Lucene search
K

186 matches found

BDU FSTEC
BDU FSTEC
added 2024/03/20 12:0 a.m.6 views

The vulnerability of the WDAC OLE DB driver for SQL Server on the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the WDAC OLE DB driver for SQL Server on the Windows operating system is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.3AI score0.01947EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/03/18 12:0 a.m.7 views

The vulnerability of the Skype for Consumer instant messaging program, related to insufficient input data validation, allows a hacker to execute arbitrary code.

The vulnerability of the Skype for Consumer instant messaging program is related to insufficient validation of entered data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

10CVSS8AI score0.02618EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2024/02/14 12:0 a.m.15 views

PT-2024-13363 · Algosec · Algosec Fireflow

Name of the Vulnerable Software and Affected Versions: Algosec FireFlow versions A32.20 through A32.60 Description: The issue is related to improper input validation in the VisualFlow workflow editor via the Name, Description, and Configuration File fields. This allows an attacker to initiate an...

6.1CVSS4.9AI score0.00282EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/01/24 12:0 a.m.7 views

The vulnerability of the Log Management component of the Oracle Enterprise Manager Base Platform allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Log Management component of the Oracle Enterprise Manager Base Platform relates to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information through...

7.5CVSS6.6AI score0.00378EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/01/11 12:0 a.m.6 views

The vulnerability of the GVCP discapper, a traffic analysis tool for computer networks by Wireshark, allows a hacker to cause a service failure.

The vulnerability of the GVCP discapper of the Wireshark network traffic analyzer is related to insufficient verification of input data. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.8CVSS6.6AI score0.01823EPSS
Exploits1References6Affected Software3
OSV
OSV
added 2023/12/15 10:15 a.m.4 views

CVE-2023-48395

Kaifa Technology WebITR is an online attendance system, it has insufficient validation for user input within a special function. A remote attacker with regular user privilege can exploit this vulnerability to inject arbitrary SQL commands to read database...

6.5CVSS6AI score0.00709EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/12/14 12:0 a.m.5 views

PT-2023-7878 · Unknown · Itpison Omicard Edm

Name of the Vulnerable Software and Affected Versions: ITPison OMICARD EDM affected versions not specified Description: The SMS-related function in ITPison OMICARD EDM has insufficient validation for user input, allowing an unauthenticated remote attacker to inject arbitrary SQL commands. This ca...

9.8CVSS9.7AI score0.01062EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2023/12/14 12:0 a.m.8 views

The vulnerability of the MSHTML platform in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the MSHTML platform in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted email...

8.1CVSS8.5AI score0.92817EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/12/08 12:0 a.m.8 views

The vulnerability of the Static Routing Configuration Handler component in the Ubiquiti EdgeRouter software allows a attacker to execute arbitrary commands.

The vulnerability of the Static Routing Configuration Handler component in Ubiquiti EdgeRouter software exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

10CVSS7.5AI score0.01888EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/09/13 12:0 a.m.7 views

The vulnerability of the CMPappBP component in CODESYS software products allows a hacker to trigger a service failure.

The vulnerability of the CMPappBP component in CODESYS software products is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

6.8CVSS6.5AI score0.00519EPSS
Exploits0References4Affected Software16
BDU FSTEC
BDU FSTEC
added 2023/08/11 12:0 a.m.10 views

The vulnerability of the Microsoft .NET Framework software, related to insufficient validation of input data, allows attackers to escalate their privileges.

The vulnerability of the Microsoft .NET Framework software platform is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

7.5CVSS7.3AI score0.74288EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2023/08/02 12:0 a.m.7 views

The vulnerability of the httpd component of the microprogramming software for Wi-Fi routers from ASUS, ASUS RT-AX88U, allows a hacker to trigger a service failure.

The vulnerability of the httpd component of the microprogramming-based Wi-Fi router software from ASUS, the RT-AX88U, exists due to insufficient testing of input data. Exploiting this vulnerability could allow a remote attacker to execute a “denial-of-service” attack...

7.8CVSS7.3AI score0.00615EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/07/26 12:0 a.m.6 views

The vulnerability of the Pragmatic General Multicast (PGM) protocol implementation in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Pragmatic General Multicast protocol implementation in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

7.8CVSS7.9AI score0.00983EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/07/17 12:0 a.m.6 views

The vulnerability of the Remote Procedure Call (RPC) technology in Windows operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the Remote Procedure Call RPC technology in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

6.8CVSS7.3AI score0.01435EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/06/21 4:0 p.m.4 views

CVE-2023-20119

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, formerly known as Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the...

6.1CVSS6.7AI score0.00508EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/05/15 12:0 a.m.5 views

Judging Management System SQL注入漏洞

Judging Management System is a judging management system. Judging Management System has a SQL injection vulnerability in version v.1.0. The vulnerability is related to the critid parameter of the editcriteria.php file, and is due to the program not performing strict filter validation of user inpu...

9.8CVSS7.9AI score0.01311EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2023/05/15 12:0 a.m.7 views

The vulnerability of Microsoft Office packages, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of Microsoft Office packages is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

7.8CVSS7.8AI score0.00922EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/05/12 12:0 a.m.6 views

The vulnerability of the GUI component of the Oracle Application Object Library in the Oracle E-Business Suite, a system for automating business activities in enterprises, allows a perpetrator to trigger service failures or gain access to read, modify, add, or delete data.

The vulnerability of the GUI component of the Oracle Application Object Library in the Oracle E-Business Suite system for enterprise automation activities is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures or gain...

6.5CVSS6.9AI score0.00376EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/05/02 12:0 a.m.5 views

The vulnerability of the Web Server component of the Oracle BI Publisher software, which is used for creating reports, allows a hacker to disclose protected information.

The vulnerability of the Web Server component of the Oracle BI Publisher software exists due to insufficient verification of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose sensitive information through HTTP requests...

4.3CVSS6.1AI score0.00481EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/04/17 12:0 a.m.12 views

The vulnerability of the Delta Electronics InfraSuite Device Master software in monitoring devices in real time, due to insufficient validation of input data, allows attackers to exploit their privileges.

The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

9CVSS6.9AI score0.0055EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder