Lucene search
K
Bdu FstecMost viewed

90604 matches found

BDU FSTEC
BDU FSTEC
added 2019/07/08 12:0 a.m.21 views

The vulnerability of the fly-weather software package for the Astra Linux operating system, related to a validation error in the input data received from web servers, allows attackers to perform spoofing attacks.

The vulnerability of the fly-weather software package for the Astra Linux operating system is related to a validation error in the input data received from web servers. Exploiting this vulnerability can allow attackers to perform spoofing attacks...

8.4CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/05/06 12:0 a.m.21 views

The vulnerability of the “Security Management Center” component of the Dr.Web Enterprise Security Suite allows a hacker to execute HTML code.

The vulnerability of the “Security Management Center” component of the Dr.Web Enterprise Security Suite exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary HTML code into the user’s browser by placin...

4.3CVSS5.7AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/04/12 12:0 a.m.21 views

The vulnerability in the web interface of the microprogramming software for Cisco IP Phones series 8800 allows a perpetrator to cause a service failure.

The vulnerability of the web interface of Cisco IP phones—IP Phone 8800, IP Conference Phone 8832, IP Phone 8821, and IP Phone 8821-EX—is related to lack of access control. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS7.2AI score0.01939EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2019/02/07 12:0 a.m.21 views

The vulnerability of the Cisco Webex Network Recording Player and Cisco Webex Player for Windows operating systems arises from an operation that goes beyond buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Cisco Webex Network Recording Player and Cisco Webex Player for Windows operating systems arises from operations that go beyond the buffer limits in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code by sending a specially crafted ARF or...

7.8CVSS7.8AI score0.0148EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2019/02/07 12:0 a.m.21 views

Multiple vulnerabilities in the security extension of the Astra Linux operating system, which allow a hacker to trigger a service failure.

The multiple vulnerabilities of the Astra Linux operating system’s security extension are related to incorrect handling of names for privacy levels that consist of digits. Additionally, there is no functionality for mounting removable devices when working with non-zero privacy flags. Exploitation...

4CVSS5.6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2019/01/17 12:0 a.m.21 views

The vulnerability of the embedded software in the CNC11 TITANIUM mini system allows a perpetrator to execute any program present in the system.

The vulnerability of the embedded software in the CNC11 TITANIUM mini system is related to the absence of a mechanism for controlling the execution of external applications. Exploiting this vulnerability allows an attacker to execute existing applications within the system by accessing the...

3.6CVSS5.8AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/05/11 12:0 a.m.21 views

The vulnerability of the SMB service in the RouterOS operating system of MikroTik allows a hacker to execute arbitrary code.

The vulnerability of the SMB service in the RouterOS operating system from MikroTik arises from operations that go beyond the buffer limits in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS6.2AI score0.61018EPSS
Exploits7References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.21 views

Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information

The multiple vulnerabilities in the fai-kernels package of the Debian GNU/Linux operating system may lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...

7.8CVSS5.4AI score0.0368EPSS
Exploits7References17Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.21 views

Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information

The multiple vulnerabilities in the linux-headers-2.6.18-6 package of the Debian GNU/Linux operating system may lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...

7.8CVSS5.8AI score0.0368EPSS
Exploits7References17Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.21 views

Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information

The multiple vulnerabilities in the linux-headers-2.6.18-6-all package of the Debian GNU/Linux operating system may lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...

7.8CVSS5.8AI score0.0368EPSS
Exploits7References17Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/02/08 12:0 a.m.21 views

The vulnerabilities of the microprogramming software in the access control system for the virtual environment NetScaler Gateway and the NetScaler Application Delivery Controller allow a perpetrator to enhance their privileges.

The multiple vulnerabilities of the microprogramming software for access control systems in the NetScaler Gateway and the NetScaler Application Delivery Controller are related to code errors. Exploiting these vulnerabilities could allow a malicious actor to enhance their privileges by manipulatin...

10CVSS5.7AI score0.03124EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.21 views

Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information

The multiple vulnerabilities in the kernel-headers-2.4.27-4-sparc64-smp Debian GNU/Linux operating system can lead to a violation of the accessibility of protected information. Exploitation of these vulnerabilities can be carried out remotely...

7.8CVSS7.2AI score0.05605EPSS
Exploits9References41Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.21 views

The vulnerability of the Gentoo Linux operating system allows a malicious intruder to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the imlib2 package up to version 1.4.2-r1 of the Gentoo Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...

7.5CVSS5.4AI score0.03641EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/08/11 12:0 a.m.20 views

The vulnerability of the wled_configure() function in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the wledconfigure function in the Linux operating system’s kernel is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.4AI score0.00166EPSS
Exploits0References13Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/08/11 12:0 a.m.20 views

The vulnerability of the key_extract_l3l4 function in the net_openvswitch/flow.c module of the openvswitch component of Linux kernel allows a attacker to cause a service failure.

The vulnerability of the keyextractl3l4 function in the netopenvswitch/flow.c module of the openvswitch component in Linux kernels is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to cause service failures by sending specially crafted MPLS packets...

5.5CVSS7.2AI score0.00174EPSS
Exploits0References19Affected Software7
BDU FSTEC
BDU FSTEC
added 2025/08/01 12:0 a.m.20 views

The vulnerability of the Kerberos Helper component in operating systems like macOS, which allows a perpetrator to trigger a service failure.

The vulnerability of the Kerberos Helper component in operating systems like macOS is related to an uncontrolled consumption of resources. Exploiting this vulnerability could allow a attacker to cause service interruptions...

5.5CVSS8AI score0.00453EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/22 12:0 a.m.20 views

The vulnerability of the AES-XTS encryption algorithm implementation in single-Chip Microcontrollers ESP32-S2 and ESP32-S2F allows a attacker to compromise the confidentiality of the protected information.

The vulnerability of the AES-XTS encryption algorithm implemented in single-Chip Microcontrollers ESP32-S2 and ESP32-S2F is related to the number of surfaces that are vulnerable, with their quantitative measurement exceeding the desired maximum. Exploiting this vulnerability can allow attackers t...

4.2CVSS5.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/07/18 12:0 a.m.20 views

The vulnerability of the CommuniGate Pro mail server lies in the lack of authentication for critical functions, allowing attackers to send emails with arbitrary content to any email address.

The vulnerability of the CommuniGate Pro mail server lies in the lack of authentication for critical functions. Exploiting this vulnerability allows a malicious actor to send emails with arbitrary content to any email address...

7.8CVSS5.7AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/08 12:0 a.m.20 views

The vulnerability of PDF document viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the ability to read data beyond the buffer in memory, allowing attackers to disclose protected information.

The vulnerability of PDF document viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the reading of data beyond the buffer boundaries in memory during file processing for U3D files. Exploiting this vulnerability can allow attackers to disclose protecte...

3.3CVSS5.9AI score0.00211EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/07/08 12:0 a.m.20 views

The vulnerability of PDF document viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the possibility of an operation occurring outside the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of PDF viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the issue of operations going beyond the buffer in memory during the processing of U3D files. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.7AI score0.00233EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/06/25 12:0 a.m.20 views

Vulnerability of the mxs_dcp_start_dma() function in the drivers/crypto/mxs-dcp.c module – a driver for the Linux kernel’s cryptographic acceleration engine, which allows a hacker to cause a system failure.

Vulnerability of the mxsdcpstartdma function in the drivers/crypto/mxs-dcp.c module – The Linux kernel cryptographic accelerator driver is vulnerable due to the use of an uninitialized resource. Exploiting this vulnerability could allow a hacker to cause a system failure...

7.1CVSS5.9AI score0.00213EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/19 12:0 a.m.20 views

The vulnerability of the copy_page_from_iter_atomic() function in the lib/iov_iter.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the copypagefromiteratomic function in the lib/ioviter.c module of the Linux kernel is related to dependencies that are undefined for each implementation type. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibilit...

7.8CVSS7.2AI score0.00242EPSS
Exploits0References12Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/06/11 12:0 a.m.20 views

The vulnerability in Mozilla Firefox and Firefox ESR browsers allows a hacker to execute arbitrary code.

The vulnerability of Mozilla Firefox and Firefox ESR browsers is related to writing beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS6.1AI score
Exploits0References10Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/05/29 12:0 a.m.20 views

The vulnerability of the CreateLog method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, as well as in the TeleControl Server Basic, allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.

The vulnerability of the CreateLog method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass security...

9CVSS6.1AI score0.00594EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/23 12:0 a.m.20 views

The vulnerability of the SNAP Lite component allows for manipulation of the control and monitoring systems in the energy and water supply sectors of SISCO MMS-EASE and AX-S4 ICCP, enabling a perpetrator to cause service interruptions.

The vulnerability of the SNAP Lite component in the system for managing and monitoring processes related to energy and water supply in SISCO MMS-EASE and AX-S4 ICCP is related to unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service...

7.8CVSS7.4AI score0.05413EPSS
Exploits1References8Affected Software51
BDU FSTEC
BDU FSTEC
added 2025/05/21 12:0 a.m.20 views

The vulnerability of the macOS operating system’s Shortcuts component allows a hacker to bypass existing security restrictions and execute arbitrary code.

The vulnerability of the macOS operating system’s Shortcuts component is related to errors in the implementation of security checks for standard elements. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and execute arbitrary code by sending specially crafted...

10CVSS5.9AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/06 12:0 a.m.20 views

The vulnerability of the PCMan FTP Server relates to the occurrence of operations beyond the buffer boundaries in memory. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the PCMan FTP Server relates to the execution of operations beyond the buffer boundaries in memory when processing the prompt parameter. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected...

7.5CVSS7.6AI score0.0062EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/06 12:0 a.m.20 views

The vulnerability of the PCMan FTP Server relates to the occurrence of operations beyond the buffer boundaries in memory. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the PCMan FTP Server relates to the execution of operations beyond the buffer boundaries during the processing of the verbose parameter. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected...

7.5CVSS7.6AI score0.0062EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/05 12:0 a.m.20 views

The vulnerability of Cobalt Ashlar-Vellum’s software for parametric automated design and 3D modeling lies in its ability to read data beyond the buffer limit in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Cobalt Ashlar-Vellum software for parametric automated design and 3D modeling lies in the reading of data beyond the buffer limit in memory during the processing of CO files. Exploiting this vulnerability allows an attacker to execute arbitrary code...

7.8CVSS7.7AI score0.00296EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/25 12:0 a.m.20 views

The vulnerability of the LockBufferingSettings method in the software for managing and monitoring removed objects in telemetry and telemechanics systems, allowing a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the LockBufferingSettings method in the software for managing and monitoring removed objects in telemetry and telemechanics systems related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability could allow an attacker to compromise th...

9CVSS5.6AI score0.00554EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/09 12:0 a.m.20 views

The vulnerability of the software for multifunctional measuring instruments used to measure parameters of electrical networks from Siemens SENTRON 7KT PAC1260 lies in the lack of measures to neutralize special elements, allowing a violator to execute arbitrary codes.

The vulnerability of the software for multifunctional measuring instruments used to measure parameters of electrical networks from Siemens SENTRON 7KT PAC1260 is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability can allow a remote attacker to...

9.1CVSS6.4AI score0.00864EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/04/03 12:0 a.m.20 views

The vulnerability of the BmpInput::read_rle_image() function in the src/bmp.imageio/bmpinput.cpp module of the OpenImageIO library allows a attacker to compromise the integrity of the protected information or cause service failures.

The vulnerability of the BmpInput::readrleimage function in the src/bmp.imageio/bmpinput.cpp module of the OpenImageIO library is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the integrity of the protected information or caus...

8.5CVSS5.7AI score
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/27 12:0 a.m.20 views

The vulnerability of the ima component in the Linux operating system’s kernel allows a hacker to increase their privileges.

The vulnerability of the ima component in the Linux operating system’s kernel is related to memory corruption. Exploiting this vulnerability can allow an attacker to increase their privileges...

5.5CVSS6.9AI score0.00242EPSS
Exploits0References12Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/03/25 12:0 a.m.20 views

The vulnerability of the formWifiBasicSet() function in the microprogramming software for Tenda F1202 allows a hacker to manipulate the accessibility of protected information.

The vulnerability of the formWifiBasicSet function in the Tenda F1202 router’s microprogramming software is related to the operation that goes beyond the buffer in memory when processing the security parameter. Exploiting this vulnerability could allow an attacker to compromise the accessibility ...

6.5CVSS5.7AI score0.00528EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2025/03/24 12:0 a.m.20 views

The vulnerability of the Apache OpenMeetings video conferencing software, related to the restoration of unreliable data in memory, allows a intruder to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of Apache OpenMeetings video conferencing software lies in the recovery of unreliable data from memory. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

10CVSS8AI score0.65176EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/05 12:0 a.m.20 views

The vulnerability of IBM Engineering Lifecycle Optimization - Publishing software, related to the use of cryptographic algorithms containing defects, allows attackers to gain unauthorized access to protected information.

The vulnerability of IBM Engineering Lifecycle Optimization - Publishing software relates to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability can allow an unauthorized attacker to gain unauthorized access to protected information...

5.9CVSS5.5AI score0.00198EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/28 12:0 a.m.20 views

The vulnerability of software for vehicle management and tracking systems, related to the possibility of escaping the directory structure, allows a violator to increase their privileges and execute arbitrary code.

The vulnerability of the software for controlling and monitoring vehicles in the Howen Vehicle Service System is related to the possibility of it escaping the directory structure. Exploiting this vulnerability could allow a remote attacker to perform network activities without the user’s knowledg...

9CVSS5.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/02/24 12:0 a.m.20 views

The vulnerability of the VerifyHostKeyDNS component in the OpenSSH cryptographic security tool allows a attacker to perform XSS attacks.

The vulnerability of the VerifyHostKeyDNS component in the OpenSSH cryptographic security tool is related to deficiencies in error handling during host key verification. Exploiting this vulnerability allows a malicious actor to perform XSS attacks remotely...

7.1CVSS6.7AI score0.06997EPSS
Exploits4References30Affected Software17
BDU FSTEC
BDU FSTEC
added 2025/02/24 12:0 a.m.20 views

The vulnerability of the libbpf component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the libbpf component in the Linux operating system’s kernel is related to integer overflow. Exploiting this vulnerability can allow an attacker to cause a service failure...

7.8CVSS6.5AI score0.00277EPSS
Exploits0References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/02/19 12:0 a.m.20 views

Vulnerability eliminated

...

5.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/02/17 12:0 a.m.20 views

The vulnerability of Qtech Gigabit SPF WiFi Gateway’s microprogramming software, related to access control deficiencies, allows attackers to disclose protected information.

The vulnerability of the Qtech Gigabit SPF WiFi Gateway microprogramming software is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to disclose protected information by using the pre-installed account...

8CVSS5.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/02/13 12:0 a.m.20 views

The vulnerability of Microsoft Office, Excel, and 365 Apps for Enterprise packages relates to the use of an untrusted pointer, allowing a malicious actor to execute arbitrary code.

The vulnerability of Microsoft Office, Excel, and 365 Apps for Enterprise packages is related to the use of an untrusted pointer. Exploiting this vulnerability can allow attackers to execute arbitrary code...

7.8CVSS8.1AI score0.01113EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/02/07 12:0 a.m.20 views

The vulnerability of the Install component of the software tool for managing the life cycle of products in the Oracle Agile PLM Framework allows a perpetrator to disclose protected information.

The vulnerability of the Install component of the software lifecycle management tool for Oracle Agile PLM Framework relates to deficiencies in the authentication mechanism. Exploiting this vulnerability allows a malicious actor to disclose sensitive information through HTTP requests...

7.8CVSS7.7AI score0.00479EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/06 12:0 a.m.20 views

Vulnerability of the Server component: The MySQL Server database management system, which allows a hacker to cause service interruptions.

Vulnerability of the MySQL Server component: The MySQL Server component of the database management system involves unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause downtime or service failures using the MySQL network protocol...

6.8CVSS6.5AI score0.00921EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/03 12:0 a.m.20 views

The vulnerability of the Linux operating system’s kernel component “perf”, which allows a hacker to trigger a service failure

The vulnerability of the perf component in the Linux operating system’s kernel is related to the operation of writing data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.0024EPSS
Exploits0References22Affected Software9
BDU FSTEC
BDU FSTEC
added 2025/02/03 12:0 a.m.20 views

The vulnerability of the NFSD component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the NFSD component in the Linux operating system’s kernel is related to the operation of the operation outside the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.8AI score0.00263EPSS
Exploits0References16Affected Software10
BDU FSTEC
BDU FSTEC
added 2025/01/31 12:0 a.m.20 views

The vulnerability of the gsm_dlci_config() function in the TTY driver (drivers/tty/n_gsm.c) of the Linux kernel allows a hacker to increase their privileges.

The vulnerability of the gsmdlciconfig function in the TTY driver drivers/tty/ngsm.c of the Linux kernel is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability can allow an attacker to increase their privileges...

8.2CVSS5.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/01/30 12:0 a.m.20 views

The vulnerability of the Strapi content management system, related to the lack of protective measures for web pages, allows a hacker to execute arbitrary JavaScript code.

The vulnerability of the CMS Strapi content management platform, related to the lack of security measures for web pages. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code by loading a specially crafted PDF file remotely...

4.3CVSS5.9AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/22 12:0 a.m.20 views

The vulnerability of the Active Directory Federation Server component for the Windows operating system, which allows a attacker to perform a CSRF attack

The vulnerability of the Active Directory Federation Server operating system on Windows is related to the manipulation of cross-site requests. Exploiting this vulnerability can allow a malicious actor to execute a CSRF attack remotely...

7.8CVSS7.6AI score0.00724EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/01/16 12:0 a.m.20 views

The vulnerability of theOTP library set in the Erlang programming language allows attackers to carry out “man-in-the-middle” type attacks.

The vulnerability of theOTP library in the Erlang programming language is related to errors in the authentication process for certificates. Exploiting this vulnerability allows attackers who operate remotely to carry out “man-in-the-middle” type attacks...

5.5CVSS5.9AI score0.00251EPSS
Exploits0References4Affected Software2
Total number of security vulnerabilities5000