90604 matches found
The vulnerability of the malidp_crtc_reset() function in the Linux kernel’s drivers/gpu/drm/arm/malidp_crtc.c file allows a hacker to trigger a service failure or increase their privileges.
The vulnerability of the malidpcrtcreset function in the Linux kernel’s drivers/gpu/drm/arm/malidpcrtc.c file is related to a pointer arithmetic error. Exploiting this vulnerability could allow an attacker to cause system failures or gain increased privileges...
Vulnerability of the intr_callback() function (drivers/net/usb/r8152.c) in Linux operating system kernels, allowing a hacker to cause a service failure
The vulnerability of the intrcallback function drivers/net/usb/r8152.c in Linux operating systems is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the Home Network Administration Protocol (HNAP) implementation in D-Link DIR-1935 router microsoftware allows a hacker to circumvent security restrictions.
The vulnerability of the Home Network Administration Protocol HNAP implementation in D-Link DIR-1935 router microprogramming software is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to circumvent security restrictions remotely...
The vulnerability of the disaster recovery tool for Azure Site Recovery and VMWare to Azure, related to access control deficiencies, allows attackers to escalate their privileges.
The vulnerability of the disaster recovery tool for Azure virtual machines, Azure Site Recovery, and VMWare to Azure is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...
The vulnerability of the telnet server’s microprogramming software for the CentreCOM AR260S V2 allows a hacker to gain access to user credentials.
The vulnerability of the telnet server software for CentreCOM AR260S V2 lies in the use of strictly encrypted login credentials. Exploiting this vulnerability allows a malicious actor to gain access to these login credentials remotely...
The vulnerability of the import function in GitHub’s software platform, based on Git, for collaborative code development on GitLab, allows a perpetrator to execute arbitrary code.
The vulnerability of the import function in GitHub’s software platform for GitLab-based collaborative code development is related to the lack of measures taken to clean up data at the management level. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the software platform for industrial automation and IoT solutions, Elcomplus SmartICS, is related to inadequate access control mechanisms. This allows a malicious individual to complete any process within the system.
The vulnerability of the software platform for industrial automation and IoT solutions, Elcomplus SmartICS, is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to complete any process within the system remotely...
The vulnerability of the QTS operating system, specifically the QuTS Hero operating system, is related to deficiencies in pathname restriction, which allows attackers to compromise the confidentiality of information.
The vulnerability of the QTS operating system is related to deficiencies in pathname restriction. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality of information...
The vulnerability of the btrfs_alloc_tree_b function (fs/btrfs/extent-tree.c) in the file system of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the btrfsalloctreeb function fs/btrfs/extent-tree.c in the file system of the Linux operating system is related to improper locking of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Cisco IOx software platform arises from an incorrect limitation on the path name to the restricted access directory. This allows a perpetrator to execute arbitrary code or carry out cross-site scripting attacks.
The vulnerability of the Cisco IOx software platform exists due to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or perform XSS attacks remotely...
The vulnerability of the infe_box_read function in the MP4Box component of the GPAC multimedia platform allows a hacker to gain access to confidential data.
The vulnerability of the infeboxread function in the MP4Box component of the GPAC multimedia platform is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to gain access to confidential data through a specially created file...
The vulnerability of the software used for designing and configuring the Connected Components Workbench (CCW) from Rockwell Automation arises from incorrect restrictions on the path to the restricted access catalog. This vulnerability allows attackers to escalate their privileges.
The vulnerability of the software used for designing and configuring the Connected Components Workbench CCW from Rockwell Automation is related to an incorrect limitation on the path to the restricted-access catalog. Exploiting this vulnerability could allow a attacker to increase their privilege...
The vulnerability of the Microsoft Exchange Server mail server, related to errors in code generation, allows a hacker to execute arbitrary code.
The vulnerability of Microsoft Exchange Server is related to errors in code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the console.table() function implementation in Node.js’s software platform allows attackers to trigger a service failure or bypass security restrictions.
The vulnerability of the console.table function implementation in Node.js.js platforms is related to insufficient control over dynamically defined object properties. Exploiting this vulnerability could allow a malicious actor to trigger service failures or circumvent security restrictions by...
The vulnerability of NETGEAR R7000 Wi-Fi routers’ microprogramming software lies in the copying of buffers without checking the size of the input data. This allows attackers to gain unauthorized access to protected information.
The vulnerability of NETGEAR R7000 Wi-Fi routers’ microprogramming software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the sub_8003183C function (/fromLogin) in the wireless router software D-Link DIR-809 allows a hacker to execute arbitrary code on the target system.
The vulnerability of the FUN80034d60 /formStaticDHCP function of the D-Link DIR-809 wireless router is related to stack buffer overflow. Exploiting this vulnerability allows a remote attacker to execute arbitrary code on the system via the created POST request...
The vulnerability of Google Chrome’s V8 JavaScript engine, related to writing beyond the buffer boundary, allows attackers to access confidential information or trigger a service denial.
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to access confidential information or cause service failures...
The vulnerability of the AutoBuild service on the AVEVA System Platform allows a intruder to trigger a service failure.
The vulnerability of the AutoBuild service on the AVEVA System Platform is related to an unprocessed exception. Exploiting this vulnerability could allow a malicious actor to trigger a service failure remotely...
The vulnerability of the GJSON library in Aurora Application Software, related to uncontrolled resource consumption, allows attackers to cause service failures.
The vulnerability of the GJSON library in Aurora software applications is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures through a specially crafted GET request...
The vulnerability of Microprogramming Software for Cisco Adaptive Security Appliance Software (ASA) and Cisco Firepower Threat Defense (FTD) relates to writing beyond the buffer boundaries, allowing attackers to trigger a system reboot or cause service failure.
The vulnerability of Microprogrammed Network Interface Software of Cisco Adaptive Security Appliance Software ASA and Cisco Firepower Threat Defense FTD is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow a malicious actor to trigger a system reboot or caus...
The vulnerability in the arch/x86/kvm/svm/sev.c component of the Kernel-based Virtual Machine (KVM) virtualization subsystem of Linux operating systems allows a attacker to cause a service failure.
The vulnerability in the kernel-based virtual machine KVM virtualization subsystem of Linux operating systems, specifically in the arch/x86/kvm/svm/sev.c component, involves uncontrolled resource consumption. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the HEVC Video Extension codec, which arises due to insufficient validation of input data, allows attackers to execute arbitrary code.
The vulnerability of the HEVC Video Extension codec exists due to insufficient checks on input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the fly-qdm graphical interface, related to uncontrolled resource consumption, allows a hacker to cause a service failure.
The vulnerability of the fly-qdm graphical interface is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a hacker to cause a service failure...
The vulnerability of microprogrammed software in server boards, server systems, and Intel computing modules arises from copying buffers without checking the size of the input data. This allows attackers to exploit their privileges.
The vulnerability of microprogrammed software in server boards, server systems, and Intel computing modules is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the Camera Codec Pack component of the Windows operating system allows a hacker to execute arbitrary code.
The vulnerability of the Camera Codec Pack component of the Windows operating system is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created file...
The vulnerability of the OpenOffice office suite, related to integer overflow, allows attackers to access confidential data, compromise its integrity, and cause service failures.
The vulnerability of the OpenOffice office suite is related to a numerical overflow condition. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service interruptions...
The vulnerability of the dialog box detection component in Google Chrome’s web browser allows a perpetrator to compromise data integrity.
The vulnerability of the dialog area component in Google Chrome’s web browser is related to the lack of a mechanism for controlling permissions. Exploiting this vulnerability allows an attacker to affect data integrity through a specially created HTML page...
Vulnerability in the print-hncp.c:print_prefix() utility for capturing and analyzing network traffic with tcpdump, allowing a hacker to cause a service failure
The vulnerability in the print-hncp.c:printprefix utility for capturing and analyzing network traffic using tcpdump is related to the execution of read operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of the cgi-bin/index2.asp component of Genexis Platinum-P4410-V2 and Genexis Platinum-4410 routing software allows a hacker to obtain authentication data necessary to access the router administration panel.
The vulnerability of the cgi-bin/index2.asp component of Genexis Platinum-P4410-V2 and Genexis Platinum-4410 routing software is related to authentication deficiencies. Exploiting this vulnerability could allow an attacker to obtain authentication credentials necessary to access the router...
The vulnerability of the microprogrammed Ethernet switch software from Moxa EDS-405A series, related to buffer overflow, allows a hacker to trigger a service failure.
The vulnerability of the microprogrammed Ethernet switch software from Moxa EDS-405A series is related to buffer overflow attacks. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure by sending HTTP GET requests to the vulnerable device...
The vulnerability of the wlg_adv.cgi CGI handler in NETGEAR’s R8000 and R8500 routers allows a hacker to perform arbitrary actions.
The vulnerability of the wlgadv.cgi CGI handler in NETGEAR’s R8000 and R8500 routers stems from buffer overflows in static memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted HTTP request...
The vulnerability of the Security component in Java SE and Java SE Embedded software platforms allows a perpetrator to gain unauthorized access to information.
The vulnerability of the Security component in Java SE and Java SE Embedded software-related programs is related to deficiencies in access control. Exploiting this vulnerability may allow an attacker operating remotely to gain unauthorized access to information...
Multiple vulnerabilities exist in the my_parse_url function of the MOXA EDR-810 industrial router’s web server. These vulnerabilities allow attackers to execute arbitrary code.
The multiple vulnerabilities of the myparseurl function offset 0x16748 in the web server jffs2-root\fs1\magicP\WebServer\webs of the MOXA EDR-810 industrial router are caused by a lack of checking data size when copying data into a buffer of 0x80 bytes. Exploitation of this vulnerability allows a...
The vulnerability of the xca utility in the Astra Linux operating system, which allows a intruder to trigger a service failure
The vulnerability of the xca utility in the Astra Linux operating system is related to a bug that causes the program to terminate abnormally when a dialog window is closed. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Fast Transition function in the implementation of the 802.11r protocol of Cisco IOS Access Points allows a attacker to cause service interruptions.
The vulnerability of the Fast Transition function in the 802.11r portlet implementation of Cisco IOS Access Points is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions by sending specially crafted replay events...
The vulnerability of the vGate platform protection tool, which allows intruders to influence the integrity and accessibility of information.
The vulnerability of the vGate virtualization platform’s security device stems from bypassing access control rules by performing unauthorized operations in the SKALA-R environment. Exploiting this vulnerability allows attackers to compromise the integrity and accessibility of information...
The vulnerability of the AuthIoDrv driver of the Secret Net Studio security system, which allows a hacker to cause a service failure.
The vulnerability of the AuthIoDrv driver of the Secret Net Studio information protection system is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability in the platform for creating a unified database and electronic registration of residential properties, “BAR.- ”, relates to the unlimited loading of dangerous type files, allowing a perpetrator to execute arbitrary codes.
The vulnerability in the platform for creating a unified database and electronic registration of residential properties, “BAR.- ”, is related to the unlimited loading of dangerous files. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by uploading a php file to th...
The vulnerability in the implementation of the hfc_usb_probe handler in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the hfcusbprobe handler in the loaded module of the drivers/isdn/hisax/hfcusb.ko file in the Linux operating system is related to accessing beyond the array boundaries. Exploiting this vulnerability can allow an attacker to cause a system failure by connecting a HiSax...
The vulnerability of the __GI_getenv function in the editing and Ogg-file checking software oggz allows a perpetrator to cause a service failure.
The vulnerability of the GIgetenv function name=0x7ffff7b94ac7 “TH”, name@entry=0x7ffff7b94ac5 “PATH” in the editing and checking tool for Ogg files from the oggz-tools package is related to buffer overflow vulnerabilities. Exploiting this vulnerability can allow an attacker to cause a service...
The vulnerability in the implementation of the mpi_alloc function in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the mpialloc function in the loaded module of the digsig/digsigverif.ko kernel of the Linux operating system is related to the assignment of the null pointer. Exploiting this vulnerability could allow an attacker to cause a system failure when there is a memory shortage in th...
The vulnerability of the web access module of the DIRECTUM electronic document management system allows a perpetrator to execute arbitrary JavaScript code.
The vulnerability of the web access module of the DIRECTUM electronic document management system is related to insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code remotely...
The vulnerability of the Windows Jet Database Engine database management system in the Windows operating system allows a hacker to execute arbitrary code.
The vulnerability of the Windows Jet Database Engine database management system in the Windows operating system is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially crafted file...
The vulnerability of the Cisco Application Policy Infrastructure Controller automation tool, related to errors in the encryption key deletion mechanism, allows a perpetrator to gain access to protected information.
The vulnerability of the Cisco Application Policy Infrastructure Controller automation tool is related to errors in the mechanism for deleting encryption keys. Exploiting this vulnerability could allow an attacker to gain access to protected information...
The vulnerability of the process_demand_active function in the RDP client rdesktop, related to reading beyond the buffer limit, allows a hacker to cause service failure.
The vulnerability of the processdemandactive function in the RDP client rdesktop is related to reading data beyond the buffer boundary. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability in the Bash shell implementation of the Cisco NX-OS network operating system allows a hacker to elevate their privileges to the root level.
The vulnerability of the Bash shell implementation in the Cisco NX-OS network operating system devices relates to deficiencies in access control. Exploiting this vulnerability could allow an attacker to elevate their privileges to root by entering a specially created command in the Bash command...
The vulnerability of the Samba networking communication software lies in the lack of requirements for signing and encrypting SMB traffic when using DFS redirection. This allows a attacker to execute a “man-in-the-middle” attack.
The vulnerability of the Samba networking communication package is related to the lack of requirements for signing and encrypting SMB traffic when using DFS redirection. Exploiting this vulnerability allows a remote attacker to execute a “man-in-the-middle” attack and gain access to read and modi...
The vulnerability of the remote procedure call handler “arpc_Span” in the atlcore_.dll library of the resource management system of the Galaktika ERP system allows a malicious actor to read data from the memory of the server process.
The vulnerability of the process handler for remote procedure calls in the “arpcSpan” module of the atlcore.dll library of the resource management system of the Galaktika ERP system is related to the lack of validation for the correctness of received requests. Exploiting this vulnerability allows...
The vulnerability of the load_image function in the GIMP graphic editor, related to reading beyond the buffer limit of memory, allows attackers to cause system failures, undermine data integrity, and compromise confidentiality.
The vulnerability of the loadimage function in the GIMP graphic editor’s plug-ins/common/file-gbr.c file is related to the issue of data being written beyond the buffer boundaries when processing UTF-8 formatted data. Exploiting this vulnerability can allow an attacker to cause service failures,...
The vulnerability of the Advanced Local Procedure Call operating system in Windows, caused by access control errors, allows attackers to escalate their privileges.
The vulnerability of the Advanced Local Procedure Call ALPC in Windows operating systems arises due to access control errors. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created application...