Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
validator vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-35931
Nextcloud Password Policy is an app that enables a Nextcloud server admin to define certain rules for passwords. Prior to versions 22.2.10, 23.0.7, and 24.0.3 the random password generator may, in very rare cases, generate common passwords that the validator itself would block. U...
Nextcloud Password Policy
NA
CVE-2022-24912
The package github.com/runatlantis/atlantis/server/controllers/events prior to 0.19.7 are vulnerable to Timing Attack in the webhook event validator code, which does not use a constant-time comparison function to validate the webhook secret. It can allow an malicious user to reco...
Runatlantis Atlantis
5
CVSSv2
CVE-2021-40901
A Regular Expression Denial of Service (ReDOS) vulnerability exists in scniro-validator v1.0.1 when validating crafted invalid emails.
Scniro-validator Project Scniro-validator 1.0.1
7.5
CVSSv2
CVE-2021-41411
drools <=7.59.x is affected by an XML External Entity (XXE) vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability.
Redhat Drools
7.5
CVSSv2
CVE-2022-23457
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. Prior to version 2.3.0.0, the default implementation of `Validator.getValidDirectoryPath(String, String, File, boolean)` may incorrectly treat the tested input string as a ...
Owasp Enterprise Security Api
Oracle Weblogic Server 12.2.1.3.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Netapp Oncommand Workflow Automation -
Netapp Active Iq Unified Manager -
7.1
CVSSv2
CVE-2022-20694
A vulnerability in the implementation of the Resource Public Key Infrastructure (RPKI) feature of Cisco IOS XE Software could allow an unauthenticated, remote malicious user to cause the Border Gateway Protocol (BGP) process to crash, resulting in a denial of service (DoS) condit...
Cisco Ios Xe 3.13.2s
Cisco Ios Xe 3.10.6s
Cisco Ios Xe 3.13.6s
Cisco Ios Xe 3.14.4s
Cisco Ios Xe 3.7.2ts
Cisco Ios Xe 3.15.1cs
Cisco Ios Xe 3.13.4s
Cisco Ios Xe 16.2.1
Cisco Ios Xe 16.1.3
Cisco Ios Xe 3.13.0s
Cisco Ios Xe 3.18.2s
Cisco Ios Xe 16.1.2
Cisco Ios Xe 3.8.0s
Cisco Ios Xe 3.17.3s
Cisco Ios Xe 3.16.0s
Cisco Ios Xe 3.8.1s
Cisco Ios Xe 3.14.1s
Cisco Ios Xe 3.7.1s
Cisco Ios Xe 3.12.2s
Cisco Ios Xe 3.16.4s
Cisco Ios Xe 3.10.5s
Cisco Ios Xe 3.10.8s
5
CVSSv2
CVE-2022-24729
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the `dialog` plugin. The vulnerability allows abuse of a dialog input validator regular expression, which can cause a significant performance drop r...
Ckeditor Ckeditor
Drupal Drupal
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Commerce Merchandising 11.3.2
Oracle Financial Services Trade-based Anti Money Laundering 8.0.7
Oracle Financial Services Trade-based Anti Money Laundering 8.0.8
Fedoraproject Fedora 36
Oracle Financial Services Analytical Applications Infrastructure 8.1.2.0
Oracle Financial Services Analytical Applications Infrastructure 8.1.1.0
Oracle Application Express
Oracle Financial Services Analytical Applications Infrastructure 8.1.2.1
Oracle Financial Services Behavior Detection Platform
Oracle Financial Services Analytical Applications Infrastructure
Oracle Financial Services Behavior Detection Platform 8.0.8.0
Oracle Financial Services Behavior Detection Platform 8.0.7.0
Fedoraproject Fedora 37
6.5
CVSSv2
CVE-2022-23623
Frourio is a full stack framework, for TypeScript. Frourio users who uses frourio version prior to v0.26.0 and integration with class-validator through `validators/` folder are subject to a input validation vulnerability. Validators do not work properly for request bodies and que...
Frourio Frourio
6.5
CVSSv2
CVE-2022-23624
Frourio-express is a minimal full stack framework, for TypeScript. Frourio-express users who uses frourio-express version prior to v0.26.0 and integration with class-validator through `validators/` folder are subject to a input validation vulnerability. Validators do not work pro...
Frourio Frourio-express
5
CVSSv2
CVE-2021-43839
Cronos is a commercial implementation of a blockchain. In Cronos nodes running versions before v0.6.5, it is possible to take transaction fees from Cosmos SDK's FeeCollector for the current block by sending a custom crafted MsgEthereumTx. This problem has been patched in Cro...
Crypto Cronos
Crypto Ethermint
Crypto Evmos
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »