90336 matches found
Vulnerability of the mcp251x_stop() function in the drivers/net/can/spi/mcp251x.c module – This driver supports network devices of the Linux kernel, which can be exploited by attackers to cause service failures.
Vulnerability of the mcp251xstop function in the drivers/net/can/spi/mcp251x.c module – The Linux kernel’s CAN network device driver relies on the assignment of the NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Root Access Control component of the Totolink X2000R microprogramming system allows attackers to carry out cross-site scripting attacks.
The vulnerability of the Root Access Control component of the Totolink X2000R microprogramming system for routers is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
The vulnerability of the ImportConnectionVariables method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, allowing a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the ImportConnectionVariables method in software for managing and monitoring remote objects in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to compromise the...
The vulnerability of the convert() and queryConvert() functions in the collections of POCO libraries for the C++ programming language allows a hacker to execute arbitrary code.
The vulnerability of the convert and queryConvert functions in POCO mobile phones is related to integer overflow. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...
The vulnerability of the ext4_fill_super() function in the fs/ext4/super.c module of the Linux file system support module allows a hacker to cause a service failure.
The vulnerability of the ext4fillsuper function in the fs/ext4/super.c module of the Linux file system support module is related to improper memory release before deleting the last reference „memory leak“. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the qcuefi_set_reference() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the qcuefisetreference function in the Linux operating system’s kernel is related to insufficient locking of resources. Exploiting this vulnerability could allow an attacker to trigger a service failure...
The vulnerability of the Data Manager component of Siemens SENTRON 7KT PAC1260, a multi-functional device for measuring parameters of electrical circuits, allows a hacker to gain unauthorized access to the device.
The vulnerability of the Data Manager component of Siemens SENTRON 7KT PAC1260 multi-functional measurement devices for electrical networks lies in the lack of authentication for a critical function. Exploiting this vulnerability can allow an unauthorized attacker to gain unauthorized access to t...
The vulnerability of the xe_drm_client_add_bo() function in the DRI driver of the Linux operating system allows a attacker to cause a service failure.
The vulnerability of the xedrmclientaddbo function in the DRI driver of the Linux operating system’s kernel is related to insufficient resource locking. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the cow_file_range() function in the fs/btrfs/inode.c module of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the cowfilerange function in the fs/btrfs/inode.c module of the Linux operating system is related to improper resource locking. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the mgmt_set_powered_complete() function in the net/bluetooth/mgmt.c module of the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the mgmtsetpoweredcomplete function in the net/bluetooth/mgmt.c module of the Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...
The vulnerability of Linksys Velop WHW01’s microprogramming software arises from incorrect pathname restrictions for access to restricted catalogs. This allows attackers to escalate their privileges.
The vulnerability of Linksys Velop WHW01 microprogrammed software lies in the incorrect limitation of the path name to the restricted access directory. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the cleanup_srcu_struct() function in the kernel/rcu/srcutree.c module of the synchronization subsystem in Linux multi-threaded kernel systems allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the cleanupsrcustruct function in the kernel/rcu/srcutree.c sub-system of the synchronization mechanism in Linux multi-threaded kernel systems is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the...
Vulnerability of the int3400_setup_gddv() function in the drivers/thermal/intel/int340x_thermal/int3400_thermal.c module – a Linux kernel temperature control driver that allows a hacker to cause a service failure.
Vulnerability of the int3400setupgddv function in the drivers/thermal/intel/int340xthermal/int3400thermal.c module – The Linux kernel temperature control driver contains errors in its code. Exploiting this vulnerability could allow an attacker to cause system failures...
The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit, related to reading data beyond the allowed buffer limits, allows attackers to cause service failures.
The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit relates to reading data beyond the acceptable buffer limits. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the ethnlreq_getPhydev() function in Linux operating systems allows a hacker to cause a service failure.
The vulnerability of the ethnlreqgetPhydev function in Linux operating systems is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the advertise_res() function in the UPnP service of Netgear’s WNR854T router allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the advertiseres function of the UPnP service involves the escape of operations beyond the buffer in memory when processing the M-SEARCH request header value. Exploitation of this vulnerability allows a remote attacker to execute arbitrary code or cause service failures by...
The vulnerability in the kernel/workqueue.c module of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the kernel/workqueue.c module in the Linux operating system is related to insufficient resource locking. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the PHP Smarty templater, related to improper handling of code generation, allows attackers to execute arbitrary PHP code.
The vulnerability of the PHP Smarty templater is related to improper handling of code generation. Exploiting this vulnerability allows an attacker to execute arbitrary PHP code on the target system...
The vulnerability of the pinctrl component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the pinctrl component in the Linux operating system’s kernel is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the amd_pmc_s2d_init() function in the drivers/platform/x86/amd/pmc.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the amdpmcs2dinit function in the module drivers/platform/x86/amd/pmc.c of the Linux kernel is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created HTML page...
Vulnerability of components of the Linux operating system’s kernel, net/mlx5e, which allows a hacker to cause a service failure
The vulnerability of the net/mlx5e components in the Linux operating system’s kernel is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Linux operating system’s FPGA kernel component, which allows a hacker to trigger a service failure
The vulnerability of the Linux operating system’s FPGA kernel component is related to the dereferencing of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the qcom_mhi_qrtr_send() function in the net/qrtr/mhi.c module allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information in Qualcomm Linux-based system kernels.
The vulnerability of the qcommhiqtrSend function in the net/qrtr/mhi.c module, which is part of the Qualcomm IPC kernel for the Linux operating system, relates to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...
Vulnerability of the function bt1_rom_map_copy_from(), located in the driver/mtd/maps/physmap-bt1-rom.c module. This driver provides support for accessing memory devices in Linux kernels, which can be exploited by attackers to compromise confidentiality.
The vulnerability of the bt1rommapcopyfrom function in the drivers/mtd/maps/physmap-bt1-rom.c module – the driver for accessing memory devices in Linux kernels – involves reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise confidentiality...
The vulnerability of the xiic_xfer() function in the drivers/i2c/busses/i2c-xiic.c file of the Linux operating system allows a hacker to gain access to protected information.
The vulnerability of the xiicxfer function in the drivers/i2c/busses/i2c-xiic.c file of the Linux operating system’s kernel is related to security configuration errors. Exploiting this vulnerability could allow an attacker to gain access to protected information...
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the execution of operations beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability of the tpm_read_log_efi() function in the drivers/char/tpm/eventlog/efi.c kernel module of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the tpmreadlogefi function in the drivers/char/tpm/eventlog/efi.c kernel module of the Linux operating system is related to a numerical overflow or cyclic shift. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the ila_add_mapping() function in the net/ipv6/ila/ila_xlat.c module of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the ilaaddmapping function in the net/ipv6/ila/ilaxlat.c module of the Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protect...
The vulnerability of Google Chrome, related to errors in the user interface’s information representation, allows a perpetrator to replace the user interface.
The vulnerability of Google Chrome relates to errors in information representation by the user interface. Exploiting this vulnerability allows a malicious actor to replace the user interface with a specially created HTML page...
The vulnerability of the USB-Audio component in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the USB-Audio component in the Linux operating system’s kernel is related to errors in reading beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the DNN CMS system, related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely.
The vulnerability of the DNN CMS system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
The vulnerability of the rproc_alloc() function in the remoteproc driver (drivers/remoteproc/remoteproc_core.c) of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the rprocalloc function in the remoteproc driver drivers/remoteproc/remoteproccore.c in Linux operating systems is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability in the VERM_AJAX_functions.php script of the software for managing call centers allows a violator to execute arbitrary code.
The vulnerability of the VERMAJAXfunctions.php software for the Vicidial call processing center is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...
The vulnerability of the iio component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the iio component in the Linux operating system’s kernel is related to improper validation of input data in the afe4403readraw function. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the `char` component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the char component in the Linux operating system’s kernel is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the Mongoose library, related to the lack of protection for SQL query structures, allows attackers to execute arbitrary code and gain access to read and modify data.
The vulnerability of the Mongoose library relates to the lack of protection for the SQL query structure when the $where operator is used. Exploiting this vulnerability allows an attacker to execute arbitrary code and gain access to read and modify data...
The vulnerability of Linux operating system’s DRM/AMDGPU cores allows a hacker to trigger a service failure.
The vulnerability of Linux operating system’s DRM/AMDGPU kernel components is related to the assignment of the NULL pointer in the amdgpurasinterruptprocesshandler function. Exploiting this vulnerability can allow an attacker to trigger a service failure...
The vulnerability of the setL2tpServerCfg() function in the cstecgi.cgi script of the TOTOLINK X5000R router’s software allows a hacker to execute arbitrary commands.
The vulnerability of the setL2tpServerCfg function in the cstecgi.cgi script of the TOTOLINK X5000R router’s microprogramming system is related to the failure to take measures to neutralize special elements used in the operating system’s command processing when dealing with parameters such as mtu...
The vulnerability of the ethtool component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the ethtool component in the Linux operating system’s kernel is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the platform’s management interface for deploying and managing LoadMaster applications allows a perpetrator to execute arbitrary commands.
The vulnerability of the platform’s management interface for deploying and managing LoadMaster applications is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using a specially created HTTP request...
The vulnerabilities of the Generic Data Mapper, Engineering Adapter, and Engineering Interface modules of the software for designing, operating, and maintaining technological installations like COMOS, allow attackers to execute XXE attacks.
The vulnerability of the Generic Data Mapper, Engineering Adapter, and Engineering Interface modules of the COMOS software for designing, operating, and maintaining technological installations is related to a bug that restricts XML references to external objects. Exploiting this vulnerability cou...
The vulnerability in the software web interface for controlling power supply units like PowerChute Serial Shutdown allows a intruder to trigger a service failure.
The vulnerability in the software web interface for controlling power supply units like PowerChute Serial Shutdown is related to improper authentication. Exploiting this vulnerability could allow an attacker, operating remotely, to cause a service failure...
The vulnerability of Mendix LDAP module in the deployment and application testing software platform of Mendix allows a hacker to bypass security restrictions.
The vulnerability of Mendix LDAP in the software deployment and application testing platform relates to the failure to eliminate special elements in LDAP requests. Exploiting this vulnerability allows a malicious actor to bypass security restrictions remotely...
The vulnerability of the eeh_pe_bus_get() function (arch/powerpc/kernel/eeh_pe.c) in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the eehpebusget function arch/powerpc/kernel/eehpe.c in the Linux operating system is related to improper locking of resources. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the formSetClientState function in the Tenda AC18 router software allows a attacker to trigger a service failure or execute arbitrary code.
The vulnerability of the formSetClientState function in the Tenda AC18 router software is related to buffer overflows in the stack when processing the limitSpeedUp parameter. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code using a specially...
The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in the lack of protective measures for website structures, allowing attackers to perform cross-site scripting attacks (XSS).
The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to the lack of measures taken to protect the website structure. Exploiting these vulnerabilities allows attackers to perform...
The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in the lack of protective measures for website structures, allowing attackers to perform cross-site scripting attacks (XSS).
The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to the lack of measures taken to protect the website structure. Exploiting these vulnerabilities allows attackers to perform...
The vulnerability of the Windows Win32 Kernel subsystem in operating systems allows attackers to increase their privileges.
The vulnerability of the Windows Win32 Kernel subsystem in operating systems involves the possibility of exploiting memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the Microsoft Digest Authentication (wDigest) authentication mechanism in Windows operating systems allows a perpetrator to execute arbitrary code.
The vulnerability of the Microsoft Digest Authentication wDigest authentication mechanism in Windows operating systems is related to integer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...