90509 matches found
Vulnerability of the wfxUploadAp_templates() function in the drivers/net/wireless/silabs/wfx/sta.c module – A driver for supporting wireless connection adapters from Silicon Laboratories’ Linux-based operating systems. This vulnerability allows a hacker to cause a service failure.
Vulnerability of the wfxUploadAptemplates function in the drivers/net/wireless/silabs/wfx/sta.c module – The wireless adapter support driver from Silicon Laboratories for Linux operating systems is vulnerable due to a NULL pointer dereferencing issue. Exploiting this vulnerability could allow an...
The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software, related to the occurrence of operations outside the buffer in memory, allows attackers to disclose protected information.
The vulnerability of PDF-XChange Editor’s PDF document viewing and editing functionality lies in the issue of operations going beyond the buffer in memory during the processing of PRC files. Exploiting this vulnerability can allow an attacker to disclose protected information...
The vulnerability of PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO programs relates to the use of memory after it is freed, allowing an attacker to execute arbitrary code.
The vulnerability of PDF viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the use of memory after it is freed during file processing for U3D operations. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO programs relates to the use of memory after it is freed, allowing an attacker to execute arbitrary code.
The vulnerability of PDF viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the use of memory after it is freed during file processing for U3D operations. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the HarmonyOS operating system, related to buffer overflows in the stack, allows a attacker to trigger a service failure.
The vulnerability of the HarmonyOS operating system is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to trigger a service failure...
The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software lies in the possibility of an operation going beyond the buffer in memory, allowing an attacker to execute arbitrary code.
The vulnerability of PDF-XChange Editor’s PDF document viewing and editing functionality lies in the issue of operations going beyond the buffer in memory during the processing of PRC files. Exploiting this vulnerability allows an attacker to execute arbitrary code...
Vulnerability of the functions iwl_mvm_tx_skb_sta() and iwl_mvm_tx_mpdu() in Linux kernel, allowing a hacker to cause a service failure
The vulnerability of the iwlmvmtxskbsta and iwlmvmtxmpdu functions in the Linux operating system is related to pointer dereferencing errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the mwifiexcmd_802_11_scan_ext() function in the drivers/net/wireless/marvell/mwifiex/scan.c file of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the mwifiexcmd80211scanext function in the drivers/net/wireless/marvell/mwifiex/scan.c file of the Linux kernel is related to the copying of buffers without checking the input data. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the nf_send_reset6() function in the net/ipv6/netfilter/nf_reject_ipv6.c component of the Linux kernel allows a hacker to trigger a service failure.
The vulnerability of the nfsendreset6 function in the net/ipv6/netfilter/nfrejectipv6.c component of the Linux kernel is related to errors during resource release. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the rxrpc component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the rxrpc component in the Linux operating system’s kernel is related to errors during resource release. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the bpfTrace.c component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the bpfTrace.c component in the Linux operating system is related to errors during resource release. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the built-in boa server (/boafrm/formWlSiteSurvey) of TOTOLINK A3002RU router microprogramming software allows a intruder to cause a service failure.
The vulnerability of the built-in boa server /boafrm/formWlSiteSurvey of the TOTOLINK A3002RU router’s microprogramming software is related to the issue of the operation exceeding the buffer boundaries in memory when processing the submit-url parameter. Exploiting this vulnerability allows a...
The vulnerability in the LLVM Toolchain development tools, related to reading data beyond the buffer boundary, allows a attacker to trigger a service failure.
The vulnerability of the LLVM Toolchain development tools is related to reading data beyond the allowed buffer size. Exploiting this vulnerability could allow an attacker to cause a service failure...
Vulnerability of the rng_get_data() function in the drivers/char/hw_random/core.c module – A driver for supporting alphanumeric devices in the Linux kernel, which allows a hacker to cause a service failure.
Vulnerability of the rnggetdata function in the drivers/char/hwrandom/core.c module – The Linux kernel’s driver for supporting alphanumeric devices is vulnerable to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the WinRAR file archiver, related to incorrect restrictions on the path name of the restricted directory, allows a hacker to execute arbitrary code.
The vulnerability of the WinRAR file archiver is related to incorrect restrictions on the path name of the restricted directory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code upon opening a specially crafted file...
The vulnerabilities of PDF viewing and editing programs such as Acrobat DC, Acrobat Reader DC, Acrobat 2024, Acrobat 2020, and Acrobat Reader 2020 are related to the use of memory after it is freed. This allows attackers to execute arbitrary code.
The vulnerability of PDF viewing and editing programs such as Acrobat DC, Acrobat Reader DC, Acrobat 2024, Acrobat 2020, and Acrobat Reader 2020 is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code in the context of the...
The vulnerability of the diNewExt() function in the fs/jfs/jfs_imap.c module of the JFS file system support in Linux kernel allows a attacker to cause a service failure.
The vulnerability of the diNewExt function in the fs/jfs/jfsimap.c module of the Linux file system support library is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the nvmet_data_transfer_len() function in the drivers/nvme/target/core.c module of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the nvmetdatatransferlen function in the drivers/nvme/target/core.c module of the Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Cisco AnyConnect VPN server in the microprogramming software for Cisco Meraki MX and Cisco Meraki Z teleworkers allows a hacker to cause a service outage.
The vulnerability of the Cisco AnyConnect VPN server in the microprogramming software for Cisco Meraki MX and Cisco Meraki Z teleworkers relates to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending...
The vulnerability of the FileHandler component of the cross-platform 3D model import library Assimp (Open Asset Import Library) allows a hacker to trigger a service failure.
The vulnerability of the FileHandler component of the cross-platform 3D model import library Assimp Open Asset Import Library is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the kvm_arch_vcpu_ioctl() function in the arch/x86/kvm/x86.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the kvmarchvcpuioctl function in the arch/x86/kvm/x86.c module of the Linux operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility o...
The vulnerability of the HPIMSGX__init() function in the sound/pci/asihpi/hpimsgx.c module of the asihpi component of the /sound/pci/asihpi/hpimsgx.c kernel of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the HPIMSGXinit function in the sound/pci/asihpi/hpimsgx.c module of the asihpi component of the /sound/pci/asihpi/hpimsgx.c kernel of the Linux operating system is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to compromise the...
Vulnerability eliminated
...
The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to unlimited resource distribution, allows a hacker to cause a service failure.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the unlimited distribution of resources during HTTP response processing. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
The vulnerability of the mrxsmb.sys driver on Microsoft Windows SMB Client operating systems allows a hacker to elevate their privileges and execute arbitrary commands.
The vulnerability of the mrxsmb.sys driver for Microsoft Windows SMB Client operating systems is related to deficiencies in access control due to authentication relaying. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute arbitrary commands remotely...
The vulnerability of the built-in web server boa (/boafrm/formDMZ) of TOTOLINK X15 router’s microprogramming software allows a perpetrator to execute arbitrary commands or cause service failure.
The vulnerability of the built-in web server boa /boafrm/formDMZ of TOTOLINK X15 router microprogramming software is related to the issue of the operation exceeding the buffer in memory when processing the submit-url parameter. Exploiting this vulnerability allows a remote attacker to execute...
The vulnerability of the mptcp_pm_nl_append_new_local_addr() function in the net/mptcp/pm_netlink.c module of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the mptcppmnlAppendNewLocalAddr function in the net/mptcp/pmnetlink.c module of the Linux kernel is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability in the Splunk Web interface of the Splunk Enterprise operating analysis platform allows a perpetrator to execute arbitrary code.
The vulnerability in the Splunk Web interface of the Splunk Enterprise operating analysis platform is related to the lack of security measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of embedded software developed by Qualcomm, related to the execution of operations outside the buffer in memory, allows attackers to disclose protected information.
The vulnerability of microprogramming software in embedded Qualcomm chips is related to the execution of operations beyond buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to disclose protected information during RTCP protocol processing...
The vulnerability of the getServerCertificate method in the HPE StoreOnce VSA storage virtualized system allows a attacker to execute arbitrary code.
The vulnerability of the getServerCertificate method in the HPE StoreOnce VSA storage virtualized environment is related to the lack of data cleaning measures at the management level. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the sock_put() function in the net/ipv4/tcp_bpf.c module of the Linux operating system allows a hacker to increase their privileges.
The vulnerability of the sockput function in the net/ipv4/tcpbpf.c module of the Linux kernel relates to the possibility of using memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the web_rmon_alarm_post_rmon_alarm() function in PLANET Technology’s microcontroller software allows a intruder to compromise the confidentiality and integrity of the protected information.
The vulnerability of the webrmonalarmpostrmonalarm function in PLANET Technology’s microcontroller software is related to buffer overflows in the stack when processing the ownekey parameter. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and integrity of t...
The vulnerability of the VS6ComFile!MakeItemGlidZahyou() function in the HMI configuration software for Monitouch V-SFT allows a malicious individual to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.
The vulnerability of the VS6ComFile!MakeItemGlidZahyou function in the HMI configuration software for Monitouch V-SFT lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information, execute...
Vulnerability of the VS6EditData!CDataRomErrorCheck::MacroCommandCheck() function in the HMI configuration software for Monitouch V-SFT: This vulnerability allows an attacker to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.
The vulnerability of the VS6EditData!CDataRomErrorCheck::MacroCommandCheck function in the HMI configuration software for Monitouch V-SFT lies in the possibility of the operation exceeding the buffer limits in memory. Exploiting this vulnerability could allow an attacker to gain unauthorized acce...
The vulnerability of the Quiz Maker plugin of the WordPress content management system, related to the failure to protect the SQL query structure, allows attackers to execute arbitrary SQL code.
The vulnerability of the Quiz Maker plugin of the WordPress content management system is related to the lack of protection for the SQL query structure when processing the id parameter. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...
Vulnerability of the VS6EditData!CGamenDataRom::set_mr400_strc() function in the programming tool for configuring HMI interfaces of Monitouch V-SFT: This allows an attacker to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.
The vulnerability of the VS6EditData!CGamenDataRom::setmr400strc function in the HMI configuration software for Monitouch V-SFT is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected...
The vulnerability of the web_acl_ipv4BasedAceAdd() function in PLANET Technology’s microprogrammed switching software allows a perpetrator to compromise the confidentiality and integrity of the protected information.
The vulnerability of the webaclipv4BasedAceAdd function in PLANET Technology’s microprogrammed switching software is related to buffer overflows in the stack when processing the ipv4Aclkey parameter. Exploiting this vulnerability can allow an attacker to compromise the confidentiality and integri...
The vulnerability of the web_snmpv3_remote_engineId_add_post() function in the microprogramming software for PLANET Technology allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the websnmpv3remoteengineIdaddpost function in PLANET Technology’s microprogrammed device software is related to the issue of operations going beyond the buffer boundaries in memory when processing the remoteip parameter. Exploiting this vulnerability could allow a malicious...
The vulnerability of the broxton_audio_probe() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the broxtonaudioprobe function in the Linux operating system is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of SCALANCE W-700 IEEE 802.11ax industrial switches, related to insufficient verification of input data, allows a intruder to execute arbitrary commands.
The vulnerability of SCALANCE W-700 IEEE 802.11ax industrial switches lies in insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the pvr_vm_gpuva_unmap() function in the DRI driver of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the pvrvmgpuvaunmap function in the DRI support driver for the Linux kernel relates to improper memory release before deleting the last pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the dp83822_config_intr() function in the Linux kernel’s Physical Layer support driver allows a hacker to trigger a service failure.
The vulnerability of the dp83822configintr function in the Linux kernel’s Physical Layer support driver is related to pointer manipulation. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the dc_dmub_srv_cmd_run_list() function in the DRI driver for AMD graphics cards with Linux operating systems allows a hacker to cause a service failure.
The vulnerability of the dcdmubsrvcmdrunlist function in the DRI driver for AMD graphics cards with Linux operating systems is related to the lack of checking the return value. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of Microsoft Excel spreadsheet editors, Microsoft Office programs, and Microsoft 365 Apps for Enterprise, related to the possibility of using freed memory, allows attackers to execute arbitrary code.
The vulnerability of Microsoft Excel spreadsheet editors, as well as Microsoft Office products and Microsoft 365 Apps for Enterprise, is related to the ability to utilize freed memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code by sending a specially crafted...
The vulnerability of SonicWall SMA 100 series network firewall microprogramming software lies in the lack of access control over critical files and directories. This allows a hacker to delete any file and reset the system to its factory settings.
The vulnerability of SonicWall SMA 100 network firewall microprogramming software is related to the lack of access control over critical files and directories. Exploiting this vulnerability could allow a remote attacker to delete any file and reset the system to its factory settings...
The vulnerability of the Root Access Control component of the Totolink X2000R microprogramming system allows attackers to carry out cross-site scripting attacks.
The vulnerability of the Root Access Control component of the Totolink X2000R microprogramming system for routers is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
The vulnerability of the Jinja HTML templating engine’s compiler allows attackers to bypass the sandbox’s security mechanisms, execute arbitrary code or cause a service failure.
The vulnerability of the Jinja HTML templating engine compiler is related to its failure to properly handle special control elements during f-string processing. Exploiting this vulnerability allows an attacker to bypass the sandbox’s security mechanisms, execute arbitrary code, or cause service...
The vulnerability of the Jenkins automation server lies in the redirection of URLs to an unreliable website, allowing attackers to redirect users to arbitrary URL addresses.
The vulnerability of the Jenkins automation server relates to the redirection of URLs to an unreliable website. Exploiting this vulnerability allows a malicious actor to redirect users to arbitrary URL addresses...
The vulnerability of the convert() and queryConvert() functions in the collections of POCO libraries for the C++ programming language allows a hacker to execute arbitrary code.
The vulnerability of the convert and queryConvert functions in POCO mobile phones is related to integer overflow. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...
The vulnerability of the SAP NetWeaver software integration platform, related to incorrect authorization, allows a perpetrator to execute arbitrary code.
The vulnerability of the SAP NetWeaver software integration platform is related to incorrect authorization. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...