The vulnerability of the User Admin Application component of the SAP NetWeaver AS for Java software, used for creating and deploying web applications, allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the User Admin Application component in the SAP NetWeaver AS for Java software for creating and deploying web applications is related to improper cleaning during exception handling. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity,...

CVE-2024-0549

The CVE-2024-0549 entry concerns mintplex-labs/anything-llm and describes a relative path traversal in deletion requests. The root cause is insufficient input validation/normalization when handling file and folder deletion, allowing an authenticated default-role attacker to delete files (includin...

The vulnerability of the `flush_ref_samples()` function in the file `/gpac/src/isomedia/movie_fragments.c` of the multimedia platform GPAC allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the flushrefsamples function in the file /gpac/src/isomedia/moviefragments.c of the multimedia platform GPAC is related to the incorrect use of dynamic memory during program execution. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

The vulnerability of the formSetCfm (/goform/setcfm) function in the Tenda AC7 router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formSetCfm /goform/setcfm function in the Tenda AC7 router software is caused by a buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the PSA Crypto application programming interface, as well as the Mbed TLS and Mbed Crypto software, allows a perpetrator to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the PSA Crypto application programming interface and the Mbed TLS and Mbed Crypto software implementations is related to insufficient spatial partitioning. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...

The vulnerability of the Arena Simulation software in simulating and automating discrete events lies in its ability to read data beyond the buffer in memory. This allows attackers to execute arbitrary code and compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Arena Simulation software for modeling and automating discrete events is related to reading data beyond the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code and compromise the confidentiality, integrity, and accessibility of...

The vulnerability of the win_close() function in the Vim text editor allows a attacker to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the winclose function in the Vim text editor relates to Vim’s attempt to access a window structure that has already been freed. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of data...

The vulnerability of the CRI-O Container Engine’s application programming interface allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the CRI-O Container Engine’s application programming interface, a software platform for managing clusters of virtual machines in Kubernetes, stems from the ability to add arbitrary strings to the /etc/passwd file using a specially created environment variable. Exploiting this...

The vulnerability of the addWifiMacFilter function (/goform/addWifiMacFilter) in the Tenda FH1202 router software allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the addWifiMacFilter function /goform/addWifiMacFilter in the Tenda FH1202 router software lies in the reading of data outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the...

PT-2024-6136 · Аврора · Аврора

Name of the Vulnerable Software and Affected Versions: Аврора affected versions not specified Description: The issue is related to a component validation vulnerability in the Аврора operating system, which is caused by the lack of control over public write permissions for installed application...

The vulnerability of the `io_provide_buffers_prep()` function in the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the ioprovidebuffersprep function in the Linux operating system arises due to an overflow in the stack buffer. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of data...

The vulnerability of the LdapSettings.get_ldap_info component of the Dell Data Protection Search system allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the LdapSettings.getldapinfo component in the Dell Data Protection Search system exposes it to data leaks from various sources. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the microprogramming software of AMI MegaRAC SP-X controllers allows a perpetrator to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the microprogramming software of AMI MegaRAC SP-X controllers related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of data...

The vulnerability of the SAP LT Replication Server, related to incorrect authentication, allows attackers to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the SAP LT Replication Server is related to incorrect authentication. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of data...

The vulnerability of the raid5_cache_count() function (drivers/md/raid5.c) in the Linux kernel’s RAID driver allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information due to integer overflow.

The vulnerability of the raid5cachecount function drivers/md/raid5.c in the Linux kernel-based RAID driver is related to a numerical overflow vulnerability. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

The vulnerability of the fromNatStaticSetting function in the microprogramming software for Tenda AC10U allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the fromNatStaticSetting function in the Tenda AC10U router’s microprogramming software relates to the reading of data beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the...

The vulnerability of the formQuickIndex function in the microprogramming software for Tenda AC10U allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formQuickIndex function in the microprogramming software for Tenda AC10U relates to reading data beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected...

The vulnerability of the formSetVirtualSer function in the microprogramming software for Tenda AC10U allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formSetVirtualSer function in the Tenda AC10U router’s microprogramming software relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of...

The vulnerability of the `saveParentControlInfo` function in the Tenda AC10U router software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the saveParentControlInfo function in the Tenda AC10U router’s microprogramming software relates to the reading of data beyond the buffer in memory. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of...

The vulnerability of the formSetPPTPServer function in the microprogramming software for Tenda AC10U allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formSetPPTPServer function in the Tenda AC10U router’s microprogramming system is related to reading data outside the buffer in memory. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protect...