Lucene search
K

304 matches found

BDU FSTEC
BDU FSTEC
added 2025/02/17 12:0 a.m.8 views

The vulnerability of the WebContentFilter filter in operating systems such as iOS, iPadOS, Mac OS, and visionOS allows a hacker to trigger a service failure.

The vulnerability of the WebContentFilter filter in operating systems such as iOS, iPadOS, Mac OS, and visionOS relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

10CVSS7.9AI score0.01134EPSS
Exploits0References6Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/01/16 12:0 a.m.9 views

The vulnerability of the Git-based software platform for collaborative code development in GitLab EE/CE lies in its algorithmic complexity, which allows attackers to trigger service interruptions.

The vulnerability of the Git-based software platform for collaborative code development in GitLab EE/CE is related to algorithmic complexity. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service interruptions...

4.3CVSS5.5AI score0.00704EPSS
Exploits1References2Affected Software1
Securelist
Securelist
added 2024/12/09 10:0 a.m.29 views

Story of the Year: global IT outages and supply chain attacks

A faulty update by cybersecurity firm CrowdStrike triggered one of the largest IT outages in history, impacting approximately 8.5 million systems worldwide. This incident serves as a stark reminder of the critical risks posed by global IT disruptions and supply chain weaknesses. With large-scale...

7.8CVSS7.6AI score0.51865EPSS
Exploits13
BDU FSTEC
BDU FSTEC
added 2024/12/02 12:0 a.m.7 views

The vulnerability of microprogrammed network adapter software in Intel Ethernet Controller E800 Series devices relates to a flaw in the data protection mechanism, allowing attackers to trigger a service failure.

The vulnerability of microprogrammed network adapters in Intel Ethernet Controller E800 Series devices is related to a breach in data protection mechanisms. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures...

6.5CVSS5.5AI score0.00386EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2024/11/15 3:41 p.m.23 views

LibreNMS has a Persistent XSS from Insecure Input Sanitization Affects Multiple Endpoints

Summary The application fail to sanitising inputs properly and rendering the code from user input to browser which allow an attacker to execute malicious javascript code. Details User with Admin role can edit the Display Name of a device, the application did not properly sanitize the user input i...

4.8CVSS7.3AI score0.00314EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.8 views

The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit, related to the occurrence of operations outside the buffer in memory, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit relates to the escape of operations beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to access confidential data, compromise its integrity, and cause service failures...

10CVSS7.8AI score0.01016EPSS
Exploits0References14Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.7 views

The vulnerability of the WPE WebKit and WebKitGTK web page rendering modules, related to bypassing authentication through spoofing, allows attackers to access sensitive data, compromise its integrity, and cause service failures.

The vulnerability of the WPE WebKit and WebKitGTK page rendering modules is related to the bypassing of authentication processes through spoofing techniques. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data, compromise its integrity, and cause service...

7.6CVSS6.6AI score0.0086EPSS
Exploits0References7Affected Software5
Vulnrichment
Vulnrichment
added 2024/11/12 4:44 p.m.30 views

CVE-2024-49369 Icinga 2 has a TLS Certificate Validation Bypass for JSON-RPC and HTTP API Connections

Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. The TLS certificate validation in all Icinga 2 versions starting from 2.4.0 was flawed, allowing an attacker to impersonate both trusted clust...

9.8CVSS7.3AI score0.02934EPSS
Exploits1References7
BDU FSTEC
BDU FSTEC
added 2024/10/29 12:0 a.m.7 views

The vulnerabilities of microprogrammed software in Wi-Fi transceivers, Wi-Fi amplifiers, Fiber ONTs, DSL/Ethernet CPE routers allow attackers to cause service interruptions.

The vulnerability of microprogrammed software in Wi-Fi transceivers, Wi-Fi amplifiers, Fiber ONTs, and DSL/Ethernet CPE routers lies in the fact that the operation data is exposed beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures...

6.8CVSS5.7AI score0.00431EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/10/29 12:0 a.m.7 views

The vulnerabilities of microprogrammed software in Wi-Fi transceivers, Wi-Fi amplifiers, Fiber ONTs, DSL/Ethernet CPE routers allow attackers to cause service interruptions.

The vulnerability of microprogrammed software in Wi-Fi transceivers, Wi-Fi amplifiers, Fiber ONTs, and DSL/Ethernet CPE routers lies in the fact that the operation data is exposed beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures...

6.8CVSS5.7AI score0.00431EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/09/23 12:0 a.m.6 views

The vulnerability of the pspdf_prepare_page function in the ps-pdf.cxx component of the HTMLDOC conversion tool allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failure.

The vulnerability of the pspdfpreparepage function in the ps-pdf.cxx component of the HTML DOC conversion tool is related to writing beyond buffer boundaries. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity, and cause service failures...

7.8CVSS7.4AI score0.00923EPSS
Exploits0References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/09/23 12:0 a.m.6 views

The vulnerability of the QEMU hardware emulation software, related to synchronization errors, allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the QEMU hardware emulation software is related to synchronization errors. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity, and cause service failures...

7.8CVSS6.8AI score0.00411EPSS
Exploits1References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/09/23 12:0 a.m.8 views

The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit, related to the use of memory after it is freed, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity, and cause service failures...

10CVSS7.3AI score0.01065EPSS
Exploits0References11Affected Software5
Trend Micro Simply Security
Trend Micro Simply Security
added 2024/09/18 12:0 a.m.17 views

Vulnerabilities in Cellular Packet Cores Part IV: Authentication

Our research reveals two significant vulnerabilities in Microsoft Azure Private 5G Core AP5GC. The first vulnerability CVE-2024-20685 allows a crafted signaling message to crash the control plane, leading to potential service outages. The second ZDI-CAN-23960 disconnects and replaces attached bas...

5.9CVSS7.2AI score0.05533EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/09/13 12:0 a.m.7 views

The vulnerability of the av_malloc function in the libavutil/mem.c component of the FFmpeg multimedia library, which involves copying buffers without checking the input data, allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the avmalloc function in the libavutil/mem.c component of the FFmpeg multimedia library is related to the copying of buffers without checking the input data. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause...

7.8CVSS6.7AI score0.00377EPSS
Exploits1References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/09/13 12:0 a.m.5 views

The vulnerability of the stbi__load_gif_main component in the C/C++ Libstb library, related to the repeated release of memory, allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the stbiloadgifmain component in the C/C++ Libstb library is related to the repeated release of memory. Exploiting this vulnerability could allow an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

10CVSS7.4AI score0.00959EPSS
Exploits0References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/09/13 12:0 a.m.4 views

The vulnerability of the Parse function in the Go programming language, which allows a hacker to trigger a service failure

The vulnerability of the Parse function in the Go programming language is related to an uncontrolled recursion. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service failures...

7.8CVSS6.5AI score0.00839EPSS
Exploits0References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/09/13 12:0 a.m.5 views

The vulnerabilities in web browsers Firefox and Firefox ESR, as well as the Thunderbird email client, involve memory management issues after memory is freed. These vulnerabilities allow attackers to access confidential data, compromise its integrity, and cause service interruptions.

The vulnerabilities in web browsers Firefox and Firefox ESR, as well as the Thunderbird email client, are related to the use of memory after it is freed. Exploiting these vulnerabilities can allow an attacker to gain access to confidential data, compromise its integrity, and cause service failure...

10CVSS7AI score0.00587EPSS
Exploits1References15Affected Software7
BDU FSTEC
BDU FSTEC
added 2024/09/13 12:0 a.m.10 views

The vulnerability of the Linux operating system’s kernel, related to uncontrolled resource consumption, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Linux operating system’s kernel is related to uncontrolled resource consumption. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and even cause service failures...

7.8CVSS6.4AI score0.00241EPSS
Exploits0References24Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/09/13 12:0 a.m.6 views

The vulnerability of the dtSearch component in the Linux operating system’s kernel, which leads to uncontrolled resource consumption, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the dtSearch component in the Linux operating system’s kernel is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow attackers to access confidential data, compromise its integrity, and cause service failures...

7.8CVSS6.3AI score0.00249EPSS
Exploits0References41Affected Software4
Rows per page
Query Builder