Lucene search
K

944 matches found

BDU FSTEC
BDU FSTEC
added 2022/09/23 12:0 a.m.4 views

The vulnerability of the SPICE remote virtual desktop rendering system, related to uncontrolled resource consumption, allows a intruder to trigger a service failure.

The vulnerability of the SPICE remote virtual desktop rendering system is related to significantly lower resource consumption on the client side compared to the server when establishing a new SSL connection. Exploiting this vulnerability allows a malicious actor to cause service interruptions...

5.3CVSS6.4AI score0.02703EPSS
Exploits1References13Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/09/23 12:0 a.m.8 views

The vulnerability of the _zip_read_eocd64 function in the zip_open.c component of the Libzip library allows a attacker to cause a service failure.

The vulnerability of the zipreadeocd64 function in the zipopen.c component of the Libzip library library for working with Zip archives is related to the allocation of unlimited memory. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

7.1CVSS6.2AI score0.032EPSS
Exploits0References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/09/23 12:0 a.m.6 views

The vulnerability of the `ff_frame_pool_get` function in the `framepool.c` component of the FFmpeg multimedia library allows a attacker to cause a service failure.

The vulnerability of the ffframepoolget function in the framepool.c component of the FFmpeg multimedia library is related to improper memory release before deleting the last references. Exploiting this vulnerability allows an attacker to cause service interruptions...

7.1CVSS6.3AI score0.00902EPSS
Exploits1References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/09/21 12:0 a.m.6 views

The vulnerability of the telnetd server in the Inetutils network programming package allows a hacker to cause a service failure.

The vulnerability of the telnetd server in the Inetutils network programming package is related to errors in pointer manipulation during byte sequence processing. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

7.8CVSS7.1AI score0.01657EPSS
Exploits1References5Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/09/21 12:0 a.m.9 views

The vulnerability of the urllib component in the Python programming language allows a hacker to trigger a service failure.

The vulnerability of the urllib component in the Python programming language is related to an uncontrolled consumption of resources. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

7.5CVSS7.1AI score0.11586EPSS
Exploits1References14Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/09/19 12:0 a.m.8 views

The vulnerability of the sbr_process_channel function in the libfaad/sbr_dec.c component of the Freeware Advanced Audio Decoder 2 (FAAD2) allows a intruder to trigger a service failure.

The vulnerability of the sbrprocesschannel function in the libfaad/sbrdec.c component of the Freeware Advanced Audio Decoder 2 FAAD2 audio decoder is related to improper processing of new PS channels. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

7.1CVSS6.6AI score0.01128EPSS
Exploits1References11Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/09/12 12:0 a.m.6 views

The vulnerability of the xfrm_expand_policies function (net/xfrm/xfrm_policy.c) in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the xfrmexpandpolicies function net/xfrm/xfrmpolicy.c in the Linux operating system is related to errors during resource release. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

5.5CVSS6.6AI score0.00302EPSS
Exploits0References39Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/09/07 12:0 a.m.8 views

The vulnerability of the Infrastructure component of the Oracle Banking Trade Finance software allows a perpetrator to trigger a service failure.

The vulnerability of Oracle Banking Trade Finance software’s Infrastructure component exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...

6.8CVSS6.9AI score0.00674EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/09/05 12:0 a.m.6 views

The vulnerability of the Web Services sub-component of the Oracle WebLogic Server application server, a software platform of Oracle Fusion Middleware, allows attackers to cause service failures.

The vulnerability of the Web Services sub-component of the Oracle WebLogic Server application server within the Oracle Fusion Middleware software platform exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions using...

5.3CVSS6.3AI score0.0088EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/08/31 12:0 a.m.6 views

The vulnerability of the hvc_xen component (console) of the Xen hypervisor allows a attacker to cause a service failure.

The vulnerability of the hvcxen component console of the Xen hypervisor is related to an uncontrolled resource consumption. Exploiting this vulnerability may allow a malicious actor to cause service interruptions remotely...

6.5CVSS6.5AI score0.00332EPSS
Exploits0References18Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/08/26 12:0 a.m.5 views

The vulnerability of the PK11_ChangePW function in the Mozilla Firefox browser and Thunderbird email client allows a hacker to trigger a service failure.

The vulnerability of the PK11ChangePW function in the Mozilla Firefox browser and Thunderbird email client is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to cause service interruptions...

5CVSS7.2AI score0.0082EPSS
Exploits0References12Affected Software7
BDU FSTEC
BDU FSTEC
added 2022/08/08 12:0 a.m.7 views

The vulnerability of the NGINX Instance Manager automation platform, related to uncontrolled resource consumption, allows a hacker to trigger a service failure.

The vulnerability of the NGINX Instance Manager automation platform is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

6.8CVSS6.5AI score0.00645EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/08/02 4:15 p.m.11 views

Deserialization of untrusted data

EasyUse MailHunter Ultimate’s cookie deserialization function has an inadequate validation vulnerability. Deserializing a cookie containing malicious payload will trigger this insecure deserialization vulnerability, allowing an unauthenticated remote attacker to execute arbitrary code, manipulate...

7.5CVSS9.8AI score0.01265EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/08/02 3:21 p.m.64 views

CVE-2022-35223

CVE-2022-35223 affects EasyUse MailHunter Ultimate via its cookie deserialization function. The root cause is inadequate validation during deserializing cookies containing a malicious payload, enabling an unauthenticated remote attacker to execute arbitrary code, manipulate system commands, or in...

9.8CVSS10AI score0.01265EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/08/02 12:0 a.m.3 views

National Health Insurance 缓冲区错误漏洞

National Health Insurance NHI is a health insurance program health insurance card in Taiwan, China. A security vulnerability exists in National Health Insurance that stems from insufficient validation of network packet header lengths and a stack-based buffer overflow, which could be exploited by ...

7.8CVSS8AI score0.00217EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/07/27 12:0 a.m.6 views

The vulnerability of the Net-SNMP software suite arises from insufficient validation of input data, allowing a perpetrator to trigger a service failure.

The vulnerability of the Net-SNMP software suite exists due to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

6.8CVSS6.8AI score0.01008EPSS
Exploits0References13Affected Software8
BDU FSTEC
BDU FSTEC
added 2022/07/21 12:0 a.m.6 views

Vulnerability of the Server component: The Optimizer component of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Oracle MySQL Server component of the database management system’s optimizer is related to resource release errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions using the MySQL protocol...

6.8CVSS6.6AI score0.01169EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/21 12:0 a.m.4 views

Vulnerability of the Server component of the Oracle MySQL Server, a database management system in the Federated system, which allows a hacker to cause a service failure.

The vulnerability of the Oracle MySQL Server component in the Oracle Database Management System involves errors related to resource release. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL protocol...

6.8CVSS6.2AI score0.01135EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/20 12:0 a.m.4 views

Vulnerability of the Cluster component: The general system for managing MySQL Cluster databases, which allows a hacker to cause a service failure.

Vulnerability of the Cluster component: General database management systems like MySQL Cluster are vulnerable due to insufficient validation of input data. Exploitation of this vulnerability can allow a malicious actor to cause service interruptions remotely...

5.9CVSS6.8AI score0.0122EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/13 12:0 a.m.4 views

The vulnerability of the microprogrammed software of industrial switches SCALANCE W1788-1 M12, SCALANCE W1788-2 EEC M12, SCALANCE W1788-2 M12, SCALANCE W1788-2IA M12 allows a intruder to trigger a service failure.

The vulnerability of the microprogrammed software of industrial switches SCALANCE W1788-1 M12, SCALANCE W1788-2 EEC M12, SCALANCE W1788-2 M12, and SCALANCE W1788-2IA M12 is related to errors in processing ARP packets. Exploiting this vulnerability can allow a remote attacker to cause service...

7.4CVSS5.9AI score0.00227EPSS
Exploits0References2Affected Software4
Rows per page
Query Builder