The vulnerability of the nft_immediateDestroy() function in the net/netfilter/nft_immediate.c module of the Netfilter subsystem in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the nftimmediateDestroy function in the net/netfilter/nftimmediate.c module of the Netfilter subsystem in the Linux operating system is related to incorrect handling of usage counters. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

The vulnerability of the u32_set_parms() function in the net/sched/cls_u32.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the u32setparms function in the net/sched/clsu32.c module of the Linux operating system is related to incorrect handling of usage counters. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of data...

The vulnerability of the Control FPWIN Pro PLC programming software lies in the possibility of data being written outside of the buffer in memory, which allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the PLC programming software Control FPWIN Pro relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the renesus_usb3remove() function in the drivers/usb/gadget/udc/renesas_usb3.c file of the Renesas USB device driver for Linux operating systems allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the renesususb3remove function in the drivers/usb/gadget/udc/renesasusb3.c file of the Renesas USB device driver for Linux operating systems is related to the repeated use of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could...

The vulnerability of the Zimbra Collaboration Suite’s corporate email management system lies in the use of certain JVM arguments within the mail server. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Zimbra Collaboration Suite email management system is related to the use of certain arguments in the Java Virtual Machine JVM used by the mail server. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibili...

The vulnerability in the implementation of the NET/ROM network protocol of the Linux operating system allows a perpetrator to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability in the implementation of the NET/ROM network protocol of the Linux operating system is related to the repeated use of the network descriptor socket when a connection has already been established in the nrrelease function within the net/netrom/afnetrom.c module. Exploiting this...

Design/Logic Flaw

Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications component: Core. Supported versions that are affected are Prior to 6.3.1.3 and Prior to 7.0.0.1. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to...

The vulnerability of the SORBAx64.dll database, which is used for receiving and analyzing data in industrial control systems managed by KingHistorian, allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the SORBAx64.dll database, which is used for receiving and analyzing data in industrial control systems like KingHistorian, is related to type conversion errors. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

SAP CRM 代码注入漏洞

SAP CRM is a customer relationship management system from SAP, a German company. A code injection vulnerability exists in SAP CRM versions 700, 701, 702, 712, and 713. An attacker could exploit this vulnerability to compromise the confidentiality and integrity of data and availability...

The vulnerability of the Btrfs file system in Linux kernels allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Btrfs file system in Linux operating systems is related to the reutilization of previously released memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

The vulnerability of Google Chrome’s WebRTC technology allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of Google Chrome’s WebRTC technology relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information through a specially created HTML page...

The vulnerability of the ColdFusion software platform arises from incorrect restrictions on the path to the restricted access catalog. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ColdFusion software platform exists due to an incorrect limitation on the path name to the restricted access catalog. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the inode_cgwbMove_to_attached() function in the fs/fs-writeback.c component of Linux operating systems allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the inodecgwbmovetoattached function in the fs/fs-writeback.c component of Linux operating systems is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...

The vulnerability of the /web_cste/cgi-bin/product.ini component of the Telnet service in TOTOLINK T8 microprogramming device allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the /webcste/cgi-bin/product.ini component of the Telnet service in TOTOLINK T8 microprogramming router software is related to the use of pre-installed user credentials. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

The vulnerability of the PDF Export function in the open-source Mahara e-portfolio management web system allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the PDF Export function in the open-source e-portfolio management web system Mahara exists due to the lack of measures taken to protect the structure of the web page. Exploitation of this vulnerability could allow a malicious actor to compromise the confidentiality, integrity...

SUSE CVE-2014-4228

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.1.34, 4.2.26, and 4.3.12 allows local users to affect confidentiality, integrity, and availability via vectors related to Graphics driver WDDM for Windows guests...

SUSE CVE-2020-27828

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability...

The vulnerability of the EcoStruxure Process Expert automation system, related to bypassing the authentication process, allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the EcoStruxure Process Expert automation system is related to the bypassing of the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to compromise the confidentiality, integrity, and accessibility of the protected...

Security feature bypass

A thread security vulnerability exists in the authentication process. Successful exploitation of this vulnerability may affect data integrity, confidentiality, and availability...

CVE-2022-46316

A thread security vulnerability exists in the authentication process. Successful exploitation of this vulnerability may affect data integrity, confidentiality, and availability...