows attackers to elevate privileges on systems running affected .NET, .NET Framework, and Visual Studio versions. An authenticat...

This CVE allows attackers to inject malicious annotations into Ingress nginx configurations, leading to arbitrary command execution on the host system...

CVE-2023-32721 is a stored cross-site scripting (XSS) vulnerability in Zabbix's web application that allows attackers to inject malicious scripts into...

CVE-2021-25745 is a vulnerability in ingress-nginx where users with permissions to create or update Ingress objects can exploit the path field to obta...

This CVE describes an improper boundary check vulnerability in Samsung's UWB (Ultra-Wideband) firmware that allows attackers to write arbitrary memory...

CVE-2021-29462 is a DNS rebinding vulnerability in the Portable SDK for UPnP Devices (libupnp) that allows attackers to bypass same-origin policy rest...

This vulnerability in the sopel-channelmgnt plugin allows attackers to bypass restrictions and kick the bot from IRC channels when kicking multiple us...