The vulnerability of the DirectX Graphics Kernel File component in the Windows operating system allows a hacker to trigger a service failure.

The vulnerability of the DirectX Graphics Kernel File component in the Windows operating system exists due to insufficient testing of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

Microsoft Windows 代码注入漏洞

Microsoft Windows is a suite of operating systems for personal device use from Microsoft Corporation USA. A code injection vulnerability exists in Microsoft Windows Modern Execution Server, which arises from a network system or product not properly filtering specific elements of externally input...

UBUNTU-CVE-2021-45972

The giftrans function in giftrans 1.12.2 contains a stack-based buffer overflow because a value inside the input file determines the amount of data to write. This allows an attacker to overwrite up to 250 bytes outside of the allocated buffer with arbitrary data...

jeecg Access Control Error Vulnerability

jeecg is a software application. An intelligent development platform based on a code generator. An Access Control Error vulnerability exists in Jeecg that stems from the product not doing valid validation of input data. An attacker can exploit the vulnerability to access sensitive files by...

Qibosoft Cross-Site Scripting Vulnerability

Qibosoft qibosoft is a content management system CMS from Qibosoft, China. qibosoft has a cross-site scripting vulnerability that originates in the /admin/index.php?lfj=friendlink & action=add link of the admin component of the product. The vulnerability is caused by the...

The vulnerability of Adobe Premiere Rush software, related to insufficient validation of input data, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Adobe Premiere Rush is related to insufficient validation of input data during the MP4 file syntax analysis. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

FreeBSD : OpenSearch -- Log4Shell (b0f49cb9-6736-11ec-9eea-589cfc007716)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the b0f49cb9-6736-11ec-9eea-589cfc007716 advisory. - It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain...

Out-of-bounds

An out-of-bounds read vulnerability exists when reading a BMP file using Open Design Alliance ODA Drawings Explorer before 2022.12. The specific issue exists after loading BMP files. Unchecked input data from a crafted BMP file leads to an out-of-bounds read. An attacker can leverage this...

The vulnerabilities of the programmable logic controllers MELSEC iQ-R, MELSEC Q, and MELSEC L stem from insufficient checks on input data. This allows attackers to trigger malfunctions during maintenance operations.

The vulnerability of the programmable logic controllers MELSEC iQ-R, MELSEC Q, and MELSEC L exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause malfunctions through a specially crafted package...

emlog Remote Code Execution Vulnerability (CNVD-2021-101689)

Emlog is a PHP and MySQL-based CMS builder from the Emlog personal developer. Emlog in version 5.3.1 contains a remote code execution vulnerability that stems from the failure of a network system or product to properly filter special elements in the process of constructing code segments from...

The vulnerability of the Hyper-V hardware virtualization system of the Microsoft Windows operating system, which allows a hacker to trigger a service failure.

The vulnerability of the Hyper-V hardware virtualization technology of the Microsoft Windows operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

The vulnerability of the Windows operating system arises from insufficient validation of input data, allowing attackers to trigger a service failure.

The vulnerability of the Windows operating system exists due to insufficient checking of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the HarmonyOS operating system’s kernel arises from insufficient validation of input data, allowing attackers to trigger service failures.

The vulnerability of the HarmonyOS operating system exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

The vulnerability of the HarmonyOS operating system’s kernel arises from insufficient validation of input data, allowing attackers to trigger service failures.

The vulnerability of the HarmonyOS operating system exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

Fortinet Meru AP Code Injection Vulnerability

Fortinet Meru Ap is a wireless access point from Fortinet, Inc. Fortinet Meru AP is vulnerable to code injection in versions 8.6.1 and 8.5.5 and below. The vulnerability stems from a failure of the network system or product to properly filter special elements in code segments constructed from...

The vulnerability of embedded software developed by Qualcomm, due to insufficient testing of input data, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of microprogramming software in embedded Qualcomm devices exists due to insufficient testing of input data. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and accessibility of protected information...

The vulnerability of the Azure RTOS operating system, which arises due to insufficient validation of input data, allows attackers to escalate their privileges.

The vulnerability of the Azure RTOS exists due to insufficient checking of input data. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability of the Adobe Experience Manager content and media data management system, related to the lack of measures for cleaning incoming data, allows a perpetrator to execute arbitrary code.

The vulnerability of the Adobe Experience Manager content and media data management system is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the Windows Hyper-V component of the Windows operating system, which allows a hacker to trigger a service failure

The vulnerability of the Windows Hyper-V component of the operating system exists due to insufficient testing of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures by transmitting specially crafted input data to the application...

XStream: Unsafe deserizaliation of javax.sql.rowset.BaseRowSet

A flaw was found in xstream. A remote attacker may be able to load and execute arbitrary code from a remote host only by manipulating the processed input stream. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...