Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2022/04/21 12:0 a.m.14 views

The vulnerability of the web interface of Cisco Small Business RV340, RV340W, RV345, and RV345P router software allows a hacker to disclose protected information or rewrite arbitrary files.

The vulnerability of the web interface of Cisco Small Business RV340, RV340W, RV345, and RV345P microprogramming software routers exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information or re-write arbitrar...

8.5CVSS7.2AI score0.04915EPSS
Exploits0References3Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/04/21 12:0 a.m.14 views

The vulnerability of the web interface of Cisco Small Business RV340, RV340W, RV345, and RV345P router software allows a hacker to cause service interruptions.

The vulnerability of the web interface of Cisco Small Business RV340, RV340W, RV345, and RV345P microprogrammed software routers lies in the absence of restrictions on file loading. Exploiting this vulnerability can allow a malicious actor to cause service failures by loading arbitrary files onto...

10CVSS7.6AI score0.03802EPSS
Exploits0References3Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/04/20 12:0 a.m.14 views

The vulnerability of microprogrammed software for controllers CAPITAL VSTAR, APOGEE MBC, APOGEE MEC, APOGEE PXC, TALON TC, and the operating system Nucleus relates to errors in processing TCP packet headers. This vulnerability allows attackers to gain access to protected information or cause service interruptions.

The vulnerability of microprogrammed software for controllers CAPITAL VSTAR, APOGEE MBC, APOGEE MEC, APOGEE PXC, TALON TC, and the operating system Nucleus is related to errors in processing the TCP header. Exploiting this vulnerability can allow an attacker to gain access to protected informatio...

9.4CVSS7.7AI score0.0215EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/04/20 12:0 a.m.14 views

The vulnerability of the Direct Memory Access (DMA) subsystem in Linux operating systems allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Direct Memory Access DMA subsystem in Linux operating systems is related to memory release errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.5CVSS6.6AI score0.00462EPSS
Exploits1References20Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/04/20 12:0 a.m.14 views

The vulnerability of GUI temperature control software lies in its ability to write beyond the buffer boundaries when processing configuration files in the *.gd1 format. This allows a hacker to execute arbitrary code.

The vulnerability of GUI temperature control software relates to the possibility of writing beyond the buffer boundaries when processing configuration files in the .gd1 format. Exploiting this vulnerability allows an attacker to execute arbitrary code...

7.8CVSS7.7AI score0.00814EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/04/11 12:0 a.m.14 views

The vulnerability of the Databuf function in the types.cpp component of the Exiv2 media metadata management library allows a attacker to cause a service failure.

The vulnerability of the Databuf function in the types.cpp component of the Exiv2 media metadata management library is related to the copying of buffers without checking the input data. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

7.1CVSS6.4AI score0.0114EPSS
Exploits0References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/04/05 12:0 a.m.14 views

The vulnerability of the Exiv2 metadata management library, related to the execution of a loop with an unreachable exit condition, allows a hacker to cause a service failure.

The vulnerability of the Exiv2 media metadata management library lies in the execution of a loop with an unreachable exit condition. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a specially created image file...

7.1CVSS6.7AI score0.01104EPSS
Exploits0References11Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/04/04 12:0 a.m.14 views

The vulnerability of the software used for designing and configuring the Connected Components Workbench (CCW) from Rockwell Automation arises from incorrect restrictions on the path to the restricted access catalog. This vulnerability allows attackers to escalate their privileges.

The vulnerability of the software used for designing and configuring the Connected Components Workbench CCW from Rockwell Automation is related to an incorrect limitation on the path to the restricted-access catalog. Exploiting this vulnerability could allow a attacker to increase their privilege...

8.2CVSS7.5AI score0.00752EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/01 12:0 a.m.14 views

The vulnerability of the gf_m2ts_process_pmt function in the media_tools/mpegts.c component of the GPAC multimedia platform allows a hacker to cause a service failure.

The vulnerability of the gfm2tsprocesspmt function in the mediatools/mpegts.c component of the GPAC multimedia platform is related to reading data from buffer memory beyond its allowable limits. Exploiting this vulnerability allows a malicious actor to cause service interruptions using a speciall...

6.5CVSS6.9AI score0.01019EPSS
Exploits1References7Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/03/05 12:0 a.m.14 views

The vulnerability of the embedded software of NETGEAR’s routers such as LAX20, MK62, MR60, MS60, R6400v2, R6700v3, R6900P, R7000, R7000P, R7850, R7900, R7900P, R7960P, R8000, R8000P, RAX15, RAX20, RAX200, RAX35v2, RAX40v2, RAX43, RAX45, RAX50, RAX75, RAX80, RS400, and XR1000 arises due to the lack of measures for cleaning input data. This allows a malicious actor to execute arbitrary commands.

The vulnerability of NETGEAR’s integrated router software, including models such as LAX20, MK62, MR60, MS60, R6400v2, R6700v3, R6900P, R7000, R7000P, R7850, R7900, R7900P, R7960P, R8000, R8000P, RAX15, RAX20, RAX200, RAX35v2, RAX40v2, RAX43, RAX45, RAX50, RAX75, RAX80, RS400, and XR1000, stems fr...

8.4CVSS7.1AI score0.00633EPSS
Exploits0References3Affected Software26
BDU FSTEC
BDU FSTEC
added 2022/03/04 12:0 a.m.14 views

The vulnerability of the built-in software of NETGEAR routers such as AC2100, AC2400, AC2600, D7000, R6220, R6230, R6260, R6330, R6350, R6700v2, R6800, R6850, R6900v2, R7200, R7350, R7400, R7450 lies in the lack of measures to sanitize input data. This allows attackers to execute arbitrary commands.

The vulnerability of NETGEAR’s integrated routing software modules—AC2100, AC2400, AC2600, D7000, R6220, R6230, R6260, R6330, R6350, R6700v2, R6800, R6850, R6900v2, R7200, R7350, R7400, and R7450—is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a...

9CVSS7.6AI score0.01092EPSS
Exploits0References3Affected Software17
BDU FSTEC
BDU FSTEC
added 2022/02/16 12:0 a.m.14 views

The vulnerability of the console.table() function implementation in Node.js’s software platform allows attackers to trigger a service failure or bypass security restrictions.

The vulnerability of the console.table function implementation in Node.js.js platforms is related to insufficient control over dynamically defined object properties. Exploiting this vulnerability could allow a malicious actor to trigger service failures or circumvent security restrictions by...

3.7CVSS6.5AI score0.21514EPSS
Exploits0References19Affected Software9
BDU FSTEC
BDU FSTEC
added 2022/02/10 12:0 a.m.14 views

The vulnerability of the Hyper-V hardware virtualization system in the Windows operating system, related to uncontrolled resource consumption, allows a hacker to trigger a service failure.

The vulnerability of the Hyper-V hardware virtualization technology in the Windows operating system is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a perpetrator to cause service interruptions...

5.5CVSS6.9AI score0.00997EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/02/04 12:0 a.m.14 views

The vulnerability of the Clam AntiVirus antivirus software lies in its insufficient validation of input data, allowing a hacker to perform denial-of-service attacks.

The vulnerability of the Clam AntiVirus antivirus software is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to perform a denial-of-service attack by sending a specially crafted OOXML file...

5.3CVSS7.2AI score0.03061EPSS
Exploits1References7Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/01/25 12:0 a.m.14 views

The vulnerability of the library for viewing, printing, rendering, creating, and processing PDF files. The PDFTron SDK is software for modeling, designing, and drafting in AutoCAD. This vulnerability relates to errors in the mechanism for checking path searching for dynamically attached libraries, allowing a perpetrator to execute arbitrary code.

The vulnerability of the library for viewing, printing, rendering, creating, and processing PDF files is related to errors in the mechanism for checking the path to dynamically linked libraries DLLs. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by opening a...

10CVSS7.6AI score0.01437EPSS
Exploits0References6Affected Software13
BDU FSTEC
BDU FSTEC
added 2021/12/22 12:0 a.m.14 views

The vulnerability of the WISE-4060 Ethernet module’s microprogramming software, related to session management errors, allows a intruder to gain unauthorized access to the device.

The vulnerability of the WISE-4060 Ethernet module’s microprogramming software is related to session management errors. Exploiting this vulnerability could allow an attacker to gain unauthorized access to the device remotely...

10CVSS5.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/11/25 12:0 a.m.14 views

The vulnerability of Cisco Small Business LLDP switches, related to copying buffers without checking input data, allows a perpetrator to execute arbitrary code.

The vulnerability of Cisco Small Business LLDP switches lies in the copying of buffers without checking the input data. Exploiting this vulnerability allows an attacker to execute arbitrary code...

4.3CVSS5.8AI score0.00398EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/11/12 12:0 a.m.14 views

The vulnerability of the SSL/TLS message processor in microprogramming network devices from Cisco Adaptive Security Appliances and Cisco Firepower Threat Defense allows attackers to induce service failures.

The vulnerability of SSL/TLS message processors in microprogramming network interface devices from Cisco Adaptive Security Appliances and Cisco Firepower Threat Defense involves an operation that goes beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to caus...

8.6CVSS7.4AI score0.01482EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/11/11 12:0 a.m.14 views

The vulnerability of the KrugCorrectTime.exe software of the SCADA system “KRUG-2000” lies in the lack of authentication for a critical function, allowing a intruder to cause a malfunction in the normal operation of the SCADA system.

The vulnerability of the KrugCorrectTime.exe software component of the SCADA system “KRUG-2000” lies in the lack of authentication for a critical function. Exploiting this vulnerability could allow an intruder to cause malfunctions in the normal operation of the SCADA system...

7.7CVSS5.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/10/20 12:0 a.m.14 views

The vulnerability of the Media Audio Decoder decoder in the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the Media Audio Decoder driver for the Windows operating system is related to errors in code generation. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7CVSS7.6AI score0.01918EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/08/17 12:0 a.m.14 views

The vulnerability of the Wine package on the Astra Linux (Orel) operating system relates to the display of external program windows over the Astra Linux (Orel) lock window, allowing a intruder to gain unauthorized access to confidential information.

The vulnerability of the Wine software on the Astra Linux operating system Orel relates to the display of modal windows of third-party programs such as “MediaLog” over the Astra Linux lock screen. Exploiting this vulnerability could allow a malicious individual to gain unauthorized access to...

4CVSS5.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.14 views

The vulnerability of the central module for managing engineering data and the product’s life cycle in the “LOCMAN Client” system, a system for managing engineering data and the product’s life cycle, arises from the possibility of unlimited loading of dangerous type files, allowing attackers to execute arbitrary codes.

The vulnerability of the central module responsible for managing engineering data and the product’s lifecycle in the LOCsMAN Engineering Data and Product Lifecycle Management system is related to the possibility of unlimited loading of dangerous files. Exploiting this vulnerability could allow...

6.8CVSS6AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.14 views

The vulnerability of the data synchronization module at any time, triggered by user requests or by a special scheduler utility “LOCMAN Master Synchronization” of the engineering data and product lifecycle management system LOCMAN. This vulnerability is related to the unlimited loading of dangerous type files, allowing attackers to execute arbitrary code.

The vulnerability of the data synchronization module at any time, triggered by user requests or by special planning tools like “LOZMAN Master Synchronization” of the Engineering Data and Product Lifecycle management system LOZMAN, is related to the unlimited loading of dangerous files. Exploiting...

6.8CVSS6AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/05/12 12:0 a.m.14 views

The vulnerability of the sub-components of the General Ledger Update Transform and Reports component of the Oracle iSetup system, a business automation solution from Oracle E-Business Suite. This vulnerability allows an intruder to gain unauthorized access to the device.

The vulnerability of the General Ledger Update Transform and Reports components of the Oracle iSetup component in the Oracle E-Business Suite system involves code errors. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to the device through HTT...

8.5CVSS6.9AI score0.00987EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/05/05 12:0 a.m.14 views

The vulnerability of Microprogramming Software for Cisco Adaptive Security Appliance Software (ASA) and Cisco Firepower Threat Defense (FTD) relates to writing beyond the buffer boundaries, allowing attackers to trigger a system reboot or cause service failure.

The vulnerability of Microprogrammed Network Interface Software of Cisco Adaptive Security Appliance Software ASA and Cisco Firepower Threat Defense FTD is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow a malicious actor to trigger a system reboot or caus...

8.6CVSS7.4AI score0.01656EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/01/26 12:0 a.m.14 views

The vulnerability of the HEVC Video Extension codec, which arises due to insufficient validation of input data, allows attackers to execute arbitrary code.

The vulnerability of the HEVC Video Extension codec exists due to insufficient checks on input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.6AI score0.03889EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/01/13 12:0 a.m.14 views

The vulnerability of the fly-qdm graphical interface, related to uncontrolled resource consumption, allows a hacker to cause a service failure.

The vulnerability of the fly-qdm graphical interface is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a hacker to cause a service failure...

4CVSS5.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/12/07 12:0 a.m.14 views

The vulnerability of the KTS “Lighthouse” web interface, which stems from the lack of measures to sanitize input data, allows a perpetrator to inject any desired web script or HTML code.

The vulnerability of the KTS “Lighthouse” web interface is related to the lack of measures to sanitize input data. Exploiting this vulnerability allows a remote attacker to inject arbitrary web scripts or HTML code...

4.3CVSS5.7AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/12/07 12:0 a.m.14 views

The vulnerability of the KTS web interface “Mayak,” related to the failure to protect the SQL query structure, allows attackers to execute arbitrary SQL commands.

The vulnerability of the KTS “Lighthouse” web interface is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands using a specially crafted HTTP POST request...

10CVSS6.1AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/10/27 12:0 a.m.14 views

The vulnerability of microprogrammed software in server boards, server systems, and Intel computing modules arises from copying buffers without checking the size of the input data. This allows attackers to exploit their privileges.

The vulnerability of microprogrammed software in server boards, server systems, and Intel computing modules is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.2AI score0.00365EPSS
Exploits0References3Affected Software18
BDU FSTEC
BDU FSTEC
added 2020/10/27 12:0 a.m.14 views

The vulnerability of the Kryo Codec component in the software platform for integrating corporate applications in Spring Integration allows a hacker to execute arbitrary code.

The vulnerability of the Kryo Codec component in the software platform for integrating corporate applications in Spring Integration is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS8AI score0.04409EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/10/27 12:0 a.m.14 views

The vulnerability of microprogramming software in server boards, server systems, and Intel computing modules relates to writing beyond the buffer memory boundaries, allowing attackers to exploit their privileges.

The vulnerability of microprogrammed software in server boards, server systems, and Intel computing modules is related to writing beyond the buffer memory boundaries. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

6.3CVSS7.8AI score0.00714EPSS
Exploits0References3Affected Software18
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.14 views

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to trigger a service failure.

The vulnerability of the Core component of the Oracle VM VirtualBox software lies in improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

4.9CVSS6.6AI score0.00382EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/06/19 12:0 a.m.14 views

The vulnerability of the OpenOffice office suite, related to integer overflow, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the OpenOffice office suite is related to a numerical overflow condition. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service interruptions...

7.4CVSS5.5AI score0.04668EPSS
Exploits1References4Affected Software3
BDU FSTEC
BDU FSTEC
added 2020/06/05 12:0 a.m.14 views

The vulnerability of the InnoDB component of the MySQL Database Server management system, which allows a hacker to cause a service failure.

The vulnerability of the InnoDB component in the MySQL Database Management System is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL Protocol...

4.9CVSS6.3AI score0.02805EPSS
Exploits0References17Affected Software7
BDU FSTEC
BDU FSTEC
added 2020/01/08 12:0 a.m.14 views

Huawei routers’ vulnerabilities related to authentication errors allow attackers to execute arbitrary code and increase their privileges.

The vulnerability of Huawei routers is related to authentication errors. Exploiting this vulnerability allows a hacker to execute arbitrary code and increase their privileges...

7.8CVSS7.6AI score0.00222EPSS
Exploits0References3Affected Software21
BDU FSTEC
BDU FSTEC
added 2019/12/27 12:0 a.m.14 views

The vulnerability in the driver drivers/net/wireless/ath/ath9k/htc_hst.c of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the drivers/net/wireless/ath/ath9k/htchst.c kernel of the Linux operating system is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

7.8CVSS6.5AI score0.04433EPSS
Exploits0References26Affected Software5
BDU FSTEC
BDU FSTEC
added 2019/11/25 12:0 a.m.14 views

The vulnerability of the image loading module in the software suite for creating 3D computer graphics in Blender arises from a numerical overflow condition. This allows an attacker to execute arbitrary code.

The vulnerability of the image loading module in Blender’s 3D computer graphics software is caused by a numerical overflow. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created malicious .blend file...

7.8CVSS7.9AI score0.0265EPSS
Exploits1References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/10/03 12:0 a.m.14 views

The vulnerability of the Layer 2 Traceroute tool for Cisco IOS XE and Cisco IOS operating systems allows a hacker to create a complete L2 topology of a vulnerable network.

The vulnerability of the Layer 2 Traceroute tool for Cisco IOS XE and Cisco IOS operating systems is related to the lack of authentication. Exploiting this vulnerability allows a malicious actor to remotely construct a complete L2 topology of the vulnerable network...

5.3CVSS5.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/10/02 12:0 a.m.14 views

Multiple vulnerabilities exist in the my_parse_url function of the MOXA EDR-810 industrial router’s web server. These vulnerabilities allow attackers to execute arbitrary code.

The multiple vulnerabilities of the myparseurl function offset 0x16748 in the web server jffs2-root\fs1\magicP\WebServer\webs of the MOXA EDR-810 industrial router are caused by a lack of checking data size when copying data into a buffer of 0x80 bytes. Exploitation of this vulnerability allows a...

9.6CVSS6.3AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/10/01 12:0 a.m.14 views

The vulnerability of the xca utility in the Astra Linux operating system, which allows a intruder to trigger a service failure

The vulnerability of the xca utility in the Astra Linux operating system is related to a bug that causes the program to terminate abnormally when a dialog window is closed. Exploiting this vulnerability could allow an attacker to cause a service failure...

4.7CVSS5.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/10/01 12:0 a.m.14 views

The vulnerability of the libgost-astra library in the Astra Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the libgost-astra library in the Astra Linux operating system is related to errors during the automatic configuration of the algorithms according to GOST standards. Exploiting this vulnerability can allow attackers to cause service failures...

3.3CVSS5.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/07/04 12:0 a.m.14 views

The vulnerability in the platform for creating a unified database and electronic registration of residential properties, “BAR.- ”, relates to the unlimited loading of dangerous type files, allowing a perpetrator to execute arbitrary codes.

The vulnerability in the platform for creating a unified database and electronic registration of residential properties, “BAR.- ”, is related to the unlimited loading of dangerous files. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by uploading a php file to th...

10CVSS6AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/06/27 12:0 a.m.14 views

The vulnerability of the maxiradioremove handler’s implementation in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the maxiradioremove implementation for loading the drivers/media/radio/radio-maxiradio.ko module into the Linux kernel is related to a memory leak. Exploiting this vulnerability could allow an attacker to cause a system failure by repeatedly connecting and disconnecting the...

5.1CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/06/27 12:0 a.m.14 views

The vulnerability in the implementation of the mpi_alloc function in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the mpialloc function in the loaded module of the digsig/digsigverif.ko kernel of the Linux operating system is related to the assignment of the null pointer. Exploiting this vulnerability could allow an attacker to cause a system failure when there is a memory shortage in th...

6.2CVSS5.6AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/04/25 12:0 a.m.14 views

The vulnerability of the process_demand_active function in the RDP client rdesktop, related to reading beyond the buffer limit, allows a hacker to cause service failure.

The vulnerability of the processdemandactive function in the RDP client rdesktop is related to reading data beyond the buffer boundary. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.5CVSS7.6AI score0.04342EPSS
Exploits1References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/04/25 12:0 a.m.14 views

Vulnerability of the Server component: Security: Privileges of the MySQL database management system, which allows a hacker to cause a service failure.

The vulnerability of the Server component: Security: Privileges of the MySQL database management system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

7.8CVSS6.5AI score0.02232EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/28 12:0 a.m.14 views

The vulnerability of the Partner Detail sub-component of the Oracle Partner Management component in the Oracle E-Business Suite allows a malicious actor to gain access to modify, add, or delete data.

The vulnerability of the Partner Detail sub-component of the Oracle Partner Management component in the Oracle E-Business Suite is related to code errors. Exploiting this vulnerability may allow an attacker, operating remotely, to gain access to modify, add, or delete data using the HTTP protocol...

8.2CVSS7.5AI score0.0153EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/23 12:0 a.m.14 views

The vulnerability of the Core RDBMS component of the database management system Oracle Database Server allows a hacker to gain full control over the application.

The vulnerability of the Core RDBMS component of the database management system Oracle Database Server is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to gain full control over the application...

8.2CVSS7.5AI score0.00438EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/23 12:0 a.m.14 views

The vulnerability in the implementation of TCP sockets in Cisco IOS and Cisco IOS XE operating systems allows a hacker to trigger a device reboot and a service failure.

The vulnerability of TCP socket implementations in Cisco IOS and Cisco IOS XE systems is related to state management errors. Exploiting this vulnerability can allow a malicious actor to trigger a device reboot and a service failure by sending specially crafted HTTP packets...

6.8CVSS6.7AI score0.02004EPSS
Exploits0References2
Total number of security vulnerabilities5000