Lucene search
K
Bdu FstecMost viewed

90604 matches found

BDU FSTEC
BDU FSTEC
added 2025/02/26 12:0 a.m.18 views

The vulnerability of the MIR CT-51 controller, related to the disclosure of information during data transmission, allows a intruder to enhance their privileges.

The vulnerability of the MIR KT-51 controller is related to the disclosure of information during data transmission. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain increased privileges...

5.8CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/24 12:0 a.m.18 views

The vulnerability of the firmware component of the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the Linux operating system’s kernel firmware component is related to improper locking mechanisms. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.1AI score0.0017EPSS
Exploits0References18Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/02/19 12:0 a.m.18 views

Vulnerability eliminated

...

5.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/02/19 12:0 a.m.18 views

Vulnerability eliminated

...

5.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/02/12 12:0 a.m.18 views

The vulnerability of the NVIDIA Virtual GPU Manager driver, which allows a hacker to execute arbitrary code, trigger service failures, or disclose sensitive information.

The vulnerability of the NVIDIA Virtual GPU Manager driver relates to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code, cause service failures, or disclose sensitive information...

7.8CVSS5.7AI score0.00193EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/01/23 12:0 a.m.18 views

Vulnerability of the Server component: The Oracle MySQL Server component of the database management system, which allows a hacker to cause a service failure.

The vulnerability of the Oracle MySQL Server component of the database management system involves unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

6.8CVSS6.6AI score0.01025EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/03 12:0 a.m.18 views

The vulnerability of the ASUS AiCloud cloud platform, which stems from the lack of measures taken to clean data at the management level, allows a hacker to execute arbitrary codes.

The vulnerability of the ASUS AiCloud cloud platform lies in the lack of measures taken at the management level to clean data. Exploiting this vulnerability allows a malicious actor to execute arbitrary codes remotely...

9CVSS8.3AI score0.01238EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/29 12:0 a.m.18 views

The vulnerability of the library for optimizing machine learning models in Intel Neural Compressor lies in the failure to take measures to neutralize special elements in the template creation mechanism. This allows attackers to enhance their privileges.

The vulnerability of the Intel Neural Compressor library for optimizing machine learning models is related to the lack of measures taken to neutralize special elements in the template creation mechanism. Exploiting this vulnerability can allow a remote attacker to enhance their privileges...

7CVSS5.5AI score0.00227EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.18 views

The vulnerability of the network management system for monitoring industrial networks in Siemens SINEC NMS lies in the improper assignment of permissions to critical resources. This allows a perpetrator to write arbitrary data to any location in the host’s file system.

The vulnerability of the Siemens SINEC NMS network management system for monitoring industrial networks is related to the improper assignment of permissions for critical resources. The application contains a database that does not restrict user rights. Exploiting this vulnerability allows a hacke...

8.4CVSS7.6AI score0.00134EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/11/25 12:0 a.m.18 views

The vulnerability in the web interface of the Cisco Nexus Dashboard Fabric Controller (NDFC) allows a perpetrator to execute arbitrary code.

The vulnerability of the Cisco Nexus Dashboard Fabric Controller NDFC web interface relates to an incorrect restriction on the path name to the restricted catalog. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code in a container with root privileges...

9CVSS6AI score0.00938EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/15 12:0 a.m.18 views

The vulnerability of the Microsoft Windows operating system’s Telephony Service allows a perpetrator to execute arbitrary code.

The vulnerability of the Microsoft Windows operating system’s Telephony Service is related to overflowing buffers in the “heap”. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

10CVSS5.8AI score0.01516EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.18 views

The vulnerability of the FileManager web interface, related to deserialization mechanism flaws, allows an attacker to execute arbitrary code.

The vulnerability of the FileManager web interface is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.6CVSS6AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/06 12:0 a.m.18 views

The vulnerability of the DevTools suite for web development in Microsoft Edge and Google Chrome browsers allows a hacker to execute arbitrary code.

The vulnerability of the DevTools suite for web development in Microsoft Edge and Google Chrome is related to insufficient testing of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created HTML page from a remote location...

10CVSS6AI score0.00413EPSS
Exploits0References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/10/28 12:0 a.m.18 views

The vulnerability of the microprogrammed control system of the ABB AC 800M is related to errors in processing input data, allowing a intruder to execute arbitrary commands.

The vulnerability of the ABB AC 800M controller’s microprogramming software is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by sending specially crafted MMS packets remotely...

10CVSS5.8AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/08/14 12:0 a.m.18 views

The vulnerability of D-Link router microprogramming software arises from the lack of measures taken to neutralize special elements used in the operating system command. This allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of D-Link DIR-1960-US, DIR-2640-US, DIR-2660-US, DIR-3040-US, DIR-3060-US, DIR-867-US, DIR-878, DIR-882-US, DIR-882/RE, DIR-882-CA, and DIR-882-US/RE routers exists due to the lack of measures to neutralize specific elements. Exploiting this vulnerability can allow a malicious...

8.4CVSS5.5AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/08/07 12:0 a.m.18 views

The vulnerability of the gswipremove() function in Lantiq/Intel GSWIP kernel drivers for Linux operating systems allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the gswipremove function in the drivers/net/dsa/lantiqgswip.c file of the Lantiq/Intel GSWIP driver for the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the...

7.8CVSS6.4AI score0.00227EPSS
Exploits0References13Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/07/23 12:0 a.m.18 views

The vulnerability of the GraphWorX64 module in the GENESIS64 SCADA system allows a intruder to load arbitrary files or execute arbitrary code.

The vulnerability of the GraphWorX64 module in the GENESIS64 SCADA system is related to the failure to take measures to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to download arbitrary files or execute arbitrary code remotely...

6.5CVSS5.9AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/19 12:0 a.m.18 views

The vulnerability of the LOV component in terms of technical maintenance, repairs, and major overhauls of Oracle Complex Maintenance, Repair, and Overhaul systems—a system for automating business operations in Oracle E-Business Suite—allows a perpetrator to gain access to read, modify, add, or delete data.

The vulnerability of the LOV component in terms of technical maintenance, repairs, and major overhauls of Oracle system equipment exists due to insufficient verification of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to read, modify, add, or...

6.4CVSS7.2AI score0.00395EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/07/19 12:0 a.m.18 views

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to trigger a service failure.

The vulnerability of the Core component of the Oracle VM VirtualBox software lies in insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...

6.5CVSS6.8AI score0.00277EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/07/05 12:0 a.m.18 views

The vulnerability of the image_copy_plane component (libavutil/imgutils.c) in the FFmpeg multimedia library allows a attacker to execute arbitrary code.

The vulnerability of the imagecopyplane component libavutil/imgutils.c in the FFmpeg multimedia library lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS6.7AI score0.00324EPSS
Exploits0References13Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/06/10 12:0 a.m.18 views

The vulnerability of the Ivanti Secure Access Client (formerly Pulse Secure Desktop Client) for corporate networks’ VPN servers in Windows operating systems stems from an operation that goes beyond the buffer in memory, allowing a malicious actor to execute arbitrary code with SYSTEM privileges.

The vulnerability of the Ivanti Secure Access Client formerly Pulse Secure Desktop Client for corporate networks’ VPN servers on Windows operating systems is related to the execution of commands outside of the buffer in memory. Exploiting this vulnerability could allow a malicious actor to execut...

7.8CVSS8.2AI score0.00343EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/06/07 12:0 a.m.18 views

The vulnerability of the LenelS2 NetBox access control and event monitoring system, related to the implementation or modification of arguments, allows a intruder to execute arbitrary commands.

The vulnerability of the LenelS2 NetBox access control and event monitoring system is related to the implementation or modification of arguments. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

9CVSS5.8AI score0.00519EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/22 12:0 a.m.18 views

The vulnerability of 5G MediaTek wireless communication modules, related to insufficient validation of input data, allows attackers to trigger service interruptions.

The vulnerability of 5G wireless communication modules by MediaTek is related to insufficient verification of input data. Exploiting this vulnerability can allow a remote attacker to cause service failures...

7.8CVSS7.2AI score0.01082EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/12/12 12:0 a.m.18 views

Vulnerability of the MySQL Server component of the database management system: This component allows a hacker to cause a service failure.

The vulnerability of the MySQL Server component of the database management system involves errors in resource release. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

6.1CVSS6.3AI score0.01115EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/29 12:0 a.m.18 views

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud, related to reading data beyond the buffer in memory, allow attackers to gain access to confidential information.

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud involve reading data beyond the buffer in memory. Exploiting these vulnerabilities can allow attackers to access confidential information...

3.3CVSS5.8AI score0.02035EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/08/21 12:0 a.m.18 views

The vulnerability in web browsers Firefox ESR, Firefox, and the email client Thunderbird involves the concealment of important security information. This allows attackers to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerabilities in web browsers Firefox ESR, Firefox, and the email client Thunderbird involve the concealment of important security-related information. Exploiting these vulnerabilities can allow a malicious actor to gain access to confidential data, compromise its integrity, and cause servi...

10CVSS7.7AI score0.00884EPSS
Exploits0References12Affected Software6
BDU FSTEC
BDU FSTEC
added 2023/07/20 12:0 a.m.18 views

The vulnerability of the Cloud Files Mini Filter driver for the Windows operating system allows a hacker to increase their privileges.

The vulnerability of the Cloud Files Mini Filter driver for the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.3AI score0.00354EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.18 views

The vulnerability of the CN2600 terminal server’s microprogramming software, related to the use of cryptographic algorithms containing defects, allows a hacker to compromise the connection and gain access to protected information.

The vulnerability of the microprogramming software of the terminal server CN2600 is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability can allow a malicious actor to compromise the connection and gain access to protected information...

9.4CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/04/04 12:0 a.m.18 views

The vulnerability of the blacklistAction() function on the PHP software platform pimcore allows violators to perform cross-site scripting attacks.

The vulnerability of the blacklistAction function in the PHP programming platform pimcore relates to the lack of measures taken to protect the structure of web pages when processing email addresses. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks...

6.4CVSS5.6AI score0.0051EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/03/03 12:0 a.m.18 views

The vulnerability of the MKLogic-500 PLI configuration protocol, due to deficiencies in the encryption algorithm, allows attackers to decrypt the configuration protocol and modify the device’s configuration.

The vulnerability of the MKLogic-500 PLB protocol lies in the transmission of information sufficient to recover encryption keys in an open form. Exploiting this vulnerability allows a malicious actor to decrypt the PLB protocol and modify the device’s configuration...

9.7CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/17 12:0 a.m.18 views

The vulnerability of the password reset mechanism of the Automation Education System Apex-VUZ allows a hacker to obtain the user’s password.

The vulnerability of the user password reset mechanism in the Apex-VUZ automation system is related to the use of the SHA-1 encryption algorithm, which lacks sufficient robustness. Exploiting this vulnerability could allow an attacker operating remotely to obtain the user’s password...

5.3CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/17 12:0 a.m.18 views

The vulnerability of the log files of user operations in the Apex-VUZ automation system allows a perpetrator to gain access to authentication information.

The vulnerability of the logs of user operations in the Apex-VUZ automation system is related to the storage of passwords in an open format. Exploiting this vulnerability can allow a malicious actor to gain access to authentication information...

7.8CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/17 12:0 a.m.18 views

The vulnerability of the component responsible for creating new account records in the Apex-VUZ education automation system allows a perpetrator to cause service interruptions.

The vulnerability of the component responsible for creating new account records in the Apex-VUZ automation system is related to improper control of the interaction frequency. Exploiting this vulnerability allows a malicious actor to trigger a service failure by sending specially crafted POST...

7.8CVSS5.4AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/11/21 12:0 a.m.18 views

The vulnerability of the RDP server FreeRDP, related to deficiencies in the authentication process, allows attackers to bypass the authentication process.

The vulnerability of the RDP server FreeRDP is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass the authentication process remotely...

10CVSS7.4AI score0.0219EPSS
Exploits0References20Affected Software8
BDU FSTEC
BDU FSTEC
added 2022/11/15 12:0 a.m.18 views

The vulnerability of the microprogrammed software of the Moxa NE-4100T serial interface converter lies in the lack of authentication procedures, which allows attackers to circumvent existing security restrictions.

The vulnerability of the Microprogrammed Software for Serial Interface Converters Moxa NE-4100T is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor to gain increased privileges remotely...

10CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/20 12:0 a.m.18 views

The vulnerability of the Red Database database management system lies in the return of an incorrect status code, allowing an attacker to trigger a service failure.

The vulnerability of the Red Database database management system is related to the return of incorrect code states. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by exhausting free space on the disk during backup operations...

4.9CVSS5.6AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/05/05 12:0 a.m.18 views

Vulnerability of the MySQL Server component: The Optimizer component of the MySQL database management system allows a hacker to gain unauthorized access to modify, add, or delete data, or to cause service failures.

The vulnerability of the MySQL Server component involves insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to gain unauthorized access to modify, add, or delete data, or to cause a service failure using the MySQL network protocol...

7.5CVSS6.4AI score0.01116EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/13 12:0 a.m.18 views

The vulnerability of the Adobe XMP-Toolkit-SDK software, related to reading beyond the buffer in memory, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Adobe XMP-Toolkit-SDK lies in the creation of temporary files with insecure permissions. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

5.5CVSS6.5AI score0.0217EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/03/11 12:0 a.m.18 views

The vulnerability of the Yokogawa CENTUM VP SCADA system, related to errors in the code, allows a intruder to execute arbitrary commands.

The vulnerability of the Yokogawa CENTUM VP SCADA system is related to errors in the code. Exploiting this vulnerability allows an intruder to execute arbitrary code by modifying the project files and injecting their own code into them, which will be executed upon a specified event...

6.3CVSS6AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/03/04 12:0 a.m.18 views

The vulnerability in the web interface for managing server applications used in food industrial enterprises, AK-EM 800, allows a perpetrator to gain unauthorized access to the debugging service.

The vulnerability in the web-based management interface for the server application used to manage food manufacturing enterprises AK-EM 800 is related to errors in password generation. Exploiting this vulnerability can allow an attacker to gain unauthorized access to the debugging service...

10CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/12/14 12:0 a.m.18 views

The vulnerability of OPPO’s 5G router, which stems from the failure to take measures to neutralize special elements, allows a perpetrator to execute arbitrary codes.

The vulnerability of OPPO’s 5G router exists due to the failure to take measures to neutralize certain components. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

10CVSS5.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/12/08 12:0 a.m.18 views

The vulnerability of MasterCard Tokenisation Service (MDES) and Visa Tokenisation Service (VTS) lies in the absence of critical fields in the ARQC cryptographic algorithm (such as 9F15 MCC), which allows a malicious actor to disclose protected information.

The vulnerability of MasterCard Tokenisation Service MDES and Visa Tokenisation Service VTS lies in the possibility of arbitrary modification of the “Amount” field in the Authorisation Request ISO 8583 packet. Exploiting this vulnerability could allow a malicious actor to disclose protected...

6.8CVSS5.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/11/23 12:0 a.m.18 views

The vulnerability of the microprogrammed logic controller ioLogik’s software, related to deficiencies in the authentication process, allows attackers to escalate their privileges within the system.

The vulnerability of microprogrammed software in programmable logic controllers like ioLogik is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow unauthorized individuals to enhance their privileges within the system through specially crafted requests...

10CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/11/23 12:0 a.m.18 views

The vulnerability of the microprogrammed logic controller ioLogik’s software, related to hard-coding passwords, allows a intruder to escalate their privileges and execute arbitrary code.

The vulnerability of the microprogrammed logic controller ioLogik software relates to the rigid encoding of passwords. Exploiting this vulnerability allows an attacker to enhance their privileges and execute arbitrary code remotely...

10CVSS5.9AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/10/20 12:0 a.m.18 views

The vulnerability of the POST request processing mechanism of the enhanced qualified electronic signature service for operating systems “EMIAS” allows a perpetrator to execute arbitrary code.

The vulnerability of the POST request processing mechanism of the enhanced qualified electronic signature service for operating systems “EMIAS” exists due to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a...

10CVSS5.9AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/10/13 12:0 a.m.18 views

The vulnerability of the JMS Connector Service server in SAP NetWeaver Java Application Server allows attackers to circumvent existing security restrictions or execute arbitrary code.

The vulnerability of the JMS Connector Service server in SAP NetWeaver Java Application Server applications is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions or execute arbitrary code by...

10CVSS8.2AI score0.01251EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/09/29 12:0 a.m.18 views

The vulnerability of the Indexed DB API for browser storage interfaces in Google Chrome and Microsoft Edge allows a attacker to trigger a service failure or execute arbitrary code.

The vulnerability of the Indexed DB API for browser-based structured data storage in Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability can allow a malicious actor to cause service failures or execute arbitrary code through a specially...

10CVSS8.2AI score0.32657EPSS
Exploits0References9Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/08/17 12:0 a.m.18 views

The vulnerability of Moxa EDR-810 microcontroller software lies in the lack of measures taken to neutralize special elements used in the OS command sequence, allowing a perpetrator to execute arbitrary code.

The vulnerability of Moxa EDR-810 microcontroller-based software relates to the lack of measures taken to neutralize special elements used in the OS command sequence. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9.3CVSS5.9AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/07/15 12:0 a.m.18 views

The vulnerability of the SAP Business Objects decision support system lies in the lack of measures taken to protect the website structure. This allows attackers to intercept the session of administrators or users of the web resources.

The vulnerability of the SAP Business Objects decision support system lies in the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to intercept administrator or user sessions on the web resources, using specially crafted POST/GET...

6.8CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/07/07 12:0 a.m.18 views

The vulnerability of user authentication within the IKE-protocol’s Xauth mechanism, which stems from insufficient validation of input data, allows attackers to trigger service failures.

The vulnerability related to user authentication within the Xauth protocol of the IKE protocol is linked to improper validation during the file transmission to the program’s input. Exploiting this vulnerability allows an attacker to cause service failures...

4CVSS5.5AI score
Exploits0References1
Total number of security vulnerabilities5000