Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2025/03/18 12:0 a.m.13 views

The vulnerability of the FortiClient for MAC installer allows a perpetrator to execute arbitrary commands.

The vulnerability of the FortiClient for MAC installer is related to improper external management of the file name or path to the /tmp directory. Exploiting this vulnerability allows an attacker to execute arbitrary commands...

8.2CVSS6.1AI score0.00262EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/18 12:0 a.m.13 views

Vulnerability of the lm3554_probe() function in the drivers/staging/media/atomisp/i2c/atomisp-lm3554.c module – A driver for supporting Intel Atom-based devices in the Linux operating system, which allows an attacker to gain access to protected information.

Vulnerability of the lm3554probe function in the drivers/staging/media/atomisp/i2c/atomisp-lm3554.c module – The driver for Intel Atom-based devices in the Linux operating system is vulnerable to a memory leak before the last reference is freed. Exploiting this vulnerability could allow an attack...

5.5CVSS5.5AI score0.00222EPSS
Exploits0References15Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/03/18 12:0 a.m.13 views

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to reading beyond the buffer in memory, allows a perpetrator to execute arbitrary code.

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment related to buffer overflow attacks involves reading data beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to execute...

7.8CVSS6.3AI score0.00153EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/03/17 12:0 a.m.13 views

The vulnerability of the fromAdvSetMacMtuWan() function in the Tenda AC9 router’s software allows a hacker to execute arbitrary code or cause service failures.

The vulnerability of the fromAdvSetMacMtuWan function in the Tenda AC9 router’s microprogramming software is related to the buffer overflow attack when processing the wanMTU parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause service failures...

10CVSS6.4AI score0.01658EPSS
Exploits3References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/17 12:0 a.m.13 views

Vulnerability of the siw_create_listen() function in the drivers/infiniband/sw/siw/siw_cm.c module – the Linux kernel’s InfiniBand support driver, which allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the siwcreatelisten function in the drivers/infiniband/sw/siw/siwcm.c module – The Linux kernel’s InfiniBand support driver is vulnerable due to the repeated use of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality...

7.8CVSS6.7AI score0.00208EPSS
Exploits0References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/03/17 12:0 a.m.13 views

The vulnerability of the corporate messaging system ROSSAT, related to insufficient protection of operational data, allows a perpetrator to gain unauthorized access to read, modify, or delete data.

The vulnerability of the corporate messaging system ROSSAT is related to insufficient protection of operational data. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to read, modify, or delete data by sending a specially crafted GET request...

10CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/24 12:0 a.m.13 views

The vulnerabilities of the s390/sclp components of the Linux operating system’s kernel, which allow a hacker to cause a service failure

The vulnerability of the s390/sclp components of the Linux operating system’s kernel is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...

5.5CVSS6.9AI score0.00218EPSS
Exploits0References39Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/02/24 12:0 a.m.13 views

The vulnerability of the Mongoose library, related to the lack of protection for SQL query structures, allows attackers to execute arbitrary code and gain access to read and modify data.

The vulnerability of the Mongoose library relates to the lack of protection for the SQL query structure when the $where operator is used. Exploiting this vulnerability allows an attacker to execute arbitrary code and gain access to read and modify data...

9.4CVSS8.5AI score0.03988EPSS
Exploits3References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/18 12:0 a.m.13 views

The vulnerability of the ethtool component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the ethtool component in the Linux operating system’s kernel is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...

4.7CVSS6.5AI score0.00244EPSS
Exploits0References42Affected Software7
BDU FSTEC
BDU FSTEC
added 2025/02/18 12:0 a.m.13 views

The vulnerability of the soc component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the soc component in the Linux operating system’s kernel is related to incorrect validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.1AI score0.00164EPSS
Exploits0References32Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/02/16 12:0 a.m.13 views

The vulnerability of the verify_url_valid() function in the Activitypub-Federation framework, a platform for creating and managing communities in the Lemmy ecosystem, allows attackers to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerability of the verifyurlvalid function in the Activitypub-Federation framework, a platform for creating and managing communities in the Lemmy community, is related to insufficient validation of requests on the server side. Exploiting this vulnerability could allow an attacker to bypass...

4CVSS5.5AI score0.00406EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/02/16 12:0 a.m.13 views

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to execute arbitrary code or cause service interruptions.

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a denial-of-service attack through a specially crafted HTML page...

7.5CVSS8.1AI score0.0046EPSS
Exploits0References12Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/02/16 12:0 a.m.13 views

The vulnerability of the platform’s management interface for deploying and managing LoadMaster applications allows a perpetrator to execute arbitrary commands.

The vulnerability of the platform’s management interface for deploying and managing LoadMaster applications is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using a specially created HTTP request...

8.4CVSS8.2AI score0.00603EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/02/14 12:0 a.m.13 views

The vulnerability of Mendix LDAP module in the deployment and application testing software platform of Mendix allows a hacker to bypass security restrictions.

The vulnerability of Mendix LDAP in the software deployment and application testing platform relates to the failure to eliminate special elements in LDAP requests. Exploiting this vulnerability allows a malicious actor to bypass security restrictions remotely...

7.4CVSS5.4AI score0.00481EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/14 12:0 a.m.13 views

The vulnerability in the software web interface for controlling power supply units like PowerChute Serial Shutdown allows a intruder to trigger a service failure.

The vulnerability in the software web interface for controlling power supply units like PowerChute Serial Shutdown is related to improper authentication. Exploiting this vulnerability could allow an attacker, operating remotely, to cause a service failure...

5.3CVSS5.5AI score0.00978EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/14 12:0 a.m.13 views

The vulnerability of the eeh_pe_bus_get() function (arch/powerpc/kernel/eeh_pe.c) in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the eehpebusget function arch/powerpc/kernel/eehpe.c in the Linux operating system is related to improper locking of resources. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00228EPSS
Exploits0References47Affected Software7
BDU FSTEC
BDU FSTEC
added 2025/02/14 12:0 a.m.13 views

The vulnerability of the user interface of Kubernets Rancher cluster management software allows a attacker to perform XSS attacks.

The vulnerability of the user interface of Kubernets Rancher cluster management software is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

8.9CVSS7AI score0.00505EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/13 12:0 a.m.13 views

The vulnerability of the Kernel Streaming WOW Thunk Service Driver (ksthunk.sys) in Windows operating systems, which allows a hacker to increase their privileges

The vulnerability of the Kernel Streaming WOW Thunk Service Driver ksthunk.sys in Windows operating systems is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

7.8CVSS8.1AI score0.00602EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/02/13 12:0 a.m.13 views

The vulnerability of Microsoft Office and Microsoft 365 Apps for Enterprise packages lies in their ability to exploit memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Office and Microsoft 365 Apps for Enterprise packages relates to the possibility of using memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS8.1AI score0.00726EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/02/13 12:0 a.m.13 views

The vulnerability of the formSetClientState function in the Tenda AC18 router software allows a attacker to trigger a service failure or execute arbitrary code.

The vulnerability of the formSetClientState function in the Tenda AC18 router software is related to buffer overflows in the stack when processing the limitSpeedUp parameter. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code using a specially...

10CVSS8.7AI score0.00655EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/13 12:0 a.m.13 views

The vulnerability of the Windows Win32 Kernel subsystem in operating systems allows attackers to increase their privileges.

The vulnerability of the Windows Win32 Kernel subsystem in operating systems involves the possibility of exploiting memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS7.6AI score0.00602EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/02/13 12:0 a.m.13 views

The vulnerability of the installer for Microsoft Visual Studio allows a hacker to increase their privileges.

The vulnerability of the installer of the Microsoft Visual Studio software is related to an uncontrolled element in the search process. Exploiting this vulnerability can allow a perpetrator to enhance their privileges...

7.3CVSS7.7AI score0.00646EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/02/12 12:0 a.m.13 views

The vulnerability of the Etcd configuration store, related to insufficient protection for service data, allows a perpetrator to gain unauthorized access to the protected information.

The vulnerability of the Etcd configuration store is related to insufficient protection for service data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

4.3CVSS6.5AI score0.00744EPSS
Exploits0References6Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/02/06 12:0 a.m.13 views

The vulnerability of the CMSimple content management system’s link validation function allows attackers to perform SSRF attacks.

The vulnerability of the CMSimple content management system’s link validation function is related to insufficient protection of operational data. Exploiting this vulnerability could allow a malicious actor to carry out an SSRF attack remotely...

7.8CVSS5.4AI score0.00559EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/03 12:0 a.m.13 views

The vulnerability of the ALSA kernel component in Linux operating systems, which allows a hacker to cause a service failure

The vulnerability of the ALSA kernel component in Linux operating systems is related to improper validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures...

5.5CVSS6.4AI score0.00224EPSS
Exploits0References14Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/01/30 12:0 a.m.13 views

The vulnerability of the CFileNameAttr::Parse() function in the NtfsHandler.cpp file of the 7-Zip archive tool allows a hacker to load arbitrary files and gain unauthorized access to protected information.

The vulnerability of the CFileNameAttr::Parse function in the NtfsHandler.cpp file of the 7-Zip archive processor is related to the occurrence of operations outside the buffer in memory, due to incorrect processing of two-byte elements in the NTFS file system. Exploiting this vulnerability allows...

8.5CVSS7.6AI score0.00989EPSS
Exploits1References8Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/01/22 12:0 a.m.13 views

The vulnerability of SpagoBI’s web interface for automating business processes allows a perpetrator to execute arbitrary code.

The vulnerability of SpagoBI’s web interface for automating business processes is related to the failure to take measures to neutralize special elements used in the command input field. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by injecting a specially craft...

9.1CVSS8.2AI score0.12829EPSS
Exploits3References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/20 12:0 a.m.13 views

The vulnerability of the QuTS operating systems and QTS network devices from Qnap, related to the failure to eliminate CRLF sequences, allows attackers to execute arbitrary code.

The vulnerability of the QuTS operating systems and QTS network devices involves a lack of measures to neutralize CRLF sequences. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

6.5CVSS5.9AI score0.00495EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/01/20 12:0 a.m.13 views

The vulnerability of the Elasticsearch search system, related to incorrect authorization, allows a perpetrator to gain access to protected information.

The vulnerability of the Elasticsearch search engine is related to incorrect authentication. Exploiting this vulnerability can allow a malicious actor to gain access to protected information...

4.3CVSS6.5AI score0.00393EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/15 12:0 a.m.13 views

The vulnerability of the Drupal Private Content CMS system, related to improper privilege assignment, allows attackers to bypass security restrictions and gain unauthorized access to protected information.

The vulnerability of the Drupal Content Management System’s Private Content module is related to the improper assignment of privileges. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain unauthorized access to protected information...

6.5CVSS5.5AI score0.00182EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/15 12:0 a.m.13 views

The vulnerability of the Opigno CMS system’s module, related to errors in processing input data during syntax analysis of code, allows attackers to execute arbitrary code.

The vulnerability of the Opigno CMS system’s module is related to errors in data processing during syntax analysis of the code. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.5CVSS5.9AI score0.00451EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/14 12:0 a.m.13 views

The vulnerability of the Minify JS module in Drupal CMS systems, related to the manipulation of cross-site requests, allows attackers to execute CSRF attacks.

The vulnerability of the Minify JS module in Drupal CMS systems is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to execute a CSRF attack remotely...

6.8CVSS5.4AI score0.00167EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.13 views

The vulnerability of the hci_user_confirm_request_evt() function in the net/bluetooth/hci_event.c module of the Linux operating system allows a intruder to compromise the confidentiality of the protected information.

The vulnerability of the hciuserconfirmrequestevt function in the net/bluetooth/hcievent.c module of the Linux kernel is related to improper authorization. Exploiting this vulnerability could allow an attacker to compromise the confidentiality of protected information...

7.8CVSS6.7AI score0.00256EPSS
Exploits0References20Affected Software7
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.13 views

The vulnerability in the web interface for managing device information on the Cisco Common Services Platform Collector allows a attacker to perform XSS attacks.

The vulnerability in the web interface for collecting device information on Cisco Common Services Platform Collector CSPC is related to the failure to remove unacceptable symbols from identifiers on web pages. Exploiting this vulnerability allows a remote attacker to perform XSS attacks...

5.5CVSS5.5AI score0.00357EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/01/11 12:0 a.m.13 views

The vulnerability of the scpi_dvfs_get_info() function in the System Control and Power Interface (SCPI) Message Protocol Driver (drivers/firmware/arm_scpi.c) in Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the scpidvfsgetinfo function in the System Control and Power Interface SCPI Message Protocol Driver drivers/firmware/armscpi.c in Linux kernel systems is related to a pointer arithmetic error. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00225EPSS
Exploits0References30Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/01/03 12:0 a.m.13 views

The vulnerability of the stream_enc regs() function in the Direct Rendering Manager (DRM) subsystem of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the streamenc regs function in the Direct Rendering Manager DRM subsystem of the Linux kernel is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

4.6CVSS7AI score0.00248EPSS
Exploits0References28Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/12/27 12:0 a.m.13 views

The vulnerability of the CI/CD application integration and delivery system provided by JetBrains TeamCity, related to insufficient protection of registration data, allows attackers to disclose protected information.

The vulnerability of the Continuous Integration and Deployment application delivery system CI/CD of TeamCity in JetBrains is related to insufficient protection for registration data. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...

7.5CVSS5.4AI score0.00294EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/26 12:0 a.m.13 views

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the execution of operations beyond the buffer in memory when processing WRL files. Exploiting this vulnerability could allow an attacker to...

7.8CVSS7.9AI score0.00255EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/12/26 12:0 a.m.13 views

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment related to pointer assignment errors allows a perpetrator to trigger a service failure.

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment related to simulation modeling of systems and processes is linked to errors in the assignment of pointers during the processing of WRL files. Exploiting...

3.3CVSS5.5AI score0.00164EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/12/26 12:0 a.m.13 views

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the issue where operations exceed the buffer boundaries in memory when processing WRL files. Exploiting this vulnerability could allow an...

7.8CVSS6.1AI score0.00237EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/12/26 12:0 a.m.13 views

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the execution of operations beyond the buffer in memory when processing WRL files. Exploiting this vulnerability can allow an attacker to execu...

7.8CVSS6.3AI score0.06222EPSS
Exploits1References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/12/26 12:0 a.m.13 views

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the execution of operations beyond the buffer in memory when processing WRL files. Exploiting this vulnerability can allow an attacker to execu...

7.8CVSS6.3AI score0.00237EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/12/20 12:0 a.m.13 views

The vulnerability of the cdc-wdm component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the cdc-wdm component in the Linux operating system’s kernel is related to incorrect blocking in the wdmintcallback function. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.00294EPSS
Exploits0References49Affected Software7
BDU FSTEC
BDU FSTEC
added 2024/12/03 12:0 a.m.13 views

The vulnerability of Kanboard project management software lies in the improper limitation of the path name to the restricted access directory. This allows attackers to read and delete any files from the server.

The vulnerability of Kanboard project management software is related to incorrect restrictions on the path to the restricted access catalog. Exploiting this vulnerability allows a malicious actor to remotely read and delete any files from the server...

9.1CVSS5.5AI score0.00816EPSS
Exploits1References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/12/02 12:0 a.m.13 views

The vulnerability of the ping_v4 and ping_v6 functions of D-Link DIR-820L router microprogramming software, allowing a hacker to execute arbitrary commands.

The vulnerability of the pingv4 and pingv6 functions in D-Link DIR-820L router microprogramming software is related to the lack of measures taken at the control level when processing the pingaddr parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

8CVSS5.9AI score0.00835EPSS
Exploits1References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/02 12:0 a.m.13 views

The vulnerability of the SAP NetWeaver AS Java software integration platform lies in the absence of authentication procedures, which allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of SAP NetWeaver AS Java software-based integration platforms is related to the absence of authentication procedures. Exploiting this vulnerability allows a malicious actor to remotely compromise the confidentiality and integrity of the protected information...

6.5CVSS5.5AI score0.0026EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/11/29 12:0 a.m.13 views

The vulnerability of the library for optimizing machine learning models in Intel Neural Compressor allows attackers to exploit it to increase their privileges. This vulnerability stems from insufficient validation of input data.

The vulnerability of the library for optimizing machine learning models in Intel Neural Compressor is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to gain increased privileges...

5.5CVSS5.5AI score0.00251EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.13 views

The vulnerability of the Firmware Update Handler component of the Siemens SINEMA Remote Connect server allows a hacker to gain increased privileges.

The vulnerability of the Firmware Update Handler component in Siemens SINEMA Remote Connect relates to the creation of temporary files with insecure permissions. Exploiting this vulnerability can allow a remote attacker to increase their privileges...

9.9CVSS7.3AI score0.00475EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.13 views

The vulnerability of the M-Files Server platform for automating document processing in Windows operating systems stems from deficiencies in the authentication process. This allows attackers to bypass the authentication process and gain increased privileges.

The vulnerability of the M-Files Server platform for automating document processing in Windows operating systems is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass the authentication process and gain increased privileges...

10CVSS5.5AI score0.00597EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/21 12:0 a.m.13 views

The vulnerability of the enetc component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the enetc component in the Linux operating system’s kernel is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.9AI score0.00225EPSS
Exploits0References13Affected Software3
Total number of security vulnerabilities5000