Missing validation of terminating delegation causes the client to continue searching the defined delegation list, even after searching a terminating delegation. This could cause the client to fetch a
During a target rollback, the client fails to detect the rollback for delegated targets. This could cause the client to fetch a target from an incorrect source, altering the target contents. Users sho
Missing expiration, hash, and length enforcement in delegated metadata validation in awslabs/tough before tough-v0.22.0 allows remote authenticated users with delegated signing authority to bypass TUF
During a snapshot rollback, the client incorrectly caches the timestamp metadata. If the client checks the cache when attempting to perform the next update, the update timestamp validation will fail,
Improper verification of cryptographic signature uniqueness in delegated role validation in awslabs/tough before tough-v0.22.0 allows remote authenticated users to bypass the TUF signature threshold r
Missing validation of the root metatdata version number could allow an actor to supply an arbitrary version number to the client instead of the intended version in the root metadata file, altering the
Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure.
This issue affects BIND 9 versions 9.16.13 through 9.1
An improper input validation in the Security Dashboard ignored-tasks API of Devolutions Server 2025.2.15.0 and earlier allows an authenticated user to cause a denial of service to the Security Dashboa
Crafted delegations or IP fragments can poison cached delegations in Recursor.
Improper input validation in the external authentication provider flow in Devolutions Server allows an unauthenticated remote attacker to redirect victims to an attacker-controlled domain via a crafte
The improper order of AUTHORIZED_CTM_IP validation in the Control-M/Agent, where the Control-M/Server IP address is validated only after the SSL/TLS handshake is completed, exposes the Control-M/Agent
An issue was discovered in DTEX DEC-M (DTEX Forwarder) 6.1.1. The com.dtexsystems.helper service, responsible for handling privileged operations within the macOS DTEX Event Forwarder agent, fails to i
A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. RPKI Relying Parties (such as Fort) are supposed to maintain a backup cache of the remote RPKI data. This can be employe
Improper Validation of Specified Type of Input vulnerability in ABB FLXEON.A remote code execution is possible due to an improper input validation.
This issue affects FLXEON: through 9.3.5.
A weakness has been identified in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is the function TeamTasksTool.executeComplete of the file internal/tools/team_tasks_lifecycle.go of the com
An issue in EQ Enterprise Management System before v2.0.0 allows attackers to execute a directory traversal via crafted requests.
A vulnerability has been found in Secure Systems Engineering Connaisseur up to 3.3.0 and classified as problematic. This vulnerability affects unknown code of the file connaisseur/res/targets_schema.j
Incomplete path traversal fixes in awslabs/tough before tough-v0.22.0 allow remote authenticated users with delegated signing authority to write files outside intended output directories via absolute
Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal method. This affects programs which validate arbi
Crafted delegations or IP fragments can poison cached delegations in Recursor.
Page 1+ Next →