The vulnerability of the imlib2 graphic library, caused by integer overflow, allows an attacker to execute arbitrary code.

The vulnerability of the imlib2 graphic library for 32-bit platforms arises from integer overflows memory writes beyond the boundaries of the memory buffer. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created large-sized image...

The vulnerability of the libhevc library of the Android Media Framework service allows a hacker to execute arbitrary code.

The vulnerability of the libhevc library in the Media Framework of the Android operating system is related to access control deficiencies. Exploiting this vulnerability allows a malicious actor to execute arbitrary code within the context of a privileged process remotely...

The vulnerability of the Adobe XMP-Toolkit-SDK software, related to the execution of operations beyond the buffer boundaries in memory, allows attackers to circumvent the ASLR protection mechanism and gain unauthorized access to protected information.

The vulnerability of the Adobe XMP-Toolkit-SDK lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to bypass the ASLR protection mechanism and gain unauthorized access to protected information...

The vulnerability of the Mediaserver application’s libhevc service in the Android operating system allows a hacker to cause a service failure.

The vulnerability of the Mediaserver application’s libhevc service stems from an operation that occurs outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to cause a service failure memory corruption by using a specially created file...

The vulnerability of the libhevc library of the Android Media Framework service allows a hacker to execute arbitrary code.

The vulnerability of the libhevc library in the Android operating system’s Media Framework is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

Vulnerability in the media framework (libhevc) of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability in the Android operating system’s Media Framework libhevc is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the libhevc library in the Media Framework of the Android operating system allows a hacker to execute arbitrary code.

The vulnerability of the libhevc library in the Media Framework of the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of a privileged process using a specially crafted file...

The vulnerability of Ollama’s system for launching and managing large language models, related to the exposure of system data to unauthorized individuals, allows a violator to trigger a service failure.

The vulnerability of Ollama’s system for running and managing large language models is related to the exposure of system data to unauthorized individuals. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerabilities of OPC UA data transfer protocol implementations in industrial networks, related to uncontrolled resource consumption, allow attackers to cause service failures.

The vulnerability of implementations of data transfer specifications in industrial networks OPC UA is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the FileHandler component in the Open Asset Import Library (Assimp) library allows a hacker to execute arbitrary code.

The vulnerability of the FileHandler component in the Open Asset Import Library Assimp library is related to buffer overflow attacks. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created file...

The vulnerability of the modular IRC server InspIRCd, which allows a intruder to trigger a service failure

The vulnerability of the modular IRC server InspIRCd arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to cause service failures remotely...

The vulnerability of the hxxx_AnnexB_to_xVC() function in the Videolan VLC media player allows a hacker to execute arbitrary code.

The vulnerability of the hxxxAnnexBtoxVC function in the Videolan VLC media player lies in its ability to write data beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code during the playback of specially crafted videos...

The vulnerability of the `psf_binheader_writef` function in the `common.c` file of the `libsndfile` library in the Astra Linux operating system allows a perpetrator to compromise the confidentiality, integrity, and accessibility of data, or cause service failures.

The vulnerability of the psfbinheaderwritef function in the common.c file of the libsndfile library in the Astra Linux operating system is related to a buffer overflow issue. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...

The vulnerability of the gplotMakeOutput function in the Leptonica image processing library allows a hacker to execute any command they desire.

The vulnerability of the gplotMakeOutput function in the Leptonica image processing library is related to insufficient cleaning of input data. Exploiting this vulnerability allows a malicious actor to execute any command remotely using the argument gplot rootname...

The vulnerability of the libavc library in the Media Framework component of the Android operating system allows a hacker to trigger a service failure.

The vulnerability of the libavc library in the Media Framework component of the Android operating system exists due to insufficient checking of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the libhevc library in the Media Framework of the Android operating system allows a hacker to induce a service failure.

The vulnerability of the libhevc library in the Media Framework component of the Android operating system is related to improper error handling during memory allocation. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

The vulnerability of the aiff_read_chanmap function in the libsndfile library, which allows an attacker to compromise confidentiality, integrity, and accessibility of data.

The vulnerability of the aiffreadchanmap function in the aaiff.c file of the libsndfile library relates to accessing beyond the buffer memory boundaries. Exploiting this vulnerability could allow an attacker, operating remotely, to compromise the confidentiality, integrity, and accessibility of...

The vulnerability of the libhevc library of the Android Media Framework service allows a hacker to execute arbitrary code.

The vulnerability of the libhevc library in the Android operating system’s Media Framework is related to lack of access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Libjpeg-turbo image processing library, related to writing beyond the buffer boundaries, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Libjpeg-turbo library for image processing is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service failures due to corrupted JPEG files...

The vulnerability of the JavaScript MuJS interpreter, related to copying buffers without checking the input data, allows a violator to trigger a service failure.

The vulnerability of the JavaScript MuJS interpreter is related to the copying of buffers without checking the input data. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

The vulnerability of the microprogramming software used in Zyxel Ethernet switches such as ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, and ZyWALL 1100 lies in the lack of protective measures for website structures. This allows attackers to carry out cross-site scripting attacks.

The vulnerability of the microprogramming software used in Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, and ZyWALL 1100 lies in the lack of protective measures for the website...

The vulnerability of the Microsoft Hyper-V Network Switch virtual programmable switch allows a attacker to gain access to protected information.

The vulnerability of the Microsoft Hyper-V Network Switch virtual programmable switch in Windows operating systems is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to gain access to protected information through a specially created application...

The vulnerability of the libhevc component of the Mediaserver service in the Android operating system allows a hacker to trigger memory corruption.

The vulnerability of the libhevc component of the Android operating system’s Mediaserver service arises from an operation that occurs outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to cause memory corruption during the processing of media files and data using...

The vulnerability of Eclipse Jetty servlet containers, related to the lack of protection for service data, allows attackers to exploit the protected information.

The vulnerability of Eclipse Jetty servlet containers is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected information...

The vulnerability of Lua script interpreters arises from the possibility of an operation exceeding the buffer boundaries in memory, allowing attackers to trigger a service failure.

The vulnerability of Lua scripts relates to the execution of an operation outside the buffer boundaries in the memory of ldebug.c. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the PDFium PDF-content processor in Google Chrome browser allows a hacker to trigger a service failure.

The vulnerability of the PDFium PDF-content processor in Google Chrome browser is related to an error that causes previously freed memory to be reclaimed. Exploiting this vulnerability could allow a remote attacker to cause a service failure through the use of a specially created PDF file...

The vulnerability of the TCP packet processing driver in Snort and Suricata IDS systems allows attackers to bypass network attack detection functions.

The vulnerability of the TCP packet processing driver in Snort and Suricata IDS systems is related to the implementation of an internal mechanism for handling TCP connections. Exploiting this vulnerability allows a malicious actor to bypass the network attack detection functions, which are...

The vulnerability of the gp_open_scratch_file_impl() function in the files base/gp_mswin.c and base/winrtsup.cpp of the Ghostscript processing, conversion, and generation software suite allows a malicious actor to read arbitrary files.

The vulnerability of the gpopenscratchfileimpl function in the base/gpmswin.c and base/winrtsup.cpp files of the Ghostscript processing, conversion, and generation software suite is related to an incorrect path name limitation. Exploiting this vulnerability could allow a remote attacker to read...

The vulnerability of the Adobe Type Manager library on the Windows operating system, allowing a hacker to execute arbitrary code

The vulnerability of the Adobe Type Manager library in the Windows operating system is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code due to a font processing error in Adobe PostScript Type 1...

The vulnerability of the way predictor implementation in AMD CPUs’ L1D cache architecture allows a hacker to gain access to memory on the same CPU’s physical core.

The vulnerability of the way predictor’s implementation for first-level cache data on AMD CPUs’ L1D cache relates to the fact that accessing the same memory cell from a different virtual address may cause that cell to be evicted from the L1D cache. Exploiting this vulnerability could allow a remo...

The vulnerability of the `my_parse_cookie_if_key_exists` function in the web server of the MOXA EDR-810 industrial router allows a hacker to execute arbitrary code.

The vulnerability of the myparsecookieifkeyexists function offset 0x1B698 on the web server jffs2-root\fs1\magicP\WebServer\webs of the MOXA EDR-810 industrial router arises due to the lack of checking the size of the data being copied into a buffer of 0x40 bytes. Exploiting this vulnerability...

The vulnerability of the gtbl document editing tool from the groff package, related to errors in pointer arithmetic, allows a perpetrator to trigger a service failure.

The vulnerability of the gtbl document editing tool from the groff package is related to errors in pointer manipulation at address 0x0000000000409400. Exploiting this vulnerability could allow an attacker to cause a service failure by passing a specially crafted file as an argument to the command...

The vulnerability of Microsoft Exchange Server servers, related to access control errors, allows attackers to increase their privileges.

The vulnerability of Microsoft Exchange Server is related to access control errors. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

The vulnerability of the Postgresql database management system in the Astra Linux operating system allows a perpetrator to gain access to confidential data and cause service interruptions.

The vulnerability of the Postgresql database management system in the Astra Linux operating system is related to an error in the interaction with LDAP via parsec calls when retrieving user security attributes. Exploiting this vulnerability allows a malicious actor to gain access to information...

The vulnerability of the “Tekon” SCADA system, related to the transmission of accounting data in unencrypted form, allows a perpetrator to carry out a MITM attack.

The vulnerability of the SCADA system “Tekon” is related to the transmission of accounting data in unencrypted form. Exploiting this vulnerability could allow a malicious actor to carry out a MITM attack...

The vulnerability of the DWG File Parser component of the CADImage plugin for IrfanView, a software for viewing and playing graphic, video, and audio files, allows a malicious actor to execute arbitrary code within the context of the current process.

The vulnerability of the DWG File Parser component in the CADImage plugin for IrfanView software, which is used for viewing and playing graphic, video, and audio files, relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an...

The vulnerability of the CodeScoring software development platform lies in its ability to disclose sensitive information in error messages, allowing a privileged user to expose protected information.

The vulnerability of the CodeScoring software development platform relates to the possibility of exposing sensitive information in error messages. Exploiting this vulnerability could allow a malicious actor, operating remotely with elevated privileges, to disclose protected information...

The vulnerability of Websoft HCM’s automation software for HR processes stems from insufficient validation of input data, allowing attackers to execute the displayed HTML code.

The vulnerability of Websoft HCM’s automation software for HR processes is related to insufficient verification of entered data. Exploiting this vulnerability allows a malicious actor to execute arbitrary HTML code by sending a specially crafted POST request...

The vulnerability of the __do_sys_cachestat() function in the mm/filemap.c module of the Linux kernel’s memory management subsystem allows a hacker to access protected information or cause service failures.

The vulnerability of the dosyscachestat function in the mm/filemap.c module of the Linux kernel’s memory management subsystem is related to access control deficiencies. Exploiting this vulnerability could allow an attacker to gain access to protected information or cause service failures...

The vulnerability of the SSH service on the SmartOS Wi-Fi router AdTran SRG 834-5 allows a attacker to execute arbitrary operating system commands with root privileges.

The vulnerability of the SSH service on the SmartOS Wi-Fi router AdTran SRG 834-5 is related to the use of pre-installed credentials due to incorrect processing of the MAC address sequence. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands on the operating syste...

The vulnerability in the virtual network adapter vmxnet3 of VMware ESXi, VMware Workstation, and VMware Fusion allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the virtual network adapter vmxnet3 in VMware ESXi, VMware Workstation, and VMware Fusion lies in the issue of data writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of Thunderbolt devices’ microcontrollers stems from the ability to use configuration parameters of an unauthenticated controller. This allows a malicious actor to gain direct access to the memory of computing devices connected to Thunderbolt interfaces.

The vulnerability of Thunderbolt device microcontrollers lies in the ability to use configuration parameters for an unauthenticated controller. Exploiting this vulnerability can allow a hacker to gain direct access to the memory of the computing device, which is connected to Thunderbolt devices...

The vulnerability of the libparsec-mac-qt5 library, used for developing graphical applications with Qt5 graphical interfaces on the Astra Linux operating system, allows a hacker to cause a service failure.

The vulnerability of the libparsec-mac-qt5 library for developing graphical applications using Qt5 graphical interfaces on the Astra Linux operating system is related to errors that lead to multiple accesses to the macdb memory area. Exploiting this vulnerability can allow an attacker to cause a...

The vulnerability of the pitchmark tool in the Edinburgh Speech Tool Library allows a perpetrator to trigger a service failure.

The vulnerability of the pitchmark tool in the Edinburgh Speech Tool Library is related to initialization errors. Exploiting this vulnerability can allow attackers to cause service failures in applications by entering specially crafted data...

The vulnerability of the xsk_pool_get_rx_frame_size() function in the virtio-net component of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the xskpoolgetrxframesize function in the virtio-net component of the Linux operating system is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, a...

The vulnerability of the VsapiNT.sys module in anti-virus software from Trend Micro’s Apex One and Apex One as a Service allows a malicious actor to elevate their privileges and execute arbitrary code within the SYSTEM context.

The vulnerability of the VsapiNT.sys module in anti-virus software from Trend Micro’s Apex One and Apex One as a Service is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitra...

The vulnerability of the gf_filter_pid_inst_swap function in the MP4Box multimedia platform GPAC allows a intruder to cause a service failure or execute arbitrary code.

The vulnerability of the gffilterpidinstswap function in the MP4Box multimedia platform of GPAC relates to the use of memory after deallocation. Exploiting this vulnerability could allow an attacker to cause a service failure or execute arbitrary code...

The vulnerability of the IBM Guardium Data Protection platform regarding data security, related to the leakage of information in error messages, allows attackers to disclose protected information.

The vulnerability of the IBM Guardium Data Protection platform relates to the leakage of information in error messages. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose the protected information...

The vulnerability of Adobe InDesign’s automation tool for computer design lies in the ability to write beyond the buffer limit in memory, allowing attackers to execute arbitrary code.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created malicious file...

The vulnerability of the enable_phantom_plane() function in the drivers/gpu/drm/amd/display/dc/dml2/dml2_mall_phantom.c kernel of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the enablephantomplane function in the drivers/gpu/drm/amd/display/dc/dml2/dml2mallphantom.c kernel of the Linux operating system is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...