Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2017/12/26 12:0 a.m.17 views

The vulnerability of the libmpeg2 library in the Media Framework of the Android operating system allows a hacker to execute arbitrary code within the context of a privileged process.

The vulnerability of the libmpeg2 library in the Media Framework of the Android operating system is related to lack of access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of a privileged process using a specially crafted file...

9.3CVSS7.7AI score0.01233EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/02/02 12:0 a.m.17 views

The vulnerability of the Android operating system, which allows a malicious actor to compromise the confidentiality of information

The vulnerability of the decoder/ihevcdDecode.c function in the libhevc service of the Android operating system is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality of information...

7.1CVSS6.2AI score0.00685EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.17 views

Vulnerability of the Java Platform software platform, allowing a remote attacker to compromise the integrity of protected information

The vulnerability of the Java SE and Java SE Embedded software platform allows a malicious actor to compromise data integrity by using the Security subcomponent...

2.6CVSS7.7AI score0.03137EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2016/03/02 12:0 a.m.17 views

The vulnerability of the LibreOffice office software package, which allows a hacker to trigger a service failure or cause other adverse effects

The vulnerability of the LibreOffice office software’s filter function arises from buffer overflow. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure memory corruption, or possibly have other effects using a specially crafted document called...

9.3CVSS7.8AI score0.02826EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2015/10/13 12:0 a.m.17 views

The vulnerability of the Cisco IOS operating system, which allows a perpetrator to gain unauthorized access to the device

The vulnerability of the SSHv2 component in Cisco IOS systems is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to a device by manipulating information about known user names and their associated RSA keys...

9.3CVSS5.5AI score0.04388EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.17 views

Vulnerabilities in the OpenSUSE operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the cloop-kmp-desktop package of the OpenSUSE operating system can be exploited, leading to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

9.3CVSS6.6AI score0.05926EPSS
Exploits15References15Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.17 views

Vulnerabilities of the Gentoo Linux operating system, which allow a remote attacker to compromise the integrity and accessibility of protected information

Multiple vulnerabilities exist in the openssl package up to version 0.9.8l-r2 of the Gentoo Linux operating system. Exploitation of these vulnerabilities may lead to the compromise of the integrity and accessibility of protected information. These vulnerabilities can be exploited remotely...

5.8CVSS6.7AI score0.87264EPSS
Exploits29References10Affected Software3
BDU FSTEC
BDU FSTEC
added 7 hours ago16 views

The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.

The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the inclusion of functions from an unverified and uncontrolled area. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

10CVSS7.2AI score0.00709EPSS
Exploits1References11Affected Software9
BDU FSTEC
BDU FSTEC
added 2025/12/15 12:0 a.m.16 views

The vulnerability of the astra-safepolicy security configuration software lies in the lack of data security mechanisms. This allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the astra-safepolicy security configuration software is related to the lack of a data security mechanism. Exploiting this vulnerability allows attackers to access confidential data, compromise its integrity, and cause service failures...

8.4CVSS5.8AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/08/11 12:0 a.m.16 views

The vulnerability of the meeting-join function in Cisco WebEx Meetings software allows a perpetrator to carry out a “man-in-the-middle” attack.

The vulnerability of the meeting-join function in Cisco WebEx Meetings software is related to improper verification of certificates. Exploiting this vulnerability could allow a malicious actor to carry out a “man-in-the-middle” attack...

5.4CVSS5.5AI score0.00106EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/08/08 12:0 a.m.16 views

The vulnerability of PackageKit for macOS operating systems, which allows a hacker to trigger a service failure.

The vulnerability of PackageKit for macOS operating systems is related to access control deficiencies. Exploiting this vulnerability can allow an attacker to cause service failures...

10CVSS5.4AI score0.00737EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/08/07 12:0 a.m.16 views

The vulnerability of Autodesk 3dsMax software for 3D modeling, animation, and visualization lies in the possibility of an operation going beyond the buffer boundaries in memory. This allows a malicious actor to execute arbitrary code or cause system failures.

The vulnerability of the software for 3D modeling, animation, and visualization in Autodesk 3dsMax relates to the execution of operations beyond the buffer boundaries in memory when processing TGA files. Exploiting this vulnerability can allow an attacker to execute arbitrary code or cause system...

7.8CVSS6.4AI score0.00199EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/16 12:0 a.m.16 views

The vulnerability in the web interface of Qtech switches, related to incorrect processing of cookie files, allows attackers to elevate their privileges to the level of administrators.

A vulnerability in the web interface of Qtech switches, related to improper handling of cookie files. Exploiting this vulnerability can allow a remote attacker to elevate their privileges to the level of an administrator...

10CVSS5.5AI score
Exploits0Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/07/16 12:0 a.m.16 views

The vulnerability of Adobe InDesign’s computer layout automation tool, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially created malicious file...

7.8CVSS6.4AI score0.00251EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/14 12:0 a.m.16 views

The vulnerability of the Input Method Editor (IME) component of Microsoft Windows, which allows a hacker to gain elevated privileges

The vulnerability of the Input Method Editor IME component in Microsoft Windows is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to gain increased privileges remotely...

8CVSS5.4AI score0.00518EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/06/03 12:0 a.m.16 views

The vulnerability of the SCADA system Pult.online, related to inconsistencies in responses to incoming requests, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the SCADA system Pult.online is related to inconsistencies in responses to incoming requests. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information by sending a specially crafted POST request...

7.8CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/29 12:0 a.m.16 views

The vulnerability of VideoGrace video conferencing software, related to improper access control, allows a intruder to compromise the accessibility of protected information.

The vulnerability of VideoGrace video conferencing software is related to improper access control. Exploiting this vulnerability can allow a remote attacker to compromise the accessibility of protected information...

4.3CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/28 12:0 a.m.16 views

The vulnerability of the SimpleOne ITSM automation system allows a perpetrator to carry out an SSRF attack and gain unauthorized access to protected information.

The vulnerability of the SimpleOne ITSM automation system is related to insufficient verification of incoming requests. Exploiting this vulnerability could allow a malicious actor to carry out an SRF attack and gain unauthorized access to protected information...

9.1CVSS5.4AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/23 12:0 a.m.16 views

The vulnerability of the resource_build_bit_depth_reduction_params() function in the DRI driver for AMD kernel-based Linux graphics cards allows a attacker to cause a service failure.

The vulnerability of the resourcebuildbitdepthreductionparams function in the Direct Rendering Infrastructure DRI driver for AMD graphics cards in Linux operating systems is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.6AI score0.00237EPSS
Exploits0References14Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/05/02 12:0 a.m.16 views

The vulnerability of the Avaya Equinox collaboration platform, related to deficiencies in the mechanism for checking uploaded files, allows a hacker to execute arbitrary code.

The vulnerability of the Avaya Equinox collaboration platform is related to deficiencies in the mechanism for checking uploaded files. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by uploading a specially crafted file into the system...

9.1CVSS6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/04/23 12:0 a.m.16 views

The vulnerability of the UpdateProjectConnections method in the software for managing and monitoring removed objects in telemetry and telemechanics systems, allowing a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the UpdateProjectConnections method in the software for managing and monitoring removed objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerabili...

9CVSS6.7AI score0.00732EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/14 12:0 a.m.16 views

The vulnerability of the SINAMICS S200 servo-system loader, related to deficiencies in authentication procedures, allows a perpetrator to execute arbitrary code.

The vulnerability of the SINAMICS S200 servo drive system’s loader is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

10CVSS8.4AI score0.00513EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/03/03 12:0 a.m.16 views

The vulnerability of the Delegated License Service (DLS) component of the NVIDIA licensing system allows a perpetrator to gain unauthorized access to protected information and cause service failures.

The vulnerability of the Delegated License Service DLS component of NVIDIA’s licensing system lies in the absence of authentication procedures. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information and cause service...

7.6CVSS5.5AI score0.00246EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/26 12:0 a.m.16 views

The vulnerability of the implementation of service protocols in the software products of the LLC “NPO ‘MIR’ relates to the transmission of data in an open manner, which allows a perpetrator to disclose the protected information.

The vulnerability of the implementation of service protocols in the software products of the LLC “NPO ‘MIR’ relates to the transmission of data in an open manner. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected information.”...

10CVSS5.4AI score
Exploits0Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/02/26 12:0 a.m.16 views

The vulnerability of the Telnet protocol implementation for the MIR KT-51 controller and the MIR controller configuration tool, related to the transmission of data in an open manner, allows a perpetrator to disclose the protected information.

The vulnerability of the Telnet protocol implementation for the MIR KT-51 controller and the MIR controller configuration software is related to the transmission of data in an open manner. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

10CVSS5.5AI score
Exploits0Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/02/24 12:0 a.m.16 views

The vulnerability of the implementation of the Factory Interface Network Service (FINS) protocol in the microcomputer-based software for programmable logic controllers SYSMAC allows a intruder to gain unauthorized access to protected information and execute arbitrary commands.

The vulnerability of the Factory Interface Network Service FINS protocol implemented in SYSMAC programmable logic controllers is related to the absence of authentication. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to sensitive informati...

10CVSS8AI score0.01385EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2025/02/15 12:0 a.m.16 views

The vulnerability of the verify_dnskey_rrset() function in the Hickory DNS client (formerly Trust-DNS) allows a attacker to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerability of the verifydnskeyrrset function in the Hickory DNS client formerly Trust-DNS is related to insufficient verification of data authenticity. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain unauthorized access to protected informati...

6.8CVSS5.5AI score0.00271EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/13 12:0 a.m.16 views

The vulnerability of Windows operating system DHCP clients allows a perpetrator to execute arbitrary code.

The vulnerability of DHCP clients of Windows operating systems relates to the possibility of using memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

7.1CVSS8.1AI score0.00849EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/01/20 12:0 a.m.16 views

The vulnerability of the generateRow() function in the PHP Spreadsheet library allows attackers to perform cross-site scripting attacks.

The vulnerability of the generateRow function in the PHP Spreadsheet library is related to the lack of protective measures for web page structures. Exploiting this vulnerability allows an attacker to perform cross-site scripting attacks remotely...

5.5CVSS5.2AI score0.00373EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.16 views

The vulnerability of the `ucsi_ccg_update_set_new_cam_cmd()` function in the Linux kernel’s drivers/usb/typec/ucsi/ucsi_ccg.c file allows a attacker to compromise the confidentiality and accessibility of protected information.

The vulnerability of the ucsiccgupdatesetnewcamcmd function in the Linux kernel’s drivers/usb/typec/ucsi/ucsiccg.c file relates to reading memory beyond the bounds of the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility of...

7.1CVSS7.2AI score0.00255EPSS
Exploits0References22Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.16 views

The vulnerability of the Media Framework component of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the Media Framework component in the Android operating system relates to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.4CVSS7.4AI score0.00083EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/27 12:0 a.m.16 views

The vulnerability of Palo Alto Networks’ network switches, managed by the PAN-OS operating system, stems from insufficient checks for unusual or exceptional states. This allows attackers to trigger service interruptions.

The vulnerability of Palo Alto Networks’ network switches, managed by the PAN-OS operating system, is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor to trigger a service failure by sending a specially crafted network...

8.6CVSS7.5AI score0.26636EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/12/02 12:0 a.m.16 views

The vulnerability of components related to DRM/AMDKFD in Linux kernel allows attackers to increase their privileges within the system.

The vulnerability of DRM/AMDKFD components in Linux kernel relates to memory management errors that occur after memory is freed in the svmrangevramnodefree function. Exploiting this vulnerability can allow attackers to enhance their privileges...

6.8CVSS6.5AI score0.00174EPSS
Exploits0References19Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/11/20 12:0 a.m.16 views

The vulnerability of GigaDevice’s GD32 microprogrammed software controllers, models GD32E23x and GD32E50x, is related to access control deficiencies. This vulnerability allows attackers to read data from SRAM or alter its state.

The vulnerability of GigaDevice’s GD32 microprogrammed device controllers, such as GD32E23x and GD32E50x, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to read data from SRAM or alter its state...

7.6CVSS5.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/11/20 12:0 a.m.16 views

The vulnerability of GigaDevice’s GD32 microprogrammed device controllers, such as GD32F1x0, GD32F4xx, and GD32F3x0, is related to insufficient access control mechanisms. This allows attackers to read data from the RAM or modify its state.

The vulnerability of GigaDevice’s GD32 microprogrammed device controllers, such as GD32F1x0, GD32F4xx, and GD32F3x0, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to read data from the RAM or alter its state...

7.6CVSS5.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/11/15 12:0 a.m.16 views

The vulnerability of the msdosfs driver in the FreeBSD operating system, related to the use of an uninitialized resource, allows a hacker to read data from deleted system files.

The vulnerability of the msdosfs driver in the FreeBSD operating system is related to the use of an uninitialized resource. Exploiting this vulnerability could allow a hacker to read data from deleted system files...

5.6CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/15 12:0 a.m.16 views

The vulnerability of the Windows USB Video Class System Driver for Windows operating systems allows attackers to gain elevated privileges.

The vulnerability of the Windows USB Video Class System Driver for Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

7.2CVSS5.8AI score0.00733EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.16 views

The vulnerability of the SCSI component in the Linux operating system allows a hacker to gain access to confidential information.

The vulnerability of the Linux operating system’s SCSI kernel component is related to excessive data output in the scsihostdevrelease function. Exploiting this vulnerability can allow an attacker to gain access to confidential information...

3.3CVSS6.2AI score0.00242EPSS
Exploits0References45Affected Software6
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.16 views

The vulnerability of the `changeFileRights` function in the `osUtils.cpp` module of the database management system “Red Database” is related to improper access control, allowing attackers to trigger a service failure for the DBMS.

The vulnerability of the changeFileRights function in the osUtils.cpp module of the database management system “Red Database” is related to the fact that if the server is run under the user’s identity other than the default user reddatabase, then running the server’s utilities under the root user...

4CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/01 12:0 a.m.16 views

The vulnerability of the YouGile project management service lies in the lack of file upload restrictions, which allows a hacker to execute arbitrary code.

The vulnerability of the YouGile project management service lies in the lack of restrictions on file downloads. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

6.8CVSS5.9AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/31 12:0 a.m.16 views

The vulnerability of the SCADA system MasterSCADA, related to deficiencies in the deserialization mechanism, allows a intruder to execute arbitrary code.

The vulnerability of the SCADA system MasterSCADA is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS6AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/19 12:0 a.m.16 views

The vulnerability of the Kernel Streaming WOW Thunk Service Driver (Drivers\ksthunk.sys) on Windows operating systems, which allows a hacker to escalate their privileges.

The vulnerability of the Kernel Streaming WOW Thunk Service Driver Drivers\ksthunk.sys on Windows operating systems is related to numerical truncation errors. Exploiting this vulnerability can allow an attacker to gain increased privileges...

7.8CVSS5.5AI score0.0594EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/08/14 12:0 a.m.16 views

The vulnerability of D-Link router microprogramming software arises from the lack of measures taken to neutralize special elements used in the operating system command. This allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of D-Link DIR-1960-US, DIR-2640-US, DIR-2660-US, DIR-3040-US, DIR-3060-US, DIR-867-US, DIR-878, DIR-882-US, DIR-882/RE, DIR-882-CA, and DIR-882-US/RE routers exists due to the lack of measures to neutralize specific elements. Exploiting this vulnerability can allow a malicious...

8.4CVSS5.5AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/07/31 12:0 a.m.16 views

The vulnerability of the mp_unescape03() function in the Mplayer media player, related to writing beyond the memory boundaries, allows a hacker to cause a service failure.

The vulnerability of the mpunescape03 function in the Mplayer media player is related to writing beyond the memory boundaries. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS5.9AI score0.00344EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/04 12:0 a.m.16 views

The vulnerability of the Adobe Experience Manager content and media data management system lies in the insufficient protection of the website structure, which allows an attacker to execute XSS attacks.

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks...

5.5CVSS5.5AI score0.00502EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/01 12:0 a.m.16 views

The vulnerability of the file /view/systemConfig/reboot/reboot_commit.php in the Ruijie RG-UAC router microprogramming system allows a attacker to execute arbitrary commands.

The vulnerability of the file /view/systemConfig/reboot/rebootcommit.php in the Ruijie RG-UAC router microprogramming system exists due to the failure to take measures to neutralize special elements used in the operating system command. Exploiting this vulnerability allows a malicious actor to...

6.5CVSS6.9AI score0.09681EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/06/04 12:0 a.m.16 views

The vulnerability of the BPMSoft web application is related to deficiencies in access control, which allows attackers to increase their privileges within the system.

The vulnerability of the BPMSoft web application is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to enhance their privileges within the system...

6.1CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/04/10 12:0 a.m.16 views

The vulnerability of the Intel Chipset Driver Software in managing and updating chipset drivers is related to incorrect default permissions, allowing an attacker to escalate their privileges.

The vulnerability of the Intel Chipset Driver Software for software-based control and driver updates is related to incorrect default permissions. Exploiting this vulnerability can allow attackers to enhance their privileges...

6.7CVSS6.6AI score0.00167EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/04/09 12:0 a.m.16 views

The vulnerability in the `src/media_tools/avilib.c` file of the multimedia platform GPAC allows a hacker to execute arbitrary code.

The vulnerability in the src/mediatools/avilib.c file of the multimedia platform GPAC is related to the ability to write beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS8.3AI score0.01121EPSS
Exploits1References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/03/05 12:0 a.m.16 views

The vulnerability of the Apache InLong data integration platform lies in its reliance on files and directories accessible from external parties, allowing attackers to execute arbitrary code.

The vulnerability of the Apache InLong data integration platform lies in the use of files and directories accessible to external parties due to incorrect restrictions on the path to the restricted directory during file loading. Exploiting this vulnerability allows a malicious actor to execute...

7.8CVSS7.6AI score0.01247EPSS
Exploits0References3Affected Software1
Total number of security vulnerabilities5000