90509 matches found
The vulnerability in the web interface for managing microprogramming software used in IPTV and VoD services, NetUP IPTV Combine, allows attackers to bypass security restrictions and gain increased privileges.
The vulnerability in the web-based administration interface of microprogramming software for IPTV and VoD services, NetUP IPTV Combine, is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain increase...
The vulnerability of the InnoDB component of the MySQL Database Server allows a perpetrator to gain unauthorized access for reading, modifying, or deleting data, or to cause service failures.
The vulnerability of the InnoDB component in the MySQL Database Management System is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to read, modify, or delete data, or to cause service failures...
The vulnerability of Moxa VPORT 06EC-2V IP camera software and Moxa VPort 461A video encoder software lies in the reading of data beyond the buffer in memory. This allows an intruder to gain unauthorized access to protected information or cause a service failure.
The vulnerability of Moxa VPORT 06EC-2V microprogrammed software for IP cameras and the Moxa VPort 461A microprogrammed software for video encoders lies in the reading of data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected...
The vulnerability of the httpd daemon in the embedded software of the NETGEAR R7000P router allows a hacker to execute arbitrary code.
The vulnerability of the httpd daemon in the NETGEAR R7000P router’s embedded software is related to buffer overflow errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through the wandns1sec parameter...
The vulnerability of NSD and Unbound DNS servers lies in the improper handling of symbolic links before accessing a file. This allows attackers to cause service failures.
The vulnerability of NSD and Unbound DNS servers is related to the incorrect handling of symbolic links before accessing a file. Exploiting this vulnerability allows an attacker to cause service failures...
The vulnerability of the internal/dcraw_common.cpp component in the LibRaw image processing library allows a hacker to trigger a service failure.
The vulnerability of the internal/dcrawcommon.cpp component in the LibRaw image processing library is related to reading data beyond the permissible buffer size. Exploiting this vulnerability allows a remote attacker to cause service interruptions...
The vulnerability of the telnet server’s microprogramming software for the CentreCOM AR260S V2 allows a hacker to gain access to user credentials.
The vulnerability of the telnet server software for CentreCOM AR260S V2 lies in the use of strictly encrypted login credentials. Exploiting this vulnerability allows a malicious actor to gain access to these login credentials remotely...
The vulnerability of the QPDF::processXRefStream function in the command-line utility for converting QPDF documents allows a attacker to cause a service failure.
The vulnerability of the QPDF::processXRefStream command-line utility for converting PDF documents is related to the lack of resource release after the expiration of its useful period. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the btrfs_alloc_tree_b function (fs/btrfs/extent-tree.c) in the file system of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the btrfsalloctreeb function fs/btrfs/extent-tree.c in the file system of the Linux operating system is related to improper locking of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the infe_box_read function in the MP4Box component of the GPAC multimedia platform allows a hacker to gain access to confidential data.
The vulnerability of the infeboxread function in the MP4Box component of the GPAC multimedia platform is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to gain access to confidential data through a specially created file...
The vulnerability of NETGEAR R7000 Wi-Fi routers’ microprogramming software lies in the copying of buffers without checking the size of the input data. This allows attackers to gain unauthorized access to protected information.
The vulnerability of NETGEAR R7000 Wi-Fi routers’ microprogramming software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the adts_decode_extradata function in the libavformat/adtsenc.c component of the FFmpeg multimedia library, related to an unvalidated return value, allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.
The vulnerability of the adtsdecodeextradata function in the libavformat/adtsenc.c component of the FFmpeg multimedia library is related to an unvalidated return value of initgetbits. Exploiting this vulnerability could allow a remote attacker to gain access to confidential data, compromise its...
The vulnerability of the convolution_y_10bit function in the Ffmpeg multimedia library, related to buffer overflow in memory, allows a hacker to cause a service failure.
The vulnerability of the convolutiony10bit function in the Ffmpeg multimedia library is related to buffer overflow in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability in the FatPipe software’s web interface, related to the unlimited download of malicious files, allows a hacker to download a malicious file onto a vulnerable device and execute it.
The vulnerability of the FatPipe software management web interface is related to the unlimited download of malicious files. Exploiting this vulnerability allows a malicious actor to download a malicious file onto a vulnerable device and execute it...
The vulnerability of the sub_8003183C function (/fromLogin) in the wireless router software D-Link DIR-809 allows a hacker to execute arbitrary code on the target system.
The vulnerability of the FUN80034d60 /formStaticDHCP function of the D-Link DIR-809 wireless router is related to stack buffer overflow. Exploiting this vulnerability allows a remote attacker to execute arbitrary code on the system via the created POST request...
The vulnerability of the JMS Connector Service server in SAP NetWeaver Java Application Server allows attackers to circumvent existing security restrictions or execute arbitrary code.
The vulnerability of the JMS Connector Service server in SAP NetWeaver Java Application Server applications is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions or execute arbitrary code by...
The vulnerability of the Zabbix universal monitoring system, related to deficiencies in access control, allows a intruder to bypass the authentication process on the administrator panel.
The vulnerability of the Zabbix universal monitoring system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass the administrative panel’s authentication process by sending specially crafted requests...
The vulnerability of Google Chrome’s V8 JavaScript engine, related to writing beyond the buffer boundary, allows attackers to access confidential information or trigger a service denial.
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to access confidential information or cause service failures...
The vulnerability of the GJSON library in Aurora Application Software, related to uncontrolled resource consumption, allows attackers to cause service failures.
The vulnerability of the GJSON library in Aurora software applications is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures through a specially crafted GET request...
The vulnerability in the arch/x86/kvm/svm/sev.c component of the Kernel-based Virtual Machine (KVM) virtualization subsystem of Linux operating systems allows a attacker to cause a service failure.
The vulnerability in the kernel-based virtual machine KVM virtualization subsystem of Linux operating systems, specifically in the arch/x86/kvm/svm/sev.c component, involves uncontrolled resource consumption. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the RemoteFX vGPU component in the Microsoft Hyper-V hardware virtualization system’s operating system Windows allows a attacker to execute arbitrary code.
The vulnerability of the RemoteFX vGPU component in the Microsoft Hyper-V hardware virtualization system’s operating system Windows exists due to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted...
Vulnerability in the print-hncp.c:print_prefix() utility for capturing and analyzing network traffic with tcpdump, allowing a hacker to cause a service failure
The vulnerability in the print-hncp.c:printprefix utility for capturing and analyzing network traffic using tcpdump is related to the execution of read operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of Intel Graphics Drivers relates to an uncontrolled search path, which allows attackers to escalate their privileges.
The vulnerability of Intel Graphics Drivers is related to an uncontrolled search process. Exploiting this vulnerability can allow attackers to gain increased privileges...
The vulnerability of the microprogrammed Ethernet switch software from Moxa EDS-405A series, related to buffer overflow, allows a hacker to trigger a service failure.
The vulnerability of the microprogrammed Ethernet switch software from Moxa EDS-405A series is related to buffer overflow attacks. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure by sending HTTP GET requests to the vulnerable device...
The vulnerability in the built-in software of the Intel NUC Kit relates to the execution of operations outside the buffer in memory. This allows an attacker to exploit their privileges, cause system failures, or gain unauthorized access to protected information.
The vulnerability in the built-in software of the Intel NUC Kit relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges, cause system failures, or gain unauthorized access to protected information...
The vulnerability of Adobe Illustrator CC 2019, related to the execution of operations beyond buffer boundaries in memory, allows attackers to execute arbitrary code.
The vulnerability of Adobe Illustrator CC 2019 is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...
The vulnerability of the Samba networking communication package lies in its susceptibility to resource exhaustion by the system, allowing attackers to trigger a service failure.
The vulnerability of the Samba networking communication package is related to the exhaustion of system resources. Exploiting this vulnerability can allow a hacker to cause service failures by initiating multiple connections...
The vulnerability of the wlg_adv.cgi CGI handler in NETGEAR’s R8000 and R8500 routers allows a hacker to perform arbitrary actions.
The vulnerability of the wlgadv.cgi CGI handler in NETGEAR’s R8000 and R8500 routers stems from buffer overflows in static memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted HTTP request...
The vulnerability of the Security component in Java SE and Java SE Embedded software platforms allows a perpetrator to gain unauthorized access to information.
The vulnerability of the Security component in Java SE and Java SE Embedded software-related programs is related to deficiencies in access control. Exploiting this vulnerability may allow an attacker operating remotely to gain unauthorized access to information...
The vulnerability of the astra-sambadc component of the Astra Linux operating system, which allows a hacker to trigger a service failure.
The vulnerability of the astra-sambadc component of the Astra Linux operating system is related to improper interaction with the “Kerberos” authentication program. Exploiting this vulnerability can allow a perpetrator to cause service failures...
The vulnerability of the fly-admin-mic component in the FLY operating environment of the Astra Linux system allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the fly-admin-mic component in the FLY operating environment of the Astra Linux system is related to a flaw in the file system integrity checking mechanism. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability of the Fast Transition function in the implementation of the 802.11r protocol of Cisco IOS Access Points allows a attacker to cause service interruptions.
The vulnerability of the Fast Transition function in the 802.11r portlet implementation of Cisco IOS Access Points is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions by sending specially crafted replay events...
The vulnerability of the AuthIoDrv driver of the Secret Net Studio security system, which allows a hacker to cause a service failure.
The vulnerability of the AuthIoDrv driver of the Secret Net Studio information protection system is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the vGate platform protection tool, which allows intruders to influence the integrity and accessibility of information.
The vulnerability of the vGate virtualization platform’s security device stems from bypassing access control rules by performing unauthorized operations in the SKALA-R environment. Exploiting this vulnerability allows attackers to compromise the integrity and accessibility of information...
The vulnerability of the GManager.exe console of the Information Protection System, which allows unauthorized access by attackers, enabling them to cause a service failure.
The vulnerability of the GManager.exe console of the information protection system against unauthorized access is related to incorrect processing of data read from the named channel. Exploiting this vulnerability could allow an intruder acting locally to cause a service failure...
The vulnerability of the Linux operating system’s interrupt handler `snd_korg1212_interrupt` allows a hacker to cause a service failure.
The vulnerability of the interrupt handler sndkorg1212interrupt in the Linux kernel’s sound/pci/korg1212/snd-korg1212.ko module is related to the swapping of the zero pointer. Exploiting this vulnerability could allow an attacker to cause a system failure when a Korg 1212 device is connected. Thi...
The vulnerability in the implementation of the hfc_usb_probe handler in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the hfcusbprobe handler in the loaded module of the drivers/isdn/hisax/hfcusb.ko file in the Linux operating system is related to accessing beyond the array boundaries. Exploiting this vulnerability can allow an attacker to cause a system failure by connecting a HiSax...
The vulnerability of the __GI_getenv function in the editing and Ogg-file checking software oggz allows a perpetrator to cause a service failure.
The vulnerability of the GIgetenv function name=0x7ffff7b94ac7 “TH”, name@entry=0x7ffff7b94ac5 “PATH” in the editing and checking tool for Ogg files from the oggz-tools package is related to buffer overflow vulnerabilities. Exploiting this vulnerability can allow an attacker to cause a service...
The vulnerability of the Windows Jet Database Engine database management system in the Windows operating system allows a hacker to execute arbitrary code.
The vulnerability of the Windows Jet Database Engine database management system in the Windows operating system is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially crafted file...
The vulnerability of the web access module of the DIRECTUM electronic document management system allows a perpetrator to execute arbitrary JavaScript code.
The vulnerability of the web access module of the DIRECTUM electronic document management system is related to insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code remotely...
The vulnerability of the Cisco Application Policy Infrastructure Controller automation tool, related to errors in the encryption key deletion mechanism, allows a perpetrator to gain access to protected information.
The vulnerability of the Cisco Application Policy Infrastructure Controller automation tool is related to errors in the mechanism for deleting encryption keys. Exploiting this vulnerability could allow an attacker to gain access to protected information...
The vulnerability of the graphical user input component in the fly-dm operating system of Astra Linux allows a hacker to cause a service failure.
The vulnerability of the graphical user input component in the fly-dm operating system of Astra Linux is related to an error that causes a failure when executing the “fly-dmctl rtcwake” command without specifying the arguments “-t/-s secs”. Exploiting this vulnerability could allow a perpetrator ...
The vulnerability of the Samba networking communication software lies in the lack of requirements for signing and encrypting SMB traffic when using DFS redirection. This allows a attacker to execute a “man-in-the-middle” attack.
The vulnerability of the Samba networking communication package is related to the lack of requirements for signing and encrypting SMB traffic when using DFS redirection. Exploiting this vulnerability allows a remote attacker to execute a “man-in-the-middle” attack and gain access to read and modi...
The vulnerability of the remote procedure call handler “arpc_Span” in the atlcore_.dll library of the resource management system of the Galaktika ERP system allows a malicious actor to read data from the memory of the server process.
The vulnerability of the process handler for remote procedure calls in the “arpcSpan” module of the atlcore.dll library of the resource management system of the Galaktika ERP system is related to the lack of validation for the correctness of received requests. Exploiting this vulnerability allows...
The vulnerability of the load_image function in the GIMP graphic editor, related to reading beyond the buffer limit of memory, allows attackers to cause system failures, undermine data integrity, and compromise confidentiality.
The vulnerability of the loadimage function in the GIMP graphic editor’s plug-ins/common/file-gbr.c file is related to the issue of data being written beyond the buffer boundaries when processing UTF-8 formatted data. Exploiting this vulnerability can allow an attacker to cause service failures,...
The vulnerability of the Advanced Local Procedure Call operating system in Windows, caused by access control errors, allows attackers to escalate their privileges.
The vulnerability of the Advanced Local Procedure Call ALPC in Windows operating systems arises due to access control errors. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created application...
The vulnerability of the FFmpeg multimedia library, which allows a hacker to perform recording beyond the memory limit
The vulnerability of the FFmpeg multimedia library arises from buffer overflows in the stack. Exploiting this vulnerability allows a malicious actor to perform out-of-memory writes, related to the decodezbuf function in libavcodec/pngdec.c...
The vulnerability of the Android operating system, which allows a hacker to execute arbitrary code (memory corruption).
The vulnerability of the libhevc component in the Android operating system’s Mediaserver is caused by an operation that occurs outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code memory corruption...
The vulnerability of the Android operating system, which allows a hacker to trigger a buffer overflow.
The vulnerability in the trusted execution environment of Android’s operating system’s access control API arises due to buffer overflow. Exploiting this vulnerability can allow a malicious actor, operating remotely, to trigger a buffer overflow due to lack of size checking for the buffer...
The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat and Adobe Acrobat Document Cloud, allow attackers to cause service interruptions or execute arbitrary codes.
The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat and Adobe Acrobat Document Cloud, are due to buffer overflow vulnerabilities. Exploiting these vulnerabilities can allow an attacker to execute arbitrary code or...