Lucene search
K

182 matches found

BDU FSTEC
BDU FSTEC
added 2023/08/01 12:0 a.m.6 views

The vulnerability of the Identity Manager software component, used for managing and controlling access to corporate resources and IBM Security Verify Governance applications, allows a perpetrator to execute arbitrary commands.

The vulnerability of the Identity Manager software component, which is used for managing and controlling access to corporate resources and applications in IBM Security Verify Governance, stems from insufficient validation of arguments passed to the command process. Exploiting this vulnerability...

8.3CVSS7.9AI score0.01EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/07/06 12:0 a.m.7 views

Vulnerability of web servers of microprogramming software: Siemens SICAM CP-8031 and CP-8050 control modules, allowing attackers to execute arbitrary code.

The vulnerability of the web server of the microprogramming software for the processor module controllers Siemens SICAM CP-8031 and CP-8050 is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotel...

8.3CVSS7.1AI score0.47722EPSS
Exploits3References4
BDU FSTEC
BDU FSTEC
added 2023/05/11 12:0 a.m.7 views

The vulnerability of the mySCADA myPRO industrial process visualization and control system lies in insufficient validation of the arguments transmitted in commands, allowing a hacker to execute arbitrary code in the operating system.

The vulnerability of the mySCADA myPRO industrial process visualization and control system is related to insufficient verification of the arguments sent in commands. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code in the operating system...

9CVSS8.3AI score0.04502EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/05/11 12:0 a.m.7 views

The vulnerability of the mySCADA myPRO industrial process visualization and control system lies in insufficient validation of the arguments transmitted in commands, allowing a hacker to execute arbitrary code in the operating system.

The vulnerability of the mySCADA myPRO industrial process visualization and control system is related to insufficient verification of the arguments sent in commands. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code in the operating system...

9CVSS8.3AI score0.00746EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/03/03 11:47 p.m.146 views

CVE-2023-26487

Vega’s CVE-2023-26487 is a cross-site scripting vulnerability in the lassoAppend function. The issue stems from the first argument not being strictly typed as an array, allowing objects with a push function (potentially via event.view) to be passed and used in the push call, enabling XSS vectors ...

6.5CVSS5.9AI score0.00806EPSS
Exploits1References3Affected Software2
OSV
OSV
added 2023/02/23 8:15 p.m.2 views

CVE-2023-20050

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI commands. An...

7.8CVSS7.3AI score0.00251EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/02/22 4:0 p.m.2 views

CVE-2023-20050

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI commands. An...

7.8CVSS6.1AI score0.00251EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:55 a.m.3 views

SUSE CVE-2010-4254

Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used, does not properly validate arguments to generic methods, which allows remote attackers to bypass generic constraints, and possibly execute arbitrary code, via a crafted method call...

7.5CVSS7.5AI score0.13649EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2023/02/14 12:0 a.m.8 views

The vulnerability in the built-in operating system Cradlepoint NetCloud (NCOS) arises from insufficient validation of arguments passed in commands, allowing a malicious actor to execute arbitrary code.

The vulnerability of the built-in operating system Cradlepoint NetCloud NCOS is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows an attacker to execute arbitrary code by rebooting the device and accessing the BIOS...

8.4CVSS7.6AI score0.00301EPSS
Exploits0References6Affected Software11
Positive Technologies
Positive Technologies
added 2023/02/06 12:0 a.m.5 views

PT-2025-40220

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the network block device nbd module related to incomplete validation of arguments passed through ioctl calls. Specifically, the issue arises from...

8CVSS6.9AI score0.21314EPSS
Exploits4References727
BDU FSTEC
BDU FSTEC
added 2023/01/13 12:0 a.m.9 views

The vulnerability of the command-line interface of the FortiExtender signal booster software arises from insufficient validation of arguments passed in commands, allowing attackers to execute arbitrary commands.

The vulnerability of the command-line interface of the FortiExtender signal booster software relates to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

9CVSS8AI score0.01055EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/01/05 12:0 a.m.8 views

The vulnerability of the PDF creation library pdfkit, related to insufficient validation of arguments passed to the command, allows attackers to execute arbitrary commands.

The vulnerability of the pdfkit library for creating PDF files is related to insufficient checking of arguments passed to the command. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

10CVSS8.1AI score0.38924EPSS
Exploits11References8Affected Software2
RedHat Linux
RedHat Linux
added 2022/11/08 9:32 a.m.6 views

kernel: udmabuf: validate ubuf->pagecount

A vulnerability was found in the Linux kernel in the udmabufcreate function. An improper user-provided argument validation can lead to a ZEROPTR value being passed to the sgallocappendtablefrompages function, which attempts a dereference and leads to a kernel crash...

5.5CVSS6.5AI score0.00232EPSS
Exploits0References5
VulnCheck KEV
VulnCheck KEV
added 2022/10/21 12:0 a.m.7 views

VulnCheck KEV: CVE-2020-16875

A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. Exploitation of the vulnerability requires an...

9CVSS8AI score0.47145EPSS
Exploits5References1
OSV
OSV
added 2022/09/17 1:6 a.m.7 views

GSD-2022-1006202 video: fbdev: i740fb: Check the argument of i740_calc_vclk()

video: fbdev: i740fb: Check the argument of i740calcvclk This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.291 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/09/16 11:59 p.m.10 views

GSD-2022-1005458 video: fbdev: i740fb: Check the argument of i740_calc_vclk()

video: fbdev: i740fb: Check the argument of i740calcvclk This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.63 by commit...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/08/09 12:0 a.m.6 views

PT-2022-4151 · Siemens · Teamcenter

Name of the Vulnerable Software and Affected Versions: Teamcenter versions prior to V12.4.0.15 Teamcenter versions prior to V13.0.0.10 Teamcenter versions prior to V13.1.0.10 Teamcenter versions prior to V13.2.0.9 Teamcenter versions prior to V13.3.0.5 Teamcenter versions prior to V14.0.0.2...

9.8CVSS9.6AI score0.01091EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/07/20 12:0 a.m.6 views

The vulnerability of the Apache Spark framework’s interface, allowing a perpetrator to execute arbitrary commands

The vulnerability of the Apache Spark framework interface is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

7.5CVSS8.2AI score0.92984EPSS
Exploits12References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/13 12:0 a.m.7 views

The vulnerability of the NPM’s npm-dependency-versions versioning tool allows a attacker to execute any command they desire.

The vulnerability of the NPM dependency-versions versioning tool is related to insufficient checking of arguments passed to the command. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

10CVSS8.1AI score0.02324EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/29 12:0 a.m.7 views

The vulnerability of the mailcap module in the Python programming language allows a hacker to execute any command they desire.

The vulnerability of the mailcap module in the Python programming language lies in insufficient checking of arguments passed in commands. Exploiting this vulnerability allows an attacker to execute any command remotely...

10CVSS7.1AI score0.07017EPSS
Exploits1References13Affected Software5
Rows per page
Query Builder