90336 matches found
The vulnerability of the sun8i-ce_cipher_prepare() function in the drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c module of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the sun8i-cecipherprepare function in the drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c module of the Linux operating system is related to improper release of resources. Exploiting this vulnerability could allow an attacker to cause a service failure...
Vulnerability of the wfxUploadAp_templates() function in the drivers/net/wireless/silabs/wfx/sta.c module – A driver for supporting wireless connection adapters from Silicon Laboratories’ Linux-based operating systems. This vulnerability allows a hacker to cause a service failure.
Vulnerability of the wfxUploadAptemplates function in the drivers/net/wireless/silabs/wfx/sta.c module – The wireless adapter support driver from Silicon Laboratories for Linux operating systems is vulnerable due to a NULL pointer dereferencing issue. Exploiting this vulnerability could allow an...
The vulnerability of the “Accent” platform, related to the failure to protect the SQL query structure, allows unauthorized access to protected information.
The vulnerability of the “Accent” platform lies in the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...
The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software, related to the occurrence of operations outside the buffer in memory, allows attackers to disclose protected information.
The vulnerability of PDF-XChange Editor’s PDF document viewing and editing functionality lies in the issue of operations going beyond the buffer in memory during the processing of PRC files. Exploiting this vulnerability can allow an attacker to disclose protected information...
The vulnerability of the PDF Preview module in the HarmonyOS operating system, which allows a hacker to trigger a service failure
The vulnerability of the PDF Preview module in the HarmonyOS operating system is related to pointer manipulation. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...
The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software, related to the occurrence of operations outside the buffer in memory, allows attackers to disclose protected information.
The vulnerability of PDF-XChange Editor’s PDF document viewing and editing functionality lies in the issue of operations going beyond the buffer in memory when processing U3D format files. Exploiting this vulnerability can allow attackers to disclose sensitive information that is protected by the...
The vulnerability of PDF document viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the ability to read data beyond the buffer in memory, allowing attackers to disclose protected information.
The vulnerability of PDF document viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the reading of data beyond the buffer boundaries in memory during file processing for U3D files. Exploiting this vulnerability can allow attackers to disclose protecte...
The vulnerability of PDF document viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the use of memory after it is freed, allowing an attacker to disclose protected information.
The vulnerability of PDF viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the use of memory after it is freed during file processing for U3D operations. Exploiting this vulnerability can allow attackers to disclose sensitive information that is...
Vulnerability of the H5FS__sect_link_size() function (src/H5FSsection.c) in the HDF5 library, which allows a hacker to cause a service failure
The vulnerability of the H5FSsectlinksize function src/H5FSsection.c in the HDF5 library is related to the occurrence of operations outside the buffer’s boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO programs relates to the use of memory after it is freed, allowing an attacker to execute arbitrary code.
The vulnerability of PDF viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the use of memory after it is freed during file processing for U3D operations. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the Blink rendering module in Google Chrome and Microsoft Edge browsers allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the Blink module in Google Chrome and Microsoft Edge browsers is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code or cause a service failure...
The vulnerability of Nokia’s Single Radio Access Network management platform lies in the improper limitation of the path name to the restricted access catalog. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the Nokia Single RAN network management platform lies in the incorrect limitation of the path name when processing the PlanId parameter. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected informati...
The vulnerability of the enetc.c component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the enetc.c component in the Linux operating system’s kernel is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the nf_send_reset6() function in the net/ipv6/netfilter/nf_reject_ipv6.c component of the Linux kernel allows a hacker to trigger a service failure.
The vulnerability of the nfsendreset6 function in the net/ipv6/netfilter/nfrejectipv6.c component of the Linux kernel is related to errors during resource release. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the drivers/infiniband/hw/bnxt_re component of the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the drivers/infiniband/hw/bnxtre component of the Linux operating system is related to improper memory release before deleting the last reference. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the microprogramming software of the Elfatek Elektronik ANKA JPD 00028 series radio control system, related to improper access control, allows a intruder to gain unauthorized access and compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the microprogramming software of the Elfatek Elektronik ANKA JPD 00028 series radio control system is related to improper access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access and compromise the...
The vulnerability of the built-in boa server (/boafrm/formWlSiteSurvey) of TOTOLINK A3002RU router microprogramming software allows a intruder to cause a service failure.
The vulnerability of the built-in boa server /boafrm/formWlSiteSurvey of the TOTOLINK A3002RU router’s microprogramming software is related to the issue of the operation exceeding the buffer boundaries in memory when processing the submit-url parameter. Exploiting this vulnerability allows a...
The vulnerability of mediatek’s Linux operating system drivers allows a hacker to cause a service failure.
The vulnerability of mediatek’s Linux operating system drivers is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of Adobe InDesign’s computer layout automation tool, related to writing beyond the buffer limit, allows a hacker to execute arbitrary code.
The vulnerability of Adobe InDesign’s computer layout automation tool is related to writing outside the buffer. Exploiting this vulnerability allows a attacker to execute arbitrary code using a specially created malicious file...
The vulnerability in the LLVM Toolchain development tools, related to reading data beyond the buffer boundary, allows a attacker to trigger a service failure.
The vulnerability of the LLVM Toolchain development tools is related to reading data beyond the allowed buffer size. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the __poke_user() function in the arch/s390/kernel/ptrace.c module of the Linux operating system allows a hacker to gain access to protected information or cause a service failure.
The vulnerability of the pokeuser function in the arch/s390/kernel/ptrace.c module of the Linux operating system is related to reading beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to access protected information or cause service interruptions...
Vulnerability of the macbremove() function in the drivers/net/ethernet/cadence/macbpci.c module – a driver for supporting Ethernet adapter support in Cadence’s Linux-based operating system, which allows a hacker to cause a service failure.
Vulnerability of the macbremove function in the drivers/net/ethernet/cadence/macbpci.c module – The Cadence Ethernet adapter driver for Linux operating systems is vulnerable due to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to cause a servic...
The vulnerability of the WinRAR file archiver, related to incorrect restrictions on the path name of the restricted directory, allows a hacker to execute arbitrary code.
The vulnerability of the WinRAR file archiver is related to incorrect restrictions on the path name of the restricted directory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code upon opening a specially crafted file...
Vulnerability of the mt7615_coredump_work() function in the drivers/net/wireless/mediatek/mt76/mt7615/mac.c module – This driver is responsible for supporting wireless communication adapters in the Linux operating system. An attacker can exploit this vulnerability to gain access to protected information.
Vulnerability of the mt7615coredumpwork function in the drivers/net/wireless/mediatek/mt76/mt7615/mac.c module – The driver for supporting kernel-level wireless adapters in the Linux operating system is vulnerable due to improper memory release before deleting the last reference memory leak...
Vulnerability of Microsoft Excel, Microsoft Office, Microsoft 365 Apps for Enterprise, and Microsoft Office Online Server programs, related to the use of memory after it is released, allowing an attacker to execute arbitrary code.
The vulnerability of Microsoft Excel, Microsoft Office, Microsoft 365 Apps for Enterprise, and Microsoft Office Online Server programs is related to the use of memory after it is released. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the kvm_arch_vcpu_ioctl() function in the arch/x86/kvm/x86.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the kvmarchvcpuioctl function in the arch/x86/kvm/x86.c module of the Linux operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility o...
The vulnerability of the `btrfs_truncate inode items()` function in the `fs/btrfs/ctree.h` module of the Linux file system support module allows a attacker to cause a service failure.
The vulnerability of the btrfstruncate inode items function in the fs/btrfs/ctree.h module of the Linux file system support library is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the cleanup_bearer() function in the net/tipc/udp-media.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the cleanupbearer function in the net/tipc/udp-media.c module of the Linux operating system is related to the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...
The vulnerability of the getServerCertificate method in the HPE StoreOnce VSA storage virtualized system allows a attacker to execute arbitrary code.
The vulnerability of the getServerCertificate method in the HPE StoreOnce VSA storage virtualized environment is related to the lack of data cleaning measures at the management level. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the sock_put() function in the net/ipv4/tcp_bpf.c module of the Linux operating system allows a hacker to increase their privileges.
The vulnerability of the sockput function in the net/ipv4/tcpbpf.c module of the Linux kernel relates to the possibility of using memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the webExcptypemanFilter function in the Tenda FH451 router software allows a hacker to execute arbitrary code.
The vulnerability of the webExcptypemanFilter function in the Tenda FH451 router software lies in the reading of data beyond the buffer boundaries in memory during the processing of the page parameter. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a special...
The vulnerability of the Quiz Maker plugin of the WordPress content management system, related to the failure to protect the SQL query structure, allows attackers to execute arbitrary SQL code.
The vulnerability of the Quiz Maker plugin of the WordPress content management system is related to the lack of protection for the SQL query structure when processing the id parameter. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...
The vulnerability of the VBI libzvbi library’s capture and decoding function is related to a numerical overflow in the _vbi_strndup_iconv() function. This allows an attacker to cause a service failure.
The vulnerability of the VBI libzvbi library’s capture and decoding functions is related to a numerical overflow in the vbistrndupiconv function. Exploiting this vulnerability could allow an attacker to cause a service failure remotely...
Vulnerability of the VS6EditData!CDataRomErrorCheck::MacroCommandCheck() function in the HMI configuration software for Monitouch V-SFT: This vulnerability allows an attacker to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.
The vulnerability of the VS6EditData!CDataRomErrorCheck::MacroCommandCheck function in the HMI configuration software for Monitouch V-SFT lies in the possibility of the operation exceeding the buffer limits in memory. Exploiting this vulnerability could allow an attacker to gain unauthorized acce...
Vulnerability of the VS6EditData!CDrawSLine::GetRectArea() function of the HMI configuration software for Monitouch V-SFT: This vulnerability allows an attacker to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.
The vulnerability of the VS6EditData!CDrawSLine::GetRectArea function of the HMI configuration software for Monitouch V-SFT is related to the occurrence of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to gain unauthorized access to...
The vulnerability of the configuration @EnableMethodSecurity(mode=ASPECTJ) or spring-security-aspects in the Java framework for securing Spring-based industrial applications allows attackers to bypass the authentication process.
The vulnerability of the @EnableMethodSecurity'mode=ASPECTJ configuration or the spring-security-aspects Java framework for securing Spring-based industrial applications is related to a flaw in the data protection mechanism. Exploiting this vulnerability could allow an attacker to bypass...
The vulnerability of the VS6ComFile!MakeItemGlidZahyou() function in the HMI configuration software for Monitouch V-SFT allows a malicious individual to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.
The vulnerability of the VS6ComFile!MakeItemGlidZahyou function in the HMI configuration software for Monitouch V-SFT lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information, execute...
The vulnerability of the web_acl_ipv4BasedAceAdd() function in PLANET Technology’s microprogrammed switching software allows a perpetrator to compromise the confidentiality and integrity of the protected information.
The vulnerability of the webaclipv4BasedAceAdd function in PLANET Technology’s microprogrammed switching software is related to buffer overflows in the stack when processing the ipv4Aclkey parameter. Exploiting this vulnerability can allow an attacker to compromise the confidentiality and integri...
Vulnerability of the VS6EditData!CGamenDataRom::set_mr400_strc() function in the programming tool for configuring HMI interfaces of Monitouch V-SFT: This allows an attacker to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.
The vulnerability of the VS6EditData!CGamenDataRom::setmr400strc function in the HMI configuration software for Monitouch V-SFT is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected...
The vulnerability of the web_snmp_v3host_add_post() function in PLANET Technology’s microcontroller software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the websnmpv3hostaddpost function in PLANET Technology’s microcontroller software stems from the issue of the operation exceeding the buffer boundaries in memory when processing the hostip parameter. Exploiting this vulnerability allows an attacker to compromise the...
The vulnerability of the web_sys_infoContact_post() function in PLANET Technology’s microcontroller software allows a intruder to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the websysinfoContactpost function in PLANET Technology’s microcontroller software stems from the operation of the function beyond the buffer boundaries in memory when processing the contact parameter. Exploiting this vulnerability could allow an attacker to compromise the...
The vulnerability of the dcn315_populate_dml_pipes_from_context() function in the DRI driver for AMD Linux kernel-based graphics cards allows a attacker to cause a service failure.
The vulnerability of the dcn315populatedmlpipesfromcontext function in the DRI driver for AMD Linux kernel-based graphics cards is related to insufficient validation of input data during division by zero. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the pvr_vm_gpuva_unmap() function in the DRI driver of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the pvrvmgpuvaunmap function in the DRI support driver for the Linux kernel relates to improper memory release before deleting the last pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the broxton_audio_probe() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the broxtonaudioprobe function in the Linux operating system is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the dpcdcd_extend_address_range() function in the DRI driver for AMD graphics cards in Linux operating systems allows a malicious actor to cause a service failure.
The vulnerability of the dpcdcdextendaddressrange function in the DRI driver for AMD graphics cards in Linux operating systems is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the ice_prepare_for_reset() function in the Intel Ethernet driver for Linux operating systems allows a hacker to trigger a service failure.
The vulnerability of the iceprepareforreset function in the Intel Ethernet network adapter driver for Linux operating systems is related to the swapping of pointers L. Exploiting this vulnerability can allow attackers to cause a service failure...
The vulnerability of the Kibana data visualization service, related to the unlimited loading of malicious files, allows attackers to upload harmful files.
The vulnerability of the Kibana data visualization service is related to the unlimited loading of malicious files. Exploiting this vulnerability allows a remote attacker to upload malicious files...
Vulnerability of the mcp251x_stop() function in the drivers/net/can/spi/mcp251x.c module – This driver supports network devices of the Linux kernel, which can be exploited by attackers to cause service failures.
Vulnerability of the mcp251xstop function in the drivers/net/can/spi/mcp251x.c module – The Linux kernel’s CAN network device driver relies on the assignment of the NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Root Access Control component of the Totolink X2000R microprogramming system allows attackers to carry out cross-site scripting attacks.
The vulnerability of the Root Access Control component of the Totolink X2000R microprogramming system for routers is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
The vulnerability of the ImportConnectionVariables method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, allowing a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the ImportConnectionVariables method in software for managing and monitoring remote objects in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to compromise the...