Lucene search
K

1481 matches found

BDU FSTEC
BDU FSTEC
added 2021/04/06 12:0 a.m.6 views

The vulnerability of NETGEAR R6220 and R6230 Wi-Fi router microprogramming software, related to insufficient cleaning of input data, allows a intruder to execute arbitrary commands.

The vulnerability of NETGEAR R6220 and R6230 Wi-Fi routers’ microprogramming software is related to insufficient cleaning of input data. Exploiting this vulnerability can allow a remote attacker to execute arbitrary commands...

8CVSS7.8AI score0.00915EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/03/30 12:0 a.m.7 views

The vulnerability of the software for implementing the hypertext environment MediaWiki, related to the lack of a mechanism for checking input data, allows a violator to compromise the integrity of the data.

The vulnerability of the software for implementing the hypertext environment MediaWiki is related to the lack of a mechanism for checking input data. Exploiting this vulnerability can allow an attacker, operating remotely, to compromise the integrity of the data...

5.3CVSS6.2AI score0.01512EPSS
Exploits1References8Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/03/30 12:0 a.m.5 views

The vulnerability of the DNS server service in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the DNS server service in Windows operating systems is related to errors in processing input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9.8CVSS8.1AI score0.06397EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/03/30 12:0 a.m.5 views

The vulnerability of the DNS server service in Windows operating systems allows a hacker to cause a service failure.

The vulnerability of the DNS server service for Windows operating systems is related to errors in processing input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...

7.5CVSS7.1AI score0.05741EPSS
Exploits0References2
OSV
OSV
added 2021/03/29 9:32 p.m.22 views

GHSA-PCH5-WHG9-QR2R netmask npm package mishandles octal input data

The netmask package before 2.0.1 for Node.js mishandles certain unexpected characters in an IP address string, such as an octal digit of 9. This in some situations allows attackers to bypass access control that is based on IP addresses. NOTE: this issue exists because of an incomplete fix for...

5.3CVSS7AI score0.16356EPSS
Exploits1References7
BDU FSTEC
BDU FSTEC
added 2021/03/25 12:0 a.m.8 views

The vulnerability of the microprogrammed logic controller Schneider Electric Modicon M340, related to insufficient validation of input data, allows a intruder to trigger a service failure.

The vulnerability of the microprogramming software of Schneider Electric’s Modicon M340 programmable logic controllers is related to insufficient verification of input data. Exploiting this vulnerability can allow an attacker to cause a service failure by sending a specially crafted TCP packet to...

5.7CVSS5.5AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/03/15 12:0 a.m.4 views

The vulnerability of the DHCPv6 protocol implementation in the Trace TCP/IP stack allows a attacker to cause a service failure.

The vulnerability of the DHCPv6 protocol implementation in the Trace TCP/IP stack is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to cause service failures...

7.1CVSS7.6AI score0.008EPSS
Exploits0References10Affected Software1
NVD
NVD
added 2021/03/11 9:15 p.m.14 views

CVE-2021-22711

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System IGSS Definition Def.exe V15.0.0.21041 and prior, which could result in arbitrary read or write conditions when malicious CGF Configuration Group File file i...

9.3CVSS0.00796EPSS
Exploits0References2
Prion
Prion
added 2021/03/11 9:15 p.m.29 views

Design/Logic Flaw

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System IGSS Definition Def.exe V15.0.0.21041 and prior, which could result in arbitrary read or write conditions when malicious CGF Configuration Group File file i...

9.3CVSS7.5AI score0.00796EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.51 views

EulerOS Virtualization 3.0.6.6 : thrift (EulerOS-SA-2021-1457)

According to the versions of the thrift packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with...

7.8CVSS6.9AI score0.09082EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.3 views

The vulnerability of Intel Graphics Driver drivers, related to deficiencies in input data validation, allows attackers to exploit their privileges.

The vulnerability of Intel Graphics Drivers’ drivers is related to deficiencies in input data validation. Exploiting this vulnerability can allow attackers to gain increased privileges...

7.8CVSS7.2AI score0.00264EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.6 views

The vulnerability of the NVIDIA Virtual GPU Manager driver, which allows a hacker to trigger a service failure.

The vulnerability of the NVIDIA Virtual GPU Manager driver relates to incorrect validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.5AI score
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/03/01 12:0 a.m.28 views

Fedora 32 : libmysofa (2021-4e40ccb5e6)

The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-4e40ccb5e6 advisory. - Incorrect handling of input data in verifyAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and...

8.8CVSS7.7AI score0.02255EPSS
Exploits5References6
CNVD
CNVD
added 2021/02/25 12:0 a.m.19 views

D-Link DAP-1860 Remote Code Execution Vulnerability (CNVD-2022-38539)

The D-Link DAP-1860 is a WiFi range extender from D-Link, a Taiwan-based company. A remote code execution vulnerability exists in the D-Link DAP-1860, which stems from a network system or product that does not properly filter external input data during the construction of executable commands, and...

8.8CVSS3.5AI score0.09757EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/02/25 12:0 a.m.4 views

The vulnerability of the Routing Protocol Daemon (RPD) service in the Junos operating system allows a attacker to cause a service failure.

The vulnerability of the Routing Protocol Daemon RPD in the Junos operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...

8.8CVSS7.6AI score0.0065EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/23 12:0 a.m.5 views

The vulnerability of Intel SGX Platform’s microprogramming software for Windows, related to insufficient input data validation, allows a perpetrator to trigger a service failure.

The vulnerability of Intel SGX Platform’s microprogramming software for Windows is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to cause service failures...

6.5CVSS5.9AI score0.00235EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/16 12:0 a.m.7 views

The vulnerability of the microprogrammed software of Intel Ethernet Series 700 controllers, related to insufficient input data verification, allows a intruder to trigger a service failure.

The vulnerability of Intel Ethernet Series 700 controller microprogramming software is related to insufficient testing of input data. Exploiting this vulnerability can allow an attacker to cause service failures...

3.4CVSS5.5AI score0.00241EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/16 12:0 a.m.4 views

The vulnerability of Intel Graphics Driver drivers lies in insufficient validation of input data, which allows attackers to exploit their privileges.

The vulnerability of Intel Graphics Drivers’ drivers is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to gain increased privileges...

6.1CVSS7.2AI score0.00264EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/16 12:0 a.m.5 views

The vulnerability of Intel Ethernet Controller Series 722 microprogramming software, related to insufficient input data verification, allows a intruder to trigger a service failure.

The vulnerability of Intel Ethernet Controller Series 722 microprogramming software is related to insufficient testing of input data. Exploiting this vulnerability can allow an attacker to cause service failures...

3.4CVSS5.6AI score0.00294EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/16 12:0 a.m.5 views

The vulnerability of the microprogrammed software of Intel Ethernet E810 controllers, related to insufficient input data verification, allows a intruder to trigger a service failure.

The vulnerability of Intel Ethernet E810 controller’s microprogramming software is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures...

5.2CVSS5.5AI score0.003EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder