Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2025/07/09 12:0 a.m.13 views

Vulnerability of the wfxUploadAp_templates() function in the drivers/net/wireless/silabs/wfx/sta.c module – A driver for supporting wireless connection adapters from Silicon Laboratories’ Linux-based operating systems. This vulnerability allows a hacker to cause a service failure.

Vulnerability of the wfxUploadAptemplates function in the drivers/net/wireless/silabs/wfx/sta.c module – The wireless adapter support driver from Silicon Laboratories for Linux operating systems is vulnerable due to a NULL pointer dereferencing issue. Exploiting this vulnerability could allow an...

5.5CVSS6.1AI score0.00225EPSS
Exploits0References12Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/07/08 12:0 a.m.13 views

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software, related to the occurrence of operations outside the buffer in memory, allows attackers to disclose protected information.

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing functionality lies in the issue of operations going beyond the buffer in memory during the processing of PRC files. Exploiting this vulnerability can allow an attacker to disclose protected information...

3.3CVSS5.9AI score0.00211EPSS
Exploits0References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/07/08 12:0 a.m.13 views

The vulnerability of PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO programs relates to the use of memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of PDF viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the use of memory after it is freed during file processing for U3D operations. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.5AI score0.00247EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/07/08 12:0 a.m.13 views

The vulnerability of PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO programs relates to the use of memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of PDF viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the use of memory after it is freed during file processing for U3D operations. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.5AI score0.00247EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/07/08 12:0 a.m.13 views

The vulnerability of the HarmonyOS operating system, related to buffer overflows in the stack, allows a attacker to trigger a service failure.

The vulnerability of the HarmonyOS operating system is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to trigger a service failure...

4CVSS5.8AI score0.00086EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/08 12:0 a.m.13 views

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software lies in the possibility of an operation going beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing functionality lies in the issue of operations going beyond the buffer in memory during the processing of PRC files. Exploiting this vulnerability allows an attacker to execute arbitrary code...

7.8CVSS7.7AI score0.00233EPSS
Exploits0References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/07/04 12:0 a.m.13 views

Vulnerability of the functions iwl_mvm_tx_skb_sta() and iwl_mvm_tx_mpdu() in Linux kernel, allowing a hacker to cause a service failure

The vulnerability of the iwlmvmtxskbsta and iwlmvmtxmpdu functions in the Linux operating system is related to pointer dereferencing errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00237EPSS
Exploits0References11Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/07/04 12:0 a.m.13 views

The vulnerability of the mwifiexcmd_802_11_scan_ext() function in the drivers/net/wireless/marvell/mwifiex/scan.c file of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the mwifiexcmd80211scanext function in the drivers/net/wireless/marvell/mwifiex/scan.c file of the Linux kernel is related to the copying of buffers without checking the input data. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00246EPSS
Exploits0References17Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/07/03 12:0 a.m.13 views

The vulnerability of the nf_send_reset6() function in the net/ipv6/netfilter/nf_reject_ipv6.c component of the Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the nfsendreset6 function in the net/ipv6/netfilter/nfrejectipv6.c component of the Linux kernel is related to errors during resource release. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.6AI score0.0023EPSS
Exploits0References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/07/03 12:0 a.m.13 views

The vulnerability of the rxrpc component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the rxrpc component in the Linux operating system’s kernel is related to errors during resource release. Exploiting this vulnerability can allow an attacker to cause service failures...

5.5CVSS6.7AI score0.00161EPSS
Exploits0References10Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/07/03 12:0 a.m.13 views

The vulnerability of the bpfTrace.c component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the bpfTrace.c component in the Linux operating system is related to errors during resource release. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00214EPSS
Exploits0References11Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/07/02 12:0 a.m.13 views

The vulnerability of the built-in boa server (/boafrm/formWlSiteSurvey) of TOTOLINK A3002RU router microprogramming software allows a intruder to cause a service failure.

The vulnerability of the built-in boa server /boafrm/formWlSiteSurvey of the TOTOLINK A3002RU router’s microprogramming software is related to the issue of the operation exceeding the buffer boundaries in memory when processing the submit-url parameter. Exploiting this vulnerability allows a...

9CVSS7.8AI score0.00759EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/30 12:0 a.m.13 views

The vulnerability in the LLVM Toolchain development tools, related to reading data beyond the buffer boundary, allows a attacker to trigger a service failure.

The vulnerability of the LLVM Toolchain development tools is related to reading data beyond the allowed buffer size. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.1AI score0.00218EPSS
Exploits0References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/06/25 12:0 a.m.13 views

Vulnerability of the rng_get_data() function in the drivers/char/hw_random/core.c module – A driver for supporting alphanumeric devices in the Linux kernel, which allows a hacker to cause a service failure.

Vulnerability of the rnggetdata function in the drivers/char/hwrandom/core.c module – The Linux kernel’s driver for supporting alphanumeric devices is vulnerable to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.4AI score0.00195EPSS
Exploits0References35Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/06/25 12:0 a.m.13 views

The vulnerability of the WinRAR file archiver, related to incorrect restrictions on the path name of the restricted directory, allows a hacker to execute arbitrary code.

The vulnerability of the WinRAR file archiver is related to incorrect restrictions on the path name of the restricted directory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code upon opening a specially crafted file...

7.8CVSS8AI score0.86192EPSS
Exploits8References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/25 12:0 a.m.13 views

The vulnerabilities of PDF viewing and editing programs such as Acrobat DC, Acrobat Reader DC, Acrobat 2024, Acrobat 2020, and Acrobat Reader 2020 are related to the use of memory after it is freed. This allows attackers to execute arbitrary code.

The vulnerability of PDF viewing and editing programs such as Acrobat DC, Acrobat Reader DC, Acrobat 2024, Acrobat 2020, and Acrobat Reader 2020 is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code in the context of the...

7.8CVSS7.6AI score0.00365EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/06/25 12:0 a.m.13 views

The vulnerability of the diNewExt() function in the fs/jfs/jfs_imap.c module of the JFS file system support in Linux kernel allows a attacker to cause a service failure.

The vulnerability of the diNewExt function in the fs/jfs/jfsimap.c module of the Linux file system support library is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to cause a service failure...

7.8CVSS6.5AI score0.00249EPSS
Exploits0References45Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.13 views

The vulnerability of the nvmet_data_transfer_len() function in the drivers/nvme/target/core.c module of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the nvmetdatatransferlen function in the drivers/nvme/target/core.c module of the Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

4.6CVSS6.5AI score0.00227EPSS
Exploits0References11Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/20 12:0 a.m.13 views

The vulnerability of the Cisco AnyConnect VPN server in the microprogramming software for Cisco Meraki MX and Cisco Meraki Z teleworkers allows a hacker to cause a service outage.

The vulnerability of the Cisco AnyConnect VPN server in the microprogramming software for Cisco Meraki MX and Cisco Meraki Z teleworkers relates to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending...

8.6CVSS5.7AI score0.00505EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/19 12:0 a.m.13 views

The vulnerability of the FileHandler component of the cross-platform 3D model import library Assimp (Open Asset Import Library) allows a hacker to trigger a service failure.

The vulnerability of the FileHandler component of the cross-platform 3D model import library Assimp Open Asset Import Library is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

5.3CVSS6.7AI score0.00245EPSS
Exploits1References10Affected Software7
BDU FSTEC
BDU FSTEC
added 2025/06/19 12:0 a.m.13 views

The vulnerability of the kvm_arch_vcpu_ioctl() function in the arch/x86/kvm/x86.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the kvmarchvcpuioctl function in the arch/x86/kvm/x86.c module of the Linux operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility o...

7.8CVSS6.5AI score0.00247EPSS
Exploits0References21Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/06/19 12:0 a.m.13 views

The vulnerability of the HPIMSGX__init() function in the sound/pci/asihpi/hpimsgx.c module of the asihpi component of the /sound/pci/asihpi/hpimsgx.c kernel of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the HPIMSGXinit function in the sound/pci/asihpi/hpimsgx.c module of the asihpi component of the /sound/pci/asihpi/hpimsgx.c kernel of the Linux operating system is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to compromise the...

7.8CVSS6.8AI score0.0025EPSS
Exploits0References36Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/06/18 12:0 a.m.13 views

Vulnerability eliminated

...

5.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/06/17 12:0 a.m.13 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to unlimited resource distribution, allows a hacker to cause a service failure.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the unlimited distribution of resources during HTTP response processing. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

6.8CVSS5.5AI score0.00649EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/12 12:0 a.m.13 views

The vulnerability of the mrxsmb.sys driver on Microsoft Windows SMB Client operating systems allows a hacker to elevate their privileges and execute arbitrary commands.

The vulnerability of the mrxsmb.sys driver for Microsoft Windows SMB Client operating systems is related to deficiencies in access control due to authentication relaying. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute arbitrary commands remotely...

9CVSS7.9AI score0.64987EPSS
Exploits6References6
BDU FSTEC
BDU FSTEC
added 2025/06/09 12:0 a.m.13 views

The vulnerability of the built-in web server boa (/boafrm/formDMZ) of TOTOLINK X15 router’s microprogramming software allows a perpetrator to execute arbitrary commands or cause service failure.

The vulnerability of the built-in web server boa /boafrm/formDMZ of TOTOLINK X15 router microprogramming software is related to the issue of the operation exceeding the buffer in memory when processing the submit-url parameter. Exploiting this vulnerability allows a remote attacker to execute...

9CVSS8.3AI score0.04066EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/09 12:0 a.m.13 views

The vulnerability of the mptcp_pm_nl_append_new_local_addr() function in the net/mptcp/pm_netlink.c module of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the mptcppmnlAppendNewLocalAddr function in the net/mptcp/pmnetlink.c module of the Linux kernel is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

5.9CVSS6.5AI score0.00135EPSS
Exploits0References14Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/06/05 12:0 a.m.13 views

The vulnerability in the Splunk Web interface of the Splunk Enterprise operating analysis platform allows a perpetrator to execute arbitrary code.

The vulnerability in the Splunk Web interface of the Splunk Enterprise operating analysis platform is related to the lack of security measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

4.3CVSS5.9AI score0.12989EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/06/05 12:0 a.m.13 views

The vulnerability of embedded software developed by Qualcomm, related to the execution of operations outside the buffer in memory, allows attackers to disclose protected information.

The vulnerability of microprogramming software in embedded Qualcomm chips is related to the execution of operations beyond buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to disclose protected information during RTCP protocol processing...

8.5CVSS7.8AI score0.00202EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/06/05 12:0 a.m.13 views

The vulnerability of the getServerCertificate method in the HPE StoreOnce VSA storage virtualized system allows a attacker to execute arbitrary code.

The vulnerability of the getServerCertificate method in the HPE StoreOnce VSA storage virtualized environment is related to the lack of data cleaning measures at the management level. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

9CVSS7.9AI score0.01289EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/28 12:0 a.m.13 views

The vulnerability of the sock_put() function in the net/ipv4/tcp_bpf.c module of the Linux operating system allows a hacker to increase their privileges.

The vulnerability of the sockput function in the net/ipv4/tcpbpf.c module of the Linux kernel relates to the possibility of using memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS6.5AI score0.00273EPSS
Exploits0References17Affected Software7
BDU FSTEC
BDU FSTEC
added 2025/05/26 12:0 a.m.13 views

The vulnerability of the web_rmon_alarm_post_rmon_alarm() function in PLANET Technology’s microcontroller software allows a intruder to compromise the confidentiality and integrity of the protected information.

The vulnerability of the webrmonalarmpostrmonalarm function in PLANET Technology’s microcontroller software is related to buffer overflows in the stack when processing the ownekey parameter. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and integrity of t...

6.5CVSS5.7AI score0.00248EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/26 12:0 a.m.13 views

The vulnerability of the VS6ComFile!MakeItemGlidZahyou() function in the HMI configuration software for Monitouch V-SFT allows a malicious individual to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.

The vulnerability of the VS6ComFile!MakeItemGlidZahyou function in the HMI configuration software for Monitouch V-SFT lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information, execute...

7.8CVSS7.8AI score0.00191EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/26 12:0 a.m.13 views

Vulnerability of the VS6EditData!CDataRomErrorCheck::MacroCommandCheck() function in the HMI configuration software for Monitouch V-SFT: This vulnerability allows an attacker to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.

The vulnerability of the VS6EditData!CDataRomErrorCheck::MacroCommandCheck function in the HMI configuration software for Monitouch V-SFT lies in the possibility of the operation exceeding the buffer limits in memory. Exploiting this vulnerability could allow an attacker to gain unauthorized acce...

7.8CVSS7.7AI score0.00191EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/26 12:0 a.m.13 views

The vulnerability of the Quiz Maker plugin of the WordPress content management system, related to the failure to protect the SQL query structure, allows attackers to execute arbitrary SQL code.

The vulnerability of the Quiz Maker plugin of the WordPress content management system is related to the lack of protection for the SQL query structure when processing the id parameter. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...

7.8CVSS8.2AI score0.00662EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2025/05/26 12:0 a.m.13 views

Vulnerability of the VS6EditData!CGamenDataRom::set_mr400_strc() function in the programming tool for configuring HMI interfaces of Monitouch V-SFT: This allows an attacker to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.

The vulnerability of the VS6EditData!CGamenDataRom::setmr400strc function in the HMI configuration software for Monitouch V-SFT is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected...

7.8CVSS7.8AI score0.00191EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/26 12:0 a.m.13 views

The vulnerability of the web_acl_ipv4BasedAceAdd() function in PLANET Technology’s microprogrammed switching software allows a perpetrator to compromise the confidentiality and integrity of the protected information.

The vulnerability of the webaclipv4BasedAceAdd function in PLANET Technology’s microprogrammed switching software is related to buffer overflows in the stack when processing the ipv4Aclkey parameter. Exploiting this vulnerability can allow an attacker to compromise the confidentiality and integri...

6.5CVSS5.7AI score0.00248EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/25 12:0 a.m.13 views

The vulnerability of the web_snmpv3_remote_engineId_add_post() function in the microprogramming software for PLANET Technology allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the websnmpv3remoteengineIdaddpost function in PLANET Technology’s microprogrammed device software is related to the issue of operations going beyond the buffer boundaries in memory when processing the remoteip parameter. Exploiting this vulnerability could allow a malicious...

10CVSS5.7AI score0.00453EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/23 12:0 a.m.13 views

The vulnerability of the broxton_audio_probe() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the broxtonaudioprobe function in the Linux operating system is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.2AI score0.00181EPSS
Exploits0References7Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/05/23 12:0 a.m.13 views

The vulnerability of SCALANCE W-700 IEEE 802.11ax industrial switches, related to insufficient verification of input data, allows a intruder to execute arbitrary commands.

The vulnerability of SCALANCE W-700 IEEE 802.11ax industrial switches lies in insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

9CVSS5.9AI score0.00767EPSS
Exploits0References2Affected Software17
BDU FSTEC
BDU FSTEC
added 2025/05/23 12:0 a.m.13 views

The vulnerability of the pvr_vm_gpuva_unmap() function in the DRI driver of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the pvrvmgpuvaunmap function in the DRI support driver for the Linux kernel relates to improper memory release before deleting the last pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS7AI score0.00188EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/23 12:0 a.m.13 views

The vulnerability of the dp83822_config_intr() function in the Linux kernel’s Physical Layer support driver allows a hacker to trigger a service failure.

The vulnerability of the dp83822configintr function in the Linux kernel’s Physical Layer support driver is related to pointer manipulation. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.9AI score0.00178EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/23 12:0 a.m.13 views

The vulnerability of the dc_dmub_srv_cmd_run_list() function in the DRI driver for AMD graphics cards with Linux operating systems allows a hacker to cause a service failure.

The vulnerability of the dcdmubsrvcmdrunlist function in the DRI driver for AMD graphics cards with Linux operating systems is related to the lack of checking the return value. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.1AI score0.00194EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/15 12:0 a.m.13 views

The vulnerability of Microsoft Excel spreadsheet editors, Microsoft Office programs, and Microsoft 365 Apps for Enterprise, related to the possibility of using freed memory, allows attackers to execute arbitrary code.

The vulnerability of Microsoft Excel spreadsheet editors, as well as Microsoft Office products and Microsoft 365 Apps for Enterprise, is related to the ability to utilize freed memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code by sending a specially crafted...

7.8CVSS8.2AI score0.00573EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/05/12 12:0 a.m.13 views

The vulnerability of SonicWall SMA 100 series network firewall microprogramming software lies in the lack of access control over critical files and directories. This allows a hacker to delete any file and reset the system to its factory settings.

The vulnerability of SonicWall SMA 100 network firewall microprogramming software is related to the lack of access control over critical files and directories. Exploiting this vulnerability could allow a remote attacker to delete any file and reset the system to its factory settings...

9CVSS8.1AI score0.06787EPSS
Exploits1References4Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/04/30 12:0 a.m.13 views

The vulnerability of the Root Access Control component of the Totolink X2000R microprogramming system allows attackers to carry out cross-site scripting attacks.

The vulnerability of the Root Access Control component of the Totolink X2000R microprogramming system for routers is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

5.5CVSS5.2AI score0.00389EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2025/04/30 12:0 a.m.13 views

The vulnerability of the Jinja HTML templating engine’s compiler allows attackers to bypass the sandbox’s security mechanisms, execute arbitrary code or cause a service failure.

The vulnerability of the Jinja HTML templating engine compiler is related to its failure to properly handle special control elements during f-string processing. Exploiting this vulnerability allows an attacker to bypass the sandbox’s security mechanisms, execute arbitrary code, or cause service...

7.3CVSS6.8AI score0.00301EPSS
Exploits0References10Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/04/28 12:0 a.m.13 views

The vulnerability of the Jenkins automation server lies in the redirection of URLs to an unreliable website, allowing attackers to redirect users to arbitrary URL addresses.

The vulnerability of the Jenkins automation server relates to the redirection of URLs to an unreliable website. Exploiting this vulnerability allows a malicious actor to redirect users to arbitrary URL addresses...

5CVSS5.6AI score0.00581EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/04/23 12:0 a.m.13 views

The vulnerability of the convert() and queryConvert() functions in the collections of POCO libraries for the C++ programming language allows a hacker to execute arbitrary code.

The vulnerability of the convert and queryConvert functions in POCO mobile phones is related to integer overflow. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

10CVSS6.9AI score0.00851EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/04/23 12:0 a.m.13 views

The vulnerability of the SAP NetWeaver software integration platform, related to incorrect authorization, allows a perpetrator to execute arbitrary code.

The vulnerability of the SAP NetWeaver software integration platform is related to incorrect authorization. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

4.3CVSS5.9AI score0.00323EPSS
Exploits0References3
Total number of security vulnerabilities5000