Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2022/01/25 12:0 a.m.15 views

The vulnerability of NETGEAR R7000 Wi-Fi routers’ microprogramming software lies in the copying of buffers without checking the size of the input data. This allows attackers to gain unauthorized access to protected information.

The vulnerability of NETGEAR R7000 Wi-Fi routers’ microprogramming software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

5.7CVSS6.5AI score0.01024EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/01/04 12:0 a.m.15 views

The vulnerability in the FatPipe software’s web interface, related to the unlimited download of malicious files, allows a hacker to download a malicious file onto a vulnerable device and execute it.

The vulnerability of the FatPipe software management web interface is related to the unlimited download of malicious files. Exploiting this vulnerability allows a malicious actor to download a malicious file onto a vulnerable device and execute it...

10CVSS5.6AI score
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2021/12/24 12:0 a.m.15 views

The vulnerability of the sub_8003183C function (/fromLogin) in the wireless router software D-Link DIR-809 allows a hacker to execute arbitrary code on the target system.

The vulnerability of the FUN80034d60 /formStaticDHCP function of the D-Link DIR-809 wireless router is related to stack buffer overflow. Exploiting this vulnerability allows a remote attacker to execute arbitrary code on the system via the created POST request...

10CVSS8.7AI score0.03938EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/07/20 12:0 a.m.15 views

The vulnerability of Google Chrome’s V8 JavaScript engine, related to writing beyond the buffer boundary, allows attackers to access confidential information or trigger a service denial.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to access confidential information or cause service failures...

8.8CVSS7.8AI score0.01189EPSS
Exploits0References11Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.15 views

The vulnerability of the GJSON library in Aurora Application Software, related to uncontrolled resource consumption, allows attackers to cause service failures.

The vulnerability of the GJSON library in Aurora software applications is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures through a specially crafted GET request...

7.5CVSS7.2AI score0.01387EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/04/08 12:0 a.m.15 views

The vulnerability in the arch/x86/kvm/svm/sev.c component of the Kernel-based Virtual Machine (KVM) virtualization subsystem of Linux operating systems allows a attacker to cause a service failure.

The vulnerability in the kernel-based virtual machine KVM virtualization subsystem of Linux operating systems, specifically in the arch/x86/kvm/svm/sev.c component, involves uncontrolled resource consumption. Exploiting this vulnerability can allow an attacker to cause service failures...

5.5CVSS6.6AI score0.00335EPSS
Exploits0References18Affected Software2
BDU FSTEC
BDU FSTEC
added 2020/12/07 12:0 a.m.15 views

Vulnerability of the /processReportGetter.php component of the KTS “Mayak” system, which allows a hacker to gain access to and read arbitrary files.

The vulnerability of the /processReportGetter.php component of the KTS “Mayak” is related to errors in the logic of the web application’s operation. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to and read arbitrary files...

7.8CVSS5.6AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/10/22 12:0 a.m.15 views

The vulnerability of the Camera Codec Pack component of the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the Camera Codec Pack component of the Windows operating system is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created file...

7.8CVSS8AI score0.04507EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/07/17 12:0 a.m.15 views

The vulnerability of the RemoteFX vGPU component in the Microsoft Hyper-V hardware virtualization system’s operating system Windows allows a attacker to execute arbitrary code.

The vulnerability of the RemoteFX vGPU component in the Microsoft Hyper-V hardware virtualization system’s operating system Windows exists due to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted...

8CVSS8.2AI score0.06903EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2020/04/23 12:0 a.m.15 views

The vulnerability of the dialog box detection component in Google Chrome’s web browser allows a perpetrator to compromise data integrity.

The vulnerability of the dialog area component in Google Chrome’s web browser is related to the lack of a mechanism for controlling permissions. Exploiting this vulnerability allows an attacker to affect data integrity through a specially created HTML page...

7.1CVSS6.6AI score0.00994EPSS
Exploits0References11Affected Software5
BDU FSTEC
BDU FSTEC
added 2020/04/10 12:0 a.m.15 views

Vulnerability in the print-hncp.c:print_prefix() utility for capturing and analyzing network traffic with tcpdump, allowing a hacker to cause a service failure

The vulnerability in the print-hncp.c:printprefix utility for capturing and analyzing network traffic using tcpdump is related to the execution of read operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

7.8CVSS6.7AI score0.03739EPSS
Exploits0References9Affected Software6
BDU FSTEC
BDU FSTEC
added 2020/02/03 12:0 a.m.15 views

The vulnerability of the cgi-bin/index2.asp component of Genexis Platinum-P4410-V2 and Genexis Platinum-4410 routing software allows a hacker to obtain authentication data necessary to access the router administration panel.

The vulnerability of the cgi-bin/index2.asp component of Genexis Platinum-P4410-V2 and Genexis Platinum-4410 routing software is related to authentication deficiencies. Exploiting this vulnerability could allow an attacker to obtain authentication credentials necessary to access the router...

10CVSS7.8AI score0.07329EPSS
Exploits5References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2020/01/08 12:0 a.m.15 views

The vulnerability of the microprogrammed Ethernet switch software from Moxa EDS-405A series, related to buffer overflow, allows a hacker to trigger a service failure.

The vulnerability of the microprogrammed Ethernet switch software from Moxa EDS-405A series is related to buffer overflow attacks. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure by sending HTTP GET requests to the vulnerable device...

8.6CVSS5.9AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/10/29 12:0 a.m.15 views

The vulnerability of the wlg_adv.cgi CGI handler in NETGEAR’s R8000 and R8500 routers allows a hacker to perform arbitrary actions.

The vulnerability of the wlgadv.cgi CGI handler in NETGEAR’s R8000 and R8500 routers stems from buffer overflows in static memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted HTTP request...

7.7CVSS6.3AI score
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/10/16 12:0 a.m.15 views

The vulnerability of the Security component in Java SE and Java SE Embedded software platforms allows a perpetrator to gain unauthorized access to information.

The vulnerability of the Security component in Java SE and Java SE Embedded software-related programs is related to deficiencies in access control. Exploiting this vulnerability may allow an attacker operating remotely to gain unauthorized access to information...

3.4CVSS5.5AI score0.02613EPSS
Exploits0References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2019/07/30 12:0 a.m.15 views

The vulnerability of the Fast Transition function in the implementation of the 802.11r protocol of Cisco IOS Access Points allows a attacker to cause service interruptions.

The vulnerability of the Fast Transition function in the 802.11r portlet implementation of Cisco IOS Access Points is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions by sending specially crafted replay events...

7.4CVSS5.5AI score0.00797EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/07/18 12:0 a.m.15 views

The vulnerability of the vGate platform protection tool, which allows intruders to influence the integrity and accessibility of information.

The vulnerability of the vGate virtualization platform’s security device stems from bypassing access control rules by performing unauthorized operations in the SKALA-R environment. Exploiting this vulnerability allows attackers to compromise the integrity and accessibility of information...

6.2CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/07/18 12:0 a.m.15 views

The vulnerability of the AuthIoDrv driver of the Secret Net Studio security system, which allows a hacker to cause a service failure.

The vulnerability of the AuthIoDrv driver of the Secret Net Studio information protection system is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

4.6CVSS5.9AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/06/27 12:0 a.m.15 views

The vulnerability of the __GI_getenv function in the editing and Ogg-file checking software oggz allows a perpetrator to cause a service failure.

The vulnerability of the GIgetenv function name=0x7ffff7b94ac7 “TH”, name@entry=0x7ffff7b94ac5 “PATH” in the editing and checking tool for Ogg files from the oggz-tools package is related to buffer overflow vulnerabilities. Exploiting this vulnerability can allow an attacker to cause a service...

6.2CVSS5.9AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/06/27 12:0 a.m.15 views

The vulnerability in the implementation of the hfc_usb_probe handler in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the hfcusbprobe handler in the loaded module of the drivers/isdn/hisax/hfcusb.ko file in the Linux operating system is related to accessing beyond the array boundaries. Exploiting this vulnerability can allow an attacker to cause a system failure by connecting a HiSax...

6.2CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/06/21 12:0 a.m.15 views

The vulnerability of the web access module of the DIRECTUM electronic document management system allows a perpetrator to execute arbitrary JavaScript code.

The vulnerability of the web access module of the DIRECTUM electronic document management system is related to insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code remotely...

7.8CVSS5.9AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/06/21 12:0 a.m.15 views

The vulnerability of the Windows Jet Database Engine database management system in the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the Windows Jet Database Engine database management system in the Windows operating system is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially crafted file...

9.3CVSS6AI score0.04071EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2019/05/31 12:0 a.m.15 views

The vulnerability of the Cisco Application Policy Infrastructure Controller automation tool, related to errors in the encryption key deletion mechanism, allows a perpetrator to gain access to protected information.

The vulnerability of the Cisco Application Policy Infrastructure Controller automation tool is related to errors in the mechanism for deleting encryption keys. Exploiting this vulnerability could allow an attacker to gain access to protected information...

4.9CVSS5.6AI score0.00198EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2019/03/22 12:0 a.m.15 views

The vulnerability in the Bash shell implementation of the Cisco NX-OS network operating system allows a hacker to elevate their privileges to the root level.

The vulnerability of the Bash shell implementation in the Cisco NX-OS network operating system devices relates to deficiencies in access control. Exploiting this vulnerability could allow an attacker to elevate their privileges to root by entering a specially created command in the Bash command...

7.8CVSS7.2AI score0.00325EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2019/03/12 12:0 a.m.15 views

The vulnerability of the graphical user input component in the fly-dm operating system of Astra Linux allows a hacker to cause a service failure.

The vulnerability of the graphical user input component in the fly-dm operating system of Astra Linux is related to an error that causes a failure when executing the “fly-dmctl rtcwake” command without specifying the arguments “-t/-s secs”. Exploiting this vulnerability could allow a perpetrator ...

5.5CVSS5.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/01/23 12:0 a.m.15 views

The vulnerability of the Samba networking communication software lies in the lack of requirements for signing and encrypting SMB traffic when using DFS redirection. This allows a attacker to execute a “man-in-the-middle” attack.

The vulnerability of the Samba networking communication package is related to the lack of requirements for signing and encrypting SMB traffic when using DFS redirection. Exploiting this vulnerability allows a remote attacker to execute a “man-in-the-middle” attack and gain access to read and modi...

7.4CVSS6.6AI score0.04595EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/18 12:0 a.m.15 views

The vulnerability of the remote procedure call handler “arpc_Span” in the atlcore_.dll library of the resource management system of the Galaktika ERP system allows a malicious actor to read data from the memory of the server process.

The vulnerability of the process handler for remote procedure calls in the “arpcSpan” module of the atlcore.dll library of the resource management system of the Galaktika ERP system is related to the lack of validation for the correctness of received requests. Exploiting this vulnerability allows...

4.3CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/12/27 12:0 a.m.15 views

The vulnerability of the load_image function in the GIMP graphic editor, related to reading beyond the buffer limit of memory, allows attackers to cause system failures, undermine data integrity, and compromise confidentiality.

The vulnerability of the loadimage function in the GIMP graphic editor’s plug-ins/common/file-gbr.c file is related to the issue of data being written beyond the buffer boundaries when processing UTF-8 formatted data. Exploiting this vulnerability can allow an attacker to cause service failures,...

7.8CVSS6.7AI score0.01463EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/12/07 12:0 a.m.15 views

The vulnerability of the Advanced Local Procedure Call operating system in Windows, caused by access control errors, allows attackers to escalate their privileges.

The vulnerability of the Advanced Local Procedure Call ALPC in Windows operating systems arises due to access control errors. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created application...

7.8CVSS7.7AI score0.02696EPSS
Exploits2References5
BDU FSTEC
BDU FSTEC
added 2017/06/30 12:0 a.m.15 views

The vulnerability of the FFmpeg multimedia library, which allows a hacker to perform recording beyond the memory limit

The vulnerability of the FFmpeg multimedia library arises from buffer overflows in the stack. Exploiting this vulnerability allows a malicious actor to perform out-of-memory writes, related to the decodezbuf function in libavcodec/pngdec.c...

7.5CVSS7.9AI score0.02508EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/05/04 12:0 a.m.15 views

The vulnerability of the Android operating system, which allows a hacker to execute arbitrary code (memory corruption).

The vulnerability of the libhevc component in the Android operating system’s Mediaserver is caused by an operation that occurs outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code memory corruption...

9.3CVSS8.1AI score0.02312EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/02/02 12:0 a.m.15 views

The vulnerability of the Android operating system, which allows a hacker to trigger a buffer overflow.

The vulnerability in the trusted execution environment of Android’s operating system’s access control API arises due to buffer overflow. Exploiting this vulnerability can allow a malicious actor, operating remotely, to trigger a buffer overflow due to lack of size checking for the buffer...

10CVSS8.6AI score0.01728EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/02/02 12:0 a.m.15 views

The vulnerability in the built-in software of NETGEAR routers such as NETGEAR R8500, NETGEAR R8300, NETGEAR R7000, NETGEAR R6400, NETGEAR R7300DST, NETGEAR R7100LG, NETGEAR R6300v2, NETGEAR WNDR3400v3, NETGEAR WNDR3500Lv2, NETGEAR R6250, NETGEAR R6700, NETGEAR R6900, NETGEAR R8000, NETGEAR R7900, NETGEAR WNDR4500v2, NETGEAR R6200v2, NETGEAR WNDR3400v2, NETGEAR D6220, NETGEAR D6400, NETGEAR C6300, NETGEAR R6200, NETGEAR R6300, NETGEAR VENG2610, NETGEAR AC1450, NETGEAR WNDR1000v3, NETGEAR WNDR3700v3, NETGEAR WNDR4000, NETGEAR WNDR4500, NETGEAR D6300, NETGEAR D6300B, NETGEAR DGN2200Bv4, and NETGEAR DGN2200v4, allows a hacker to obtain user password information.

The vulnerability of the embedded software of NETGEAR routers such as NETGEAR R8500, NETGEAR R8300, NETGEAR R7000, NETGEAR R6400, NETGEAR R7300DST, NETGEAR R7100LG, NETGEAR R6300v2, NETGEAR WNDR3400v3, NETGEAR WNDR3500Lv2, NETGEAR R6250, NETGEAR R6700, NETGEAR R6900, NETGEAR R8000, NETGEAR R7900,...

4.3CVSS7.8AI score0.89294EPSS
Exploits7References5Affected Software32
BDU FSTEC
BDU FSTEC
added 2016/09/07 12:0 a.m.15 views

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat and Adobe Acrobat Document Cloud, allow attackers to cause service interruptions or execute arbitrary codes.

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat and Adobe Acrobat Document Cloud, are due to buffer overflow vulnerabilities. Exploiting these vulnerabilities can allow an attacker to execute arbitrary code or...

10CVSS8.6AI score0.03958EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2016/02/12 12:0 a.m.15 views

The vulnerability of the FFmpeg multimedia library, which allows a intruder to trigger a service failure or cause other effects

The vulnerability of the h264sliceheaderinit function libavcodec/h264slice.c in the FFmpeg multimedia library is due to buffer overflow. Exploiting this vulnerability could allow a malicious actor to cause service failures or potentially have other adverse effects by using specially crafted H.264...

7.5CVSS8AI score0.01913EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/11/26 12:0 a.m.15 views

The vulnerability of the RoundCube Webmail email client on the operating system openSUSE allows a hacker to execute cross-site scripting attacks.

The vulnerability in the program/js/app.js component of the RoundCube Webmail client for the openSUSE operating system exists due to the lack of security measures taken to protect the web page structure. Exploiting this vulnerability allows a malicious actor to execute cross-site scripting attack...

3.5CVSS7AI score0.01459EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.15 views

Vulnerabilities in the OpenSUSE operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information

The cloop-kmp-desktop-debuginfo package in the openSUSE operating system has multiple vulnerabilities. Exploiting these vulnerabilities can lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

9.3CVSS6.6AI score0.05926EPSS
Exploits15References15Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.15 views

Vulnerabilities in the OpenSUSE operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information

The cloop-kmp-xen package of the OpenSUSE operating system has multiple vulnerabilities. Exploiting these vulnerabilities can lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

9.3CVSS6.6AI score0.05926EPSS
Exploits15References15Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.15 views

Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information

The multiple vulnerabilities in the hostap-modules-2.4.27-4-386 package of the Debian GNU/Linux operating system may lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...

7.8CVSS7.1AI score0.05605EPSS
Exploits9References41Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.15 views

Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information

The multiple vulnerabilities of the hostap-modules-2.4.27-4-k7-smp package for the Debian GNU/Linux operating system may lead to a violation of the accessibility of protected information. Exploitation of these vulnerabilities can be carried out remotely...

7.8CVSS7.2AI score0.05605EPSS
Exploits9References41Affected Software1
BDU FSTEC
BDU FSTEC
added 9 hours ago14 views

The vulnerability of the Directum HR Pro system, which exists due to insufficient verification of input data, allows a perpetrator to disclose protected information.

The vulnerability of the Directum HR Pro system exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to disclose protected information by sending a specially crafted POST request...

7.7CVSS5.7AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/07/02 12:0 a.m.14 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab EE/CE lies in its dependence on a reverse DNS solution. This dependency allows an intruder to gain unauthorized access to protected information.

The vulnerability of the software interface of the CI/CD subsystem of the Git-based software platform for collaborative code development on GitLab EE/CE is related to the dependence of critical operations on the reverse DNS solution. Exploiting this vulnerability can allow a malicious actor to ga...

3.1CVSS6AI score0.00161EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/07/02 12:0 a.m.14 views

The vulnerability of the Git-based software platform for collaborative code development in GitLab EE allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Git-based software platform for collaborative code development in GitLab EE is related to the absence of authentication. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

3.1CVSS6AI score0.00182EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/07/02 12:0 a.m.14 views

The vulnerability of the software interface of the Git-based software platform for collaborative code development on GitLab EE allows a perpetrator to gain unauthorized access to read and modify protected information.

The vulnerability of the software interface of a Git-based software platform for collaborative code development on GitLab EE is related to the bypassing of authentication using a key controlled by the user. Exploiting this vulnerability can allow an intruder, operating remotely, to gain...

5.5CVSS6AI score0.00171EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/07/02 12:0 a.m.14 views

The vulnerability of the Rapid Diffs mechanism in the Git-based software platform for collaborative code development in GitLab EE/CE allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Rapid Diffs mechanism in the Git-based software platform for collaborative code development in GitLab EE/CE relates to the absence of authentication. Exploiting this vulnerability can allow unauthorized individuals to gain unauthorized access to protected information...

5.3CVSS6AI score0.00275EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/07/02 12:0 a.m.14 views

The vulnerability of the software interface of the Git-based software platform for collaborative code development on GitLab EE allows a perpetrator to gain unauthorized access to read, create, and delete data.

The vulnerability of the software interface of the Git-based software platform for collaborative code development on GitLab EE is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to read,...

5.5CVSS6AI score0.00201EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/03/17 12:0 a.m.14 views

The vulnerability of software platforms for developing and managing online stores like Magento Open Source, Adobe Commerce, and Adobe Commerce B2B arises from incorrect pathname restrictions in the catalog system. This allows attackers to bypass security restrictions.

The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B is related to incorrect path name restrictions. Exploiting this vulnerability can allow attackers to bypass security restrictions remotely...

6.8CVSS5.7AI score0.00636EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/12/29 12:0 a.m.14 views

The vulnerability of PLC NLcon-CE-485-C, related to the lack of measures taken to encrypt confidential data, allows attackers to gain access to confidential information.

The vulnerability of PLC NLcon-CE-485-C is related to the lack of measures taken to encrypt confidential data. Exploiting this vulnerability can allow a remote attacker to gain access to confidential information...

7.5CVSS5.8AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/29 12:0 a.m.14 views

The vulnerability of PLC NLcon-CE-485-C, related to deficiencies in the authorization process of the Codesys v2 service, allows a perpetrator to gain full access to the Codesys v2 execution environment.

The vulnerability of PLC NLcon-CE-485-C is related to deficiencies in the authentication process of the Codesys v2 service. Exploiting this vulnerability can allow an attacker, operating remotely, to gain full access to the Codesys v2 execution environment...

10CVSS5.9AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/29 12:0 a.m.14 views

The vulnerability of the R7-Officer corporate server’s document editor, related to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.

The vulnerability of the R7-Officer corporate server document editor is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow an attacker to carry out XSS attacks...

8.5CVSS5.8AI score
Exploits0References1Affected Software1
Total number of security vulnerabilities5000