The vulnerability of embedded software developed by Qualcomm, caused by buffer overflows, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of microprogramming software in embedded Qualcomm devices arises due to buffer overflows. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and accessibility of protected information as a result of incorrect input validation in the P...

The vulnerability of the /cloud_config/router_post/check_reset_pwd_verify_code function in TP-LINK’s WR-886N router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the /cloudconfig/routerpost/checkresetpwdverifycode function in TP-LINK’s WR-886N router software arises due to buffer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the Connection Manager component of the Oracle Communications Billing and Revenue Management software lies in insufficient validation of input data. This allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Connection Manager component of the Oracle Communications Billing and Revenue Management software exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to compromise the confidentiality, integrity, an...

The vulnerability in the implementation of the st21nfca_connectivity_event_received() function in Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability in the implementation of the st21nfcaconnectivityeventreceived function in Linux kernel systems relates to the copying of buffers without checking the size of the input data when processing length parameters. Exploiting this vulnerability can allow attackers to compromise the...

The vulnerability of the web interface of NETGEAR RAX43 integrated software routers allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the web interface of NETGEAR RAX43 router software relates to the transmission of data in an open manner. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information through HTTP requests...

CVE-2021-0308

An out-of-bounds write flaw was found in gdisks' ReadLogicalParts function of 'basicmbr.cc'. The exploitation of this flaw requires the use of a malicious storage device for example, a USB Stick that can cause a crash when physically inserted into the system and possible local privilege escalatio...

CVE-2020-0256

An out-of-bounds write flaw was found in gdisks' LoadPartitionTable function of 'gpt.cc'. The exploitation of this flaw requires the use of a malicious storage device for example, a USB Stick that can cause a crash when physically inserted into the system and possible local privilege escalation...

The vulnerability of embedded Qualcomm software due to buffer overflows allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of microprogramming software in embedded Qualcomm chips is caused by buffer overflow. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information, due to the lack of checking the length of th...

The vulnerability of the WebRTC extension of the Microsoft Edge browser allows a perpetrator to compromise the confidentiality, integrity, and accessibility of information.

The vulnerability of the Fedora operating system is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of information...

The vulnerability in the implementation of the WebRTC technology in Microsoft Edge browsers allows attackers to compromise the confidentiality, integrity, and accessibility of information.

The vulnerability of the WebRTC technology implementation in Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of information...

SAP NetWeaver AS 安全漏洞

SAP NetWeaver AS is a SAP network application server from SAP. It not only provides network services, but is also the basic platform for SAP software. SAP NetWeaver AS ABAP and ABAP Platform versions 700, 701, 702, 710, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756 have a security vulnerabilit...

The vulnerability of the ext4_writeinline_data_end function (fs/ext4/inline.c) in the Linux kernel allows a attacker to compromise the integrity, accessibility, and confidentiality of data.

The vulnerability of the ext4writeinlinedataend function fs/ext4/inline.c in the Linux kernel arises from the simultaneous execution using shared resources with incorrect synchronization in the “race condition” scenario. Exploiting this vulnerability can allow an attacker to compromise the...

The vulnerability of the Akkadian Provisioning Manager Engine lies in its lack of measures to neutralize special elements used in the operating system command line. This allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Akkadian Provisioning Manager Engine exists due to the lack of measures taken to neutralize special elements used in the operating system command. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of...

The vulnerability of Trend Micro Worry-Free Business Security and Apex One anti-virus software lies in the lack of restrictions on file downloads, which allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of Trend Micro Worry-Free Business Security and Apex One anti-virus software lies in the lack of restrictions on file downloads. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information throug...

The vulnerability of the Apache HTTP Server’s web server, related to a queue overflow, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Apache HTTP Server web server is related to a heap overflow. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the runc tool’s configuration allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the configuration of the tool for running isolated containers, “runc,” exists due to an incorrect limitation on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and...

The vulnerability of the libxml2 library in operating systems such as iOS, iPadOS, macOS, tvOS, watchOS, the multimedia player iTunes, and the iCloud service allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the libxml2 library in iOS, iPadOS, macOS, tvOS, watchOS, the multimedia player iTunes, and the iCloud service arises due to a buffer overflow. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of protected...

The vulnerability of the DataTables library, related to the lack of measures taken to protect the SQL query structure, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the DataTables library is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the DataTables library, related to the lack of measures taken to protect the SQL query structure, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the DataTables library is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

XStream: Unsafe deserizaliation of com.sun.org.apache.bcel.internal.util.ClassLoader

A flaw was found in xstream. A remote attacker may be able to execute arbitrary code only by manipulating the processed input stream. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...