Lucene search
K

149 matches found

Redos
Redos
added 2026/06/05 12:0 a.m.9 views

ROS-20260605-73-0055

The vulnerability of the XPCOM component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to a numerical overflow vulnerability. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected informatio...

9.6CVSS5.5AI score0.00773EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.8 views

The vulnerability of the pci_epcdestroy() function in the drivers/pci/endpoint/pci-epc-core.c file of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the pciepcdestroy function in the drivers/pci/endpoint/pci-epc-core.c file of the Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...

7.8CVSS7.1AI score0.00212EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/29 12:0 a.m.6 views

The vulnerability of the jffs2_rtime_decompress() function in the fs/jffs2/compr_rtime.c module of the Linux kernel file system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the jffs2rtimedecompress function in the fs/jffs2/comprrtime.c module of the Linux kernel operating system is related to buffer overflow attacks. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...

7.8CVSS7AI score0.00215EPSS
Exploits0References21Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/05/23 12:0 a.m.7 views

The vulnerability of the HTTP POST Request Handler component in the microprogramming software for TOTOLINK A3002R and A3002RU allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the HTTP POST Request Handler component in the microprogramming software for TOTOLINK A3002R and A3002RU devices is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to compromise the...

9CVSS7.7AI score0.00661EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/04/23 12:0 a.m.8 views

The vulnerability of the UpdateBufferingSettings method in the software for managing and monitoring removed objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the UpdateBufferingSettings method in software for managing and monitoring removed objects in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromise th...

9CVSS6.7AI score0.00732EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/22 12:0 a.m.6 views

The vulnerability of the oc_huff_tree_unpack function in Theora video codecs, which allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the ochufftreeunpack function in Theora video encoding involves an unacceptable left shift operation. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

10CVSS6.7AI score0.01817EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/11 12:0 a.m.6 views

The vulnerability of JavaScript script handlers in Google Chrome browsers allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of JavaScript script handlers in Google Chrome browsers is related to buffer overflow in the “cull” mechanism. Exploiting this vulnerability allows a malicious actor to partially compromise the confidentiality, integrity, and accessibility of the protected information through a...

7.5CVSS7.8AI score0.00323EPSS
Exploits0References12Affected Software7
BDU FSTEC
BDU FSTEC
added 2024/10/17 12:0 a.m.5 views

The vulnerability of the DIV_ROUND_CLOSEST() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the DIVROUNDCLOSEST function in the Linux operating system is related to integer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS6.5AI score
Exploits0References24Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/10/17 12:0 a.m.7 views

The vulnerability of the fastrpcreq_mmap() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the fastrpcreqmmap function in the Linux operating system is related to the reallocation of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

7.8CVSS6.4AI score0.00246EPSS
Exploits0References14Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.8 views

The vulnerability of the usbtmc component in the Linux operating system allows for interference with the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the usbtmc component in the Linux operating system’s kernel is related to errors in the control channel transmission direction. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

7.8CVSS6.2AI score0.0026EPSS
Exploits0References16Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/09/03 12:0 a.m.8 views

The vulnerability of the sched/core component in the Linux operating system’s kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the sched/core component in the Linux operating system’s kernel is related to the repeated release of memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS7.1AI score0.00249EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/05/28 12:0 a.m.6 views

The vulnerability of the rose_connect() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the roseconnect function in the Linux operating system’s kernel is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

7CVSS7.2AI score0.00258EPSS
Exploits1References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/05/15 12:0 a.m.5 views

The vulnerability of the htab_map_alloc() function in the kernel/bpf/hashtab.c module of the BPF subsystem in Linux kernel-based operating systems on 32-bit architectures allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the htabmapalloc function in the kernel/bpf/hashtab.c module of the Linux operating system’s BPF subsystem in 32-bit architectures is related to integer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

7.8CVSS6.7AI score0.00251EPSS
Exploits0References50Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/05/15 12:0 a.m.10 views

The vulnerability of the cdns3_gadget_giveback() function in the drivers/usb/cdns3/cdns3-gadget.c file of the USB Cadence driver for the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the cdns3gadgetgiveback function in the drivers/usb/cdns3/cdns3-gadget.c file of the USB Cadence driver for the Linux operating system is related to the reallocation of allocated memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

4.6CVSS6.3AI score0.00242EPSS
Exploits0References21Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/09/07 12:0 a.m.10 views

The vulnerability of the do_tag() function in the Vim text editor allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the dotag function in the Vim text editor is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS7.2AI score0.00528EPSS
Exploits1References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/08/22 12:0 a.m.6 views

The vulnerability in the /net/nfc/core.c component of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability in the /net/nfc/core.c component of the Linux operating system relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information...

7.7CVSS6.5AI score0.00142EPSS
Exploits0References16Affected Software6
BDU FSTEC
BDU FSTEC
added 2021/06/23 12:0 a.m.6 views

The vulnerability of Google Chrome browser, related to its use after release, allows a violator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of Google Chrome relates to its use after release. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information...

9.3CVSS7.6AI score0.00788EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/16 12:0 a.m.5 views

The vulnerability of the org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory component in the Jackson-databind library of the FasterXML project allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory component in the Jackson-databind library of the FasterXML project is related to the restoration of unreliable data in memory. Exploiting this vulnerability could allow an attacker to compromise the...

9.3CVSS7AI score0.02959EPSS
Exploits0References11Affected Software30
BDU FSTEC
BDU FSTEC
added 2020/11/12 12:0 a.m.4 views

The vulnerability of the Google Chrome browser’s user interface allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Google Chrome browser’s user interface is related to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to affect the confidentiality, integrity, and accessibility of the protected information through a specially crafted HTML page...

9.3CVSS7.7AI score0.01502EPSS
Exploits0References6Affected Software4
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.7 views

The vulnerability of the Device Driver Utility component of the Oracle Solaris operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Device Driver Utility component of the Oracle Solaris operating system is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

9.3CVSS6.6AI score0.0046EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder