Lucene search
K

41 matches found

BDU FSTEC
BDU FSTEC
added 2024/01/15 12:0 a.m.8 views

The vulnerability of Windows operating systems’ message queues allows attackers to gain unauthorized access to protected information.

The vulnerability of Message Queuing in Windows operating systems is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker, working remotely, to gain unauthorized access to protected information...

6.8CVSS6.9AI score0.02039EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/12/15 12:0 a.m.7 views

The vulnerability of the DHCP server service for Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the DHCP server service for Windows operating systems is related to insufficient protection of service-related data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

7.8CVSS7.5AI score0.02646EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/10/30 12:0 a.m.6 views

The vulnerability of Firefox browser, related to insufficient protection of service data, allows attackers to gain unauthorized access to protected information.

The vulnerability of Firefox browsers is related to insufficient protection of service data during the processing of the Vary response header for comparing request headers. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information by sending iterativ...

7.8CVSS6.2AI score0.00634EPSS
Exploits0References10Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/10/11 12:0 a.m.8 views

The vulnerability of Milesight UR5X, UR32L, UR32, UR35, and UR41 router microprogramming systems lies in the insufficient protection of service data, allowing attackers to gain unauthorized access to protected information.

The vulnerability of Milesight UR5X, UR32L, UR32, UR35, and UR41 router microprogramming systems is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

7.8CVSS7.5AI score0.59342EPSS
Exploits5References8Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/09/13 12:0 a.m.7 views

The vulnerability of the Crucible code-checking tool and the Fisheye code-searching tool lies in the insufficient protection of operational data, allowing unauthorized access by attackers to protected information.

The vulnerability of the Crucible code-checking tool and the Fisheye code-searching tool is related to insufficient protection for service data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

4.3CVSS5.5AI score0.00841EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/07/25 12:0 a.m.6 views

The vulnerability of the microprogramming software of the Elenos ETG150 transmitter allows a intruder to gain unauthorized access to the protected information.

The vulnerability of the microprogramming software of the Elenos ETG150 transmitter is related to insufficient protection of operational data. Exploiting this vulnerability could allow an intruder, operating remotely, to gain unauthorized access to the protected information...

6.8CVSS6.5AI score0.00682EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/07/20 12:0 a.m.6 views

The vulnerability of the Python Requests HTTP request library relates to insufficient protection of sensitive data, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the Python Requests HTTP request library is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

6.1CVSS6.4AI score0.02974EPSS
Exploits1References17Affected Software8
BDU FSTEC
BDU FSTEC
added 2023/07/18 12:0 a.m.7 views

The vulnerability of the audit log of the Cisco Duo Authentication Proxy, which allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Cisco Duo Authentication Proxy audit log relates to insufficient protection of sensitive data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

6.1CVSS6.5AI score0.00476EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/05 12:0 a.m.7 views

Shell component vulnerability: The Admin/InnoDB Cluster of the Oracle MySQL Server database management system, which allows attackers to gain full control over the application.

Shell component vulnerability: The Admin/InnoDB Cluster of the Oracle MySQL Server database management system is vulnerable due to insufficient protection for operational data. Exploiting this vulnerability could allow an attacker to gain full control over the application using the MySQL protocol...

7.6CVSS6.3AI score0.02818EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/09 12:0 a.m.6 views

The vulnerability of the application software interface for microprogrammed control devices in AMI MegaRAC allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the application software interface for AMI MegaRAC controllers is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

7.8CVSS7.7AI score0.0171EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/01/13 12:0 a.m.5 views

The vulnerability of Mozilla Firefox, Firefox ESR, and the Mozilla Thunderbird email client relates to insufficient protection of sensitive data. This allows attackers to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the Mozilla Thunderbird email client are related to insufficient protection of sensitive data. Exploiting these vulnerabilities allows a malicious actor to bypass security restrictions and gain unauthorized access to protected information b...

7.6CVSS7.8AI score0.00772EPSS
Exploits0References17Affected Software7
BDU FSTEC
BDU FSTEC
added 2022/12/12 12:0 a.m.13 views

The vulnerability of the endpoint protection module of the Anti-Ransomware analysis tool for network traffic, network detection, and response of the Cortex XDR Agent on Windows operating systems allows attackers to gain unauthorized access to protected information.

The vulnerability of the endpoint protection module of the Anti-Ransomware analysis tool for network traffic, network detection, and response of the Cortex XDR Agent on Windows operating systems is related to insufficient protection of operational data. Exploiting this vulnerability can allow...

5.3CVSS5.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.8 views

The vulnerabilities of the Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) systems, along with the integrated messaging system Cisco Unity Connection, stem from insufficient protection of operational data. This allows attackers to gain unauthorized access to protected information.

The vulnerabilities of the Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition SME systems, as well as the integrated messaging system Cisco Unity Connection, are related to insufficient protection of operational data. Exploiting these...

5.3CVSS5.9AI score0.00967EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/07/06 12:0 a.m.7 views

The vulnerability of the Scripting component of the Java Runtime Environment and the Java Development Kit, which allows attackers to influence the integrity, accessibility, and confidentiality of protected information.

The vulnerability of the Scripting component of the Java Runtime Environment and the Java Development Kit application development tools is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker to influence the integrity, accessibility, and...

10CVSS8.1AI score0.96714EPSS
Exploits13References18Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/07/06 12:0 a.m.7 views

The vulnerability of the administrator.cfc component in the ColdFusio software interface allows a hacker to bypass security restrictions or execute arbitrary code.

The vulnerability of the administrator.cfc component in the ColdFusion software interface is related to insufficient protection of sensitive data. Exploiting this vulnerability allows an attacker to bypass security restrictions or execute arbitrary code...

10CVSS8.3AI score0.93691EPSS
Exploits11References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/29 12:0 a.m.8 views

The vulnerability of the Authenticated Code Module (ACM) in Intel microprogramming system BIOS allows a hacker to enhance their privileges.

The vulnerability of the Authenticated Code Module ACM in Intel microprogramming system BIOS is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.5CVSS6.6AI score0.00252EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2022/06/23 12:0 a.m.8 views

The vulnerability of the Intel Setup and Configuration Software (SCS) data collection tool, as well as the configuration tools for the Intel Management Engine BIOS Extension and the Intel Active Management Technology implementation, related to insufficient protection of registration data, allows a perpetrator to disclose protected information.

The vulnerability of the Intel Setup and Configuration Software SCS data collection tool, as well as the configuration tools for the Intel Management Engine BIOS Extension and the Intel Active Management Technology implementation, is related to insufficient protection of registration data...

7.6CVSS5.5AI score0.00251EPSS
Exploits0References2Affected Software12
OSV
OSV
added 2019/05/03 3:29 p.m.5 views

CVE-2019-1692

A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller APIC Software could allow an unauthenticated, remote attacker to access sensitive system usage information. The vulnerability is due to a lack of proper data protection mechanisms for certa...

5.3CVSS6.4AI score0.01197EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2018/02/21 12:0 a.m.4 views

The vulnerability of the MembersApp component of the SAP NetWeaver software integration platform allows a hacker to disclose user information.

The vulnerability of the MembersApp component of the SAP NetWeaver software integration platform is related to insufficient data protection. Exploiting this vulnerability allows a malicious actor to obtain user information such as listing user names by taking advantage of the temporary difference...

5.3CVSS5.5AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/08/16 12:0 a.m.7 views

The vulnerability of the Firefox browser, which allows a hacker to obtain information about the last visited pages

The vulnerability of Firefox browsers is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor, operating remotely, to obtain information about the last visited pages by using the Resource Timing API interface’s calls...

5CVSS6.7AI score0.0223EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder