Lucene search
K
Bdu FstecMost viewed

90604 matches found

BDU FSTEC
BDU FSTEC
added 2024/09/13 12:0 a.m.10 views

The vulnerability in the “drivers/media/test-drivers/vidtv/vidtv_psi.c” component of the Linux operating system, related to pointer assignment errors, allows an attacker to cause a service failure.

The vulnerability of the “drivers/media/test-drivers/vidtv/vidtvpsi.c” component in the Linux operating system is related to pointer assignment errors. Exploiting this vulnerability allows an attacker to cause service failures...

6.2CVSS5.8AI score0.00252EPSS
Exploits0References20Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/09/13 12:0 a.m.10 views

The vulnerability of the ALSA component of the Linux operating system’s kernel, related to pointer arithmetic errors, allows attackers to trigger a service failure.

The vulnerability of the ALSA component in Linux operating systems is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.7AI score0.00257EPSS
Exploits0References30Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/09/13 12:0 a.m.10 views

The vulnerability of the modules/proxy/mod_proxy.c component of the Apache HTTP Server, related to a lack of mechanisms for encoding or shielding output data, allows attackers to gain access to confidential data and also trigger a denial-of-service attack.

The vulnerability of the modules/proxy/modproxy.c component of the Apache HTTP Server is related to a lack of mechanisms for encoding or shielding output data. Exploiting this vulnerability can allow an attacker to gain access to confidential data, as well as cause service failures...

8.5CVSS6.5AI score0.25878EPSS
Exploits1References20Affected Software7
BDU FSTEC
BDU FSTEC
added 2024/09/12 12:0 a.m.10 views

The vulnerability of the ssh_css component in the Linux operating system’s kernel, related to the assignment of NULL pointers, allows an attacker to trigger a service failure.

The vulnerability of the sshcss component in the Linux operating system’s kernel is related to the assignment of a null pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.1AI score0.00256EPSS
Exploits0References31Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/09/12 12:0 a.m.10 views

The vulnerability of the Windows operating system’s update center allows a hacker to execute arbitrary code.

The vulnerability of the Windows operating system’s update center is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS6.2AI score0.12132EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/09/12 12:0 a.m.10 views

The vulnerability of the accept_connection function (in the server.cpp module) of the “Red Database” database management system allows a attacker to cause a service failure in the server.

The vulnerability of the acceptconnection function in the server.cpp module of the “Red Database” database management system lies in the fact that during user authentication, memory may be corrupted, and this data is then rewritten by another thread. Exploiting this vulnerability could allow an...

6.5CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/09/03 12:0 a.m.10 views

The vulnerability of the Pydantic data validation library lies in the inefficient complexity of regular expressions, which allows attackers to trigger a service failure.

The vulnerability of the Pydantic data validation library is related to the use of regular expressions. Exploiting this vulnerability could allow a malicious actor to cause service failures...

5.9CVSS6.5AI score0.00949EPSS
Exploits1References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/09/02 12:0 a.m.10 views

The vulnerability of the list_base_config.php file in the web interface of the Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 integrated software solution version 3.90 allows a hacker to execute arbitrary code.

The vulnerability of the listbaseconfig.php web interface of the Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 software is version 3.90. This vulnerability stems from the failure to eliminate special elements used in the OS command. Exploiting this vulnerability allows a remote attacker to...

10CVSS7.1AI score0.934EPSS
Exploits4References4Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/08/27 12:0 a.m.10 views

The vulnerability of mediatek’s kernel components in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of mediatek’s Linux operating system kernel relates to the registration of power domains, first using genpd, and then attempting to include them in the probing sequence. This leads to a race condition. Exploiting this vulnerability can allow an attacker to cause a service failur...

4.7CVSS6.1AI score0.00173EPSS
Exploits0References11Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/08/27 12:0 a.m.10 views

The vulnerability of the OpenVPN software lies in the lack of resource release after the expiration of its duration. This allows a hacker to “keep the session alive,” even if the server is instructed to disconnect this client.

The vulnerability of the OpenVPN software is related to the lack of resource release after the expiration of its duration. Exploiting this vulnerability allows a hacker to “keep the session alive,” even if the server was instructed to disconnect this client...

4.3CVSS6.2AI score0.00665EPSS
Exploits0References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/08/26 12:0 a.m.10 views

The vulnerability of the Cisco IOS XR operating system, related to the improper assignment of permissions to critical resources, allows attackers to bypass the Cisco Secure Boot function and load unverified software.

The vulnerability of the Cisco IOS XR operating system is related to the improper assignment of permissions for critical resources. Exploiting this vulnerability can allow a attacker to bypass the Cisco Secure Boot mechanism and load unverified software...

6.8CVSS5.5AI score0.00191EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/21 12:0 a.m.10 views

The vulnerability of the dm_table_create() function in the drivers/md/dm-table.c kernel module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the dmtablecreate function in the drivers/md/dm-table.c file of the Linux kernel relates to an attempt to allocate more than INTMAX bytes and cause a crash due to the lack of checking for struct dmioctl.targetcount. Exploiting this vulnerability could allow an attacker to...

5.5CVSS6.2AI score0.00249EPSS
Exploits0References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/08/19 12:0 a.m.10 views

The vulnerability of the Ingress controller in the Kubernetes cluster ingress-nginx, related to errors in processing Ingress object annotations, allows a hacker to increase their privileges.

The vulnerability of the ingress controller in the Kubernetes cluster ingress-nginx is related to errors in processing Ingress object annotations. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

9CVSS7.9AI score0.27018EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/08/19 12:0 a.m.10 views

The vulnerability of the Dell Peripheral Manager software relates to an uncontrolled search path element, which allows a perpetrator to escalate their privileges or execute arbitrary code.

The vulnerability of the Dell Peripheral Manager software relates to an uncontrolled search path element. Exploiting this vulnerability can allow attackers to enhance their privileges or execute arbitrary code...

7.3CVSS5.8AI score0.00199EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/19 12:0 a.m.10 views

Vulnerability of tools for working with arrays and objects. RobinWeser Fast-Loops platform for event monitoring, threat detection, and security analytics. IBM QRadar Suite and IBM Cloud Pak for Security enable attackers to execute arbitrary code.

The vulnerability of tools for working with arrays and objects in RobinWeser Fast-Loops, as well as in event monitoring, threat detection, and security analytics platforms like IBM QRadar Suite and IBM Cloud Pak for Security, is related to uncontrolled changes in object prototype attributes...

10CVSS7AI score0.00918EPSS
Exploits0References4Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/08/16 12:0 a.m.10 views

The vulnerability of the command-line interface of Juniper Networks’ Junos OS and Junos OS Evolved allows a attacker to cause a service failure or execute arbitrary code.

The vulnerability of the command-line interface of Juniper Networks’ Junos OS and Junos OS Evolved is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to cause a service failure or execute arbitrary code by loading a specially created certificate file...

6.4CVSS6.3AI score0.00094EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/08/16 12:0 a.m.10 views

The vulnerability of PPMD in operating systems Juniper Networks Junos OS and Junos OS Evolved allows a attacker to cause a service failure.

The vulnerability of PPMD in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to memory release errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

5.3CVSS5.5AI score0.00228EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/08/16 12:0 a.m.10 views

The vulnerability of the integrated service module of Dell iDRAC in remote access controllers iDRAC, related to the execution of operations outside the buffer in memory, allows a intruder to execute arbitrary code or cause a service failure.

The vulnerability of the Dell iDRAC Service Module integrated service module controllers in remote access controllers involves an operation that goes beyond the buffer in memory. Exploiting this vulnerability could allow a malicious individual to execute arbitrary code or cause service failures...

3.2CVSS6.3AI score0.00196EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/16 12:0 a.m.10 views

The vulnerability of the integrated service module of Dell iDRAC in remote access controllers iDRAC, related to the execution of operations outside the buffer in memory, allows a intruder to execute arbitrary code or cause a service failure.

The vulnerability of the Dell iDRAC Service Module integrated service module controllers in remote access controllers involves an operation that goes beyond the buffer in memory. Exploiting this vulnerability could allow a malicious individual to execute arbitrary code or cause service failures...

5.2CVSS6.3AI score0.00158EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/14 12:0 a.m.10 views

The vulnerability of the software for automation of support and control of hardware and software systems from SysAid lies in the lack of measures taken to protect the SQL query structure, allowing attackers to carry out attacks based on SQL injections.

The vulnerability of the software used for automating support and control of hardware and software systems from SysAid is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to carry out attacks based on SQL injections...

9.9CVSS5.6AI score0.00419EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/14 12:0 a.m.10 views

The software’s vulnerability lies in the detection of vulnerabilities and errors by PT Application Inspector. This vulnerability arises due to an incorrect limitation on the path to the restricted access directory. This allows attackers to escalate their privileges and gain unauthorized access to protected information.

The vulnerability of the PT Application Inspector software arises due to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability allows a malicious actor to enhance their privileges and gain unauthorized access to protected information...

8.2CVSS5.5AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/14 12:0 a.m.10 views

The vulnerability of the InnoDB component of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the InnoDB component in the Oracle MySQL Server database management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL protocol...

6.8CVSS6.3AI score0.00786EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/14 12:0 a.m.10 views

The vulnerability of the Work Definition component in the Oracle Enterprise Asset Management application for enterprise asset management systems within the Oracle E-Business Suite allows a malicious actor to gain unauthorized access to read, modify, or delete data.

The vulnerability of the Work Definition component in the Oracle Enterprise Asset Management application for enterprise asset management is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to rea...

8.5CVSS7.4AI score0.00388EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/08/14 12:0 a.m.10 views

The vulnerability of the InnoDB component of the MySQL Database Server, which allows a hacker to cause a service failure

The vulnerability of the InnoDB component in the MySQL Database Management System is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause service failures using the MySQL protocol...

6.8CVSS6.3AI score0.00904EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/14 12:0 a.m.10 views

The vulnerability of the administration interface of the Fortinet FortiPortal security analysis and management tool allows a perpetrator to expose the protected information.

The vulnerability of the administration interface of the Fortinet FortiPortal security analysis and management tool involves bypassing authentication by using a user-controlled key. Exploiting this vulnerability allows an attacker to disclose sensitive information by sending specially crafted HTT...

4.3CVSS5.4AI score0.00294EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/14 12:0 a.m.10 views

The export function of the graphical user interface of the artificial intelligence-based security threat detection software FortiAIOps is vulnerable, allowing a perpetrator to execute arbitrary commands.

The vulnerability of the export function of the graphical user interface of the artificial intelligence-based security threat detection software FortiAIOps relates to the absence of a mechanism to neutralize elements in the CSV file. Exploiting this vulnerability allows an attacker operating...

5.5CVSS5.8AI score0.00433EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/14 12:0 a.m.10 views

The vulnerability of the Portal component in the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a perpetrator to gain unauthorized access to read, modify, add, or delete data.

The vulnerability of the Portal component in the Oracle PeopleSoft Enterprise PeopleTools business application suite exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to read, modify, add, or...

6.4CVSS7.5AI score0.0032EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/05 12:0 a.m.10 views

The vulnerability of the admin_compliance_framework function in the Group Namespace URL Handler component of the software platform based on Git, which allows a violator to modify the group’s URL address.

The vulnerability of the admincomplianceframework function in the Group Namespace URL Handler component of the software platform based on Git for collaborative code development in GitLab is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to modi...

6.8CVSS5.8AI score0.0042EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/01 12:0 a.m.10 views

The vulnerability of the Dashboard component of the software control panel allows a hacker to trigger a service failure for IBM App Connect Enterprise applications.

The vulnerability of the Dashboard component of the software integration platform for IBM App Connect Enterprise relates to unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor to carry out a DoS Denial-of-Service attack remotely...

4.3CVSS5.4AI score0.00457EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/31 12:0 a.m.10 views

The vulnerability of the Archer Platform’s system for creating and managing business applications lies in the lack of protective measures for the website structure, allowing attackers to execute arbitrary code.

The vulnerability of the Archer Platform system for creating and managing business applications is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow an attacker to execute arbitrary HTML or JavaScript code...

7.1CVSS5.8AI score0.00294EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/29 12:0 a.m.10 views

The vulnerability of the Self-Registration component in the IoT Apache StreamPipes toolset allows a attacker to disrupt the user management process of StreamPipes.

The vulnerability of the Self-Registration component in the IoT Apache StreamPipes toolkit is related to synchronization errors when using a common resource. This vulnerability can allow a malicious actor to manipulate the StreamPipes user management process by creating multiple users with the sa...

3.7CVSS5.4AI score0.0066EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/29 12:0 a.m.10 views

The vulnerability of the GLPI system’s handling of requests and incidents, related to the possibility of falsifying requests on the server side, allows a perpetrator to redirect users to any arbitrary URL address.

The vulnerability in the GLPI system for handling requests and incidents is related to the possibility of forged requests on the server side. Exploiting this vulnerability allows a malicious actor to redirect users to an arbitrary URL address...

5.3CVSS7AI score0.00591EPSS
Exploits1References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/07/29 12:0 a.m.10 views

The vulnerability of the GLPI system’s request and incident handling functionality lies in the lack of HTML tag neutralization during website generation. This allows attackers to carry out cross-site scripting attacks.

The vulnerability of the GLPI system’s request and incident handling functionality relates to the absence of HTML tag neutralization during the generation of web pages. Exploiting this vulnerability allows a malicious actor to carry out cross-site scripting attacks...

5.5CVSS5.6AI score0.00589EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/07/29 12:0 a.m.10 views

The vulnerability of the setSkipPrompt() function (AssociationRequest.java) in the Android operating system, which allows a hacker to escalate their privileges.

The vulnerability of the setSkipPrompt function in AssociationRequest.java in the Android operating system is related to errors in privilege management. Exploiting this vulnerability can allow a remote attacker to enhance their privileges...

7.4CVSS5.5AI score0.00259EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/29 12:0 a.m.10 views

The vulnerability of the GLPI system’s request and incident handling process, related to incorrect input cancellation during the generation of web pages, allows a perpetrator to execute arbitrary code.

The vulnerability of the GLPI system for handling requests and incidents is related to the improper elimination of input data during the generation of the web page. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

5.5CVSS7.3AI score0.00488EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/07/25 12:0 a.m.10 views

The vulnerability of the Rust library for working with Git repositories like gitoxide arises from incorrect elimination of special elements in the output data. This allows a malicious actor to execute arbitrary code.

The vulnerability of the Rust library for working with Git repositories like gitoxide is related to incorrect elimination of certain elements in the output data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted URL address...

6.4CVSS7AI score0.00514EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/25 12:0 a.m.10 views

The vulnerability of the perl-Crypt-OpenSSL-RSA package on Red Hat Enterprise Linux operating systems allows a attacker to execute the Bleichenbacher attack.

The vulnerability of the perl-Crypt-OpenSSL-RSA package in Red Hat Enterprise Linux operating systems is related to the disclosure of information due to incompatibility. Exploiting this vulnerability could allow a remote attacker to execute a Bleichenbacher attack...

7.1CVSS6.3AI score0.00516EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/07/25 12:0 a.m.10 views

The vulnerability of the Foxboro.sys driver, a microprogramming software for distributed system management, allows a attacker to cause a service failure.

The vulnerability of the Foxboro.sys driver, a microprogramming software for distributed control systems like EcoStruxureTM Foxboro DCS Control Core Services, is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to cause system failures...

7.8CVSS5.5AI score0.00241EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/23 12:0 a.m.10 views

The vulnerability of the white-list analyzer service in the GravityZone proxy server allows a hacker to perform an SSRF attack.

The vulnerability of the white-list analyzer service in the GravityZone proxy server is related to insufficient validation of incoming requests. Exploiting this vulnerability allows a malicious actor to perform an SSRF attack remotely...

10CVSS5.4AI score0.00431EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/23 12:0 a.m.10 views

The vulnerability of the SCADA system MasterSCADA 4D, related to deficiencies in authentication procedures, allows a intruder to read and write arbitrary files.

The vulnerability of the SCADA system MasterSCADA 4D is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to perform read and write operations on arbitrary files...

10CVSS5.6AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/22 12:0 a.m.10 views

The vulnerability of Adobe Experience Manager’s content and media data management system, related to the lack of measures taken to protect the website structure, allows attackers to carry out cross-site scripting attacks.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a malicious actor to carry out cross-site scripting attacks...

5.5CVSS5.2AI score0.00717EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/22 12:0 a.m.10 views

The vulnerability in the web client of IBM Datacap software for document collection and processing allows attackers to execute cross-site scripting attacks by exploiting a lack of protection for the web page structure.

The vulnerability of the IBM Datacap Navigator web client software for document collection and processing exists due to the lack of security measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks...

6.4CVSS5.2AI score0.00341EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/22 12:0 a.m.10 views

The vulnerability of microprogrammed network devices from Google Nest Wifi, related to the occurrence of operations outside the buffer in memory, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of microprogrammed network devices from Google Nest Wifi relates to the execution of operations beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information...

10CVSS5.9AI score0.00238EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/07/22 12:0 a.m.10 views

The vulnerability of Fanuc Series 32i CNC controller’s microprogramming software, related to resource management errors, allows a intruder to cause maintenance failures.

The vulnerability of Fanuc Series 32ii CNC controller’s microprogramming software is related to resource management errors. Exploiting this vulnerability can allow a malicious actor to cause maintenance failures...

6.5CVSS5.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/07/22 12:0 a.m.10 views

The vulnerability of the APIs of the Oracle Application Object Library component of the Oracle E-Business Suite, a system for automating business activities in enterprises, allows attackers to gain access to modify, add, or delete data.

The vulnerability of the APIs of the Oracle Application Object Library component in the Oracle E-Business Suite system for enterprise automation activities exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to remotely gain access to...

5.5CVSS7.4AI score0.00308EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/07/19 12:0 a.m.10 views

The vulnerability of the Network Driver Interface Standard (NDIS) interface in Windows operating systems, which allows a hacker to cause a service failure

The vulnerability of the Network Driver Interface Standard NDIS in Windows operating systems is related to the execution of operations outside the buffer boundaries. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

6.5CVSS5.8AI score0.01008EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/07/19 12:0 a.m.10 views

The vulnerability of the sub-component of the Oracle Commerce Platform component, a e-commerce platform, allows a hacker to gain access to modify, add, or delete data.

The vulnerability of the sub-component of the Oracle Commerce Platform exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to modify, add, or delete data using the HTTP protocol...

4CVSS7.2AI score0.00347EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/17 12:0 a.m.10 views

The vulnerability of the IBM Security Guardium web interface allows a perpetrator to disclose login credentials during a secure session.

The vulnerability of the IBM Security Guardium web interface exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability can allow a malicious actor to disclose credentials during a secure session...

5.5CVSS5.4AI score0.00249EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/17 12:0 a.m.10 views

The vulnerability of the Auto-attach Option Handler component of the JetBrains YouTrack software for managing projects and tasks allows a hacker to enable the automatic attachment of this option to work processes.

The vulnerability of the Auto-attach Option Handler component in the JetBrains YouTrack project and task management software is related to the absence of authentication. Exploiting this vulnerability allows a malicious actor to enable the automatic attachment option to the workflow processes...

6.5CVSS5.5AI score0.00314EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/17 12:0 a.m.10 views

The vulnerability of the input/output device management component of the IOHIDFamily in operating systems such as iPadOS and iOS, as well as macOS, allows attackers to disclose protected information.

The vulnerability of the input/output device management component of the IOHIDFamily in iPadOS, iOS, and macOS is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow attackers to disclose protected information...

3.3CVSS7.5AI score0.00237EPSS
Exploits0References10Affected Software3
Total number of security vulnerabilities5000