Lucene search
K

457 matches found

Positive Technologies
Positive Technologies
added 2024/10/08 12:0 a.m.6 views

PT-2024-6973 · Microsoft · Wdac Ole Db Provider For Sql Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft WDAC OLE DB provider for SQL Server affected versions not specified Description: The issue is related to errors in numerical truncation in the Microsoft WDAC OLE DB provider for SQL Server. It allows remote attackers to execute...

10CVSS7.9AI score0.0138EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.6 views

The vulnerability in the `FillColorRow8` function of the `utils.cpp` component in the OpenCV library, which is used for computer vision, image processing, and numerical algorithms of general purpose, open-source nature, allows a perpetrator to access confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the FillColorRow8 function in the utils.cpp component of the OpenCV library, which is used for computer vision, image processing, and general numerical algorithms, is related to buffer overflows. Exploiting this vulnerability could allow an attacker to gain access to...

8.8CVSS7.1AI score0.0197EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/09/24 12:0 a.m.7 views

The vulnerability of the Microsoft SQL Server database management system, related to numerical truncation errors, allows an attacker to gain unauthorized access to protected information or cause service failures.

The vulnerability of the Microsoft SQL Server database management system is related to numerical truncation errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cause service failures...

7.5CVSS5.6AI score0.0166EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/09/18 12:0 a.m.5 views

The vulnerability of the Libarchive library in the Windows operating system, allowing a hacker to execute arbitrary code

The vulnerability of the Libarchive library in the Windows operating system is related to a numerical overflow condition. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7.3CVSS5.9AI score0.00938EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/09/17 12:0 a.m.6 views

The vulnerability of the Tap-Windows6 software driver allows a hacker to execute arbitrary code.

The vulnerability of the Tap-Windows6 software’s OpenVPN driver in Windows operating systems is related to a numerical overflow issue. Exploiting this vulnerability allows an attacker to execute arbitrary code in the kernel space...

10CVSS6.3AI score0.15379EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/08/19 12:0 a.m.16 views

The vulnerability of the Kernel Streaming WOW Thunk Service Driver (Drivers\ksthunk.sys) on Windows operating systems, which allows a hacker to escalate their privileges.

The vulnerability of the Kernel Streaming WOW Thunk Service Driver Drivers\ksthunk.sys on Windows operating systems is related to numerical truncation errors. Exploiting this vulnerability can allow an attacker to gain increased privileges...

7.8CVSS5.5AI score0.0594EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/08/19 12:0 a.m.6 views

The vulnerability of the Routing and Remote Access Service (RRAS) on Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the Routing and Remote Access Service RRAS on Windows operating systems is related to a numerical overflow vulnerability. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

10CVSS5.9AI score0.01536EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/13 12:0 a.m.4 views

PT-2024-5631 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to an elevation-of-privilege vulnerability in the Kernel Streaming WOW Thunk Service Driver, which is associated with numerical truncation errors in the ksthunk.sys...

7.8CVSS6.1AI score0.0594EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2024/07/19 12:0 a.m.7 views

The vulnerability of the DHCP server service for Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the DHCP server service for Windows operating systems is related to numerical truncation errors. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

8.3CVSS5.9AI score0.02143EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/07/19 12:0 a.m.7 views

The vulnerability of the Windows Filtering Platform (WFP), a filtering platform for Windows operating systems, allows attackers to escalate their privileges.

The vulnerability of the Windows Filtering Platform WFP in Windows operating systems is related to a numerical overflow condition. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS5.5AI score0.00763EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/07/15 12:0 a.m.5 views

The vulnerability of the Azure Kinect SDK development software package, related to numerical truncation errors, allows a hacker to execute arbitrary code.

The vulnerability of the Azure Kinect SDK development software package for sensor development is related to numerical truncation errors. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

6.4CVSS5.8AI score0.0061EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/12 12:0 a.m.4 views

The vulnerability in the implementation of the Secure Boot protocol for operating systems with Windows, which allows attackers to circumvent existing security restrictions.

The vulnerability of the Secure Boot protocol for Windows operating systems is related to a numerical overflow condition. Exploiting this vulnerability could allow a malicious actor to bypass existing security restrictions remotely...

8.3CVSS5.5AI score0.01273EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/07/12 12:0 a.m.6 views

The vulnerability in the implementation of the Secure Boot protocol for operating systems with Windows, which allows attackers to circumvent existing security restrictions.

The vulnerability of the Secure Boot protocol for Windows operating systems is related to a numerical overflow condition. Exploiting this vulnerability could allow an attacker to bypass existing security restrictions remotely...

6.8CVSS5.5AI score0.00959EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/07/12 12:0 a.m.5 views

The vulnerability in the implementation of the Secure Boot protocol for operating systems with Windows, which allows attackers to circumvent existing security restrictions.

The vulnerability of the Secure Boot protocol for Windows operating systems is related to a numerical overflow condition. Exploiting this vulnerability could allow a malicious actor to bypass existing security restrictions remotely...

8.3CVSS5.5AI score0.01137EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/09 12:0 a.m.3 views

PT-2024-4744 · Microsoft · Azure Kinect Sdk

Name of the Vulnerable Software and Affected Versions: Azure Kinect SDK affected versions not specified Description: The issue is related to numerical truncation errors in the Azure Kinect SDK. Exploitation of this issue may allow an attacker to execute arbitrary code. Recommendations: At the...

6.4CVSS7.6AI score0.0061EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2024/07/01 12:0 a.m.6 views

The vulnerability of the dav1d decoder in iOS, iPadOS, visionOS, macOS, Fedora, and the Safari browser allows a hacker to execute arbitrary code.

The vulnerability of the dav1d decoder in iOS, iPadOS, visionOS, macOS, Fedora, and the Safari browser is related to a numerical overflow vulnerability. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

5.9CVSS7AI score0.01835EPSS
Exploits0References25Affected Software10
BDU FSTEC
BDU FSTEC
added 2024/06/21 12:0 a.m.4 views

The vulnerability of the _imagingcms.c file in the Python Pillow image library allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the imagingcms.c file in the Pillow image processing library is due to a numerical overflow condition. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

6.7CVSS6.4AI score0.00989EPSS
Exploits0References14Affected Software6
Vulnrichment
Vulnrichment
added 2024/06/20 2:8 a.m.14 views

CVE-2023-3204 Materialis <= 1.1.24 - Missing Authorization to Limited Arbitrary Options Update

The Materialis theme for WordPress is vulnerable to limited arbitrary options updates in versions up to, and including, 1.1.24. This is due to missing authorization checks on the companiondisablepopup function called via an AJAX action. This makes it possible for authenticated attackers, with...

6.5CVSS6.3AI score0.00369EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/06/03 12:0 a.m.4 views

The vulnerability of the Windows Mobile Broadband operating system driver allows a hacker to execute arbitrary code.

The vulnerability of the Windows Mobile Broadband operating system’s driver is related to a numerical overflow vulnerability. Exploiting this vulnerability allows an attacker to execute arbitrary code by connecting a malicious USB device...

7.2CVSS6AI score0.00932EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/05/31 12:0 a.m.5 views

The vulnerability of the pywin32 package on the Splunk Enterprise operating analysis platform allows a perpetrator to trigger a service failure.

The vulnerability of the pywin32 package of the Splunk Enterprise operating analysis platform is related to a numerical overflow vulnerability. Exploiting this vulnerability could allow a malicious actor to cause a service failure...

6.8CVSS6.6AI score0.01729EPSS
Exploits0References7Affected Software2
Rows per page
Query Builder