Lucene search
K
Bdu FstecMost viewed

90604 matches found

BDU FSTEC
BDU FSTEC
added 2024/11/15 12:0 a.m.15 views

The vulnerability of GRUB’s NTFS driver, a loader program for operating systems, relates to reading memory beyond the buffer boundaries, allowing an attacker to read the contents of the RAM.

The vulnerability of the GRUB loader driver for NTFS operating systems involves reading memory beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to read the contents of the RAM...

5.3CVSS5.7AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.15 views

Vulnerability of Linux operating system’s kernel components related to memory failures, allowing attackers to cause service interruptions

The vulnerability of Linux operating system’s kernel’s mm/memory-failure components is related to incorrect blocking in the pagehandlepoison function. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.00175EPSS
Exploits0References24Affected Software7
BDU FSTEC
BDU FSTEC
added 2024/10/31 12:0 a.m.15 views

The vulnerability of the PKIAuthenticationPlugin plugin for the Apache Solr search server allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the PKIAuthenticationPlugin plugin for the Apache Solr search server is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected...

10CVSS5.8AI score0.90709EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/22 12:0 a.m.15 views

The vulnerability of the SetVLANSettings() function in the prog.cgi script of D-Link DIR-878 and DIR-882 routers allows a hacker to execute arbitrary commands.

The vulnerability of the SetVLANSettings function in the prog.cgi script of D-Link DIR-878 and DIR-882 routers exists due to the failure to take measures to neutralize special elements used in operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary...

8CVSS5.8AI score0.0209EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.15 views

The vulnerabilities of SAP NetWeaver AS ABAP, SAP NetWeaver AS for Java, SAP Content Server, and SAP Web Dispatcher integration platforms are related to authentication procedures that lack sufficient safeguards. This allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerabilities of SAP NetWeaver AS ABAP, SAP NetWeaver AS for Java, SAP Content Server, and SAP Web Dispatcher programming integration platforms are related to deficiencies in authentication procedures. Exploiting these vulnerabilities can allow attackers to compromise the confidentiality,...

6.4CVSS5.5AI score0.00208EPSS
Exploits0References4Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/10/03 12:0 a.m.15 views

The vulnerability of the HID Profile interface of the Bluetooth protocol stack for the Linux BlueZ operating system allows a perpetrator to execute arbitrary commands.

The vulnerability of the HID Profile interface of the Bluetooth protocol stack for the Linux BlueZ operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

8.8CVSS7AI score0.02033EPSS
Exploits0References16Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.15 views

The vulnerability of the block_dirty_buffer component in the NILFS file system of Linux operating systems allows a attacker to trigger a service failure.

The vulnerability of the blockdirtybuffer component in the NILFS file system of Linux operating systems is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00229EPSS
Exploits0References28Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/09/11 12:0 a.m.15 views

The vulnerability of the software platforms for developing and managing Magento Open Source and Adobe Commerce online stores lies in the incorrect limitation of the path to the restricted catalog. This allows attackers to read arbitrary files.

The vulnerability of the Magento Open Source and Adobe Commerce software platforms for developing and managing online stores is related to incorrect path name restrictions for access to restricted catalogs. Exploiting this vulnerability allows a malicious actor to remotely read arbitrary files...

7.7CVSS5.6AI score0.00911EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/09/11 12:0 a.m.15 views

The vulnerability of the Suricata intrusion detection and prevention system, related to overflowing buffers in dynamic memory, allows an intruder to trigger a service failure.

The vulnerability of the Suricata intrusion detection and prevention system is related to the overflow of the buffer in the dynamic memory. Exploiting this vulnerability can allow a malicious actor to cause a service failure...

5.3CVSS7.9AI score0.00861EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/07/24 12:0 a.m.15 views

The vulnerability affects the file function /tmp/out of the Tesseract component of the software suite for processing, transforming, and generating Ghostscript documents. This vulnerability allows an attacker to gain unauthorized access to protected information.

The vulnerability of the software for processing, transforming, and generating Ghostscript documents is related to incorrect restrictions on the path to the restricted directory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through...

7.8CVSS6.4AI score0.01137EPSS
Exploits0References7Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/07/02 12:0 a.m.15 views

The vulnerability of Clang’s tooling interface for developing, optimizing, and compiling software using the LLVM framework allows attackers to execute arbitrary code or cause service interruptions.

The vulnerability of Clang’s toolset for developing, optimizing, and compiling software involves an operation that occurs outside the buffer in memory when processing LR registers, due to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code o...

4.6CVSS6.4AI score0.00991EPSS
Exploits0References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/05/28 12:0 a.m.15 views

The vulnerability of the io_uring subsystem in the Linux operating system allows a hacker to increase their privileges.

The vulnerability of the iouring subsystem in the Linux operating system is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...

8.8CVSS7.5AI score0.03718EPSS
Exploits4References13Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/05/15 12:0 a.m.15 views

The vulnerability of the Linux operating system’s Intel Hardware Feedback Interface driver allows attackers to compromise the integrity and accessibility of protected information.

The vulnerability of the Intel Hardware Feedback Interface driver in the drivers/thermal/intel/intelhfi.c file of the Linux kernel is related to the improper use of a reserved buffer after resuming from sleep mode. Exploiting this vulnerability could allow an attacker to compromise the integrity...

5.2CVSS6.5AI score0.00227EPSS
Exploits0References23Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/04/22 12:0 a.m.15 views

The vulnerability in the TLS certificate verification component of HashiCorp Vault and Vault Enterprise, a platform for archiving corporate information, allows a perpetrator to bypass the authentication process.

The vulnerability of the TLS protocol verification component in HashiCorp’s Vault and Vault Enterprise archiving platforms relates to improper handling of exceptional states. Exploiting this vulnerability can allow attackers to bypass authentication processes...

6.4CVSS6.5AI score0.00303EPSS
Exploits0References4Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/04/10 12:0 a.m.15 views

The vulnerability of the CampaignEvents extension of the software platform for implementing the hypertext environment of MediaWiki allows a hacker to perform cross-site scripting attacks.

The vulnerability of the CampaignEvents extension of the software for implementing the hypertext environment in MediaWiki is related to improper input validation during the creation of web pages. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks...

5.5CVSS5.7AI score0.00406EPSS
Exploits1References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/04/08 12:0 a.m.15 views

The vulnerability of the CGI script nas_sharing.cgi of the D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L NAS devices allows a hacker to execute arbitrary code.

The vulnerability of the CGI script nassharing.cgi of the D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L devices lies in the lack of measures taken to neutralize special elements used in operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary code ...

10CVSS7.9AI score0.99997EPSS
Exploits8References4
BDU FSTEC
BDU FSTEC
added 2024/04/08 12:0 a.m.15 views

The vulnerability in the web interface for controlling the Flowmon operating system of network monitoring devices allows a perpetrator to execute arbitrary commands.

The vulnerability of the web interface for controlling the Flowmon operating system in devices for network monitoring exists due to the lack of measures taken to neutralize special elements used in the operating system’s commands. Exploiting this vulnerability allows a malicious actor to execute...

10CVSS8.1AI score0.93901EPSS
Exploits7References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/19 12:0 a.m.15 views

The vulnerability of the Object.prototype component of the Node.js programming platform’s extend module allows attackers to add or modify any properties of an object prototype.

The vulnerability of the Object.prototype component of the Node.js programming platform’s extend module is related to uncontrolled resource consumption. Exploiting this vulnerability allows an attacker to add or modify any properties of the object prototype at will...

10CVSS7.7AI score0.0305EPSS
Exploits1References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/02/02 12:0 a.m.15 views

The vulnerability in the PMRChangeSparseMemOSMem driver of the PowerVR GPU graphics processing unit in Android and ChromeOS operating systems allows attackers to escalate their privileges.

The vulnerability of the PMRChangeSparseMemOSMem driver in the PowerVR GPU graphics processing subsystem for Android and ChromeOS systems stems from the execution of operations outside of the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to gain increased privileg...

7.8CVSS8.1AI score0.00414EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/21 12:0 a.m.15 views

The vulnerability of the OpenSSH cryptographic protection lies in the possibility of introducing or modifying arguments, allowing attackers to execute arbitrary commands.

The vulnerability of the SSH protocol lies in the fact that it relies on the execution or modification of arguments. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

6.5CVSS7.1AI score0.19753EPSS
Exploits8References16Affected Software8
BDU FSTEC
BDU FSTEC
added 2023/12/15 12:0 a.m.15 views

The vulnerability of Blink’s web page rendering mechanism in Google Chrome browser allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of Blink’s web page rendering mechanism in Google Chrome browsers is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure by using a specially created malicious web page...

10CVSS8.1AI score0.00639EPSS
Exploits0References10Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/12/15 12:0 a.m.15 views

The vulnerability of Google Chrome’s WebRTC technology allows a perpetrator to execute arbitrary code or trigger a service failure.

The vulnerability of Google Chrome’s WebRTC technology is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure through a specially created malicious web page...

10CVSS8.1AI score0.00657EPSS
Exploits0References11Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/12/11 12:0 a.m.15 views

The vulnerability of the application programming interface of the interactive data analysis, visualization, and Jupyter Server document creation software allows a perpetrator to gain access to confidential information.

The vulnerability of the application programming interface of the interactive data analysis, visualization, and Jupyter Server document creation software is related to deficiencies in the error reporting mechanism. Exploiting this vulnerability can allow a malicious actor, operating remotely, to...

4.3CVSS5.4AI score0.00841EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/02 12:0 a.m.15 views

The vulnerability in the interface for connecting peripheral devices via USB browsers like Google Chrome allows a hacker to execute arbitrary code.

The vulnerability of the interface for connecting peripheral devices via USB in Google Chrome browsers is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code through a specially created web page...

10CVSS8.1AI score0.07094EPSS
Exploits0References12Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/11/01 12:0 a.m.15 views

The vulnerability of the Downloads component of the Google Chrome browser allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Downloads component of the Google Chrome browser is related to improperly implemented security checks for standard elements. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information through a specially...

7.8CVSS5.8AI score0.00926EPSS
Exploits0References10Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/09/13 12:0 a.m.15 views

The vulnerability of the Conversations messaging software, related to insufficient validation of input data, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Conversations messaging software is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information by opening a backup file...

7.1CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/09/04 12:0 a.m.15 views

The vulnerability of the nft_set_catchallFlush() function in the net/netfilter/nf_tables_api.c module of the Linux kernel’s netfilter component allows a attacker to access protected information or cause a service failure.

The vulnerability of the nftsetcatchallFlush function in the net/netfilter/nftablesapi.c module of the Linux kernel’s netfilter component is related to the re-release of previously released memory. Exploiting this vulnerability could allow an attacker to access protected information or cause...

7.1CVSS6.4AI score0.00282EPSS
Exploits0References16Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/08/11 12:0 a.m.15 views

The vulnerability of the formSetSpeedWan() function in Tenda’s microprogrammed router software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the formSetSpeedWan function in the Tenda router’s microprogramming software stems from the operation that goes beyond the buffer in memory when processing the speeddir parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause servic...

10CVSS8.5AI score0.00711EPSS
Exploits1References2Affected Software8
BDU FSTEC
BDU FSTEC
added 2023/08/03 12:0 a.m.15 views

The vulnerability of the kernel of operating systems such as MacOS, iOS, tvOS, iPadOS, and watchOS allows attackers to execute arbitrary code with kernel privileges.

The vulnerability in the kernels of operating systems such as MacOS, iOS, tvOS, iPadOS, and watchOS relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code with kernel privileges...

7.8CVSS7.6AI score0.00294EPSS
Exploits0References8Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/07/28 12:0 a.m.15 views

The vulnerability of the aws-sigv4 library for collecting, processing, and transmitting metrics allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the aws-sigv4 library, which is responsible for collecting, processing, and transmitting metrics related to Vector, stems from insufficient protection of registration data during the processing of the awssigv4::SigningParams structure. Exploiting this vulnerability can allow...

5.5CVSS5.9AI score0.00216EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/07/26 12:0 a.m.15 views

The vulnerabilities of SAP Plant Connectivity and Production Connector software components, which are used for managing production operations and processes in SAP Digital Manufacturing, allow attackers to execute arbitrary code.

The vulnerability of SAP Plant Connectivity and Production Connector software components, which are used for managing production operations and processes in SAP Digital Manufacturing, stems from the lack of authentication for a critical function. Exploiting this vulnerability could allow an...

7.9CVSS6.5AI score0.00285EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/07/19 12:0 a.m.15 views

The vulnerability of the backtrack_insn() function in the kernel/bpf/verifier.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the backtrackinsn function in the kernel/bpf/verifier.c module of the Linux operating system is related to calls outside of the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...

8.8CVSS6.9AI score0.03546EPSS
Exploits0References15Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/06/30 12:0 a.m.15 views

The vulnerability in the isolated iframe of the Google Chrome browser allows a perpetrator to circumvent existing restrictions on file downloads.

The vulnerability in the isolated iframe environment of Google Chrome relates to improperly implemented security checks for standard elements. Exploiting this vulnerability allows a malicious actor to circumvent existing restrictions on file downloads by using a specially created HTML page...

7.8CVSS6.8AI score0.00595EPSS
Exploits0References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/06/05 12:0 a.m.15 views

The vulnerability of the HNAP1 protocol implementation in D-Link DIR-846 router microprogramming software allows a attacker to execute arbitrary commands.

The vulnerability of the HNAP1 protocol implementation in D-Link DIR-846 router microprogramming software is related to the failure to take measures to neutralize special elements used in the operating system’s command processing for handling the tomographypingaddress parameter. Exploiting this...

9CVSS8.2AI score0.32561EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/05/30 12:0 a.m.15 views

The vulnerability of the built-in software of the ARIS controller is related to deficiencies in the authentication process, allowing a perpetrator to execute arbitrary code.

The vulnerability of the built-in software of the ARIS controller is related to deficiencies in the authentication process, allowing a perpetrator to execute arbitrary code using a specially crafted request...

8.1CVSS6AI score
Exploits0Affected Software10
BDU FSTEC
BDU FSTEC
added 2023/05/30 12:0 a.m.15 views

The vulnerability of the built-in software of the ARIS controller, related to the use of cryptographic algorithms that contain defects and risks, allows a perpetrator to gain access to critical information.

The vulnerability of the built-in software of the ARIS controller is related to the use of cryptographic algorithms that contain defects and risks. Exploiting this vulnerability could allow a malicious actor to gain access to critical information...

6.8CVSS5.5AI score
Exploits0Affected Software10
BDU FSTEC
BDU FSTEC
added 2023/05/25 12:0 a.m.15 views

The vulnerability of the xt_replace_table() function in the net/netfilter/x_tables.c module of the Linux kernel’s netfilter firewall allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the xtreplacetable function in the net/netfilter/xtables.c module of the Linux kernel’s netfilter firewall is related to the use of previously freed memory due to competitive access to resources. This occurs due to insufficient synchronization between processes. Exploiting th...

9.3CVSS6.6AI score0.00444EPSS
Exploits1References12Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/12/30 12:0 a.m.15 views

The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to execute arbitrary code.

The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created link...

5.5CVSS6.3AI score0.0048EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.15 views

Vulnerability of the intr_callback() function (drivers/net/usb/r8152.c) in Linux operating system kernels, allowing a hacker to cause a service failure

The vulnerability of the intrcallback function drivers/net/usb/r8152.c in Linux operating systems is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.8CVSS6.6AI score0.02211EPSS
Exploits0References33Affected Software9
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.15 views

The vulnerability of the `__do_proc_dointvec` function in the Linux operating system’s kernel allows a hacker to cause a service failure or enhance their privileges.

The vulnerability of the doprocdointvec function in the Linux operating system’s kernel is related to the use of functions with non-standard implementations. Exploiting this vulnerability can allow an attacker to cause service failures or enhance their privileges...

8.4CVSS6.6AI score0.00428EPSS
Exploits0References23Affected Software20
BDU FSTEC
BDU FSTEC
added 2022/12/05 12:0 a.m.15 views

The vulnerability of the httpd daemon in the embedded software of the NETGEAR R7000P router allows a hacker to execute arbitrary code.

The vulnerability of the httpd daemon in the NETGEAR R7000P router’s embedded software is related to buffer overflow errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through the wandns1sec parameter...

10CVSS8.5AI score0.00967EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/11/21 12:0 a.m.15 views

The vulnerability of the Home Network Administration Protocol (HNAP) implementation in D-Link DIR-1935 router microsoftware allows a hacker to circumvent security restrictions.

The vulnerability of the Home Network Administration Protocol HNAP implementation in D-Link DIR-1935 router microprogramming software is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to circumvent security restrictions remotely...

8.8CVSS7.5AI score0.01052EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/09/07 12:0 a.m.15 views

The vulnerability of the disaster recovery tool for Azure Site Recovery and VMWare to Azure, related to access control deficiencies, allows attackers to escalate their privileges.

The vulnerability of the disaster recovery tool for Azure virtual machines, Azure Site Recovery, and VMWare to Azure is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...

4.9CVSS6.5AI score0.01731EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/09/05 12:0 a.m.15 views

The vulnerability of the telnet server’s microprogramming software for the CentreCOM AR260S V2 allows a hacker to gain access to user credentials.

The vulnerability of the telnet server software for CentreCOM AR260S V2 lies in the use of strictly encrypted login credentials. Exploiting this vulnerability allows a malicious actor to gain access to these login credentials remotely...

8.1CVSS7.6AI score0.00947EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/09/02 12:0 a.m.15 views

The vulnerability of the import function in GitHub’s software platform, based on Git, for collaborative code development on GitLab, allows a perpetrator to execute arbitrary code.

The vulnerability of the import function in GitHub’s software platform for GitLab-based collaborative code development is related to the lack of measures taken to clean up data at the management level. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS8.1AI score0.86194EPSS
Exploits5References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/08 12:0 a.m.15 views

The vulnerability of the QTS operating system, specifically the QuTS Hero operating system, is related to deficiencies in pathname restriction, which allows attackers to compromise the confidentiality of information.

The vulnerability of the QTS operating system is related to deficiencies in pathname restriction. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality of information...

5.3CVSS6.2AI score0.00888EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/29 12:0 a.m.15 views

The vulnerability of the btrfs_alloc_tree_b function (fs/btrfs/extent-tree.c) in the file system of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the btrfsalloctreeb function fs/btrfs/extent-tree.c in the file system of the Linux operating system is related to improper locking of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.004EPSS
Exploits1References19Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/06/27 12:0 a.m.15 views

The vulnerability of the Infrastructure component of the Oracle FLEXCUBE Universal Banking system allows a perpetrator to gain access to data reading or cause a partial service disruption.

The vulnerability of the Infrastructure component of the Oracle FLEXCUBE Universal Banking system exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain read access to data or cause partial service interruption...

6.1CVSS6.8AI score0.00609EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/21 12:0 a.m.15 views

The vulnerability of the Cisco IOx software platform arises from an incorrect limitation on the path name to the restricted access directory. This allows a perpetrator to execute arbitrary code or carry out cross-site scripting attacks.

The vulnerability of the Cisco IOx software platform exists due to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or perform XSS attacks remotely...

6.8CVSS7AI score0.00607EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/04/05 12:0 a.m.15 views

The vulnerability of the infe_box_read function in the MP4Box component of the GPAC multimedia platform allows a hacker to gain access to confidential data.

The vulnerability of the infeboxread function in the MP4Box component of the GPAC multimedia platform is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to gain access to confidential data through a specially created file...

7.1CVSS7.1AI score0.00911EPSS
Exploits0References6Affected Software3
Total number of security vulnerabilities5000