90604 matches found
The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure or cause other effects.
The vulnerability of the browser/extensions/api/webrtcaudioprivate/webrtcaudioprivateapi.cc implementation of the WebRTC Audio Private API in Google Chrome Chrome browsers is related to the use of memory after it is freed. Exploiting this vulnerability could allow a malicious actor to cause servi...
The vulnerability of the Cisco Firepower Extensible Operating System allows a perpetrator to gain access to read the files.
The vulnerability of the Cisco Firepower Extensible Operating System is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to files through a specially crafted HTTP request...
The vulnerability of the 1C-Bitrix web project management system allows a hacker to trigger a service failure, obtain confidential information, or rename arbitrary files.
The vulnerability of the admin/bitrix.xscanworker.php module of the 1C-Bitrix web project management system exists due to insufficient restrictions on the path name to the catalog. Exploiting this vulnerability allows a malicious actor to rename arbitrary files, obtain confidential information, o...
The vulnerability of the Android operating system, which allows a hacker to execute arbitrary code or cause a service failure
The vulnerability of the MPEG4Extractor::parseChunk function in the libstagefright library of the Android operating system is due to buffer overflow. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure by using specially crafted MPEG-4 data...
The vulnerability of the Luna HSM encryption hardware system, which allows a perpetrator to gain access to user data
The vulnerability of the Luna HSM encryption hardware system is due to problems with the implementation of cryptography. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to user data...
Vulnerabilities of iOS and Mac OS X operating systems, allowing attackers to execute arbitrary code or cause system failures
The vulnerability of the ImageIO component in iOS and Mac OS X operating systems arises due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure by using a specially crafted TIFF image...
The vulnerability of Adobe Acrobat DC, a PDF editing software, allows a hacker to circumvent existing access restrictions.
The vulnerability of the Adobe Acrobat DC PDF editing program is related to lack of access control mechanisms. Exploiting this vulnerability could allow a malicious actor to circumvent existing access restrictions remotely...
The vulnerability of the Oracle Database database management system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of data.
The vulnerability of the Oracle Database database management system’s Java VM component allows a malicious actor, who operates remotely and has completed the authentication process, to compromise the confidentiality, integrity, and accessibility of data...
Vulnerabilities in the OpenSUSE operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the xorg-x11-Mesa-devel package of the OpenSUSE operating system may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
The vulnerability of the OpenSUSE operating system allows attackers to compromise the accessibility of protected information.
The vulnerability of the openSUSE operating system’s openldap2-client-x86 package can lead to a violation of the accessibility of protected information. This vulnerability can be exploited remotely...
The vulnerability of the OpenSUSE operating system allows attackers to compromise the confidentiality of protected information.
The vulnerability of the mono-data-sybase package in the OpenSUSE operating system can lead to a violation of the confidentiality of protected information. This vulnerability can be exploited remotely...
Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information
The multiple vulnerabilities in the hostap-modules-2.4.27-4-686 package of the Debian GNU/Linux operating system may lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...
Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information
The multiple vulnerabilities in the hostap-modules-2.4.27-4-k6 package of the Debian GNU/Linux operating system may lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...
Vulnerabilities in the Debian GNU/Linux operating system that allow a local malicious individual to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the kernel-image-powerpc operating system package of the Debian GNU/Linux distribution may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited by local malicious individuals...
Vulnerabilities in the SUSE Linux Enterprise operating system that allow attackers to compromise the accessibility of protected information
The kernel-vmipae-debuginfo package of the SUSE Linux Enterprise operating system has multiple vulnerabilities that, if exploited, may lead to a violation of protected information. These vulnerabilities can be exploited remotely...
The vulnerability of the Red Hat Enterprise Linux operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the dbus-devel-1.2.24 package for the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited locally...
Vulnerabilities of the Gentoo Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the x11vnc package up to version 0.8.1 of the Gentoo Linux operating system can lead to violations of privacy, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Vulnerabilities in the OpenSUSE operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the cloop operating system package of OpenSUSE can be exploited, leading to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Vulnerabilities in the OpenSUSE operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the cloop-kmp-pae package of the OpenSUSE operating system can be exploited, which may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Blitz Identity Provider (Authentication server)
...
The vulnerability of the Directum Web Agent component of the Directum RX system, which arises due to insufficient validation of input data, allows a perpetrator to execute arbitrary code.
The vulnerability of the Directum Web Agent component of the Directum RX system exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a specially crafted file...
The vulnerability of the security plugin of the OpenSearch software package, which allows a hacker to increase their privileges
The vulnerability of the OpenSearch software security plugin is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...
The vulnerability of the software platform based on Git for collaborative code development in GitLab EE/CE is related to deficiencies in the authentication process, which allow unauthorized users to increase their privileges.
The vulnerability of the Git-based software platform for collaborative code development in GitLab EE/CE is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...
The vulnerability of the Media component of the Windows operating system, allowing a hacker to execute arbitrary code
The vulnerability of the Media component in the Windows operating system is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability in the web interface for managing Tenda AC7 router micro-program software allows a attacker to perform a CSRF attack.
The vulnerability in the web interface for managing Tenda AC7 router microprogramming software is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a remote attacker to execute a CSRF attack...
The vulnerability of the sub_3C434() function (/goform/AdvSetWan) in the Tenda FH451 router’s microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the sub3C434 function /goform/AdvSetWan of the Tenda FH451 router’s microprogramming software is related to buffer overflow in the stack. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of PLC NLcon-CE-485-C arises from insufficient validation of input data when processing a packet of the type 0xbbbb in the Codesys v2 service. This vulnerability allows an attacker to trigger a failure in the operation of the Codesys v2 execution environment.
The vulnerability of PLC NLcon-CE-485-C is related to insufficient validation of input data during the processing of the 0xbbbb packet in Codesys v2. Exploiting this vulnerability can allow an attacker to cause a failure in the operation of the Codesys v2 execution environment...
The vulnerability of the Paragon Hard Disk Manager software allows a perpetrator to modify any files they choose.
The vulnerability of the Paragon Hard Disk Manager software is related to insecure management of privileges. Exploiting this vulnerability could allow an attacker to modify arbitrary files...
The vulnerability of the “Multi-Functional Export/Import in Excel” plugin, related to insufficient protection of operational data, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the “Multi-Functional Export/Import in Excel” plugin is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
Vulnerability of 1C software: 1C:ERP Business Management, 1C:Comprehensive Automation, 1C:Commerce Management – due to the lack of authorization, allowing attackers to execute arbitrary requests.
Vulnerabilities of 1C software: 1C:ERP Business Management, 1C:Comprehensive Automation, 1C:Commerce Management involve a lack of authentication. Exploiting these vulnerabilities can allow remote attackers to execute arbitrary requests...
The vulnerability of the XML2PDF library, related to insufficient validation of requests on the server side, allows a attacker to perform an SSRF attack.
The vulnerability of the XML2PDF library is related to insufficient validation of requests on the server side. Exploiting this vulnerability allows a malicious actor to execute an SSRF attack by sending a specially crafted HTTP request...
The vulnerability of the prepare_update() function in the vio.cpp module of the “Red Database” database management system allows a perpetrator to cause a service failure.
The vulnerability of the prepareupdate function in the vio.cpp module of the “Red Database” database management system is related to improper initialization of resources when processing queries with the WITH LOCK construct and the creation of a delta version of the record. Exploiting this...
The vulnerability of the HTTPS protocol implementation in macOS operating systems allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the HTTPS protocol’s implementation in macOS systems is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information...
The vulnerability of the software for deploying and executing AI models with NVIDIA Triton Inference Server (previously known as TensorRT Inference Server) arises from the execution of operations beyond the buffer boundaries in memory. This allows attackers to gain unauthorized access to protected information, execute arbitrary code, or cause service failures.
The vulnerability of the software for deploying and executing NVIDIA Triton Inference Server previously known as TensorRT Inference Server relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access ...
The vulnerability of the software for deploying and executing NVIDIA Triton Inference Server (previously known as TensorRT Inference Server) relates to integer overflow. This vulnerability allows a malicious actor to trigger a service failure.
The vulnerability of the software for deploying and executing NVIDIA Triton Inference Server previously known as TensorRT Inference Server is related to a numerical overflow issue. Exploiting this vulnerability could allow an attacker to cause service failures...
The vulnerability of the netfs_retry_write_stream() function in the fs/netfs/write_retry.c module of the Linux operating system allows a attacker to cause a service failure.
The vulnerability of the netfsretrywritestream function in the fs/netfs/writeretry.c module of the Linux operating system is related to the violation of the buffer’s initial limit. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the `txopt_get()` function in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the txoptget function in the Linux operating system’s kernel is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the monitoring and control device for solar energy systems, Tigo Cloud Connect Advanced (CCA), arises from the use of strictly encrypted account data. This allows attackers to circumvent security restrictions, gain increased privileges, and obtain full control over the device.
The vulnerability of the monitoring and control device for solar energy systems, Tigo Cloud Connect Advanced CCA, lies in the use of strictly encrypted account data. Exploiting this vulnerability allows a malicious actor to bypass security restrictions, gain increased privileges, and obtain full...
The vulnerability of the v3d_job_update_stats() function in the File Descriptor Handler component of the Linux kernel allows a attacker to cause a service failure.
The vulnerability of the v3djobupdatestats function in the File Descriptor Handler component of the Linux operating system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the REST API implementation of the monitoring and network equipment management system called Cisco Prime Infrastructure, as well as the Cisco Evolved Programmable Network Manager (EPNM) software for managing network services, allows a attacker to execute arbitrary code.
The vulnerability of the REST API interface of the Cisco Prime Infrastructure monitoring and network equipment management system, as well as the Cisco Evolved Programmable Network Manager EPNM, relates to the lack of security measures for SQL query structures. Exploiting this vulnerability allows...
The vulnerability of the phy_detach() function in the drivers/net/phy/phy_device.c module of Linux kernel allows a hacker to cause a service failure.
The vulnerability of the phydetach function in the drivers/net/phy/phydevice.c module of Linux kernels is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the cma_netevent_callback() function in the drivers/infiniband/core/cma.c module of Linux kernel allows a hacker to cause a service failure.
The vulnerability of the cmaneteventcallback function in the drivers/infiniband/core/cma.c module of Linux kernels is related to improper release of resources. Exploiting this vulnerability could allow an attacker to cause service failures...
The vulnerability of the corporate platform for creating, managing, and processing electronic forms, documents, and business processes within Adobe Experience Manager (AEM) Forms on JEE lies in the incorrect restrictions on XML links to external objects. This allows attackers to read arbitrary files.
The vulnerability of the corporate platform for creating, managing, and processing electronic forms, documents, and business processes within Adobe Experience Manager AEM Forms on JEE is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability could...
The vulnerability of the Permissions control element in the Google Chrome browser allows a hacker to replace the user interface.
The vulnerability of the Permissions control element in Google Chrome is related to errors in the implementation of security checks for standard elements. Exploiting this vulnerability allows a remote attacker to replace the user interface...
The vulnerability of the chrome.fileSystem interface in the Google Chrome browser allows a perpetrator to replace the user interface.
The vulnerability of the chrome.fileSystem interface in the Google Chrome browser is related to errors in the implementation of security checks for standard elements. Exploiting this vulnerability allows a remote attacker to replace the user’s interface...
The vulnerability of the get_cur_lang_ver() function in Netgear’s JWNR2000v2 router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the getcurlangver function in Netgear JWNR2000v2 router microprogramming software is related to the copying of buffers without checking the size of the input data when processing the host parameter. Exploiting this vulnerability can allow an attacker to compromise the...
The vulnerability of the Site Survey web interface of the Intelbras RX 1500 and RX 3000 software allows attackers to perform cross-site scripting attacks.
The vulnerability of the Site Survey web interface of the Intelbras RX 1500 and RX 3000 software lies in the lack of measures taken to neutralize special elements during the processing of ESSID identifiers. Exploiting this vulnerability allows a remote attacker to perform domain-external attacks ...
The vulnerability of the CoreMedia Playback component in operating systems such as macOS, iOS, iPadOS, watchOS, tvOS, and visionOS allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the CoreMedia Playback component in operating systems such as macOS, iOS, iPadOS, watchOS, tvOS, and visionOS is related to improper authentication. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to trigger a service failure.
The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers is related to type conversion errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions through a specially crafted HTML page...
The vulnerability of the web page rendering module in WebKit operating systems such as macOS, iPadOS, VisionOS, iOS, WatchOS, and tvOS allows attackers to trigger a service failure.
The vulnerability of the web page rendering module in WebKit operating systems such as macOS, iPadOS, VisionOS, iOS, WatchOS, and tvOS is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service interruption...