The vulnerability of the eBPF subsystem in Linux kernels allows attackers to enhance their privileges.

The vulnerability of the eBPF subsystem in Linux operating systems is related to errors in processing input data. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the SAML (Security Assertion Markup Language) technology used in the Nozomi Guardian network detection and monitoring tool, as well as the Nozomi Central Management Console (CMC) – a centralized security management tool – allows a malicious actor to trigger a service failure.

The vulnerability of the SAML Security Assertion Markup Language technology used in the Nozomi Guardian network detection and monitoring tool, as well as the Nozomi Central Management Console CMC, relates to insufficient validation of input data during the loading of configuration files. Exploiti...

The vulnerability of the IBM DB2 database management system and the IBM DB2 Connect Server automatic redirection server, related to insufficient input data validation, allows a perpetrator to cause service failures.

The vulnerability of the IBM DB2 database management system and the IBM DB2 Connect Server automatic redirection server is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...

The vulnerability of the IBM DB2 database management system and the IBM DB2 Connect Server automatic redirection server, related to insufficient input data validation, allows a perpetrator to cause service failures.

The vulnerability of the IBM DB2 database management system and the IBM DB2 Connect Server automatic redirection server is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...

Microsoft Edge browser’s vulnerability, related to insufficient validation of input data, allows attackers to escalate their privileges.

The vulnerability of Microsoft Edge is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of Microsoft Word’s text editor, related to errors in processing input data, allows a perpetrator to execute arbitrary code.

The vulnerability of Microsoft Word relates to errors in processing input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the Microsoft .NET Framework software, related to insufficient validation of input data, allows a perpetrator to execute arbitrary code.

The vulnerability of the Microsoft .NET Framework software platform is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of the Microsoft Visual Studio software development tool, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft Visual Studio software development tool is related to insufficient testing of input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of the Microsoft Visual Studio software development tool, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft Visual Studio software development tool is related to insufficient testing of input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of the Microsoft Visual Studio software development tool, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft Visual Studio software development tool is related to insufficient testing of input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of the Microsoft Office software package, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft Office package is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

BER/CER/DER decoder panics on invalid input

NLnet Labs’ bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding...

CVE-2023-39914

NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding...

CVE-2023-39914

NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding...

CVE-2023-39914

NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding...

RUSTSEC-2023-0062 BER/CER/DER decoder panics on invalid input

Due to insufficient checking of input data, decoding certain data sequences can lead to bcder panicking rather than returning an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding. bcder 0.7.3 fixes these issues by more...

The vulnerability of the Microsoft Office software package, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft Office package is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of the CMPappBP component in CODESYS software products allows a hacker to trigger a service failure.

The vulnerability of the CMPappBP component in CODESYS software products is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

Cross site scripting

A stored Cross-site scripting vulnerability was found in foreman. The Comment section in the Hosts tab has incorrect filtering of user input data. As a result of the attack, an attacker with an existing account on the system can steal another user's session, make requests on behalf of the user, a...

PT-2023-5047 · Microsoft · Office Word +1

Name of the Vulnerable Software and Affected Versions: Microsoft Word affected versions not specified Description: The issue is related to errors in processing input data in Microsoft Word, allowing remote attackers to execute arbitrary code and affect the system. Recommendations: At the moment,...