Lucene search
K

67 matches found

BDU FSTEC
BDU FSTEC
added 2020/06/17 12:0 a.m.6 views

The vulnerability of the Admidio membership management and access control application lies in the improper neutralization of special elements used in SQL commands, allowing an attacker to gain unauthorized access to protected information.

The vulnerability of the Admidio membership management and access control application lies in the improper elimination of special elements used in SQL queries. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information through...

7.8CVSS7.3AI score0.01478EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/01/22 12:0 a.m.4 views

The vulnerability of the OIM component – LDAP users and role synchronization of the Oracle Identity Manager’s identification system – allows attackers to expose protected information.

The vulnerability of the OIM component – LDAP user and role synchronization of the Oracle Identity Manager – is related to the lack of protection for service data. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information using the HTTP protocol...

7.8CVSS7.1AI score0.02016EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/11/11 12:0 a.m.5 views

The vulnerability of the Core RDBMS component of the database management system Oracle Database Server allows a hacker to disclose protected information.

The vulnerability of the Core RDBMS component of the database management system, Oracle Database Server, is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

5CVSS6.8AI score0.01129EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/07/11 12:0 a.m.7 views

The vulnerability of the `check_request_for_cacheability` function in server software like HAProxy allows attackers to disclose protected information.

The vulnerability of the checkrequestforcacheability function in the HAProxy network software is related to the lack of protection for service data. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information through a remote request without authentication...

7.8CVSS5.5AI score0.03061EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/05/06 12:0 a.m.5 views

The vulnerability of the Etlas electronic document management system lies in the lack of protection for SQL query structures, which allows attackers to disclose the protected information.

The vulnerability of the Etlas electronic document management system lies in the lack of protection for the SQL query structure. Exploiting this vulnerability allows a malicious actor to gain access to protected information by entering a specially crafted SQL query into the “Process Name” field o...

8CVSS5.6AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/03/12 12:0 a.m.3 views

The vulnerability of the SSL_shutdown function in the OpenSSL cryptographic security tool, which allows a hacker to disclose protected information

The vulnerability of the SSLshutdown function in the OpenSSL cryptographic security suite is related to the lack of protection for service data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose the protected information...

7.1CVSS6.4AI score0.17139EPSS
Exploits0References5Affected Software37
BDU FSTEC
BDU FSTEC
added 2019/02/12 12:0 a.m.5 views

The vulnerability of the PIA Core Technology component of the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a perpetrator to gain unauthorized access to protected data.

The vulnerability of the PIA Core Technology component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to access control deficiencies. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected data usi...

6.1CVSS6.7AI score0.01542EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/12/20 12:0 a.m.6 views

The vulnerability of the Wizard component in the microprogramming software of the RICOH MP C6003 multifunctional device allows a perpetrator to compromise the confidentiality and integrity of the protected information.

The vulnerability of the Wizard /web/entry/en/address/adrsSetUserWizard.cgi component of the RICOH MP multifunctional device exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability could allow a malicious actor to compromise the...

6.1CVSS6.3AI score0.01EPSS
Exploits2References4
BDU FSTEC
BDU FSTEC
added 2018/12/07 12:0 a.m.12 views

The vulnerability in the web interface of the microprogramming software for Cisco Wireless LAN Controllers of the 5500 series allows a intruder to disclose protected information.

The vulnerability of the web interface of microprogramming software for Cisco Wireless LAN Controllers of the 5500 series arises from insufficient checking of entered URI addresses. Exploiting this vulnerability can allow a malicious actor to disclose protected information using a specially craft...

5.3CVSS5.5AI score0.02507EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.10 views

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the kernel-image-2.6.8-2-64-smp operating system of the Debian GNU/Linux distribution may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

10CVSS5.4AI score0.05357EPSS
Exploits20References61Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.5 views

Vulnerabilities in the Debian GNU/Linux operating system that allow a malicious individual to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the linux-headers-2.6.18-5-vserver-sparc64 package of the Debian GNU/Linux operating system may lead to breaches of confidentiality, integrity, and accessibility of protected information...

7.2CVSS5.5AI score0.0082EPSS
Exploits2References9Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.6 views

The vulnerability in Microsoft.NET Framework software allows a malicious attacker to compromise the accessibility of protected information.

Vulnerability exists in Microsoft ASP.NET, allowing attackers to cause server failures in ASP.NET applications...

5CVSS5.4AI score0.38697EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.7 views

The vulnerability in Microsoft.NET Framework software allows a malicious attacker to compromise the confidentiality of protected information.

Vulnerability exists in the Microsoft .NET Framework, and it allows attackers to circumvent the ASLR protection mechanism, which safeguards users against a wide range of vulnerabilities. Simply bypassing the protection mechanism itself does not allow the execution of arbitrary code. However,...

4.3CVSS5.8AI score0.14261EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2015/10/21 12:0 a.m.7 views

The vulnerability of the Mac OS X operating system, which allows a perpetrator to gain access to protected information

The vulnerability of the Mail component in the Mac OS X operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to gain access to protected information at the moment when email messages are printed out...

5CVSS5.6AI score0.01435EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/09/15 12:0 a.m.6 views

The vulnerability of Safari browser and iOS operating system allows attackers to gain access to protected information.

The vulnerability of the Content Security Policy implementation in the WebKit component of the Safari browser and the iOS operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, acting remotely, to gain access to protected...

5CVSS7.2AI score0.02754EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.6 views

The vulnerability of the CentOS operating system allows a malicious attacker to compromise the confidentiality of protected information.

The vulnerability of the libjpeg-debuginfo-6b package on the CentOS operating system can lead to a violation of the confidentiality of protected information. Exploiting this vulnerability can be carried out remotely...

5CVSS6.9AI score0.10117EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.7 views

The vulnerability of the OpenSUSE operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the compat-openssl097g-debuginfo package in the OpenSUSE operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...

5.8CVSS7AI score0.87264EPSS
Exploits14References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.9 views

The vulnerability of the Gentoo Linux operating system, which allows a malicious intruder to compromise the accessibility of protected information

The vulnerability of the pptpd package up to version 1.3.4 of the Gentoo Linux operating system can lead to a violation of the accessibility of protected information. This vulnerability can be exploited remotely...

5CVSS5.4AI score0.02312EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.3 views

Vulnerabilities of the Red Hat Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the kde-i18n-Japanese-2.2.2 package of the Red Hat Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of these vulnerabilities can be carried out remotely...

7.5CVSS5.5AI score0.04033EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.4 views

The vulnerability of the OpenSUSE operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the libXvMCnouveau-debuginfo-32bit package of the operating system openSUSE can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...

6.8CVSS5.4AI score0.02609EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder