90336 matches found
The vulnerability of the config_set function in the libconfig.so library of the web server’s embedded software is related to buffer overflows in the stack due to insufficient input data processing. This allows attackers to execute arbitrary code or cause service interruptions by exploiting this vulnerability.
The vulnerability of the configset function in the libconfig.so library, a built-in software library for web servers, is related to buffer overflows in the stack due to insufficient input handling. Exploiting this vulnerability can allow an attacker to enhance their privileges, execute arbitrary...
The vulnerability of Moxa VPORT 06EC-2V series IP cameras’ microprogramming software is related to integer overflow. This allows a intruder to trigger a service failure.
The vulnerability of Moxa VPORT 06EC-2V series IP cameras’ microprogramming software is related to a numerical overflow condition. Exploiting this vulnerability can allow an attacker to trigger a service failure through a specially crafted HTTP request...
The vulnerability of the Mediaserver application in the Android operating system’s libmpeg2 library allows a hacker to cause memory corruption and execute code remotely within the Mediaserver context.
The vulnerability of the Mediaserver application in the Android operating system’s libmpeg2 library arises from the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to cause memory corruption and remotely execute code within the...
The vulnerability of the DecodeManager::decodeRect function in the VNC TigerVNC software allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the DecodeManager::decodeRect function in the VNC TigerVNC software is related to the execution of operations within acceptable buffer data limits. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause...
The vulnerability of the SDP server for Bluetooth protocol implementations allows a hacker to disclose sensitive system information.
The vulnerability of the SDP-server of the BlueZ software package, which implements a Bluetooth protocol stack, stems from the possibility of reading data beyond the memory buffer boundaries. Exploiting this vulnerability allows a malicious actor to read memory bits by using a specially crafted...
The vulnerability of the libhevc library in the Mediaserver application of the Android operating system allows a hacker to cause service failure, device freezing, and reloading of the device.
The vulnerability of the libhevc library in the Mediaserver application of the Android operating system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to cause service failures, device freezes, and reboots by using a specially created file...
The vulnerability in the `ecard_send.php` script of the Admidio membership and access control application allows a perpetrator to execute arbitrary code and gain access to read, modify, or delete data.
The vulnerability in the ecardsend.php script /admprogram/modules/ecards/ecardsend.php of the Admidio membership and access control application relates to the improper elimination of special elements used in SQL queries when processing the ecardrecipients parameter. Exploiting this vulnerability...
The vulnerability of the parse_required_member() function in the protobuf-c data serialization protocol, related to integer overflow, allows a attacker to execute arbitrary code and completely compromise the system.
The vulnerability of the parserequiredmember function in the protobuf-c data serialization protocol is related to integer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code and cause the system to be completely compromised...
The vulnerability of the Gstreamer multimedia framework lies in its memory management after it is freed. This allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the Gstreamer multimedia framework is related to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause a service failure using a distorted Matroska file...
The vulnerability of the d2alaw_array() function in the SI libsndfile library, which involves reading beyond the permissible buffer size, allows an attacker to access confidential information or cause service failures.
The vulnerability of the d2alawarray function in the SI libsndfile library relates to reading data beyond the permissible buffer size. Exploiting this vulnerability allows a remote attacker to gain access to confidential information or cause service failures...
The vulnerability of the libmpeg2 library in the Media Framework component of the Android operating system allows a hacker to induce a service failure.
The vulnerability of the libmpeg2 library in the Media Framework of the Android operating system is related to insufficient state checking. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...
Vulnerability in the MPEG-2 decoder of the Android operating system, allowing a hacker to execute arbitrary code
The vulnerability in the MPEG-2 decoder of the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the library for creating and editing PDF documents in OpenPDF, related to insufficient validation of requests on the server side, allows a hacker to perform an SSRF attack.
The vulnerability of the OpenPDF library for creating and editing PDF documents is related to insufficient validation of requests at the server-side. Exploiting this vulnerability could allow a malicious actor to execute an SSRF attack remotely...
The vulnerability of the predictOrdered() function in the objdetect/src/cascadedetect.hpp component of the computer vision algorithm library OpenCV, which involves reading data beyond the allowed buffer limits. This vulnerability allows attackers to access confidential data and also trigger a service failure.
The vulnerability of the predictOrdered function in the objdetect/src/cascadedetect.hpp component of the computer vision library OpenCV involves reading data beyond the permissible buffer size. Exploiting this vulnerability could allow an attacker to gain access to confidential data, as well as...
The vulnerability of the Contao content management system, related to improper code generation, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the Contao content management system is related to improper handling of code generation. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information by downloading specially created PHP...
The vulnerability of the Cairo vector graphics library, which allows a hacker to cause a service failure
The vulnerability of the fillxrgb32lerpopaquespans function in the Cairo vector graphics library is due to buffer overflow. Exploiting this vulnerability could allow an attacker to cause a service failure such as out-of-memory reading or application termination by setting the length of the interv...
The vulnerability of the Git-based software platform for collaborative code development in GitLab EE/CE lies in improper code generation management, allowing attackers to compromise the integrity of protected information.
The vulnerability of the Git-based software platform for collaborative code development in GitLab EE/CE is related to improper code generation management. Exploiting this vulnerability can allow a malicious actor to compromise the integrity of the protected information...
The vulnerability of the Git-based software platform for collaborative code development on GitLab EE/CE lies in the authentication procedures’ flaws, which allow unauthorized access to protected information by intruders.
The vulnerability of the Git-based software platform for collaborative code development in GitLab EE/CE is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the FLAC__bitreader_read_rice_signed_block function in the bitreader.c component of the FLAC audio codec, related to reading data beyond the allowed buffer limits, allows a hacker to cause a service failure.
The vulnerability of the FLACbitreaderreadricesignedblock function in the bitreader.c component of the FLAC audio codec is related to reading data beyond the allowed buffer limits. Exploiting this vulnerability allows a remote attacker to cause service interruptions...
The vulnerability of the Apache Commons Compress library, related to executing a loop with an unreachable exit condition, allows attackers to compromise the integrity, accessibility, and confidentiality of the protected information.
The vulnerability of the Apache Commons Compress library is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow an attacker to compromise the integrity, accessibility, and confidentiality of the protected information...
The vulnerability of the H5O__chunk_deserialize() function in the H5Ocache.c component of the HDF file processing library allows a attacker to cause a service failure.
The vulnerability of the H5Ochunkdeserialize function in the H5Ocache.c component, a library for processing HDF5 files, is related to the failure to release resources after their useful lifespan has ended. Exploiting this vulnerability could allow an attacker to cause service interruptions by usi...
The vulnerability of the libhevc library in the Media Framework of the Android operating system allows a hacker to induce a service failure.
The vulnerability of the libhevc library in the Media Framework of the Android operating system is related to insufficient state checking. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...
The vulnerability of the software implementing the transport protocols QUIC and HTTP/3 in CloudFlare Quiche allows attackers to cause service interruptions due to unlimited resource distribution.
The vulnerability of the software implementing the transport protocols QUIC and HTTP/3 in CloudFlare Quiche lies in the fact that data is sent at a speed that exceeds the actual path support provided by the system due to unlimited resource distribution. Exploiting this vulnerability can allow a...
The vulnerability of the FFmpeg multimedia library’s component allows a hacker to execute arbitrary code.
The vulnerability of the FFmpeg multimedia library’s component is caused by an overflow in the buffer in the dynamic memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using data with incorrect size in the HTTP response...
The vulnerability of the Redis database management system allows a hacker to execute arbitrary Lua bytecode.
The vulnerability of the deps/lua/src/ldo.c component of the Redis database management system is related to incorrect data type conversion. Exploiting this vulnerability allows a malicious actor to execute any Lua bytecode using a specially crafted eval command...
The vulnerability of the Apache Tika content detection and analysis environment, related to the execution of operations beyond the buffer in memory, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the Apache Tika content detection and analysis engine lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected...
The vulnerability of the MP4_ReadBox_rdrf function in the Media Player software VideoLAN VLC allows a attacker to cause a service failure.
The vulnerability of the MP4ReadBoxrdrf function in the VideoLAN VLC media player’s libmp4.c file is related to numerical processing errors. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the libmpeg2 library in the Media Framework of the Android operating system allows a hacker to execute arbitrary code.
The vulnerability of the libmpeg2 library in the Media Framework of the Android operating system is related to lack of access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the bpf_tail_call_direct_fixup() function in the arch/x86/net/bpf_jit_comp.c module exposes network function support on the Linux kernel-based x86 platform, allowing attackers to cause system failures.
The vulnerability of the bpftailcalldirectfixup function in the arch/x86/net/bpfjitcomp.c module, which supports networking functions on the x86 kernel of the Linux operating system, is related to the reutilization of previously freed memory. Exploiting this vulnerability can allow an attacker to...
The vulnerability of the web interface of the Cisco Modeling Labs network modeling tool allows a perpetrator to execute arbitrary commands.
The vulnerability of the Cisco Modeling Labs network modeling tool’s web interface is related to the implementation or modification of arguments. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...
The multiple vulnerabilities in the libjpeg-turbo-static-1.2.1 package of the Red Hat Enterprise Linux operating system allow a malicious entity to compromise the confidentiality of protected information.
The libjpeg-turbo-static-1.2.1 package on the Red Hat Enterprise Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to violations of the confidentiality of protected information. These vulnerabilities can be exploited remotely...
The vulnerability of the Tinode Chat messaging platform, which allows attackers to perform cross-site scripting attacks
The vulnerability of the Tinode Chat messaging platform is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks by injecting specially crafted JavaScript code...
The vulnerability in Simatic IT’s software lies in the lack of authentication mechanisms, which allows attackers to bypass identity verification at the application level.
The vulnerability in Simatic IT’s software is related to deficiencies in authentication mechanisms. Exploiting this vulnerability allows a malicious actor to bypass identity verification at the application level...
The vulnerability of the gf_odf_ac4_cfg_alternative_info function in the MP4Box utility of the GPAC multimedia platform allows a perpetrator to cause a service failure or execute arbitrary code.
The vulnerability of the gfodfac4cfgalternativeinfo function in the MP4Box utility of the GPAC multimedia platform is related to buffer overflow attacks. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code...
The vulnerability of the fromAdvSetMacMtuWan() function in the Tenda AC9 router’s software allows a hacker to execute arbitrary code or cause service failures.
The vulnerability of the fromAdvSetMacMtuWan function in the Tenda AC9 router’s microprogramming software is related to the buffer overflow attack when processing the wanSpeed parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause service failures...
The vulnerability of the wireshark traffic analysis program lies in the improper release of memory before deleting last-level links, allowing a hacker to trigger a service failure.
The vulnerability of the wireshark traffic analysis program relates to the improper release of memory before deleting the last links. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the Adobe DNG Software Development Kit’s file reading and writing software lies in its ability to read data beyond the buffer boundaries, allowing an attacker to disclose protected information.
The vulnerability of the Adobe DNG Software Development Kit’s file reading and writing software relates to reading beyond the buffer boundaries. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...
The vulnerability of the Raw-image converter to DNG format allows a hacker to execute arbitrary code or trigger a service failure.
The vulnerability of the Raw-image conversion to DNG format in DNG Converter arises from the occurrence of operations outside the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure due to a memory corruption...
The vulnerability of the R7-Officer corporate server’s document editor, related to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.
The vulnerability of the R7-Officer corporate server document editor is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability can allow attackers to carry out XSS attacks...
The vulnerability of the R7-Officer corporate server’s document editor, related to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.
The vulnerability of the R7-Office corporate server document editor is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow an attacker to carry out XSS attacks...
The vulnerability of the drain_obj_stock() function in the mm/memcontrol.c module of the Linux kernel’s memory management subsystem allows a hacker to gain access to protected information or cause service failures.
The vulnerability of the drainobjstock function in the mm/memcontrol.c module of the Linux kernel’s memory management subsystem is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to access protected information or cause service failur...
The vulnerability of the encryption and digital signature verification library in the Node.js software platform xml-crypto is related to deficiencies in the mechanism for verifying cryptographic signatures. This vulnerability allows attackers to enhance their privileges.
The vulnerability of the XML-crypto library and the digital signature verification mechanism in Node.js software platforms is related to deficiencies in the signature verification mechanism. Exploiting this vulnerability could allow a malicious actor to enhance their privileges by sending special...
The vulnerability of the software platform for developing and managing Adobe Commerce B2B platforms, related to lack of access control, allows a hacker to bypass existing security restrictions and gain unauthorized access to protected information.
The vulnerability of the software platform for developing and managing Adobe Commerce B2B is related to lack of access control. Exploiting this vulnerability could allow a malicious actor to bypass existing security restrictions and gain unauthorized access to protected information...
The vulnerability in the web-based interface for managing software for network deployment and security management in HPE Aruba Networking Fabric Composer allows attackers to execute cross-site scripting attacks.
The vulnerability in the web-based interface for managing software for network deployment and security management in HPE Aruba Networking Fabric Composer is related to the lack of protective measures for the web page structure. Exploiting this vulnerability could allow a malicious actor to carry...
The vulnerability of the Suricata intrusion detection and prevention system, due to insufficient validation of input data, allows an intruder to execute arbitrary code.
The vulnerability of the Suricata intrusion detection and prevention system is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Xtra decoder, a decoding component for the MPEG-4 multimedia platform GPAC, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the Xtra decoder, which is used for decoding MPEG-4 multimedia platforms like GPAC, is related to a numerical overflow condition. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures...
The vulnerability of the Windows operating system’s kernel API allows a perpetrator to gain unauthorized access to modify, add, or delete data.
The vulnerability of the Windows operating system’s kernel API is related to errors in the FileObject structure. Exploiting this vulnerability can allow an attacker to gain unauthorized access to modify, add, or delete data...
The vulnerability of the Adobe DNG Converter arises from the operation of transferring data beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.
The vulnerability of the Adobe DNG Converter arises from the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely and cause memory corruption...
Vulnerability of the Cyrus IMAP mail server and operating systems openSUSE and OpenSUSE Leap, allowing attackers to obtain confidential information or exert other effects
The vulnerability of the indexurlfetch function index.c in the Cyrus IMAP server is due to buffer overflow. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain confidential information or possibly cause other adverse effects...
The vulnerability of the Ruby interpreter’s Rack module’s interface allows a hacker to trigger a service failure.
The vulnerability of the Ruby interpreter’s Rack module interface is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...