Lucene search
K
Bdu FstecMost viewed

90604 matches found

BDU FSTEC
BDU FSTEC
added 2025/12/29 12:0 a.m.16 views

The vulnerability of PLC NLcon-CE-485-C, related to deficiencies in the authorization process of the Codesys v2 service, allows a perpetrator to gain full access to the Codesys v2 execution environment.

The vulnerability of PLC NLcon-CE-485-C is related to deficiencies in the authentication process of the Codesys v2 service. Exploiting this vulnerability can allow an attacker, operating remotely, to gain full access to the Codesys v2 execution environment...

10CVSS5.9AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/23 12:0 a.m.16 views

The vulnerability of the library for creating and editing PDF documents in OpenPDF, related to insufficient validation of input data, allows a hacker to read arbitrary files.

The vulnerability of the OpenPDF library for creating and editing PDF documents is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to read arbitrary files...

6.2CVSS5.9AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/23 12:0 a.m.16 views

The vulnerability of the developer tool “1C:Standard Subsystems Library” relates to deficiencies in code generation process management, allowing a hacker to execute arbitrary code.

The vulnerability of the developer tool “1C:Standard Subsystems Library” is related to deficiencies in process management for code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code...

9CVSS6.1AI score
Exploits0References1Affected Software7
BDU FSTEC
BDU FSTEC
added 2025/12/18 12:0 a.m.16 views

The vulnerability of the "Health check-up" platform for remote monitoring of patient physiological indicators, related to the use of dangerous methods or functions, allows a perpetrator to access confidential information.

The vulnerability of the "Health check-up" patient physiological monitoring platform involves the use of dangerous methods or functions. Exploiting this vulnerability could allow a malicious actor to gain access to confidential information...

9.3CVSS5.8AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/08/11 12:0 a.m.16 views

The vulnerability of the meeting-join function in Cisco WebEx Meetings software allows a perpetrator to carry out a “man-in-the-middle” attack.

The vulnerability of the meeting-join function in Cisco WebEx Meetings software is related to improper verification of certificates. Exploiting this vulnerability could allow a malicious actor to carry out a “man-in-the-middle” attack...

5.4CVSS5.5AI score0.00106EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/08/06 12:0 a.m.16 views

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to trigger a service failure.

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers is related to type conversion errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions through a specially crafted HTML page...

10CVSS7.5AI score0.0025EPSS
Exploits0References10Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/07/22 12:0 a.m.16 views

Yandex Punto Switcher

...

5.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/07/16 12:0 a.m.16 views

The vulnerability of Adobe InDesign’s computer layout automation tool, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially created malicious file...

7.8CVSS6.4AI score0.00251EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/16 12:0 a.m.16 views

The vulnerability in the web interface of Qtech switches, related to incorrect processing of cookie files, allows attackers to elevate their privileges to the level of administrators.

A vulnerability in the web interface of Qtech switches, related to improper handling of cookie files. Exploiting this vulnerability can allow a remote attacker to elevate their privileges to the level of an administrator...

10CVSS5.5AI score
Exploits0Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/07/14 12:0 a.m.16 views

The vulnerability of the Input Method Editor (IME) component of Microsoft Windows, which allows a hacker to gain elevated privileges

The vulnerability of the Input Method Editor IME component in Microsoft Windows is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to gain increased privileges remotely...

8CVSS5.4AI score0.00518EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/06/03 12:0 a.m.16 views

The vulnerability of the SCADA system Pult.online, related to inconsistencies in responses to incoming requests, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the SCADA system Pult.online is related to inconsistencies in responses to incoming requests. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information by sending a specially crafted POST request...

7.8CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/29 12:0 a.m.16 views

The vulnerability of VideoGrace video conferencing software, related to improper access control, allows a intruder to compromise the accessibility of protected information.

The vulnerability of VideoGrace video conferencing software is related to improper access control. Exploiting this vulnerability can allow a remote attacker to compromise the accessibility of protected information...

4.3CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/21 12:0 a.m.16 views

The vulnerability in the XMLRPC software of the UserGate Next-Generation Firewall (NGFW), a unified management center called the UserGate Management Center (UGMC), the UserGate Log Analyzer (LogAn) system for log collection, the UserGate Security Information and Event Management (SIEM) system, and the UserGate Web Application Firewall (WAF) allows attackers to disclose protected information.

The vulnerability of the XMLRPC software on the UserGate Next-Generation Firewall NGFW, as well as the UserGate Management Center UGMC and the UserGate Log Analyzer LogAn system, is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to...

8.6CVSS5.5AI score
Exploits0Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/05/02 12:0 a.m.16 views

The vulnerability of the Avaya Equinox collaboration platform, related to deficiencies in the mechanism for checking uploaded files, allows a hacker to execute arbitrary code.

The vulnerability of the Avaya Equinox collaboration platform is related to deficiencies in the mechanism for checking uploaded files. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by uploading a specially crafted file into the system...

9.1CVSS6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/04/23 12:0 a.m.16 views

The vulnerability of the UpdateProjectConnections method in the software for managing and monitoring removed objects in telemetry and telemechanics systems, allowing a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the UpdateProjectConnections method in the software for managing and monitoring removed objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerabili...

9CVSS6.7AI score0.00732EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/26 12:0 a.m.16 views

The vulnerability of the Telnet protocol implementation for the MIR KT-51 controller and the MIR controller configuration tool, related to the transmission of data in an open manner, allows a perpetrator to disclose the protected information.

The vulnerability of the Telnet protocol implementation for the MIR KT-51 controller and the MIR controller configuration software is related to the transmission of data in an open manner. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

10CVSS5.5AI score
Exploits0Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/02/26 12:0 a.m.16 views

The vulnerability of the implementation of service protocols in the software products of the LLC “NPO ‘MIR’ relates to the transmission of data in an open manner, which allows a perpetrator to disclose the protected information.

The vulnerability of the implementation of service protocols in the software products of the LLC “NPO ‘MIR’ relates to the transmission of data in an open manner. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected information.”...

10CVSS5.4AI score
Exploits0Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/02/24 12:0 a.m.16 views

The vulnerability of the implementation of the Factory Interface Network Service (FINS) protocol in the microcomputer-based software for programmable logic controllers SYSMAC allows a intruder to gain unauthorized access to protected information and execute arbitrary commands.

The vulnerability of the Factory Interface Network Service FINS protocol implemented in SYSMAC programmable logic controllers is related to the absence of authentication. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to sensitive informati...

10CVSS8AI score0.01385EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2025/02/15 12:0 a.m.16 views

The vulnerability of the verify_dnskey_rrset() function in the Hickory DNS client (formerly Trust-DNS) allows a attacker to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerability of the verifydnskeyrrset function in the Hickory DNS client formerly Trust-DNS is related to insufficient verification of data authenticity. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain unauthorized access to protected informati...

6.8CVSS5.5AI score0.00271EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/23 12:0 a.m.16 views

The vulnerability of the sub_422eb8 function in Linksys E8450 Wi-Fi routers allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the sub422eb8 function in Linksys E8450 Wi-Fi routers’ microprogramming software is related to the copying of buffers without checking the size of the input data during the processing of the strncpy parameter. Exploiting this vulnerability allows an attacker to execute...

9CVSS6AI score0.00693EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.16 views

The vulnerability of the System component of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of the System component of the Android operating system is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8AI score0.00459EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.16 views

The vulnerability of the `ucsi_ccg_update_set_new_cam_cmd()` function in the Linux kernel’s drivers/usb/typec/ucsi/ucsi_ccg.c file allows a attacker to compromise the confidentiality and accessibility of protected information.

The vulnerability of the ucsiccgupdatesetnewcamcmd function in the Linux kernel’s drivers/usb/typec/ucsi/ucsiccg.c file relates to reading memory beyond the bounds of the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility of...

7.1CVSS7.2AI score0.00255EPSS
Exploits0References22Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/01/08 12:0 a.m.16 views

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the execution of operations beyond the buffer in memory, allows attackers to trigger service failures or execute arbitrary code.

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the execution of operations beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to trigger service failures or...

7.8CVSS6.2AI score0.00237EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/12/02 12:0 a.m.16 views

The vulnerability of components related to DRM/AMDKFD in Linux kernel allows attackers to increase their privileges within the system.

The vulnerability of DRM/AMDKFD components in Linux kernel relates to memory management errors that occur after memory is freed in the svmrangevramnodefree function. Exploiting this vulnerability can allow attackers to enhance their privileges...

6.8CVSS6.5AI score0.00174EPSS
Exploits0References19Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/11/20 12:0 a.m.16 views

The vulnerability of GigaDevice’s GD32 microprogrammed device controllers, such as GD32F1x0, GD32F4xx, and GD32F3x0, is related to insufficient access control mechanisms. This allows attackers to read data from the RAM or modify its state.

The vulnerability of GigaDevice’s GD32 microprogrammed device controllers, such as GD32F1x0, GD32F4xx, and GD32F3x0, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to read data from the RAM or alter its state...

7.6CVSS5.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/11/15 12:0 a.m.16 views

The vulnerability of the msdosfs driver in the FreeBSD operating system, related to the use of an uninitialized resource, allows a hacker to read data from deleted system files.

The vulnerability of the msdosfs driver in the FreeBSD operating system is related to the use of an uninitialized resource. Exploiting this vulnerability could allow a hacker to read data from deleted system files...

5.6CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/15 12:0 a.m.16 views

The vulnerability of the Windows USB Video Class System Driver for Windows operating systems allows attackers to gain elevated privileges.

The vulnerability of the Windows USB Video Class System Driver for Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

7.2CVSS5.8AI score0.00733EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.16 views

The vulnerability of the SCSI component in the Linux operating system allows a hacker to gain access to confidential information.

The vulnerability of the Linux operating system’s SCSI kernel component is related to excessive data output in the scsihostdevrelease function. Exploiting this vulnerability can allow an attacker to gain access to confidential information...

3.3CVSS6.2AI score0.00242EPSS
Exploits0References45Affected Software6
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.16 views

The vulnerability of the `changeFileRights` function in the `osUtils.cpp` module of the database management system “Red Database” is related to improper access control, allowing attackers to trigger a service failure for the DBMS.

The vulnerability of the changeFileRights function in the osUtils.cpp module of the database management system “Red Database” is related to the fact that if the server is run under the user’s identity other than the default user reddatabase, then running the server’s utilities under the root user...

4CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/01 12:0 a.m.16 views

The vulnerability of the YouGile project management service lies in the lack of file upload restrictions, which allows a hacker to execute arbitrary code.

The vulnerability of the YouGile project management service lies in the lack of restrictions on file downloads. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

6.8CVSS5.9AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/31 12:0 a.m.16 views

The vulnerability of the SCADA system MasterSCADA, related to deficiencies in the deserialization mechanism, allows a intruder to execute arbitrary code.

The vulnerability of the SCADA system MasterSCADA is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS6AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/14 12:0 a.m.16 views

The vulnerability of the Graphics component in Windows operating systems allows attackers to exploit their privileges.

The vulnerability of the Graphics component in Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS7.1AI score0.0071EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/08/27 12:0 a.m.16 views

The vulnerability of the rfcomm component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the rfcomm component in the Linux operating system’s kernel is related to the handling of the zero pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.00279EPSS
Exploits0References44Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/08/19 12:0 a.m.16 views

The vulnerability of the Kernel Streaming WOW Thunk Service Driver (Drivers\ksthunk.sys) on Windows operating systems, which allows a hacker to escalate their privileges.

The vulnerability of the Kernel Streaming WOW Thunk Service Driver Drivers\ksthunk.sys on Windows operating systems is related to numerical truncation errors. Exploiting this vulnerability can allow an attacker to gain increased privileges...

7.8CVSS5.5AI score0.0594EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/07/31 12:0 a.m.16 views

The vulnerability of the mp_unescape03() function in the Mplayer media player, related to writing beyond the memory boundaries, allows a hacker to cause a service failure.

The vulnerability of the mpunescape03 function in the Mplayer media player is related to writing beyond the memory boundaries. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS5.9AI score0.00344EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/04 12:0 a.m.16 views

The vulnerability of the Adobe Experience Manager content and media data management system lies in the insufficient protection of the website structure, which allows an attacker to execute XSS attacks.

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks...

5.5CVSS5.5AI score0.0051EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/04 12:0 a.m.16 views

The vulnerability of the Adobe Experience Manager content and media data management system lies in the insufficient protection of the website structure, which allows an attacker to execute XSS attacks.

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks...

5.5CVSS5.5AI score0.00502EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/01 12:0 a.m.16 views

The vulnerability of the file /view/systemConfig/reboot/reboot_commit.php in the Ruijie RG-UAC router microprogramming system allows a attacker to execute arbitrary commands.

The vulnerability of the file /view/systemConfig/reboot/rebootcommit.php in the Ruijie RG-UAC router microprogramming system exists due to the failure to take measures to neutralize special elements used in the operating system command. Exploiting this vulnerability allows a malicious actor to...

6.5CVSS6.9AI score0.09681EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/06/03 12:0 a.m.16 views

The vulnerability of the CMS system Netcat, related to the unlimited loading of dangerous types of files, allows attackers to execute arbitrary code.

The vulnerability of the CMS system Netcat is related to the unlimited loading of dangerous files. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.7CVSS5.9AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/04/09 12:0 a.m.16 views

The vulnerability in the `src/media_tools/avilib.c` file of the multimedia platform GPAC allows a hacker to execute arbitrary code.

The vulnerability in the src/mediatools/avilib.c file of the multimedia platform GPAC is related to the ability to write beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS8.3AI score0.01121EPSS
Exploits1References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/04/08 12:0 a.m.16 views

The vulnerability of the Apache Aurora task scheduling framework, related to information disclosure, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Apache Aurora task scheduler framework is related to the disclosure of information. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

9.3CVSS5.5AI score0.01471EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/04/08 12:0 a.m.16 views

The vulnerability of the log management page (journals) of the web application of the command-and-control platform for NorthStar C2 penetration testing allows a attacker to execute arbitrary code.

The vulnerability of the log management page journal of the command-and-control platform-based web application for NorthStar C2 exists due to the lack of protective measures for the web page structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

9CVSS8AI score0.78158EPSS
Exploits5References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/03/05 12:0 a.m.16 views

The vulnerability of the Apache InLong data integration platform lies in its reliance on files and directories accessible from external parties, allowing attackers to execute arbitrary code.

The vulnerability of the Apache InLong data integration platform lies in the use of files and directories accessible to external parties due to incorrect restrictions on the path to the restricted directory during file loading. Exploiting this vulnerability allows a malicious actor to execute...

7.8CVSS7.6AI score0.01247EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/15 12:0 a.m.16 views

The vulnerability of Blink’s web page rendering mechanism in Google Chrome browser allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of Blink’s web page rendering mechanism in Google Chrome browsers is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure by using a specially created malicious web page...

10CVSS8.1AI score0.00639EPSS
Exploits0References10Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/12/15 12:0 a.m.16 views

The vulnerability of Google Chrome’s WebRTC technology allows a perpetrator to execute arbitrary code or trigger a service failure.

The vulnerability of Google Chrome’s WebRTC technology is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure through a specially created malicious web page...

10CVSS8.1AI score0.00657EPSS
Exploits0References11Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/11/01 12:0 a.m.16 views

The vulnerability of the Downloads component of the Google Chrome browser allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Downloads component of the Google Chrome browser is related to improperly implemented security checks for standard elements. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information through a specially...

7.8CVSS5.8AI score0.00926EPSS
Exploits0References10Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/10/21 12:0 a.m.16 views

The vulnerabilities of the BIG-IP Access Policy Manager, as well as of other software solutions such as BIG-IP Advanced Firewall Manager, BIG-IP Advanced Web Application Firewall, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Application Visibility and Reporting (AVR), BIG-IP Camer-Grade NAT (CGNAT), BIG-IP DDos Hybrid Defender, BIG-IP Domain Name System, BIG-IP Edge Gateway, BIG-IP Fraud Protection Service, BIG-IP Global Traffic Manager, BIG-IP Link Controller, BIG-IP Local Traffic Manager, BIG-IP Policy Inforcement Manager, BIG-IP SSL Orchestrator, BIG-IP Webaccelerator, and BIG-IP WebSafe, are related to improper verification of cryptographic signatures. This allows attackers to increase their privileges.

The vulnerabilities of the BIG-IP Access Policy Manager, as well as of software solutions such as BIG-IP Advanced Firewall Manager, BIG-IP Advanced Web Application Firewall, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Application Visibili...

7.8CVSS7.2AI score0.00146EPSS
Exploits0References3Affected Software20
BDU FSTEC
BDU FSTEC
added 2023/09/15 12:0 a.m.16 views

The vulnerability of the command-line interface of the SQLite database management system allows a hacker to gain unauthorized access to prohibited user functions.

The vulnerability of the command-line interface of the SQLite database management system is related to errors in the implementation of the azAllowedFunctions protection mechanism. Exploiting this vulnerability can allow an attacker to gain unauthorized access to prohibited user functions...

7.3CVSS6.4AI score0.00425EPSS
Exploits1References10Affected Software6
BDU FSTEC
BDU FSTEC
added 2023/09/13 12:0 a.m.16 views

The vulnerability of the Conversations messaging software, related to insufficient validation of input data, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Conversations messaging software is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information by opening a backup file...

7.1CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/23 12:0 a.m.16 views

The vulnerability of Google Chrome’s Autofill function for Android allows attackers to circumvent existing security restrictions.

The vulnerability of Google Chrome’s Autofill function for Android relates to improperly implemented security checks for standard elements. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions through a specially created HTML page...

6.5CVSS5.9AI score0.00762EPSS
Exploits0References6Affected Software5
Total number of security vulnerabilities5000