The vulnerability of the web interface of NETGEAR RAX43 integrated software routers allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the web interface of NETGEAR RAX43 router software relates to the transmission of data in an open manner. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information through HTTP requests...

CVE-2021-0308

An out-of-bounds write flaw was found in gdisks' ReadLogicalParts function of 'basicmbr.cc'. The exploitation of this flaw requires the use of a malicious storage device for example, a USB Stick that can cause a crash when physically inserted into the system and possible local privilege escalatio...

CVE-2020-0256

An out-of-bounds write flaw was found in gdisks' LoadPartitionTable function of 'gpt.cc'. The exploitation of this flaw requires the use of a malicious storage device for example, a USB Stick that can cause a crash when physically inserted into the system and possible local privilege escalation...

The vulnerability of embedded Qualcomm software due to buffer overflows allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of microprogramming software in embedded Qualcomm chips is caused by buffer overflow. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information, due to the lack of checking the length of th...

The vulnerability of the WebRTC extension of the Microsoft Edge browser allows a perpetrator to compromise the confidentiality, integrity, and accessibility of information.

The vulnerability of the Fedora operating system is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of information...

The vulnerability in the implementation of the WebRTC technology in Microsoft Edge browsers allows attackers to compromise the confidentiality, integrity, and accessibility of information.

The vulnerability of the WebRTC technology implementation in Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of information...

SAP NetWeaver AS 安全漏洞

SAP NetWeaver AS is a SAP network application server from SAP. It not only provides network services, but is also the basic platform for SAP software. SAP NetWeaver AS ABAP and ABAP Platform versions 700, 701, 702, 710, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756 have a security vulnerabilit...

The vulnerability of the ext4_writeinline_data_end function (fs/ext4/inline.c) in the Linux kernel allows a attacker to compromise the integrity, accessibility, and confidentiality of data.

The vulnerability of the ext4writeinlinedataend function fs/ext4/inline.c in the Linux kernel arises from the simultaneous execution using shared resources with incorrect synchronization in the “race condition” scenario. Exploiting this vulnerability can allow an attacker to compromise the...

The vulnerability of the Akkadian Provisioning Manager Engine lies in its lack of measures to neutralize special elements used in the operating system command line. This allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Akkadian Provisioning Manager Engine exists due to the lack of measures taken to neutralize special elements used in the operating system command. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of...

The vulnerability of Trend Micro Worry-Free Business Security and Apex One anti-virus software lies in the lack of restrictions on file downloads, which allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of Trend Micro Worry-Free Business Security and Apex One anti-virus software lies in the lack of restrictions on file downloads. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information throug...

The vulnerability of the runc tool’s configuration allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the configuration of the tool for running isolated containers, “runc,” exists due to an incorrect limitation on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and...

The vulnerability of the Apache HTTP Server’s web server, related to a queue overflow, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Apache HTTP Server web server is related to a heap overflow. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the libxml2 library in operating systems such as iOS, iPadOS, macOS, tvOS, watchOS, the multimedia player iTunes, and the iCloud service allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the libxml2 library in iOS, iPadOS, macOS, tvOS, watchOS, the multimedia player iTunes, and the iCloud service arises due to a buffer overflow. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of protected...

The vulnerability of the DataTables library, related to the lack of measures taken to protect the SQL query structure, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the DataTables library is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the DataTables library, related to the lack of measures taken to protect the SQL query structure, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the DataTables library is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability in the drivers/input/input.c component of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability in the drivers/input/input.c component of the Linux operating system is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

A flaw was found in postgresql in versions before 13.3 before 12.7 before 11.12 before 10.17 and before 9.6.22. While modifying certain SQL array values missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

...

The vulnerability of the org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool component in the Jackson-databind library of the FasterXML project allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool component in the Jackson-databind library of the FasterXML project is related to the restoration of unreliable data in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

The vulnerability of the org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS component from the Jackson-databind library in the FasterXML project allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS component in the Jackson-databind library of the FasterXML project is related to the restoration of unreliable data in memory. Exploiting this vulnerability may allow an attacker to compromise the confidentiality,...

The vulnerability of the IBM Security Guardium security tool, related to the rigid encoding of registration data, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the IBM Security Guardium security tool is related to the rigid encoding of registration data. Exploiting this vulnerability could allow an attacker, operating remotely, to compromise the confidentiality, integrity, and accessibility of the protected information...