Lucene search
K

500 matches found

BDU FSTEC
BDU FSTEC
added 2024/02/19 12:0 a.m.12 views

The vulnerability of the SAP Application Interface Framework, a software tool for developing and managing application interfaces, arises from improper code generation. This vulnerability allows attackers to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the SAP Application Interface Framework, a software tool for developing and managing application interfaces, is related to improper code generation. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of data...

8.4CVSS7.8AI score0.00611EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/13 12:0 a.m.7 views

The vulnerability of the nft_verdict_init() function in the net/netfilter/nf_tables_api.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information, thereby enhancing their privileges.

The vulnerability of the nftverdictinit function in the net/netfilter/nftablesapi.c module of the Linux operating system is related to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility...

7.8CVSS7AI score0.28058EPSS
Exploits16References26Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/02/13 12:0 a.m.5 views

The vulnerability of the microprogramming software of AMI MegaRAC SP-X controllers allows a perpetrator to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the microprogramming software of AMI MegaRAC SP-X controllers relates to buffer overflow in dynamic memory. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of data...

8.3CVSS7.9AI score0.00259EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/13 12:0 a.m.5 views

The vulnerability of the microprogramming software of AMI MegaRAC SP-X controllers allows a perpetrator to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the microprogramming software of AMI MegaRAC SP-X controllers relates to reading data outside the buffer in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of data...

9.6CVSS7.8AI score0.00308EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/13 12:0 a.m.6 views

The vulnerability of the microprogramming software of AMI MegaRAC SP-X controllers allows a perpetrator to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the microprogramming software of AMI MegaRAC SP-X controllers related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of data...

8.3CVSS7.9AI score0.00259EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/01/30 12:0 a.m.5 views

The vulnerability of the formSetCfm() function in the httpd daemon of the microprogramming software for wireless access points from Tenda W6, which allows a intruder to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formSetCfm function in the httpd daemon of the microprogrammed wireless access points of Tenda W6 is related to the operation that goes beyond the buffer in memory when processing the funcpara1 parameter. Exploiting this vulnerability could allow an attacker to compromise...

9CVSS7.4AI score0.01659EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2024/01/30 12:0 a.m.6 views

Vulnerability of the formWifiMacFilterGet() function in the httpd daemon of the wireless access point Tenda i6 software, which allows a intruder to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the formWifiMacFilterGet function in the httpd daemon of the microprogrammed wireless access points from Tenda i6 is related to the operation that goes beyond the buffer in memory when processing the index parameter. Exploiting this vulnerability could allow an attacker to...

9CVSS7.4AI score0.01659EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2024/01/30 12:0 a.m.6 views

The vulnerability of the __ext4_remount() function in Linux operating systems allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the ext4remount function in Linux operating systems is related to the use of memory after it is freed when processing old file names with the CONFIGQUOTA configuration. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and...

7.1CVSS6.5AI score0.00225EPSS
Exploits0References16Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/01/25 12:0 a.m.7 views

The vulnerability of the Splunk Enterprise platform for operational analysis in Windows operating systems lies in the restoration of unreliable data in memory, allowing attackers to compromise the integrity, accessibility, and confidentiality of the protected information.

The vulnerability of the Splunk Enterprise operating system for Windows platform lies in the recovery of unreliable data in memory due to an incorrect path being used to access files on the disk partition. Exploiting this vulnerability can allow an attacker to compromise the integrity,...

7.5CVSS7.6AI score0.0022EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/01/12 12:0 a.m.4 views

The vulnerability of the WebAudio component in Google Chrome and Microsoft Edge browsers allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the WebAudio component in Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

10CVSS6.2AI score0.00998EPSS
Exploits0References14Affected Software6
BDU FSTEC
BDU FSTEC
added 2023/12/21 12:0 a.m.6 views

The vulnerability of the main file function /cgi-bin/cstecgi.cgi?action=login of the TOTOLINK A7100RU router’s software, which allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the main function in the /cgi-bin/cstecgi.cgi?action=login script of the TOTOLINK A7100RU router’s software is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to compromise the confidentialit...

10CVSS7.7AI score0.0185EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/11 12:0 a.m.6 views

The vulnerability of the notification mechanism of the operating system “Avrora”, which allows a perpetrator to increase their privileges

The vulnerability of the “Avora” operating system’s notification mechanism is related to deficiencies in permission control for applications that send notifications. Exploiting this vulnerability allows attackers to execute privileged requests to system components, which can lead to violations of...

6.1CVSS5.6AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/25 12:0 a.m.6 views

The vulnerability of the zipOpenNewFileInZip4_64() function in the MiniZip package from the zlib library allows a attacker to compromise the integrity, accessibility, and confidentiality of the protected information.

The vulnerability of the zipOpenNewFileInZip464 function in the MiniZip package from the zlib library is related to integer overflow when processing file name lengths. Exploiting this vulnerability could allow an attacker to compromise the integrity, accessibility, and confidentiality of the...

10CVSS6.9AI score0.02918EPSS
Exploits0References15Affected Software7
BDU FSTEC
BDU FSTEC
added 2023/10/06 12:0 a.m.7 views

The vulnerability of the Ad hoc Transfer Module of the WS_FTP Server allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Ad hoc Transfer Module of the WSFTP Server server is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

10CVSS8.1AI score0.9015EPSS
Exploits5References10Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/09/25 12:0 a.m.4 views

The vulnerability of the setMAC function in D-Link DIR-816 A2 microprogrammed router software allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the setMAC function in D-Link DIR-816 A2 router microprogramming software is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected...

10CVSS7.9AI score0.12242EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/24 12:0 a.m.6 views

The vulnerability of the Google Chrome browser’s CSS component allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Google Chrome browser’s CSS component is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

10CVSS7.8AI score0.10871EPSS
Exploits0References8Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/08/03 12:0 a.m.10 views

The vulnerability of software for developing and executing applications in the ABAP language of SAP NetWeaver Application Server allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerabilities in software for developing and executing applications in the ABAP language on the SAP NetWeaver Application Server ABAP are related to deficiencies in authentication procedures. Exploiting these vulnerabilities can allow attackers to compromise the confidentiality, integrity, and...

7.4CVSS7.2AI score0.0033EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/07/19 12:0 a.m.5 views

The vulnerability of the Amateur Radio X.25 PLP (Rose) kernel implementation in the Linux operating system allows a intruder to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Amateur Radio X.25 PLP Rose kernel implementation in the Linux operating system is related to the reutilization of previously freed memory due to competitive access to resources race condition. Exploiting this vulnerability can allow an attacker to compromise the...

7CVSS6.7AI score0.00299EPSS
Exploits0References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/06/05 12:0 a.m.8 views

The vulnerability of the xfs_btree_lookup_get_block() function in Linux operating systems allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the xfsbtreelookupgetblock function in Linux operating systems is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

9.3CVSS5.5AI score
Exploits0References7Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/06/05 12:0 a.m.8 views

The vulnerability in the ext4_group_desc_csum() function of the Linux operating system’s file system driver allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Linux operating system’s ext4 file system driver relates to the use of a dedicated buffer for memory management outside the scope in the function ext4groupdesccsum within the fs/ext4/super.c module. Exploiting this vulnerability could allow an attacker to compromise the...

5.5CVSS6.5AI score0.00247EPSS
Exploits0References31Affected Software4
Rows per page
Query Builder