Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
validator vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2020-16163
An issue exists in RIPE NCC RPKI Validator 3.x prior to 3.1-2020.07.06.14.28. RRDP fetches proceed even with a lack of validation of a TLS HTTPS endpoint. This allows remote malicious users to bypass intended access restrictions, or to trigger denial of service to traffic directe...
Ripe Rpki Validator 3
6.8
CVSSv2
CVE-2020-15366
An issue exists in ajv.validate() in Ajv (aka Another JSON Schema Validator) 6.12.2. A carefully crafted JSON schema could be provided that allows execution of other code by prototype pollution. (While untrusted schemas are recommended against, the worst case of an untrusted sche...
Ajv.js Ajv 6.12.2
1 Github repository
3.5
CVSSv2
CVE-2020-4070
In CSS Validator less than or equal to commit 54d68a1, there is a cross-site scripting vulnerability in handling URIs. A user would have to click on a specifically crafted validator link to trigger it. This has been patched in commit e5c09a9.
W3c Css Validator
4.7
CVSSv2
CVE-2020-12888
The VFIO PCI driver in the Linux kernel up to and including 5.6.13 mishandles attempts to access disabled memory space.
Linux Linux Kernel
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Netapp Cloud Backup -
Netapp Element Software -
Netapp Steelstore Cloud Integrated Storage -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Solidfire Baseboard Management Controller Firmware -
Netapp Bootstrap Os -
Netapp A700s Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
5
CVSSv2
CVE-2020-10693
A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows malicious users to bypass input sanitation (escaping, stripping) controls that develope...
Redhat Hibernate Validator 7.0.0
Redhat Hibernate Validator
Ibm Websphere Application Server
Redhat Jboss Enterprise Application Platform 7.2.0
Redhat Jboss Enterprise Application Platform 7.3.0
Redhat Satellite Capsule 6.8
Redhat Satellite 6.8
Quarkus Quarkus
Oracle Weblogic Server 14.1.1.0.0
3 Github repositories
6.5
CVSSv2
CVE-2020-11885
WSO2 Enterprise Integrator up to and including 6.6.0 has an XXE vulnerability where a user (with admin console access) can use the XML validator to make unintended network invocations such as SSRF via an uploaded file.
Wso2 Enterprise Integrator
6.5
CVSSv2
CVE-2020-11629
An issue exists in EJBCA prior to 6.15.2.6 and 7.x prior to 7.3.1.2. The External Command Certificate Validator, which allows administrators to upload external linters to validate certificates, is supposed to save uploaded test certificates to the server. An attacker who has gain...
Primekey Ejbca
7.5
CVSSv2
CVE-2020-10992
Azkaban up to and including 3.84.0 allows XXE, related to validator/XmlValidatorManager.java and user/XmlUserManager.java.
Azkaban Project Azkaban
6.4
CVSSv2
CVE-2019-19770
In the Linux kernel 4.19.83, there is a use-after-free (read) in the debugfs_remove function in fs/debugfs/inode.c (which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfs_create_file). NOTE: Linux...
Linux Linux Kernel
1 Github repository
6.8
CVSSv2
CVE-2019-19448
In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can ...
Linux Linux Kernel
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Data Availability Services -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp A700s Firmware -
Netapp Fas 8300 Firmware -
Netapp Fas 8700 Firmware -
Netapp Fas A400 Firmware -
Netapp Aff 8300 Firmware -
Netapp Aff 8700 Firmware -
Netapp Aff A400 Firmware -
Netapp H610s Firmware -
Netapp Solidfire Baseboard Management Controller Firmware -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »