Lucene search
K

38 matches found

BDU FSTEC
BDU FSTEC
added 2025/07/28 12:0 a.m.7 views

The vulnerability of the encode_image function in the framework for working with Large Language Models (LLM) like LlamaIndex arises from an incorrect limitation on the path name to the restricted-access catalog. This vulnerability allows attackers to disclose protected information.

The vulnerability of the encodeimage function in the LlamaIndex framework, which is used for working with large language models, is related to an incorrect restriction on the path name of the restricted-access catalog. Exploiting this vulnerability could allow a malicious actor to disclose...

7.8CVSS7.2AI score0.00545EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/22 12:0 a.m.7 views

The vulnerability of Microsoft SharePoint Server and SharePoint Enterprise Server lies in the incorrect path name restrictions for the restricted access catalog, allowing attackers to perform spear-phishing attacks.

The vulnerability of Microsoft SharePoint Server and SharePoint Enterprise Server packages is related to incorrect restrictions on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to perform spear-phishing attacks remotely...

7.5CVSS7.3AI score0.99911EPSS
Exploits8References2
BDU FSTEC
BDU FSTEC
added 2025/06/15 12:0 a.m.6 views

The vulnerability in the web-based software modeling tool, Visual Composer, of the SAP NetWeaver software integration platform allows a hacker to gain access to and modify data.

The vulnerability of the Visual Composer web tool, a software modeling tool within the SAP NetWeaver integration platform, is related to an incorrect restriction on the path to the restricted access catalog. Exploiting this vulnerability could allow an attacker to gain read and modify access to...

7.6CVSS5.5AI score0.00594EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/28 12:0 a.m.5 views

The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software lies in the improper limitation of the path name in the restricted access catalog, which allows attackers to restore backup copies within the system.

The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software is related to incorrect restrictions on the name of the path to the restricted-access catalog. Exploiting this vulnerability could allow an attacker to restore backup copies within the system...

4.6CVSS5.5AI score0.00153EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/03/18 12:0 a.m.7 views

The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software lies in the incorrect limitation of the path name in the restricted access catalog, allowing attackers to read and write arbitrary files.

The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software is related to an incorrect limitation on the name of the path to the restricted-access catalog. Exploiting this vulnerability allows a malicious actor to read and write arbitrary files remotely...

5.5CVSS5.6AI score0.00375EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/05 12:0 a.m.6 views

The vulnerability of the Ivanti Avalanche device management system, related to incorrect restrictions on the path name to the restricted access catalog, allows a perpetrator to gain access to read, modify, or delete data.

The vulnerability of the Ivanti Avalanche device management system is related to an incorrect restriction on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to gain read, modify, or delete access to data...

7.8CVSS7.2AI score0.27759EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/06 12:0 a.m.5 views

The vulnerability of the software for deploying and maintaining enterprise-level cloud systems based on IBM Cloud Pak System allows a perpetrator to expose protected information.

The vulnerability of software for deploying and maintaining enterprise-level cloud systems based on IBM Cloud Pak Systems is related to incorrect restrictions on path names in the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to disclose protected...

5.3CVSS5.9AI score0.00478EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/18 12:0 a.m.6 views

Vulnerability of Veeam Backup & Replication virtual and physical systems, related to incorrect restrictions on path names to the restricted access catalog, allows attackers to increase their privileges (LPE).

The vulnerability in Veeam Backup & Replication and physical systems is related to incorrect restrictions on the path name to the restricted access catalog. Exploiting this vulnerability could allow an attacker to increase their privileges LPE...

7.8CVSS7.2AI score0.0029EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.7 views

The vulnerability of Ollama’s system for running and managing large language models lies in the improper restriction on the path name to the restricted-access catalog, which allows a violator to trigger a service failure.

The vulnerability of the Ollama system for running and managing large language models is related to an incorrect restriction on the path name to the restricted-access catalog. Exploiting this vulnerability could allow a malicious actor to trigger a service failure...

7.8CVSS8.1AI score0.03938EPSS
Exploits2References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/07 12:0 a.m.4 views

The vulnerability of the Omnivise T3000 Application Server’s software-defined hardware environment for monitoring industrial processes in Siemens Omnivise T3000 systems arises from incorrect restrictions on path names in the restricted access catalog. This allows attackers to upload arbitrary files.

The vulnerability of the Omnivise T3000 Application Server, a software-and-hardware platform for managing and monitoring industrial processes from Siemens, is related to an incorrect limitation on the path name to the restricted access catalog. Exploiting this vulnerability allows a malicious act...

8.3CVSS7.8AI score0.11452EPSS
Exploits3References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/23 12:0 a.m.6 views

The vulnerability of Reposilite repository management software lies in the improper limitation of the path to the restricted access catalog, allowing attackers to execute arbitrary code.

The vulnerability of the Reposilite repository management software is related to incorrect restrictions on the path to the restricted-access catalog. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created package...

7.5CVSS6AI score0.01475EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/04/26 12:0 a.m.6 views

The vulnerability in the iTop web tool for managing IT services arises from an incorrect limitation on the path to the restricted access catalog, allowing a perpetrator to disclose protected information.

The vulnerability of the iTop IT service management web tool is related to an incorrect limitation on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to disclose protected information...

5CVSS5.5AI score0.00684EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/04/19 12:0 a.m.10 views

The vulnerability of the Avalanche device management system, related to incorrect restrictions on the path name to the restricted access catalog, allows a perpetrator to execute arbitrary commands with SYSTEM privileges.

The vulnerability of the Avalanche device management system is related to incorrect restrictions on the path name to the restricted access catalog. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands with SYSTEM privileges remotely...

9CVSS7.9AI score0.03048EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/03/27 12:0 a.m.8 views

The vulnerability of the AutomationDirect C-MORE EA9 HMI software-related to incorrect restrictions on path names in the restricted access catalog allows a intruder to trigger a service failure.

The vulnerability of the Microprogrammed Control Panel Software of AutomationDirect C-MORE EA9 HMI is related to incorrect restrictions on the path name to the restricted access catalog. Exploiting this vulnerability could allow an attacker to trigger a service failure...

7.8CVSS5.5AI score0.00618EPSS
Exploits0References6Affected Software11
BDU FSTEC
BDU FSTEC
added 2024/03/22 12:0 a.m.5 views

The vulnerability of Microprogrammed Software in Sharp, NEC’s P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705, E805, E905, UN551S, UN551VS, X551UHD, X651UHD, X841UHD, X981UHD, MD551C8 displays due to a incorrect restriction on the path name to the restricted access catalog. This allows an attacker to execute arbitrary code.

The vulnerability of Microprogrammed Software in Sharp, NEC’s P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705, E805, E905, UN551S, UN551VS, X551UHD, X651UHD, X841UHD, X981UHD, and MD551C8 displays due to an incorrect...

10CVSS8.2AI score0.00694EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/02/20 12:0 a.m.7 views

The vulnerability of the SolarWinds Access Rights Manager software relates to the possibility of bypassing the restricted access catalog, allowing a violator to execute arbitrary code.

The vulnerability of the SolarWinds Access Rights Manager ARM software relates to the possibility of bypassing the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

7.9CVSS8.1AI score0.07848EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/07 12:0 a.m.4 views

The vulnerability of the QTS, QuTS hero, and QuTScloud operating systems for QNAP network devices stems from incorrect restrictions on the path name to the restricted access catalog, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the QTS, QuTS hero, and QuTScloud operating systems for QNAP network devices is related to incorrect path name restrictions in the restricted access catalog. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information...

6.1CVSS5.6AI score0.00481EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/02/07 12:0 a.m.7 views

The vulnerability of the QTS, QuTS hero, and QuTScloud operating systems for QNAP network devices stems from incorrect restrictions on the path name to the restricted access catalog, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the QTS, QuTS hero, and QuTScloud operating systems for QNAP network devices is related to incorrect path name restrictions in the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

6.1CVSS5.6AI score0.00454EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/02/05 12:0 a.m.6 views

The vulnerability of the Rapid SCADA system, related to incorrect restrictions on the name of the path to the restricted access catalog, allows a intruder to execute arbitrary code.

The vulnerability of the SCADA system Rapid SCADA is related to incorrect restrictions on the path name to the restricted access catalog when extracting files from archives. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted HTTP reques...

9CVSS8.1AI score0.01233EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/22 12:0 a.m.4 views

The vulnerability of the microprogramming-based power supply systems of Galaxy VL and Galaxy VS lies in the improper limitation of the path name to the restricted access catalog. This allows attackers to load arbitrary files into the system.

The vulnerability of the microprogramming-based power supply systems of Galaxy VL and Galaxy VS is related to an incorrect limitation on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to load arbitrary files into the system...

5.3CVSS6.1AI score0.00582EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder