37008 matches found
CVE-2024-58113
Vulnerability of improper resource management in the memory management module Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2024-58115
Buffer overflow vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2024-58106
Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2024-58107
Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2024-58112
Exception capture failure vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2024-58111
Exception capture failure vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability...
The vulnerability of the padata_free_shell() function in the kernel/padata.c module of the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the padatafreeshell function in the kernel/padata.c module of the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the...
Vulnerability of software for managing IBM Engineering Requirements Management DOORS: Next, the issue related to the loading of code without checking its integrity, allowing attackers to influence the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the IBM Engineering Requirements Management DOORS Next software lies in the fact that code is loaded without any checks for its integrity. Exploiting this vulnerability could allow a malicious actor to influence the confidentiality, integrity, and accessibility of the protect...
The vulnerability of Google Chrome browsers, related to memory usage after deallocation, allows attackers to compromise the confidentiality, integrity, and accessibility of data.
The vulnerability of Google Chrome relates to the use of memory after deallocation. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of data through a specially crafted HTML page...
The vulnerability in the `joinTransaction()` function of the `fs/btrfs/transaction.c` module of the btrfs file system support in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the joinTransaction function in the fs/btrfs/transaction.c module of the btrfs file system support in the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality...
Vulnerability of the nbd_disconnect_and_put() function in the drivers/block/nbd.c module – This driver for Linux kernel-based block devices allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
Vulnerability of the nbddisconnectandput function in the drivers/block/nbd.c module – The Linux kernel’s block device support driver is vulnerable due to the repeated reuse of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...
The vulnerability of the Swagger UI interactive console of the SAP Commerce platform allows attackers to influence the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the Swagger UI interactive console of the SAP Commerce platform is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to influence the confidentiality, integrity, and accessibility of the protected...
The vulnerability of Google Chrome and Microsoft Edge browsers, related to the ability to utilize memory after deallocation, allows attackers to influence the confidentiality, integrity, and accessibility of protected information.
The vulnerability of Google Chrome and Microsoft Edge relates to the ability to utilize memory after it is freed. Exploiting this vulnerability can allow a malicious actor to influence the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the ufs_bsgremove() function in the drivers/ufs/core/ufs_bsg.c module exposes the support for UFS host controllers in the Linux operating system. This vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the ufsbsgremove function in the drivers/ufs/core/ufsbsg.c module relates to the reuse of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...
The vulnerability of function SUB_0046AC38 in Tenda AC8V4 microprogrammed router software allows a attacker to influence the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of SUB0046AC38 in Tenda AC8V4 microprogrammed router software is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to influence the confidentiality, integrity, and accessibility of the protected...
NetScaler: Securing HA Management IPs and FQDN with SAN Certificates
Securing Management IP and FQDN for High Availability Citrix ADCs with SAN Certificates Ensuring the secure management of your Citrix Application Delivery Controllers ADCs in a High Availability HA setup is crucial for maintaining the integrity and confidentiality of your infrastructure. This...
GHSA-68WV-G3FW-PQ7Q Shopware Broken ACL on Document retrieval to access other customers documents
Impact It's possible to guess the deepLinkCode of an Document to open documents of other customers Patches Update to Shopware 6.6.10.3 or 6.5.8.17 Workarounds For older versions of 6.4, corresponding security measures are also available via a plugin. For the full range of functions, we recommend...
CVE-2025-31332
Due to insecure file permissions in SAP BusinessObjects Business Intelligence Platform, an attacker who has local access to the system could modify files potentially disrupting operations or cause service downtime hence leading to a high impact on integrity and availability. However, this...
CVE-2025-30017
Due to a missing authorization check, an authenticated attacker could upload a file as a template for solution documentation in SAP Solution Manager 7.1. After successful exploitation, an attacker can cause limited impact on the integrity and availability of the application...
CVE-2025-31333 Odata meta-data tampering in SAP S4CORE entity
SAP S4CORE OData meta-data property is vulnerable to data tampering, due to which entity set could be externally modified by an attacker causing low impact on integrity of the application. Confidentiality and availability is not impacted...