The vulnerability of component C12.22 of the Wireshark network traffic analyzer allows a hacker to cause a service failure.

The vulnerability of component C12.22 of the Wireshark network traffic analyzer is caused by buffer overflow. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by injecting specially created packets...

The vulnerability of the Adobe Experience Manager content and media data management system, related to uncontrolled resource consumption, allows a hacker to trigger a service failure.

The vulnerability of the Adobe Experience Manager content and media data management system is related to an uncontrolled consumption of resources. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

Sunnet eHRD Access Control Error Vulnerability

Sunnet eHRD is a talent management system from SunChat Technology, Taiwan, China. The system supports talent management and performance management, etc. Sunnet eHRD has an access control error vulnerability, which can be exploited by an attacker to access the account management page after...

CVE-2021-43359

Sunnet eHRD has broken access control vulnerability, which allows a remote attacker to access account management page after being authenticated as a general user, then perform privilege escalation to execute arbitrary code and control the system or interrupt services...

Input validation

Sunnet eHRD e-mail delivery task schedule’s serialization function has inadequate input object validation and restriction, which allows a post-authenticated remote attacker with database access privilege, to execute arbitrary code and control the system or interrupt services...

CVE-2021-43360

Sunnet eHRD is a talent management system from Sun Chat Technology. The CVE-2021-43360 vulnerability affects its e-mail delivery task schedule’s serialization function, where inadequate input object validation and restriction allows a post-authenticated remote attacker with database access privil...

CVE-2021-43359 Sunnet eHRD - Broken Access Control

Sunnet eHRD has broken access control vulnerability, which allows a remote attacker to access account management page after being authenticated as a general user, then perform privilege escalation to execute arbitrary code and control the system or interrupt services...

The vulnerability of the SSH microprogramming software for Cisco Firepower Threat Defense (FTD) allows a perpetrator to trigger a service failure.

The vulnerability of the Secure Shell SSH microprogramming software of Cisco Firepower Threat Defense FTD is related to the escape of operations beyond the buffer in memory during the processing of SSH connections. Exploiting this vulnerability could allow a malicious actor to cause service...

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to the manipulation of the null pointer. This vulnerability allows attackers to cause service interruptions.

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat and Document Cloud, are related to the use of a null pointer. Exploiting these vulnerabilities can allow attackers to cause service interruptions...

The vulnerability of Cisco’s software algorithm, related to insufficient validation of input data, allows a perpetrator to trigger a service failure.

The vulnerability of Cisco software algorithms is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

The vulnerability of the TCP Normalizer component of the microprogramming software for Cisco Adaptive Security Appliances (ASA) and Cisco Firepower Threat Defense (FTD) allows a attacker to cause a service failure.

The vulnerability of the TCP Normalizer component in Cisco Adaptive Security Appliance ASA and Cisco Firepower Threat Defense FTD systems is related to the lack of integrity checking for messages. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending...

CVE-2021-42338

4MOSAn GCB Doctor’s login page has improper validation of Cookie, which allows an unauthenticated remote attacker to bypass authentication by code injection in cookie, and arbitrarily manipulate the system or interrupt services by upload and execution of arbitrary files...

The vulnerability of the stats-over-http plugin in the Apache Traffic Server web server allows a hacker to cause a service failure.

The vulnerability of the stats-over-http plugin in the Apache Traffic Server web server is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability may allow a malicious actor to cause service interruptions remotely...

The vulnerability in the processing of Control Plane protocols and the provisioning of CAPWAP points allows a attacker to induce a service failure.

The vulnerability of the CAPWAP management protocol and wireless access point services in the Cisco IOS XE operating system is related to insufficient checking of CAPWAP packets. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

The vulnerability of the software for creating metadata, processing, and exchanging Adobe XMP-Toolkit-SDK standard sets, related to reading beyond the buffer in memory, allows a perpetrator to cause service failures.

The vulnerability of the software for creating metadata, processing, and exchanging data according to the Adobe XMP-Toolkit-SDK is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause service interruptions through a speciall...

CVE-2021-42839

Grand Vice info Co. webopac7 file upload function fails to filter special characters. While logging in with general user’s permission, remote attackers can upload malicious script and execute arbitrary code to control the system or interrupt services...

The vulnerability of the Protection Against Distributed Denial of Service attacks function in Cisco IOS XE allows a attacker to cause a service failure.

The vulnerability of the Protection Against Distributed Denial of Service attacks in Cisco IOS XE operating systems is related to initialization errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

The vulnerability of the AnyConnect and WebVPN interfaces of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) allows a perpetrator to cause service interruptions.

The vulnerability of AnyConnect and WebVPN web services, which are part of Cisco Adaptive Security Appliance ASA and Cisco Firepower Threat Defense FTD, stems from insufficient validation of input data during syntax analysis of HTTPS requests. Exploiting this vulnerability can allow a malicious...

The vulnerability of the Traffic Management Microkernel component of BIG-IP access control and remote authentication tools allows a attacker to cause a service failure.

The vulnerability of the Traffic Management Microkernel component of the BIG-IP access control and remote authentication solutions is related to deficiencies in the segmentation of the controlled system area. Exploiting this vulnerability could allow a malicious actor to cause service interruptio...

The vulnerability of the Mac OS X operating system arises from insufficient checks on the data entered by users in the kernel subsystem of the operating system. This allows attackers to trigger a service failure.

The vulnerability of the Mac OS X operating system arises from insufficient checks on the data entered by users in the kernel subsystem of the operating system. Exploiting this vulnerability allows a remote attacker to cause service interruptions...