Lucene search
K
Bdu FstecMost viewed

90709 matches found

BDU FSTEC
BDU FSTEC
added 2023/11/02 12:0 a.m.19 views

The vulnerability of the mDNSResponder component in operating systems such as watchOS, iOS, iPadOS, and tvOS allows a hacker to track a device based on its MAC address via Wi-Fi.

The vulnerability of the mDNSResponder component in operating systems such as watchOS, iOS, iPadOS, and tvOS is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to track a device based on its MAC address via Wi-Fi...

7.8CVSS5.9AI score0.01245EPSS
Exploits0References3Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/06/29 12:0 a.m.19 views

The vulnerability of the Go programming language, related to errors in processing special symbols "<>" in CSS contexts, allows attackers to execute arbitrary code.

The vulnerability of the Go programming language is related to errors in processing special symbols "" within CSS contexts. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.5CVSS6.9AI score0.01037EPSS
Exploits0References10Affected Software19
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.19 views

The vulnerability of the CN2600 terminal server’s microprogramming software, related to the use of cryptographic algorithms containing defects, allows a hacker to compromise the connection and gain access to protected information.

The vulnerability of the microprogramming software of the terminal server CN2600 is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability can allow a malicious actor to compromise the connection and gain access to protected information...

9.4CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/05/30 12:0 a.m.19 views

The vulnerability of the built-in software of the ARIS controller, related to uncontrolled resource consumption, allows a intruder to cause a service failure.

The vulnerability of the built-in software of the ARIS controller is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service failures by sending a specially crafted network packet...

5.9CVSS5.5AI score
Exploits0Affected Software10
BDU FSTEC
BDU FSTEC
added 2023/04/07 12:0 a.m.19 views

The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business models RV016, RV042, RV042G, RV082, RV320, and RV325 allows attackers to execute cross-site scripting (XSS) attacks.

The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform...

6.4CVSS6.1AI score0.00433EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/02/17 12:0 a.m.19 views

The vulnerability of the LoginForm and RegisterForm data transmission forms in the Apex-VUZ automation system allows a perpetrator to gain access to user account information.

The vulnerability of the LoginForm and RegisterForm data transmission forms in the Apex-VUZ automation system is related to the transmission of data in an open manner. Exploiting this vulnerability can allow a malicious actor to gain access to user credentials...

7.8CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/17 12:0 a.m.19 views

The vulnerability of the Apex-VUZ education automation system, related to insufficient access control, allows a perpetrator to download photos of profiles of all used accounts.

The vulnerability of the Apex-VUZ education automation system’s web interface is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to download photos of profiles of all user accounts by sending a specially crafted request...

7.8CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/06 12:0 a.m.19 views

The vulnerability of the WEB_DisplayPage() function in D-Link’s wireless access points DAP-2020 and DAP-1360 allows a hacker to execute arbitrary code.

The vulnerability of the WEBDisplayPage function in D-Link’s wireless access points DAP-2020 and DAP-1360 is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to execute arbitrary code remotely...

8.8CVSS6.4AI score
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/12/12 12:0 a.m.19 views

The vulnerability of Moxa VPORT 06EC-2V IP camera software and Moxa VPort 461A video encoder software, related to pointer swapping errors, allows a intruder to execute a brute-force attack.

The vulnerability of Moxa VPORT 06EC-2V IP camera microprogramming software and Moxa VPort 461A video encoder microprogramming software is related to errors in parameter processing involving pointers. Exploiting this vulnerability allows a remote attacker to execute a brute-force attack...

10CVSS5.7AI score
Exploits0References1Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/12/07 12:0 a.m.19 views

The vulnerability of the Microsoft ODBC operating system driver allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft ODBC operating system driver exists due to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.1AI score0.02248EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/11/21 12:0 a.m.19 views

The vulnerability of the RDP server FreeRDP, related to deficiencies in the authentication process, allows attackers to bypass the authentication process.

The vulnerability of the RDP server FreeRDP is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass the authentication process remotely...

10CVSS7.4AI score0.02265EPSS
Exploits0References20Affected Software8
BDU FSTEC
BDU FSTEC
added 2022/11/15 12:0 a.m.19 views

The vulnerability of the microprogrammed software of the Moxa NE-4100T serial interface converter lies in the lack of authentication procedures, which allows attackers to circumvent existing security restrictions.

The vulnerability of the Microprogrammed Software for Serial Interface Converters Moxa NE-4100T is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor to gain increased privileges remotely...

10CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/28 12:0 a.m.19 views

The vulnerability of the SecUsers.ini file of the controller display utility for OpenBSI allows a hacker to gain unauthorized access to protected information.

The vulnerability of the SecUsers.ini file of the controller display utility related to OpenBSI involves storing confidential information in an unencrypted form in memory. Exploiting this vulnerability could allow a remote attacker to gain access to the user credentials...

7.8CVSS5.5AI score0.00252EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/03/11 12:0 a.m.19 views

The vulnerability of the webNasIPS module of the TerraMaster operating system for TerraMaster TNAS storage devices allows a hacker to gain access to protected information.

The vulnerability of the webNasIPS module in the TerraMaster operating system for data storage devices called TerraMaster TNAS is related to the possibility of executing arbitrary commands. Exploiting this vulnerability could allow a malicious actor to gain access to protected information...

7.8CVSS5.6AI score0.8405EPSS
Exploits9References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/02/28 12:0 a.m.19 views

The vulnerability of theutils.cfc component in the ColdFusion software platform allows attackers to execute arbitrary code.

The vulnerability of theutils.cfc component in the ColdFusion software platform allows unauthenticated attackers to execute arbitrary code by connecting to any LDAP server via the verifyldapserver parameter...

9.3CVSS6AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/02/18 12:0 a.m.19 views

The vulnerability of the Evolution CMS system, related to the lack of measures taken to protect the website structure, allows attackers to execute cross-site scripting attacks (XSS).

The vulnerability of the Evolution CMS content management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

8.4CVSS5.2AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/02/18 12:0 a.m.19 views

The vulnerability of the GitBucket collaborative development web service lies in its lack of protection for website structures, allowing attackers to execute arbitrary code.

The vulnerability in the collaborative development web service GitBucket is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

9CVSS5.9AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/02/10 12:0 a.m.19 views

The vulnerability of IDEMIA’s biometric identification systems’ microprogramming software lies in the lack of authentication mechanisms, which allows attackers to bypass the authentication process.

The vulnerability of IDEMIA’s biometric identification systems’ microprogramming software is related to the absence of authentication. Exploiting this vulnerability could allow a malicious actor to bypass authentication and cause service failures...

7.1CVSS5.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/01/25 12:0 a.m.19 views

The vulnerability of NETGEAR CBR750, RBK852, RBR850, and RBS850 Wi-Fi routers’ microprogramming software lies in insufficient cleaning of input data, allowing attackers to execute arbitrary commands.

The vulnerability of NETGEAR’s Wi-Fi router software, including models CBR750, RBK852, RBR850, and RBS850, lies in insufficient cleaning of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

9.6CVSS8.1AI score0.01667EPSS
Exploits0References3Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/01/04 12:0 a.m.19 views

The vulnerability in the index.php script of the D-Link DSL-3782 router’s microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the index.php script in the D-Link DSL-3782 router microprogramming system is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS6AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/12/24 12:0 a.m.19 views

The vulnerability of the “ord” parameter in the “company_list” component of the Advantech R-SeeNet monitoring software allows a hacker to perform cross-site scripting attacks.

The vulnerability of the monitoring software for the status and functions of Advantech R-SeeNet routers is related to incorrect validation of input data. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks by sending specially crafted SQL queries...

7.7CVSS5.3AI score0.01134EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2021/10/22 12:0 a.m.19 views

The vulnerability of the Synergia operating system, related to errors in access control policies of SELinux, allows a perpetrator to gain read access to system files.

The vulnerability of the Synergia operating system is related to errors in access control policies of SELinux. Exploiting this vulnerability can allow an attacker to gain read access to system files...

5.1CVSS5.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/09/20 12:0 a.m.19 views

The vulnerability of the Radare2 reverse-engineering system, related to the use of memory after it is freed, allows a hacker to cause a service failure.

The vulnerability of the Radare2 reverse-engineering system is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

6.5CVSS6.9AI score0.01161EPSS
Exploits1References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/08/17 12:0 a.m.19 views

The vulnerability of Moxa EDR-810 microcontroller software, related to buffer overflow in the stack, allows a hacker to execute arbitrary code.

The vulnerability of Moxa EDR-810 microcontroller-based software is related to buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9.3CVSS6.3AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/08/17 12:0 a.m.19 views

The vulnerability of Moxa EDR-810 microcontroller software-related microprogramming systems, due to problems with the use of cryptography, allows a perpetrator to gain access to confidential data.

The vulnerability of Moxa EDR-810 microcontroller software is related to issues with the use of cryptography. Exploiting this vulnerability could allow a malicious actor to gain access to confidential data...

4.3CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/07/15 12:0 a.m.19 views

The vulnerability of the SAP Business Objects decision support system lies in the lack of measures taken to protect the website structure. This allows attackers to intercept the session of administrators or users of the web resources.

The vulnerability of the SAP Business Objects decision support system lies in the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to intercept administrator or user sessions on the web resources, using specially crafted POST/GET...

6.8CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/07/07 12:0 a.m.19 views

The vulnerability of the FreeIPA Astra-freeipa certificate creation and update tool is related to an unreliable search process, which allows a perpetrator to compromise the integrity of the data.

The vulnerability of the FreeIPA Astra-freeipa certificate creation and renewal tool is related to improper searching for existing keys. Exploiting this vulnerability allows a remote attacker to compromise the integrity of data...

3.5CVSS5.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/07/07 12:0 a.m.19 views

The vulnerability of the fly-qdm GUI input software, related to a code error, allows a intruder to access confidential data.

The vulnerability of the fly-qdm GUI login software lies in the absence of a warning when an outdated password is used during password changes. Exploiting this vulnerability allows a remote attacker to gain access to confidential data...

4CVSS5.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.19 views

The vulnerability of the acron application library of Avrora Center, related to uncontrolled resource consumption, allows a perpetrator to cause a service failure.

The vulnerability of the acron application library in Avroa Software Solutions is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures using a specially crafted regular expression...

7.5CVSS5.5AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.19 views

The vulnerability of the module for creating, editing, and saving diagrams of typical and business processes, determining process properties, creating lists of associated objects “LOCMAN WorkFlow Designer” of the engineering data management system, and the product lifecycle management system LOCMAN:PLM. This vulnerability is related to the unlimited loading of dangerous type files, allowing attackers to execute arbitrary code.

The vulnerability of the module responsible for creating, editing, and saving diagrams of typical and working business processes, as well as defining properties of these processes, and creating lists of associated objects in the “LOZMAN Workflow Designer” system for managing engineering data and...

6.8CVSS6AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.19 views

The vulnerability of the kmath.dll library in the KOMPAS-3D 3D modeling system, related to the execution of operations outside the buffer in memory, allows a hacker to cause a service failure.

The vulnerability of the kmath.dll library in the KOMPAS-3D 3D modeling system relates to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure using a specially crafted T3D format file...

4.9CVSS5.9AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/04 12:0 a.m.19 views

The vulnerability of the eDocLib platform for storing and processing corporate data arises from the lack of measures taken to protect the website structure. This vulnerability allows attackers to carry out cross-site scripting attacks.

The vulnerability of the eDocLib platform for storing and processing corporate data exists due to the lack of measures taken to protect its web page structure. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code in the user’s browser by creating a...

6.5CVSS6AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/01/26 12:0 a.m.19 views

The vulnerability of the Sailfish Browser application for the “Avora” operating system, related to buffer overflow in the stack, allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the Sailfish Browser application for the “Avora” operating system is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code...

9CVSS6.2AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/01/13 12:0 a.m.19 views

The vulnerability of the Kaspersky Total Security antivirus protection, related to code errors, allows attackers to increase their privileges.

The vulnerability of the Kaspersky Total Security antivirus protection is related to errors in the code. Exploiting this vulnerability can allow attackers to enhance their privileges by manipulating symbolic links...

5.9CVSS5.5AI score
Exploits0References1Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/01/13 12:0 a.m.19 views

The vulnerability of the init process of the loginctl subsystem of Systemd, related to security configuration errors, allows a perpetrator to access confidential data.

The vulnerability of the loginctl process in the initialization and service management subsystem of Systemd is related to security configuration errors. Exploiting this vulnerability can allow an attacker to access confidential data...

2.8CVSS5.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/12/07 12:0 a.m.19 views

The vulnerability of the KTS web interface “Mayak,” related to the failure to protect the SQL query structure, allows attackers to execute arbitrary SQL commands.

The vulnerability of the KTS “Lighthouse” web interface is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands using a specially crafted HTTP POST request...

10CVSS6.1AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/11/02 12:0 a.m.19 views

The vulnerability of the var_lldpLocalPortTbl function in the microprogramming software for Moxa EDR-810 allows a hacker to trigger an emergency shutdown of the device.

The vulnerability of the varlldpLocalPortTbl function in the microprogramming software for Moxa EDR-810 is related to character processing errors. Exploiting this vulnerability can allow a malicious actor to trigger an emergency shutdown by sending a specially crafted SNMP request with a negative...

5.7CVSS5.4AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/08/05 12:0 a.m.19 views

The vulnerability of the astra-safepolicy security configuration, related to the lack of input validation mechanisms, allows attackers to trigger service failures.

The vulnerability of the astra-safepolicy security configuration is related to the lack of a mechanism for checking input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures...

7.8CVSS5.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/07/09 12:0 a.m.19 views

The vulnerability of the PuTTY cryptographic protection mechanism, related to the execution of operations beyond the buffer boundaries in memory, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the PuTTY encryption protection mechanism lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

10CVSS8.2AI score0.02566EPSS
Exploits0References6Affected Software4
BDU FSTEC
BDU FSTEC
added 2020/06/05 12:0 a.m.19 views

The vulnerability of Thunderbolt devices’ microcontrollers lies in the ability to load metadata from an unauthenticated device. This allows a hacker to gain direct access to the memory of computing devices connected to Thunderbolt interfaces.

The vulnerability of Thunderbolt devices’ microcontrollers relates to the ability to load metadata from an unauthenticated device. Exploiting this vulnerability can allow a hacker to gain direct access to the memory of the computing device, which is connected to Thunderbolt devices...

7.6CVSS5.5AI score
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/05/08 12:0 a.m.19 views

The vulnerability of the security-monitor function in the Secure Boot protocol (part of the UEFI specification) is related to an error in the display of ssh for the root user. This vulnerability allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failure.

The vulnerability of the security-monitor function in the Secure Boot protocol a part of the UEFI specification is related to an error in the display of ssh for the root user, when this protocol is not enabled for the user. Exploiting this vulnerability can allow a remote attacker to access...

5.1CVSS5.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/04/21 12:0 a.m.19 views

The vulnerability of the Omnibox address bar in Google Chrome allows a hacker to compromise data integrity.

The vulnerability of the Omnibox address bar in Google Chrome relates to insufficient validation of entered data. Exploiting this vulnerability allows a malicious actor to compromise data integrity through a specially created HTML page...

4.3CVSS6.5AI score0.00688EPSS
Exploits0References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2019/12/13 12:0 a.m.19 views

The vulnerability of the canvas objects in browsers such as Firefox, Firefox ESR, and the email client Thunderbird allows attackers to disclose protected information.

The vulnerability of the Canvas object in browsers such as Firefox, Firefox ESR, and the email client Thunderbird is related to a lack of mechanisms for verifying the source of the data. Exploiting this vulnerability can allow an attacker to disclose protected information remotely...

5.3CVSS6.8AI score0.00825EPSS
Exploits0References4Affected Software4
BDU FSTEC
BDU FSTEC
added 2019/12/03 12:0 a.m.19 views

The vulnerabilities of PDF viewing and editing programs from Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, and Adobe Acrobat Reader 2017 are related to security configuration errors, allowing attackers to execute arbitrary code.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, and Adobe Acrobat Reader 2017 are related to security configuration errors. Exploiting these vulnerabilities can allow a malicious actor to execut...

10CVSS8.2AI score0.06649EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2019/10/09 12:0 a.m.19 views

The vulnerability of the protection mechanism for the virtual file system “/proc” in the Oracle Solaris operating system allows a perpetrator to execute arbitrary code.

The vulnerability of the protection mechanism for the virtual file system “/proc” in the Oracle Solaris operating system is related to access control deficiencies. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7CVSS5.8AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/10/01 12:0 a.m.19 views

The vulnerability of the ktexteditor text editing tool in the Astra Linux operating system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the ktexteditor text editing tool in the Astra Linux operating system is related to errors in interpreting file access rights. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...

7CVSS5.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/07/23 12:0 a.m.19 views

The vulnerability of the unixcmd utility in the Virtual Distributed Ethernet virtual network creation package allows a attacker to cause a service failure.

The vulnerability of the unixcmd utility, a tool for creating compatible virtual networks using Virtual Distributed Ethernet, stems from segmentation errors. Exploiting this vulnerability could allow an attacker to cause a service failure by entering a specially crafted sequence of data into the...

4CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/07/23 12:0 a.m.19 views

The vulnerability of the Microsoft SharePoint software package arises from insufficient cleaning of data provided by users, allowing attackers to carry out cross-site scripting attacks.

The vulnerability of the Microsoft SharePoint software package is related to insufficient cleaning of data provided by users. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute cross-site scripting attacks with elevated privileges using a specially created...

5.5CVSS5.4AI score0.01571EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2019/07/18 12:0 a.m.19 views

The vulnerability of the vGate virtualization platform’s security mechanism, which allows intruders to bypass existing security measures

The vulnerability of the vGate virtualization platform’s security mechanism lies in the fact that authentication is performed against rules that are not currently in effect for vGate i.e., outside the protected perimeter. There is also a lack of control over user authentication processes within...

6.2CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/07/04 12:0 a.m.19 views

The vulnerability of the built-in software of the “Granite-Navigator-6.18” device lies in the use of uncontrolled format lines, which allows a perpetrator to trigger a service failure.

The vulnerability of the built-in software of the “Granite-Navigator-6.18” device is related to the use of uncontrolled format lines. Exploiting this vulnerability can allow an attacker to cause a service failure by using a specially crafted command e.g., canrcv canteseo2%n%n%n%n%n%n%n when...

5.3CVSS5.5AI score
Exploits0
Total number of security vulnerabilities5000