Lucene search
K
Bdu FstecMost viewed

90336 matches found

BDU FSTEC
BDU FSTEC
added 2021/05/25 12:0 a.m.46 views

The vulnerability of the config_set function in the libconfig.so library of the web server’s embedded software is related to buffer overflows in the stack due to insufficient input data processing. This allows attackers to execute arbitrary code or cause service interruptions by exploiting this vulnerability.

The vulnerability of the configset function in the libconfig.so library, a built-in software library for web servers, is related to buffer overflows in the stack due to insufficient input handling. Exploiting this vulnerability can allow an attacker to enhance their privileges, execute arbitrary...

9.1CVSS6.1AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/03/30 12:0 a.m.46 views

The vulnerability of Moxa VPORT 06EC-2V series IP cameras’ microprogramming software is related to integer overflow. This allows a intruder to trigger a service failure.

The vulnerability of Moxa VPORT 06EC-2V series IP cameras’ microprogramming software is related to a numerical overflow condition. Exploiting this vulnerability can allow an attacker to trigger a service failure through a specially crafted HTTP request...

7.8CVSS5.5AI score
Exploits0References3Affected Software16
BDU FSTEC
BDU FSTEC
added 2017/05/25 12:0 a.m.45 views

The vulnerability of the Mediaserver application in the Android operating system’s libmpeg2 library allows a hacker to cause memory corruption and execute code remotely within the Mediaserver context.

The vulnerability of the Mediaserver application in the Android operating system’s libmpeg2 library arises from the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to cause memory corruption and remotely execute code within the...

9.3CVSS7.8AI score0.01338EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/03/21 12:0 a.m.42 views

The vulnerability of the DecodeManager::decodeRect function in the VNC TigerVNC software allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the DecodeManager::decodeRect function in the VNC TigerVNC software is related to the execution of operations within acceptable buffer data limits. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause...

7.2CVSS7.5AI score0.04485EPSS
Exploits1References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2017/09/15 12:0 a.m.41 views

The vulnerability of the SDP server for Bluetooth protocol implementations allows a hacker to disclose sensitive system information.

The vulnerability of the SDP-server of the BlueZ software package, which implements a Bluetooth protocol stack, stems from the possibility of reading data beyond the memory buffer boundaries. Exploiting this vulnerability allows a malicious actor to read memory bits by using a specially crafted...

5.7CVSS6.9AI score0.07774EPSS
Exploits3References8Affected Software2
BDU FSTEC
BDU FSTEC
added 2017/06/30 12:0 a.m.41 views

The vulnerability of the libhevc library in the Mediaserver application of the Android operating system allows a hacker to cause service failure, device freezing, and reloading of the device.

The vulnerability of the libhevc library in the Mediaserver application of the Android operating system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to cause service failures, device freezes, and reboots by using a specially created file...

7.1CVSS6.3AI score0.00715EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/09 12:0 a.m.40 views

The vulnerability in the `ecard_send.php` script of the Admidio membership and access control application allows a perpetrator to execute arbitrary code and gain access to read, modify, or delete data.

The vulnerability in the ecardsend.php script /admprogram/modules/ecards/ecardsend.php of the Admidio membership and access control application relates to the improper elimination of special elements used in SQL queries when processing the ecardrecipients parameter. Exploiting this vulnerability...

9.9CVSS6.1AI score0.00931EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/22 12:0 a.m.40 views

The vulnerability of the parse_required_member() function in the protobuf-c data serialization protocol, related to integer overflow, allows a attacker to execute arbitrary code and completely compromise the system.

The vulnerability of the parserequiredmember function in the protobuf-c data serialization protocol is related to integer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code and cause the system to be completely compromised...

7.5CVSS6.5AI score0.00369EPSS
Exploits0References13Affected Software7
BDU FSTEC
BDU FSTEC
added 2023/05/17 12:0 a.m.40 views

The vulnerability of the Gstreamer multimedia framework lies in its memory management after it is freed. This allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Gstreamer multimedia framework is related to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause a service failure using a distorted Matroska file...

9.3CVSS7.2AI score0.01219EPSS
Exploits0References10Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/07/22 12:0 a.m.40 views

The vulnerability of the d2alaw_array() function in the SI libsndfile library, which involves reading beyond the permissible buffer size, allows an attacker to access confidential information or cause service failures.

The vulnerability of the d2alawarray function in the SI libsndfile library relates to reading data beyond the permissible buffer size. Exploiting this vulnerability allows a remote attacker to gain access to confidential information or cause service failures...

8.1CVSS6.9AI score0.02043EPSS
Exploits0References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2018/04/12 12:0 a.m.40 views

The vulnerability of the libmpeg2 library in the Media Framework component of the Android operating system allows a hacker to induce a service failure.

The vulnerability of the libmpeg2 library in the Media Framework of the Android operating system is related to insufficient state checking. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

9.1CVSS7.7AI score0.00641EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/08/25 12:0 a.m.40 views

Vulnerability in the MPEG-2 decoder of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability in the MPEG-2 decoder of the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9.3CVSS7.6AI score0.01378EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/23 12:0 a.m.39 views

The vulnerability of the library for creating and editing PDF documents in OpenPDF, related to insufficient validation of requests on the server side, allows a hacker to perform an SSRF attack.

The vulnerability of the OpenPDF library for creating and editing PDF documents is related to insufficient validation of requests at the server-side. Exploiting this vulnerability could allow a malicious actor to execute an SSRF attack remotely...

5.3CVSS5.8AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/09/13 12:0 a.m.39 views

The vulnerability of the predictOrdered() function in the objdetect/src/cascadedetect.hpp component of the computer vision algorithm library OpenCV, which involves reading data beyond the allowed buffer limits. This vulnerability allows attackers to access confidential data and also trigger a service failure.

The vulnerability of the predictOrdered function in the objdetect/src/cascadedetect.hpp component of the computer vision library OpenCV involves reading data beyond the permissible buffer size. Exploiting this vulnerability could allow an attacker to gain access to confidential data, as well as...

8.2CVSS6.8AI score0.02647EPSS
Exploits1References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2021/09/10 12:0 a.m.39 views

The vulnerability of the Contao content management system, related to improper code generation, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Contao content management system is related to improper handling of code generation. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information by downloading specially created PHP...

9CVSS7.2AI score0.01254EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/19 12:0 a.m.39 views

The vulnerability of the Cairo vector graphics library, which allows a hacker to cause a service failure

The vulnerability of the fillxrgb32lerpopaquespans function in the Cairo vector graphics library is due to buffer overflow. Exploiting this vulnerability could allow an attacker to cause a service failure such as out-of-memory reading or application termination by setting the length of the interv...

5CVSS7.6AI score0.01805EPSS
Exploits1References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/07/01 12:0 a.m.38 views

The vulnerability of the Git-based software platform for collaborative code development in GitLab EE/CE lies in improper code generation management, allowing attackers to compromise the integrity of protected information.

The vulnerability of the Git-based software platform for collaborative code development in GitLab EE/CE is related to improper code generation management. Exploiting this vulnerability can allow a malicious actor to compromise the integrity of the protected information...

4.3CVSS5.8AI score0.00223EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/07/01 12:0 a.m.38 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab EE/CE lies in the authentication procedures’ flaws, which allow unauthorized access to protected information by intruders.

The vulnerability of the Git-based software platform for collaborative code development in GitLab EE/CE is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

5.3CVSS5.8AI score0.00188EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/07/06 12:0 a.m.38 views

The vulnerability of the FLAC__bitreader_read_rice_signed_block function in the bitreader.c component of the FLAC audio codec, related to reading data beyond the allowed buffer limits, allows a hacker to cause a service failure.

The vulnerability of the FLACbitreaderreadricesignedblock function in the bitreader.c component of the FLAC audio codec is related to reading data beyond the allowed buffer limits. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

4.3CVSS5.7AI score0.03964EPSS
Exploits0References14Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/04/12 12:0 a.m.37 views

The vulnerability of the Apache Commons Compress library, related to executing a loop with an unreachable exit condition, allows attackers to compromise the integrity, accessibility, and confidentiality of the protected information.

The vulnerability of the Apache Commons Compress library is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow an attacker to compromise the integrity, accessibility, and confidentiality of the protected information...

8.1CVSS6.6AI score0.00441EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/11/11 12:0 a.m.37 views

The vulnerability of the H5O__chunk_deserialize() function in the H5Ocache.c component of the HDF file processing library allows a attacker to cause a service failure.

The vulnerability of the H5Ochunkdeserialize function in the H5Ocache.c component, a library for processing HDF5 files, is related to the failure to release resources after their useful lifespan has ended. Exploiting this vulnerability could allow an attacker to cause service interruptions by usi...

7.8CVSS7AI score0.01494EPSS
Exploits1References10Affected Software5
BDU FSTEC
BDU FSTEC
added 2018/04/12 12:0 a.m.37 views

The vulnerability of the libhevc library in the Media Framework of the Android operating system allows a hacker to induce a service failure.

The vulnerability of the libhevc library in the Media Framework of the Android operating system is related to insufficient state checking. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

9.1CVSS7.7AI score0.00508EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/24 12:0 a.m.36 views

The vulnerability of the software implementing the transport protocols QUIC and HTTP/3 in CloudFlare Quiche allows attackers to cause service interruptions due to unlimited resource distribution.

The vulnerability of the software implementing the transport protocols QUIC and HTTP/3 in CloudFlare Quiche lies in the fact that data is sent at a speed that exceeds the actual path support provided by the system due to unlimited resource distribution. Exploiting this vulnerability can allow a...

7.8CVSS5.4AI score0.00723EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/06/30 12:0 a.m.36 views

The vulnerability of the FFmpeg multimedia library’s component allows a hacker to execute arbitrary code.

The vulnerability of the FFmpeg multimedia library’s component is caused by an overflow in the buffer in the dynamic memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using data with incorrect size in the HTTP response...

7.5CVSS8.4AI score0.08359EPSS
Exploits1References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.36 views

The vulnerability of the Redis database management system allows a hacker to execute arbitrary Lua bytecode.

The vulnerability of the deps/lua/src/ldo.c component of the Redis database management system is related to incorrect data type conversion. Exploiting this vulnerability allows a malicious actor to execute any Lua bytecode using a specially crafted eval command...

10CVSS6.3AI score0.09636EPSS
Exploits2References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/03/13 12:0 a.m.35 views

The vulnerability of the Apache Tika content detection and analysis environment, related to the execution of operations beyond the buffer in memory, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Apache Tika content detection and analysis engine lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected...

9.3CVSS7.1AI score0.0484EPSS
Exploits0References5Affected Software4
BDU FSTEC
BDU FSTEC
added 2019/11/11 12:0 a.m.35 views

The vulnerability of the MP4_ReadBox_rdrf function in the Media Player software VideoLAN VLC allows a attacker to cause a service failure.

The vulnerability of the MP4ReadBoxrdrf function in the VideoLAN VLC media player’s libmp4.c file is related to numerical processing errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

6.8CVSS5.4AI score0.11865EPSS
Exploits2References7Affected Software2
BDU FSTEC
BDU FSTEC
added 2017/11/03 12:0 a.m.35 views

The vulnerability of the libmpeg2 library in the Media Framework of the Android operating system allows a hacker to execute arbitrary code.

The vulnerability of the libmpeg2 library in the Media Framework of the Android operating system is related to lack of access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9.3CVSS7.6AI score0.01624EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.34 views

The vulnerability of the bpf_tail_call_direct_fixup() function in the arch/x86/net/bpf_jit_comp.c module exposes network function support on the Linux kernel-based x86 platform, allowing attackers to cause system failures.

The vulnerability of the bpftailcalldirectfixup function in the arch/x86/net/bpfjitcomp.c module, which supports networking functions on the x86 kernel of the Linux operating system, is related to the reutilization of previously freed memory. Exploiting this vulnerability can allow an attacker to...

7.8CVSS6.2AI score0.00235EPSS
Exploits0References10Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/05/24 12:0 a.m.34 views

The vulnerability of the web interface of the Cisco Modeling Labs network modeling tool allows a perpetrator to execute arbitrary commands.

The vulnerability of the Cisco Modeling Labs network modeling tool’s web interface is related to the implementation or modification of arguments. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

9CVSS7.9AI score0.30492EPSS
Exploits3References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.34 views

The multiple vulnerabilities in the libjpeg-turbo-static-1.2.1 package of the Red Hat Enterprise Linux operating system allow a malicious entity to compromise the confidentiality of protected information.

The libjpeg-turbo-static-1.2.1 package on the Red Hat Enterprise Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to violations of the confidentiality of protected information. These vulnerabilities can be exploited remotely...

5.3CVSS6.9AI score0.10117EPSS
Exploits0References7Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/09/06 12:0 a.m.32 views

The vulnerability of the Tinode Chat messaging platform, which allows attackers to perform cross-site scripting attacks

The vulnerability of the Tinode Chat messaging platform is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks by injecting specially crafted JavaScript code...

8CVSS5.2AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/18 12:0 a.m.32 views

The vulnerability in Simatic IT’s software lies in the lack of authentication mechanisms, which allows attackers to bypass identity verification at the application level.

The vulnerability in Simatic IT’s software is related to deficiencies in authentication mechanisms. Exploiting this vulnerability allows a malicious actor to bypass identity verification at the application level...

7.7CVSS7.5AI score0.02656EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/07/17 12:0 a.m.31 views

The vulnerability of the gf_odf_ac4_cfg_alternative_info function in the MP4Box utility of the GPAC multimedia platform allows a perpetrator to cause a service failure or execute arbitrary code.

The vulnerability of the gfodfac4cfgalternativeinfo function in the MP4Box utility of the GPAC multimedia platform is related to buffer overflow attacks. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code...

7.8CVSS6.2AI score
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/03/17 12:0 a.m.31 views

The vulnerability of the fromAdvSetMacMtuWan() function in the Tenda AC9 router’s software allows a hacker to execute arbitrary code or cause service failures.

The vulnerability of the fromAdvSetMacMtuWan function in the Tenda AC9 router’s microprogramming software is related to the buffer overflow attack when processing the wanSpeed parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause service failures...

10CVSS6.4AI score0.005EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/01/17 12:0 a.m.31 views

The vulnerability of the wireshark traffic analysis program lies in the improper release of memory before deleting last-level links, allowing a hacker to trigger a service failure.

The vulnerability of the wireshark traffic analysis program relates to the improper release of memory before deleting the last links. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

5.3CVSS6.5AI score0.02965EPSS
Exploits1References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2021/09/01 12:0 a.m.31 views

The vulnerability of the Adobe DNG Software Development Kit’s file reading and writing software lies in its ability to read data beyond the buffer boundaries, allowing an attacker to disclose protected information.

The vulnerability of the Adobe DNG Software Development Kit’s file reading and writing software relates to reading beyond the buffer boundaries. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

7.5CVSS7.4AI score0.03474EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/12/22 12:0 a.m.31 views

The vulnerability of the Raw-image converter to DNG format allows a hacker to execute arbitrary code or trigger a service failure.

The vulnerability of the Raw-image conversion to DNG format in DNG Converter arises from the occurrence of operations outside the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure due to a memory corruption...

10CVSS8.5AI score0.0418EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/29 12:0 a.m.30 views

The vulnerability of the R7-Officer corporate server’s document editor, related to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.

The vulnerability of the R7-Officer corporate server document editor is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability can allow attackers to carry out XSS attacks...

8.5CVSS5.8AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/29 12:0 a.m.30 views

The vulnerability of the R7-Officer corporate server’s document editor, related to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.

The vulnerability of the R7-Office corporate server document editor is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow an attacker to carry out XSS attacks...

8.5CVSS5.8AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/09 12:0 a.m.30 views

The vulnerability of the drain_obj_stock() function in the mm/memcontrol.c module of the Linux kernel’s memory management subsystem allows a hacker to gain access to protected information or cause service failures.

The vulnerability of the drainobjstock function in the mm/memcontrol.c module of the Linux kernel’s memory management subsystem is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to access protected information or cause service failur...

5.5CVSS7.2AI score0.00239EPSS
Exploits0References14Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/17 12:0 a.m.30 views

The vulnerability of the encryption and digital signature verification library in the Node.js software platform xml-crypto is related to deficiencies in the mechanism for verifying cryptographic signatures. This vulnerability allows attackers to enhance their privileges.

The vulnerability of the XML-crypto library and the digital signature verification mechanism in Node.js software platforms is related to deficiencies in the signature verification mechanism. Exploiting this vulnerability could allow a malicious actor to enhance their privileges by sending special...

10CVSS7.7AI score0.09378EPSS
Exploits1References9Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/10 12:0 a.m.30 views

The vulnerability of the software platform for developing and managing Adobe Commerce B2B platforms, related to lack of access control, allows a hacker to bypass existing security restrictions and gain unauthorized access to protected information.

The vulnerability of the software platform for developing and managing Adobe Commerce B2B is related to lack of access control. Exploiting this vulnerability could allow a malicious actor to bypass existing security restrictions and gain unauthorized access to protected information...

6.8CVSS5.4AI score0.00708EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/10 12:0 a.m.30 views

The vulnerability in the web-based interface for managing software for network deployment and security management in HPE Aruba Networking Fabric Composer allows attackers to execute cross-site scripting attacks.

The vulnerability in the web-based interface for managing software for network deployment and security management in HPE Aruba Networking Fabric Composer is related to the lack of protective measures for the web page structure. Exploiting this vulnerability could allow a malicious actor to carry...

5.5CVSS5.2AI score0.00258EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/17 12:0 a.m.30 views

The vulnerability of the Suricata intrusion detection and prevention system, due to insufficient validation of input data, allows an intruder to execute arbitrary code.

The vulnerability of the Suricata intrusion detection and prevention system is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.9AI score0.01031EPSS
Exploits0References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/04/13 12:0 a.m.30 views

The vulnerability of the Xtra decoder, a decoding component for the MPEG-4 multimedia platform GPAC, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Xtra decoder, which is used for decoding MPEG-4 multimedia platforms like GPAC, is related to a numerical overflow condition. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

9.3CVSS7.6AI score0.0143EPSS
Exploits1References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2021/05/24 12:0 a.m.30 views

The vulnerability of the Windows operating system’s kernel API allows a perpetrator to gain unauthorized access to modify, add, or delete data.

The vulnerability of the Windows operating system’s kernel API is related to errors in the FileObject structure. Exploiting this vulnerability can allow an attacker to gain unauthorized access to modify, add, or delete data...

5CVSS5.5AI score
Exploits0References1Affected Software7
BDU FSTEC
BDU FSTEC
added 2018/02/15 12:0 a.m.30 views

The vulnerability of the Adobe DNG Converter arises from the operation of transferring data beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Adobe DNG Converter arises from the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely and cause memory corruption...

10CVSS6.4AI score0.05853EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/02/12 12:0 a.m.30 views

Vulnerability of the Cyrus IMAP mail server and operating systems openSUSE and OpenSUSE Leap, allowing attackers to obtain confidential information or exert other effects

The vulnerability of the indexurlfetch function index.c in the Cyrus IMAP server is due to buffer overflow. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain confidential information or possibly cause other adverse effects...

7.5CVSS7.1AI score0.03261EPSS
Exploits1References11Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.29 views

The vulnerability of the Ruby interpreter’s Rack module’s interface allows a hacker to trigger a service failure.

The vulnerability of the Ruby interpreter’s Rack module interface is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

4.2CVSS5.5AI score0.00201EPSS
Exploits0References10Affected Software11
Total number of security vulnerabilities5000