The vulnerability of the Vinchin Backup & Recovery software regarding backup and restoration, related to the lack of measures for cleaning input data, allows a perpetrator to execute arbitrary commands.

The vulnerability of the Vinchin Backup & Recovery software regarding backup and restoration involves a lack of measures for cleaning input data. Exploiting this vulnerability allows a malicious actor operating remotely to execute arbitrary commands...

Vyper Buffer Error Vulnerability

Vyper is the Pythonic smart contract language for EVM. Vyper suffers from a buffer error vulnerability that stems from mistaking erroneous data in the input buffer for return data...

The vulnerability of Microsoft Edge browser, related to insufficient validation of input data, allows attackers to trigger a service failure.

The vulnerability of Microsoft Edge is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of Microsoft Edge browser, related to insufficient validation of input data, allows attackers to trigger a service failure.

The vulnerability of Microsoft Edge is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...

vantage6 may create unencrypted tasks in encrypted collaboration

Impact There are no checks on whether the input is encrypted if a task is created in an encrypted collaboration. Therefore, a user may accidentally create a task with sensitive input data that will then be stored unencrypted in a database. Workarounds This is not an issue with the normal workflow...

CVE-2024-22193 vantage6 unencrypted task can be created in encrypted collaboration

The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning FL and Multi-Party Computation MPC. There are no checks on whether the input is encrypted if a task is created in an encrypted collaboration. Therefore, a user may accidentally create a tas...

CVE-2024-22193 vantage6 unencrypted task can be created in encrypted collaboration

The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning FL and Multi-Party Computation MPC. There are no checks on whether the input is encrypted if a task is created in an encrypted collaboration. Therefore, a user may accidentally create a tas...

Tenda AC10U fromAddressNat function stack buffer overflow vulnerability

Tenda AC10U is a wireless router from Tenda China. A buffer overflow vulnerability exists in Tenda AC10U version 15.03.06.49multiTDE01, which is caused by the Entrys/mitInterface/page parameter of the fromAddressNat function failing to correctly validate the length of the input data, and can be...

PT-2024-6708 · Synology · Synology Drive Client

Name of the Vulnerable Software and Affected Versions: Synology Drive Client versions prior to 3.3.0-15082 Description: The issue is related to the inclusion of functionality from an untrusted control sphere in the OpenSSL DLL component. This allows local users to execute arbitrary code via...

Tenda AC10U fromDhcpListClient Function Stack Buffer Overflow Vulnerability

The Tenda AC10 is a wireless router from the Chinese company Tenda. The Tenda AC10U fromDhcpListClient function suffers from a stack buffer overflow vulnerability, which arises from the page/listN parameter of the fromDhcpListClient function failing to properly validate the length of the input...

The vulnerability in Intel NUC’s built-in software, related to errors in processing input data, allows attackers to exploit their privileges.

The vulnerability of Intel NUC’s built-in software is related to errors in processing input data. Exploiting this vulnerability can allow attackers to gain increased privileges...

The vulnerability in Intel NUC’s built-in software arises from insufficient checking of input data, allowing attackers to exploit their privileges.

The vulnerability of Intel NUC’s built-in software is related to insufficient testing of input data. Exploiting this vulnerability can allow attackers to gain increased privileges...

The vulnerability in Intel NUC’s built-in software, related to errors in processing input data, allows attackers to exploit their privileges.

The vulnerability of Intel NUC’s built-in software is related to errors in processing input data. Exploiting this vulnerability can allow attackers to gain increased privileges...

The vulnerability of the Hotspot component in Oracle Java SE and Oracle GraalVM for JDK/Oracle GraalVM Enterprise Edition virtual machines allows attackers to compromise data integrity.

The vulnerability of the Hotspot component of Oracle Java SE and the Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines exists due to insufficient testing of input data. Exploiting this vulnerability can allow an attacker to compromise data integrity remotely...

The vulnerability of the JavaFX component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows attackers to compromise the integrity of protected information.

The vulnerability of the JavaFX component of Oracle Java SE and the Oracle GraalVM Enterprise Edition platform exists due to insufficient testing of input data. Exploiting this vulnerability can allow an attacker to compromise the integrity of protected information...

The vulnerability of Synology RT6600ax router microprogramming software arises from insufficient validation of input data, allowing a hacker to execute arbitrary code.

The vulnerability of Synology RT6600ax router microprogramming software exists due to insufficient verification of input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

The vulnerability in Intel NUC’s built-in software, related to errors in processing input data, allows attackers to exploit their privileges.

The vulnerability of Intel NUC’s built-in software is related to errors in processing input data. Exploiting this vulnerability can allow attackers to gain increased privileges...

The vulnerability of the AIX operating system, related to insufficient validation of input data, allows a perpetrator to trigger a service failure.

The vulnerability of the AIX operating system is related to insufficient checking of input data. Exploiting this vulnerability can allow an attacker to cause service failures...

Splunk Enterprise 9.0.0 < 9.0.8, 9.1.0 < 9.1.3 (SVD-2024-0108)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-0108 advisory. - In Splunk Enterprise for Windows versions below 9.0.8 and 9.1.3, Splunk Enterprise does not correctly sanitize path input dat...

The vulnerability of the Filesystem component in Oracle Solaris allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Filesystem component in Oracle Solaris is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...