Lucene search
+L

90 matches found

BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.5 views

The vulnerability of graphics drivers in microprogramming software for Intel processors arises from incorrect neutralization of special elements in the output data used by the input component. This allows attackers to exploit their privileges.

The vulnerability of graphic drivers in microprogramming software for Intel processors is related to incorrect neutralization of special elements in the output data used by the input component. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

7.8CVSS5.4AI score0.00342EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/12/02 12:0 a.m.8 views

The vulnerability in the set of development libraries for Intel Distribution for GDB relates to incorrect elimination of special elements in output data, allowing an attacker to trigger a service failure.

The vulnerability in the application development library set of Intel Distribution for GDB is related to incorrect elimination of special elements in the output data. Exploiting this vulnerability can allow an attacker to cause a service failure...

6.6CVSS5.5AI score0.00132EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.13 views

The vulnerability of the software tools for accelerated video processing at the hardware level, the Intel Video Processing Library (VPL), stems from incorrect neutralization of certain elements in the output data. This allows attackers to exploit their privileges.

The vulnerability of the software tools for accelerated video processing at the hardware level, the Intel Video Processing Library VPL, is related to incorrect elimination of certain elements in the output data. Exploiting this vulnerability can allow an attacker to enhance their privileges...

4.2CVSS5.4AI score0.00187EPSS
Exploits0References4Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.16 views

The vulnerability of the Portal for ArcGIS web portal involves incorrect elimination of special elements in the output data used by the incoming component. This allows a malicious user to execute arbitrary HTML code.

The vulnerability of the Portal for ArcGIS web portal is related to incorrect neutralization of special elements in the output data used by the incoming component. Exploiting this vulnerability allows a malicious actor to execute arbitrary HTML code remotely...

5.5CVSS5.8AI score0.00273EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2024/11/09 11:15 a.m.11 views

UBUNTU-CVE-2024-50232

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: fix division by zero in ad7124setchannelodr In the ad7124writeraw function, parameter val can potentially be zero. This may lead to a division by zero when DIVROUNDCLOSEST is called within ad7124setchannelodr. T...

5.5CVSS6.2AI score0.00248EPSS
Exploits0References34
BDU FSTEC
BDU FSTEC
added 2024/09/11 12:0 a.m.10 views

The vulnerability of the Microsoft App Installer installer, related to the lack of mechanisms for encoding or shielding output data, allows attackers to perform spoofing attacks.

The vulnerability of the Microsoft App Installer relates to the lack of mechanisms for encoding or shielding output data. Exploiting this vulnerability allows attackers to carry out spear-phishing attacks using a specially created malware package...

7.8CVSS5.5AI score0.00856EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/17 12:0 a.m.7 views

The vulnerability of the Atlassian Bamboo continuous integration system lies in the improper elimination of special elements in the output data, allowing attackers to gain access to local server files and execute them.

The vulnerability of the Atlassian Bamboo continuous integration system is related to incorrect elimination of special elements in the output data. Exploiting this vulnerability can allow a malicious actor to gain access to local server files and execute them...

8.5CVSS7.5AI score0.00746EPSS
Exploits0References3
Redos
Redos
added 2024/07/08 12:0 a.m.25 views

ROS-20240708-02

A vulnerability in the TPMLPCRSELECTION functions of the source repository for Trusted Platform Module tools TPM2.0 is related to improper mapping of PCR slots, providing a misleading TPM state. Exploitation of the vulnerability could allow an attacker acting remotely to manipulate output data...

9CVSS6.7AI score0.00984EPSS
Exploits1
Cvelist
Cvelist
added 2024/06/06 6:24 p.m.30 views

CVE-2024-3402 Stored XSS vulnerability in gaizhenbiao/chuanhuchatgpt

A stored Cross-Site Scripting XSS vulnerability existed in version 20240121 of gaizhenbiao/chuanhuchatgpt due to inadequate sanitization and validation of model output data. Despite user-input validation efforts, the application fails to properly sanitize or validate the output from the model,...

6.8CVSS0.00458EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2024/05/06 12:0 a.m.7 views

The vulnerability of the DCH-compatible Thunderbolt driver relates to incorrect elimination of special elements in the output data, allowing attackers to increase their privileges.

The vulnerability of the DCH-compatible Thunderbolt driver is related to incorrect elimination of special elements in the output data. Exploiting this vulnerability can allow an attacker to increase their privileges...

4.6CVSS5.5AI score0.00207EPSS
Exploits0References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/05/06 12:0 a.m.7 views

The vulnerability of the DCH-compatible Thunderbolt driver relates to incorrect elimination of special elements in the output data, allowing attackers to increase their privileges.

The vulnerability of the DCH-compatible Thunderbolt driver is related to incorrect elimination of special elements in the output data. Exploiting this vulnerability can allow an attacker to increase their privileges...

6.1CVSS6.3AI score0.00172EPSS
Exploits0References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/05/06 12:0 a.m.7 views

The vulnerability of the DCH-compatible Thunderbolt driver, related to incorrect elimination of special elements in the output data, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the DCH-compatible Thunderbolt driver is related to incorrect elimination of special elements in the output data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

3.8CVSS5.5AI score0.0021EPSS
Exploits0References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/05/06 12:0 a.m.8 views

The vulnerability of the DCH-compatible Thunderbolt driver, related to incorrect elimination of special elements in the output data, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the DCH-compatible Thunderbolt driver is related to incorrect elimination of special elements in the output data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

3.8CVSS5.5AI score0.0021EPSS
Exploits0References8Affected Software1
Vulnrichment
Vulnrichment
added 2024/04/10 5:8 p.m.12 views

CVE-2024-1602 Stored XSS leading to RCE in parisneo/lollms-webui

parisneo/lollms-webui is vulnerable to stored Cross-Site Scripting XSS that leads to Remote Code Execution RCE. The vulnerability arises due to inadequate sanitization and validation of model output data, allowing an attacker to inject malicious JavaScript code. This code can be executed within t...

8.8CVSS6.5AI score0.00724EPSS
Exploits1References1
CVE
CVE
added 2024/04/10 5:8 p.m.91 views

CVE-2024-1602

CVE-2024-1602 affects parisneo/lollms-webui, with a stored XSS that leads to Remote Code Execution. Attacker can exploit inadequate sanitization/validation of model output data to inject JavaScript that runs in the user’s browser and can trigger a request to /execute_code to establish a reverse s...

8.8CVSS6.4AI score0.00724EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2024/04/10 12:0 a.m.6 views

lollms-webui 安全漏洞

LoLLMs is a Web UI for a large language multi-model system by the individual developer Saifeddine ALOUI. A security vulnerability exists in lollms-webui that stems from inadequate cleaning and validation of model output data...

8.8CVSS8.7AI score0.00724EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2024/02/29 12:0 a.m.7 views

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird arises from incorrect elimination of special elements in the output data used by the incoming components. This allows an attacker to execute arbitrary code.

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to incorrect elimination of special elements in the output data used by the incoming component. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

6.4CVSS7.1AI score0.00667EPSS
Exploits0References10Affected Software11
BDU FSTEC
BDU FSTEC
added 2024/02/14 12:0 a.m.9 views

The vulnerability of Rockwell Automation’s programmable logic controllers ControlLogix, related to the execution of operations outside the buffer boundaries in memory, allows a hacker to trigger a malfunction during maintenance.

The vulnerability of Rockwell Automation’s programmable logic controllers ControlLogix lies in the fact that the output data may escape from memory into the operating system. Exploiting this vulnerability could allow a malicious actor to cause malfunctions during operation...

8.6CVSS7.2AI score0.00648EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/12/12 12:0 a.m.9 views

The vulnerability of the macOS iTerm2 terminal emulator relates to a lack of mechanisms for encoding or blocking output data, allowing a hacker to execute arbitrary code.

The vulnerability of the terminal emulator for the macOS operating system, iTerm2, is related to a lack of mechanisms for encoding or blocking output data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.1AI score0.0118EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/04 12:0 a.m.5 views

The vulnerability of SSH-dissection analyzers in Wireshark allows a hacker to cause a service failure.

The vulnerability of SSH-dissection analyzers in Wireshark relates to insufficient cleaning of special elements in the output data used by the incoming component. Exploiting this vulnerability allows a malicious actor to cause service failures by sending specially created packets...

7.8CVSS6.3AI score0.00746EPSS
Exploits0References7Affected Software5
Rows per page
Query Builder