74701 matches found
The vulnerability of the `cifs_signal_cifsd_for_reconnect()` function in the `fs/smb/client/cifsglob.h` and `fs/smb/client/connect.c` files, which are part of the SMB client support in Linux kernel, allows a hacker to cause a service failure.
The vulnerability of the cifssignalcifsdforreconnect function in the fs/smb/client/cifsglob.h and fs/smb/client/connect.c files, which are part of the SMB client support in Linux kernel, is related to improper locking mechanisms. Exploiting this vulnerability could allow an attacker to cause a...
The vulnerability of the kmem_cachedestroy() function in the dswstate.c module of Linux kernel allows a hacker to cause a service failure.
The vulnerability of the kmemcacheDestroy function in the dswstate.c module of Linux kernel systems is related to the lack of memory release after the effective lifespan of the function has ended. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the formLanguageChange() function in D-Link DIR-513 router microprogramming software allows a hacker to trigger a service failure or execute arbitrary code.
The vulnerability of the formLanguageChange function in D-Link DIR-513 router microprogramming software is related to the issue of the operation exceeding the buffer in memory when processing the curTime parameter. Exploiting this vulnerability allows a malicious actor to cause service failures o...
The vulnerability of the UPDM_wstpCBCUpdStart() function of the Alpine iLX-507 audio system allows a hacker to execute arbitrary code in the context of the root user.
The vulnerability of the UPDMwstpCBCUpdStart function of the Alpine iLX-507 audio system exists due to the failure to take measures to neutralize certain special elements. Exploiting this vulnerability can allow a hacker to execute arbitrary code under the root user’s context...
The vulnerability of the mbedtls_lms_import_public_key() function in Mbed TLS software allows a attacker to cause a service failure or disclose protected information.
The vulnerability of the mbedtlslmsimportpublickey function in Mbed TLS involves reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure or expose sensitive information...
The vulnerability of the formSetWizard1() function in the /goform/formSetWizard1 file of the D-Link DIR-619L router’s microprogramming system, which allows a hacker to cause a service failure.
The vulnerability of the formSetWizard1 function in the /goform/formSetWizard1 file of the D-Link DIR-619L router’s microprogramming system is related to the issue where the operation’s output goes beyond the buffer in memory when processing the curTime parameter. Exploiting this vulnerability...
The vulnerability of software for installing NVIDIA video card drivers lies in the use of files and directories accessible from external parties. This allows a hacker to exploit their privileges and execute arbitrary code.
The vulnerability of software for installing NVIDIA video card drivers is related to the use of files and directories accessible from external parties. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...
The vulnerability in the adicionar_especie.php script of the WeGIA web manager allows a attacker to perform cross-site scripting (XSS) attacks.
The vulnerability of the adicionarespecie.php script of the WeGIA web manager is related to the lack of measures taken to protect the website structure when processing the especie parameter. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotel...
The vulnerability of the raid10_make_request() function in the raid10 component of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the raid10makerequest function in the raid10 component of the Linux operating system is related to the lack of memory release after the effective lifespan of the function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the IBM DB2 database management system and the IBM DB2 Connect Server automatic redirection server lies in the improper elimination of special elements in data queries. This allows a malicious actor to cause service failures.
The vulnerability of the IBM DB2 database management system and the IBM DB2 Connect Server automatic redirection server is related to the improper elimination of special elements in data queries. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending...
The vulnerability of the amdgpu_unmap_static_csa() function in the drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c file of the Linux kernel’s Direct Rendering Infrastructure (DRI) AMD GPU driver allows a malicious actor to cause a system crash.
The vulnerability of the amdgpuunmapstaticcsa function in the drivers/gpu/drm/amd/amdgpu/amdgpucsa.c file of the Linux kernel’s Direct Rendering Infrastructure DRI AMD GPU driver is related to improper memory release. Exploiting this vulnerability can allow an attacker to cause a system failure...
The vulnerability of the CI/CD application integration and delivery system provided by JetBrains TeamCity, related to insufficient protection of registration data, allows attackers to disclose protected information.
The vulnerability of the Continuous Integration and Deployment application delivery system CI/CD of TeamCity in JetBrains is related to insufficient protection for registration data. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...
The vulnerability of the Ansible configuration management system, related to the disclosure of information through log files, allows a perpetrator to gain unauthorized access to the protected information.
The vulnerability of the Ansible configuration management system is related to the exposure of information through log files. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability of sub_54014 in Netgear EX6200 Wi-Fi router’s built-in software allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of sub54014 in Netgear EX6200 Wi-Fi router’s built-in software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the gateway_proxy_handler component in the machine learning lifecycle management platform allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the gatewayproxyhandler component in the Machine Learning Lifecycle Management platform is related to insufficient validation of requests at the server side. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility ...
The vulnerability of the TLS protocol implementation in the Crowdstrike Falcon endpoint protection software allows a attacker to execute a “man-in-the-middle” attack.
The vulnerability of the TLS protocol implementation in the Crowdstrike Falcon endpoint protection software is related to the lack of trust chain tracking during certificate verification. Exploiting this vulnerability allows a remote attacker to execute a “man-in-the-middle” attack...
The vulnerability of the framework for creating applications based on the combination of language models (LLMs) like LangChain arises from insufficient validation of requests at the server-side level. This allows attackers to execute an SSRF attack.
The vulnerability of the framework for creating applications based on the combination of language models LLMs like LangChain is related to insufficient validation of requests at the server-side. Exploiting this vulnerability could allow a malicious actor to perform an SSRF attack...
The vulnerability of the Java VM component of the Oracle Database Server system allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Java VM component of the Oracle Database Server management system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the Core server component of Oracle WebLogic Server allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Core server component of Oracle WebLogic Server is related to the lack of authentication for critical functions. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information using protocols such as T3 and II...
The vulnerability of the VsapiNT.sys module in anti-virus software from Trend Micro’s Apex One and Apex One as a Service allows a malicious actor to elevate their privileges and execute arbitrary code within the SYSTEM context.
The vulnerability of the VsapiNT.sys module in anti-virus software from Trend Micro’s Apex One and Apex One as a Service is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitra...
The vulnerability of the Modbus programmable logic controller DELTA AS320T protocol allows a intruder to execute any code they desire.
The vulnerability of the Modbus-programmable logical controller DELTA AS320T lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Renesas Electronics RH850/F1L microcontroller, related to improper protection against voltage spikes and clock frequency fluctuations, allows a hacker to gain access to the protected information.
The vulnerability of the Renesas Electronics RH850/F1L microcontroller is related to improper protection against voltage spikes and clock frequency fluctuations. Exploiting this vulnerability can allow an attacker to gain access to the protected information...
The vulnerability of the fromTraceroutGet() function (/goform/getTraceroute) in the Tenda O3 wireless access point software allows a intruder to execute arbitrary commands.
The vulnerability of the fromNetToolGet function in the file /goform/setPingInfo function of the Tenda O3 wireless access point software is related to the lack of measures to sanitize input data during the processing of the domain parameter. Exploiting this vulnerability allows a remote attacker ...
The vulnerability of PFE Management in Juniper Networks’ Junos OS Evolved operating systems allows a attacker to cause a service failure.
The vulnerability of PFE Management for Juniper Networks’ Junos OS Evolved lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
The vulnerability of the InnoDB component in the MySQL Database Management System allows a attacker to cause service failures or gain unauthorized access for data modification, addition, and deletion.
The vulnerability of the InnoDB component in the MySQL Database Management System is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows an attacker to cause service failures or gain unauthorized access for data modification, addition, and deletion...
The vulnerability in the web interface of the Cisco Unified Contact Center Express software’s operator management tool allows a attacker to carry out an XSS attack.
The vulnerability in the web interface for controlling the software used to automate operations in Cisco Unified Contact Center Express Unified CCX is related to the lack of protective measures taken for the web page structure. Exploiting this vulnerability allows a malicious actor to carry out X...
The vulnerability of the CommuniGate Pro mail server lies in the lack of authentication for critical functions, allowing attackers to send emails with arbitrary content to any email address.
The vulnerability of the CommuniGate Pro mail server lies in the lack of authentication for critical functions. Exploiting this vulnerability allows a malicious actor to send emails with arbitrary content to any email address...
The vulnerability of the gf_odf_ac4_cfg_alternative_info function in the MP4Box utility of the GPAC multimedia platform allows a perpetrator to cause a service failure or execute arbitrary code.
The vulnerability of the gfodfac4cfgalternativeinfo function in the MP4Box utility of the GPAC multimedia platform is related to buffer overflow attacks. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code...
The vulnerability of the MPEG-2 Video Extension codec in Microsoft Windows operating systems allows a perpetrator to execute arbitrary code.
The vulnerability of the MPEG-2 Video Extension codec in Microsoft Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the CADImage plugin in the IrfanView software, which is used for viewing and playing graphic, video, and audio files, allows a hacker to execute arbitrary code.
The vulnerability of the CADImage plugin for viewing and playing back graphic, video, and audio files in IrfanView arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially...
The vulnerability of the centreon-web component of the Centreon software for monitoring IT infrastructure allows a perpetrator to enhance their privileges and execute arbitrary code.
The vulnerability of the centreon-web component of the IT infrastructure monitoring software relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute arbitrary code using a specially...
The vulnerability of the CADImage plugin in the IrfanView software, which is used for viewing and playing graphic, video, and audio files, allows a hacker to execute arbitrary code.
The vulnerability of the CADImage plugin in IrfanView, a program for viewing and playing graphic, video, and audio files, is related to memory corruption. Exploiting this vulnerability could allow an attacker to execute arbitrary code using specially crafted DWG format files...
The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software lies in the possibility of an operation going beyond the buffer in memory, allowing an attacker to execute arbitrary code.
The vulnerability of PDF-XChange Editor’s PDF document viewing and editing functionality lies in the issue of operations going beyond the buffer in memory during the processing of PRC files. Exploiting this vulnerability allows an attacker to execute arbitrary code...
The vulnerability in the intel/iaa/iaa_crypto_main.c component of the Linux operating system allows a hacker to exploit it, thereby causing a service failure.
The vulnerability in the intel/iaa/iaacryptomain.c component of the Linux operating system’s kernel is related to improper memory release before deleting the last reference. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the addWifiMacFilter() function in the Tenda AC6 router’s microprogramming software allows a hacker to trigger a service failure.
The vulnerability of the addWifiMacFilter function in the Tenda AC6 router’s microprogramming software is related to the operation that goes beyond the buffer in memory when processing the deviceId parameter. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of Nokia’s Single Radio Access Network management platform lies in the improper limitation of the path name to the restricted access catalog. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the Nokia Single RAN network management platform lies in the incorrect limitation of the path name when processing the PlanId parameter. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected informati...
The vulnerability of the Connection Manager module (con_mgr) in microprogrammed network devices from ASR Microelectronics, such as ASR1803L, ASR1806, ASR1901, and ASR1903L, allows a perpetrator to gain unauthorized access to protected information or cause service failures.
The vulnerability of the Connection Manager conmgr module in microprogrammed network devices from ASR Microelectronics, such as ASR1803L, ASR1806, ASR1901, and ASR1903L, is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to gain unauthoriz...
The vulnerability of the xfs component in the Linux operating system’s kernel, which allows a hacker to cause a service failure
The vulnerability of the xfs component in Linux operating systems relates to access to an uninitialized pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the FontFaceSet interface in Mozilla Firefox and Firefox ESR browsers allows a perpetrator to trigger a service failure.
The vulnerability of the FontFaceSet interface in Mozilla Firefox and Firefox ESR browsers is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Mattermost instant messaging application, related to deficiencies in authentication procedures, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Mattermost instant messaging application is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability in the arch/x86/kernel/apic/io_apic.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability in the arch/x86/kernel/apic/ioapic.c module of the Linux operating system is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the j1939_sk_match_dst() function in the net/can/j1939/socket.c module allows a hacker to cause a service failure in Linux-based systems with CAN-j1939 sockets.
The vulnerability of the j1939skmatchdst function in the net/can/j1939/socket.c module relates to the reuse of previously freed memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the RRChangeProviderProperty() function on the X Window System Xorg-server allows a hacker to cause a service failure.
The vulnerability of the RRChangeProviderProperty function in the X Window System Xorg-server server is related to integer overflow. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Task Scheduler in Windows operating systems allows a malicious individual to escalate their privileges.
The vulnerability of the Task Scheduler in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the refresh_cache_worker() function in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the refreshcacheworker function in the Linux operating system’s kernel is related to errors that occur after deallocation. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the built-in web server boa (/boafrm/formDMZ) of TOTOLINK EX1200T router’s microprogramming software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the built-in web server boa /boafrm/formDMZ of TOTOLINK EX1200T routers is caused by buffer overflow. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information by sending a specially crafted...
The vulnerability of the Telnet protocol implementation in microcomputer-based Wi-Fi chips from Quantenna allows a intruder to gain unauthorized access to the device.
The vulnerability of the Telnet protocol implementation in Quantenna’s microprogrammable Wi-Fi chips lies in the lack of authentication for critical functions. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to the device...
The vulnerability of SiPass integrated software for security and access control systems lies in the lack of authentication for a critical function, allowing attackers to gain unauthorized access to confidential data.
The vulnerability of SiPass integrated software for security and access control systems is related to the lack of authentication for critical functions. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to confidential data...
The vulnerability of the load_ablock() function in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the loadablock function in the Linux operating system’s kernel is related to pointer manipulation. Exploiting this vulnerability can allow an attacker to trigger a service failure...
The vulnerability of the formMapReboot() function (/boafrm/formMapReboot) in the TOTOLINK X15 router microprogramming software allows a intruder to execute arbitrary commands or cause a service failure.
The vulnerability of the formMapReboot function /boafrm/formMapReboot of the TOTOLINK X15 router’s microprogramming software is related to the issue of the operation exceeding the buffer boundaries in memory when processing the deviceMacAddr parameter. Exploiting this vulnerability allows a remot...