Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2023/09/29 12:0 a.m.13 views

Vulnerabilities of functions nftFlushTable(), nfTablesDelChain(), nfTablesNewRule(), nfTablesDelRule(), and __nftReleaseTable() in Linux kernel, which allow attackers to compromise the confidentiality, integrity, and accessibility of protected information, or enhance their privileges.

The vulnerabilities of the functions nftFlushTable, nfTablesDelChain, nfTablesNewRule, nfTablesDelRule, and nftReleaseTable in the Linux kernel are related to the reutilization of previously freed memory. Exploiting these vulnerabilities can allow an attacker to compromise the confidentiality,...

6.6CVSS6.5AI score0.0035EPSS
Exploits0References16Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/09/28 12:0 a.m.13 views

The vulnerability of the U3D File Parser component in the PDF-XChange PDF document viewing and editing software allows a hacker to execute arbitrary code.

The vulnerability of the U3D File Parser component in the PDF-XChange PDF viewing and editing software is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS7.9AI score0.00406EPSS
Exploits0References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/09/26 12:0 a.m.13 views

The vulnerability of Google Chrome’s user tabs allows a hacker to replace the user’s interface.

The vulnerability of Google Chrome’s user tabs is related to improperly implemented security checks for standard elements. Exploiting this vulnerability allows a malicious actor to replace the user interface with a specially created HTML page...

5CVSS5.5AI score0.00663EPSS
Exploits0References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/09/11 12:0 a.m.13 views

The vulnerability of the SafeHtml validator in the Hibernate Validator library allows attackers to perform cross-site scripting attacks.

The vulnerability in the SafeHtml validator of the Hibernate Validator library relates to the lack of measures taken to protect the structure of web pages during the processing of HTML content. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks...

6.5CVSS6.5AI score0.02167EPSS
Exploits0References14Affected Software7
BDU FSTEC
BDU FSTEC
added 2023/08/03 12:0 a.m.13 views

The vulnerability of Cisco AsyncOS operating system’s scanning mechanism for Cisco Secure Web Appliances allows attackers to circumvent traffic blocking rules.

The vulnerability of the Cisco AsyncOS operating system’s scanning mechanism for the Cisco Secure Web Appliance is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to circumvent traffic blocking rules when encoding types such as deflate, lzma,...

8.6CVSS5.9AI score0.00476EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/08/01 12:0 a.m.13 views

The vulnerability of the Visual Analyzer component of the Oracle Business Intelligence Enterprise Edition software platform allows a malicious individual to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the Visual Analyzer component of the Oracle Business Intelligence Enterprise Edition software is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or to modify, add, or delete...

5.5CVSS6.9AI score0.00308EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/07/20 12:0 a.m.13 views

The software of Cobalt Ashlar-Vellum has vulnerabilities that allow a hacker to execute arbitrary code.

The vulnerability of the Cobalt Ashlar-Vellum software for parametric automated design and 3D modeling is related to the use of an unreliable pointer. Exploiting this vulnerability allows a attacker to execute arbitrary code...

7.8CVSS7.5AI score0.00399EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/07/20 12:0 a.m.13 views

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to trigger a service failure or execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to access to resources through incompatible types. Exploiting this vulnerability can allow a malicious actor to cause service failures or execute arbitrary code using a specially crafted HTML page...

10CVSS8AI score0.23855EPSS
Exploits1References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.13 views

The vulnerability of the IBM DB2 database management system, related to insufficient validation of input data, allows a hacker to trigger a service failure.

The vulnerability of the IBM DB2 database management system is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to cause service interruptions by sending a specially crafted SQL query...

7.8CVSS7.3AI score0.01018EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.13 views

The vulnerability of D-Link DSL-3782 router’s microprogramming software allows a hacker to bypass the authentication process and gain access to confidential information.

The vulnerability of the D-Link DSL-3782 router’s microprogramming software is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass the authentication process and gain access to confidential information through a specially crafted...

10CVSS7.7AI score0.13282EPSS
Exploits5References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/05/22 12:0 a.m.13 views

Vulnerability of the Decompression Enumeration function in Uncompressor::UncompressItem. This compression tool for XML data allows attackers to execute arbitrary code.

Vulnerability of Decompression Enumeration function: Uncompressor::UncompressItem, an XML data compression tool, is vulnerable to a memory boundary error during XML file processing. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

8.1CVSS7.8AI score0.02545EPSS
Exploits1References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/05/17 12:0 a.m.13 views

The vulnerability of the nf_tables_commit() function in the kernel’s net/netfilter/nf_tables_api.c file in the Linux operating system allows a attacker to compromise data confidentiality, integrity, and accessibility, or to enhance their privileges within the system and execute arbitrary code.

The vulnerability of the nftablescommit function in the net/netfilter/nftablesapi.c module of the Linux operating system is related to improper deletion of a list. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of data, or to...

7.8CVSS6.8AI score0.12966EPSS
Exploits7References22Affected Software7
BDU FSTEC
BDU FSTEC
added 2023/03/01 12:0 a.m.13 views

The vulnerability of the BIOS microprogramming system of AMD processors allows attackers to compromise the integrity and accessibility of protected information.

The vulnerability of AMD microprocessor BIOS microprogramming systems lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to compromise the integrity and accessibility of protected information...

7.1CVSS7.4AI score0.0018EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/02/27 12:0 a.m.13 views

The vulnerability of the Microsoft .NET Framework software platform, related to improper cleaning or release of resources, allows a perpetrator to cause a service failure.

The vulnerability of the Microsoft .NET Framework software platform is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause service failures...

4.4CVSS6.6AI score0.00917EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/02/27 12:0 a.m.13 views

The vulnerability of Microsoft Exchange Server servers, related to the use of dangerous methods or functions, allows attackers to execute arbitrary code.

The vulnerability of Microsoft Exchange Server servers is related to the use of dangerous methods or functions. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

9CVSS8.5AI score0.62104EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/02/06 12:0 a.m.13 views

The vulnerability of the microprogrammed software of D-Link DAP-2020 and DAP-1360 allows a intruder to execute arbitrary code.

The vulnerability of D-Link DAP-2020 and DAP-1360 wireless access points’ microprogramming software is related to buffer overflow attacks on the stack. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

8.8CVSS6.3AI score
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/12/29 12:0 a.m.13 views

The vulnerability of the wireless network driver WILC1000 for Linux operating systems allows a hacker to trigger a service failure or increase the level of privileges.

The vulnerability of the wireless network driver WILC1000 drivers/net/wireless/microchip/wilc1000/hif.c in the Linux kernel is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure or increase...

7.1CVSS7AI score0.00307EPSS
Exploits0References36Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.13 views

The vulnerability of the uapi_finalize() function in the drivers/infiniband/core/uverbs_uapi.c file of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the uapifinalize function in the drivers/infiniband/core/uverbsuapi.c file of the Linux kernel is related to a pointer dereferencing error. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.00214EPSS
Exploits0References12Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.13 views

The vulnerability of the Profiles component in the Google Chrome browser allows a hacker to execute arbitrary code.

The vulnerability of the Profiles component in Google Chrome browser relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS8AI score0.00612EPSS
Exploits0References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.13 views

The vulnerability of the malidp_crtc_reset() function in the Linux kernel’s drivers/gpu/drm/arm/malidp_crtc.c file allows a hacker to trigger a service failure or increase their privileges.

The vulnerability of the malidpcrtcreset function in the Linux kernel’s drivers/gpu/drm/arm/malidpcrtc.c file is related to a pointer arithmetic error. Exploiting this vulnerability could allow an attacker to cause system failures or gain increased privileges...

5.5CVSS6.7AI score0.00217EPSS
Exploits0References15Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/12/19 12:0 a.m.13 views

The vulnerability of the Microsoft Outlook email client for the MacOS operating system, related to information representation errors in the user interface, allows attackers to perform spearishing attacks.

The vulnerability of the Microsoft Outlook email client for the MacOS operating system is related to information representation errors in the user interface. Exploiting this vulnerability allows a malicious actor to carry out spear-phishing attacks using a specially created email message...

7.8CVSS7.3AI score0.01488EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/12/19 12:0 a.m.13 views

The vulnerability of the devredir_proc_client_devlist_announce_req() function on the XRDP server allows a hacker to execute arbitrary code.

The vulnerability of the devredirprocclientdevlistannouncereq function on the XRDP server is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS7.6AI score0.00847EPSS
Exploits0References12Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/12/16 12:0 a.m.13 views

The vulnerability of the Microsoft Dynamics CRM resource planning software lies in the lack of measures taken to protect the SQL query structure, allowing attackers to execute arbitrary code.

The vulnerability of the Microsoft Dynamics CRM resource planning software relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially created queries...

9CVSS8.5AI score0.03076EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/12/12 12:0 a.m.13 views

The vulnerability of the endpoint protection module of the Anti-Ransomware analysis tool for network traffic, network detection, and response of the Cortex XDR Agent on Windows operating systems allows attackers to gain unauthorized access to protected information.

The vulnerability of the endpoint protection module of the Anti-Ransomware analysis tool for network traffic, network detection, and response of the Cortex XDR Agent on Windows operating systems is related to insufficient protection of operational data. Exploiting this vulnerability can allow...

5.3CVSS5.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/11/15 12:0 a.m.13 views

The vulnerability of the vector graphics editor CorelDRAW Graphics Suite (formerly CorelDRAW) lies in the ability to read data beyond the buffer boundaries in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the CorelDRAW Graphics Suite formerly CorelDRAW graphic editor relates to the reading of data beyond the buffer boundaries in memory during the syntax analysis of GIF files. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...

3.3CVSS5.6AI score0.00807EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2022/11/02 12:0 a.m.13 views

The vulnerability of the FortiClient NAC (fcnacd) operating system allows a perpetrator to execute arbitrary code or cause service interruptions.

The vulnerability of the FortiOS operating system’s FortiClient NAC fcnacd is related to buffer overflow in the stack. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure by sending a specially crafted request...

9CVSS6.3AI score0.00862EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/10/03 12:0 a.m.13 views

The vulnerability of the `kodak_radc_load_raw` function in the `dcraw_common.cpp` component of the LibRaw image processing library allows a hacker to trigger a service failure.

The vulnerability of the kodakradcloadraw function in the dcrawcommon.cpp component of the LibRaw image processing library is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to trigger a service failure using a specially created POC file...

7.8CVSS6.8AI score0.02988EPSS
Exploits0References9Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/10/03 12:0 a.m.13 views

The vulnerability of the LibXfont library lies in the improper definition of symbolic links before accessing the file, allowing attackers to trigger a service failure.

The vulnerability of the LibXfont library is related to the incorrect definition of symbolic links before accessing the file. Exploiting this vulnerability allows an attacker to cause service failures...

5.5CVSS6.4AI score0.0042EPSS
Exploits0References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/09/30 12:0 a.m.13 views

The vulnerability of the JBIG2Stream::readTextRegionSeg() function in the JBIG2 decoder for PDF file rendering by Poppler allows a malicious actor to cause a service failure or execute arbitrary code.

The vulnerability of the JBIG2Stream::readTextRegionSeg function in the JBIG2 decoder for processing PDF files with Poppler is related to integer overflow. Exploiting this vulnerability could allow an attacker to cause a service failure or execute arbitrary code by opening a specially created PDF...

7.8CVSS7.7AI score0.00574EPSS
Exploits1References22Affected Software8
BDU FSTEC
BDU FSTEC
added 2022/09/07 12:0 a.m.13 views

The vulnerability of the Roundcube webmail client, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of the Roundcube email client relates to the lack of measures taken to protect the website structure during the processing of CSS style sheets. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks by sending specially crafted email...

6.4CVSS6.7AI score0.01045EPSS
Exploits0References10Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/09/07 12:0 a.m.13 views

The vulnerability of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 allows a hacker to execute arbitrary code.

The vulnerability of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 lies in the copying of buffers without checking the size of the input data during the processing of the confcli file. Exploiting this vulnerability allows a remote attacker to execute arbitra...

9.6CVSS8.1AI score0.01088EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2022/09/05 12:0 a.m.13 views

The vulnerability of the ActiveX control on SCADA servers of Measuresoft ScadaPro Server and ScadaPro Server Client allows attackers to enhance their privileges.

The vulnerability of the ActiveX control used by SCADA servers of Measuresoft ScadaPro Server and ScadaPro Server Client is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...

7.8CVSS7.1AI score0.00284EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/09/05 12:0 a.m.13 views

The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business RV110W, RV130, RV130W, and RV215W allows a perpetrator to execute arbitrary commands or cause service failures.

The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business RV110W, RV130, RV130W, and RV215W arises from the copying of buffers without checking the size of the input data during the processing of user fields in incoming HTTP packets. Exploiting...

6.5CVSS7.5AI score0.01081EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/08/31 12:0 a.m.13 views

The vulnerability of the software for adjusting Intel XTU performance lies in the uncontrolled search path element, which allows a hacker to increase their privileges.

The vulnerability of the software for adjusting Intel XTU performance is related to an uncontrollable element in the search process. Exploiting this vulnerability can allow a perpetrator to enhance their privileges...

7.3CVSS7.2AI score0.00237EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/22 12:0 a.m.13 views

The vulnerability of the BIOS microprogramming system of Intel processors allows attackers to enhance their privileges and execute arbitrary code.

The vulnerability of the BIOS microprogramming system of Intel processors is related to the implementation of incorrect control flow. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code...

7.8CVSS7.5AI score0.00253EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.13 views

The vulnerability in the web interface of the Cisco Smart Software Manager On-Prem administration tool allows a perpetrator to trigger a service failure.

The vulnerability in the web interface of the Cisco Smart Software Manager On-Prem administration tool is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...

7.7CVSS6.8AI score0.00951EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/08 12:0 a.m.13 views

The vulnerability of the append_command() function (ex_docmd.c) in the Vim text editor, which allows a hacker to execute arbitrary code.

The vulnerability of the appendcommand function exdocmd.c in the Vim text editor is related to writing beyond buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

7.6CVSS7.8AI score0.01527EPSS
Exploits1References12Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/07/08 12:0 a.m.13 views

The vulnerability of the executable files instup.exe and wsc_proxy.exe of the antivirus protection software Avast Premium Security allows a perpetrator to execute arbitrary code or cause service failure.

The vulnerability of the installed files instup.exe and wscproxy.exe of the antivirus protection software Avast Premium Security is related to the use of an insecure search path. Exploiting this vulnerability can allow a hacker to execute arbitrary code or cause service failures...

6.8CVSS7AI score0.00277EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/08 12:0 a.m.13 views

The vulnerability of the QTS operating system, specifically the QuTS Hero operating system, is related to deficiencies in pathname restriction, which allows attackers to compromise the confidentiality of information.

The vulnerability of the QTS operating system is related to deficiencies in pathname restriction. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality of information...

5.3CVSS6.2AI score0.00888EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/27 12:0 a.m.13 views

The vulnerability of the Infrastructure component of the Oracle FLEXCUBE Universal Banking system allows a perpetrator to gain access to data reading or cause a partial service disruption.

The vulnerability of the Infrastructure component of the Oracle FLEXCUBE Universal Banking system exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain read access to data or cause partial service interruption...

6.1CVSS6.8AI score0.00609EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/15 12:0 a.m.13 views

The vulnerability of the Fax Compose Form component in Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the Fax Compose Form component in Windows operating systems is related to insufficient validation of entered data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

8.8CVSS7.7AI score0.01943EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/04/21 12:0 a.m.13 views

The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business RV340, RV340W, RV345, and RV345P allows a perpetrator to execute arbitrary commands.

The vulnerability of the web-based management interface for Cisco Small Business RV340, RV340W, RV345, and RV345P microprogramming systems exists due to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a...

7.5CVSS7.2AI score0.75322EPSS
Exploits3References2Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/04/21 12:0 a.m.13 views

The vulnerability of the ext/snmp/snmp.c component of the PHP programming language interpreter allows a attacker to cause a service failure or potentially have other adverse effects.

The vulnerability of the ext/snmp/snmp.c component of the PHP programming language interpreter is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to cause service interruptions or potentially have other effects through specially created...

10CVSS7.6AI score0.05417EPSS
Exploits1References13Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/04/20 12:0 a.m.13 views

The vulnerability of the Display Key Combination Fast Access swhkd in the Wayland display server protocol allows a hacker to access protected information or cause a service failure.

The vulnerability of the Display Key Combination daemon swhkd in the Wayland display server protocol implementation relates to the ability to save the PID of a process in the file /tmp/swhkd.pid and incorporate the PID of an existing process into it. Exploiting this vulnerability can allow a remo...

9.1CVSS7.2AI score0.00506EPSS
Exploits1References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/20 12:0 a.m.13 views

The vulnerability of the Direct Memory Access (DMA) subsystem in Linux operating systems allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Direct Memory Access DMA subsystem in Linux operating systems is related to memory release errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.5CVSS6.6AI score0.00465EPSS
Exploits1References20Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/04/11 12:0 a.m.13 views

The vulnerability of the Databuf function in the types.cpp component of the Exiv2 media metadata management library allows a attacker to cause a service failure.

The vulnerability of the Databuf function in the types.cpp component of the Exiv2 media metadata management library is related to the copying of buffers without checking the input data. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

7.1CVSS6.4AI score0.0114EPSS
Exploits0References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/04/07 12:0 a.m.13 views

The vulnerability of the PuppetDB database management system lies in the lack of protective measures for SQL query structures. This allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the PuppetDB database management system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to gain access to confidential data, compromise its integrity, and cause service interruptions...

9CVSS7.7AI score0.01262EPSS
Exploits0References10Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/04/06 12:0 a.m.13 views

Vulnerabilities of functions mbedtls_ecp_check_pub_priv, mbedtls_pk_parse_key, mbedtls_pk_parse_keyfile, mbedtls_ecp_mul, and mbedtls_ecp_mul_restartable in TLS and SSL protocol implementations. These vulnerabilities allow attackers to access confidential data.

The vulnerabilities of functions mbedtlsecpcheckpubpriv, mbedtlspkparsekey, mbedtlspkparsekeyfile, mbedtlsecpmul, and mbedtlsecpmulrestartable in TLS and SSL protocols involve information disclosure due to inconsistencies. Exploiting these vulnerabilities allows a remote attacker to gain access t...

5.3CVSS6AI score0.01264EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/04/01 12:0 a.m.13 views

The vulnerability of the HTTP library for Rust Hyper, related to shortcomings in HTTP request processing, allows attackers to compromise data integrity.

The vulnerability of the HTTP library for Rust Hyper relates to the improper handling of requests with a “+” prefix in the Content-Length header. Exploiting this vulnerability allows an attacker to compromise data integrity...

5.3CVSS5.9AI score0.00886EPSS
Exploits1References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/03/30 12:0 a.m.13 views

Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the MySQL Server component involves errors in resource release. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL network protocol...

6.3CVSS6.3AI score0.01856EPSS
Exploits0References8Affected Software2
Total number of security vulnerabilities5000