Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2023/09/28 12:0 a.m.13 views

The vulnerability of the U3D File Parser component in the PDF-XChange PDF document viewing and editing software allows a hacker to execute arbitrary code.

The vulnerability of the U3D File Parser component in the PDF-XChange PDF viewing and editing software is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS7.9AI score0.00406EPSS
Exploits0References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/09/26 12:0 a.m.13 views

The vulnerability of Google Chrome’s user tabs allows a hacker to replace the user’s interface.

The vulnerability of Google Chrome’s user tabs is related to improperly implemented security checks for standard elements. Exploiting this vulnerability allows a malicious actor to replace the user interface with a specially created HTML page...

5CVSS5.5AI score0.00663EPSS
Exploits0References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/09/26 12:0 a.m.13 views

The vulnerability of the Prompts component in the Google Chrome browser allows attackers to perform spoofing attacks.

The vulnerability of the Prompts component in the Google Chrome browser is related to the improper use of standard permissions. Exploiting this vulnerability allows a malicious actor to carry out spam attacks using a specially created HTML page...

5CVSS5.4AI score0.00717EPSS
Exploits0References12Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/09/11 12:0 a.m.13 views

The vulnerability of the SafeHtml validator in the Hibernate Validator library allows attackers to perform cross-site scripting attacks.

The vulnerability in the SafeHtml validator of the Hibernate Validator library relates to the lack of measures taken to protect the structure of web pages during the processing of HTML content. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks...

6.5CVSS6.5AI score0.02167EPSS
Exploits0References14Affected Software7
BDU FSTEC
BDU FSTEC
added 2023/08/23 12:0 a.m.13 views

The vulnerability of the Fullscreen application interface of Google Chrome’s browser allows a hacker to bypass existing security restrictions.

The vulnerability of the Fullscreen application interface of Google Chrome’s browser is related to improperly implemented security checks for standard elements. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions on the browser page through a specially...

5CVSS5.5AI score0.00657EPSS
Exploits0References9Affected Software6
BDU FSTEC
BDU FSTEC
added 2023/08/03 12:0 a.m.13 views

The vulnerability of Cisco AsyncOS operating system’s scanning mechanism for Cisco Secure Web Appliances allows attackers to circumvent traffic blocking rules.

The vulnerability of the Cisco AsyncOS operating system’s scanning mechanism for the Cisco Secure Web Appliance is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to circumvent traffic blocking rules when encoding types such as deflate, lzma,...

8.6CVSS5.9AI score0.00476EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/08/01 12:0 a.m.13 views

The vulnerability of the Visual Analyzer component of the Oracle Business Intelligence Enterprise Edition software platform allows a malicious individual to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the Visual Analyzer component of the Oracle Business Intelligence Enterprise Edition software is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or to modify, add, or delete...

5.5CVSS6.9AI score0.00308EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/07/25 12:0 a.m.13 views

The vulnerability of Google Chrome’s Autofill function allows attackers to gain access to confidential information.

The vulnerability of Google Chrome’s Autofill function is related to improperly implemented security checks for standard elements. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to confidential information...

7.8CVSS5.4AI score0.00527EPSS
Exploits0References5Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/07/20 12:0 a.m.13 views

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to trigger a service failure or execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to access to resources through incompatible types. Exploiting this vulnerability can allow a malicious actor to cause service failures or execute arbitrary code using a specially crafted HTML page...

10CVSS8AI score0.23855EPSS
Exploits1References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/07/20 12:0 a.m.13 views

The software of Cobalt Ashlar-Vellum has vulnerabilities that allow a hacker to execute arbitrary code.

The vulnerability of the Cobalt Ashlar-Vellum software for parametric automated design and 3D modeling is related to the use of an unreliable pointer. Exploiting this vulnerability allows a attacker to execute arbitrary code...

7.8CVSS7.5AI score0.00399EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/07/10 12:0 a.m.13 views

The vulnerability of Zoom video conferencing software, related to the disclosure of information in erroneous data fields, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Zoom video conferencing software is related to the exposure of information in the erroneous data area. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to protected information...

4.1CVSS6.6AI score0.00983EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/26 12:0 a.m.13 views

The vulnerability of the monitoring system for critical equipment, StruxureWare Data Center Expert, arises from improper code generation. This allows a perpetrator to execute arbitrary code.

The vulnerability of the StruxureWare Data Center Exper monitoring system is related to incorrect code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code when the “end point” parameter in network configuration settings is used...

10CVSS8.2AI score0.01182EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.13 views

The vulnerability of D-Link DSL-3782 router’s microprogramming software allows a hacker to bypass the authentication process and gain access to confidential information.

The vulnerability of the D-Link DSL-3782 router’s microprogramming software is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass the authentication process and gain access to confidential information through a specially crafted...

10CVSS7.7AI score0.13282EPSS
Exploits5References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.13 views

The vulnerability of the PnPSCADA automation system’s software lies in the lack of protective measures for SQL query structures. This allows attackers to gain unauthorized access to protected information and compromise the system.

The vulnerability of the PnPSCADA automation system’s software is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information and compromise the system...

10CVSS7.3AI score0.08079EPSS
Exploits3References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/05 12:0 a.m.13 views

The vulnerability of the SetTriggerPPPoEValidate function in the application software interface of D-Link DIR-2150 router microprogramming system allows a hacker to execute arbitrary code.

The vulnerability of the SetTriggerPPPoEValidate function in the application software interface of D-Link DIR-2150 router microprogramming devices is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially...

7.7CVSS7.1AI score0.0176EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/05 12:0 a.m.13 views

The vulnerability of the HNAP1 protocol implementation in D-Link DIR-846 router microprogramming software allows a attacker to execute arbitrary commands.

The vulnerability of the HNAP1 protocol implementation in D-Link DIR-846 router microprogramming software is related to the failure to take measures to neutralize special elements used in the operating system’s command processing for handling the tomographypingaddress parameter. Exploiting this...

9CVSS8.2AI score0.32561EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/05 12:0 a.m.13 views

The vulnerability of the Schema Handler component in the PostgreSQL database management system allows attackers to circumvent security restrictions.

The vulnerability of the Schema Handler component in the PostgreSQL database management system is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to bypass security restrictions remotely...

4.2CVSS6.4AI score0.00694EPSS
Exploits0References19Affected Software13
BDU FSTEC
BDU FSTEC
added 2023/05/22 12:0 a.m.13 views

Vulnerability of the Decompression Enumeration function in Uncompressor::UncompressItem. This compression tool for XML data allows attackers to execute arbitrary code.

Vulnerability of Decompression Enumeration function: Uncompressor::UncompressItem, an XML data compression tool, is vulnerable to a memory boundary error during XML file processing. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

8.1CVSS7.8AI score0.02545EPSS
Exploits1References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/05/17 12:0 a.m.13 views

The vulnerability of the nf_tables_commit() function in the kernel’s net/netfilter/nf_tables_api.c file in the Linux operating system allows a attacker to compromise data confidentiality, integrity, and accessibility, or to enhance their privileges within the system and execute arbitrary code.

The vulnerability of the nftablescommit function in the net/netfilter/nftablesapi.c module of the Linux operating system is related to improper deletion of a list. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of data, or to...

7.8CVSS6.8AI score0.12966EPSS
Exploits7References22Affected Software7
BDU FSTEC
BDU FSTEC
added 2023/02/27 12:0 a.m.13 views

The vulnerability of Microsoft Exchange Server servers, related to the use of dangerous methods or functions, allows attackers to execute arbitrary code.

The vulnerability of Microsoft Exchange Server servers is related to the use of dangerous methods or functions. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

9CVSS8.5AI score0.62104EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/02/27 12:0 a.m.13 views

The vulnerability of the kernel (NTOSKRNL) of Microsoft Windows operating systems, which allows a perpetrator to increase their privileges

The vulnerability of the kernel NTOSKRNL of Microsoft Windows is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS7.7AI score0.03603EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/02/27 12:0 a.m.13 views

The vulnerability of the Microsoft .NET Framework software platform, related to improper cleaning or release of resources, allows a perpetrator to cause a service failure.

The vulnerability of the Microsoft .NET Framework software platform is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause service failures...

4.4CVSS6.6AI score0.00917EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/02/27 12:0 a.m.13 views

The vulnerability of Microsoft Edge browsers, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Edge browsers is related to information representation errors in the user interface. Exploiting this vulnerability allows a malicious actor to carry out spear-phishing attacks using a specially created malicious web page...

5CVSS6.4AI score0.00729EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/27 12:0 a.m.13 views

The vulnerability of the PowerScale OneFS operating systems, related to the disclosure of information through registration files, allows a perpetrator to gain full control over the system.

The vulnerability of the PowerScale OneFS operating system lies in the fact that information can be disclosed through registration files when changing the password via the interface. Exploiting this vulnerability could allow an attacker to gain full control over the system...

7.8CVSS7.2AI score0.0018EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/21 12:0 a.m.13 views

The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in the ability to write code beyond the buffer boundaries in memory, allowing attackers to execute arbitrary code.

The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in the writing of code beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code within the context of the current user...

7.8CVSS7.8AI score0.00302EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/06 12:0 a.m.13 views

The vulnerability of the microprogrammed software of D-Link DAP-2020 and DAP-1360 allows a intruder to execute arbitrary code.

The vulnerability of D-Link DAP-2020 and DAP-1360 wireless access points’ microprogramming software is related to buffer overflow attacks on the stack. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

8.8CVSS6.3AI score
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/12/29 12:0 a.m.13 views

The vulnerability of the wireless network driver WILC1000 for Linux operating systems allows a hacker to trigger a service failure or increase the level of privileges.

The vulnerability of the wireless network driver WILC1000 drivers/net/wireless/microchip/wilc1000/hif.c in the Linux kernel is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure or increase...

7.1CVSS7AI score0.00307EPSS
Exploits0References36Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.13 views

The vulnerability of the imx_register_uart_clocks() function in the drivers/clk/imx/clk.c file of the Linux kernel allows a hacker to cause system failures or gain increased privileges.

The vulnerability of the imxregisteruartclocks function in the drivers/clk/imx/clk.c file of the Linux kernel is related to a pointer assignment error. Exploiting this vulnerability could allow an attacker to cause system failures or gain increased privileges...

5.5CVSS6.5AI score0.00219EPSS
Exploits0References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.13 views

The vulnerability of the malidp_crtc_reset() function in the Linux kernel’s drivers/gpu/drm/arm/malidp_crtc.c file allows a hacker to trigger a service failure or increase their privileges.

The vulnerability of the malidpcrtcreset function in the Linux kernel’s drivers/gpu/drm/arm/malidpcrtc.c file is related to a pointer arithmetic error. Exploiting this vulnerability could allow an attacker to cause system failures or gain increased privileges...

5.5CVSS6.7AI score0.00217EPSS
Exploits0References15Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.13 views

The vulnerability of the Profiles component in the Google Chrome browser allows a hacker to execute arbitrary code.

The vulnerability of the Profiles component in Google Chrome browser relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS8AI score0.00612EPSS
Exploits0References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.13 views

The vulnerability of the uapi_finalize() function in the drivers/infiniband/core/uverbs_uapi.c file of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the uapifinalize function in the drivers/infiniband/core/uverbsuapi.c file of the Linux kernel is related to a pointer dereferencing error. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.00214EPSS
Exploits0References12Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.13 views

The vulnerability in the driver drivers/usb/mon/mon_bin.c of Linux operating systems allows a hacker to execute arbitrary code.

The vulnerability in the driver drivers/usb/mon/monbin.c of Linux operating systems arises from the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.4AI score0.00325EPSS
Exploits0References16Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/12/19 12:0 a.m.13 views

The vulnerability of the Microsoft Outlook email client for the MacOS operating system, related to information representation errors in the user interface, allows attackers to perform spearishing attacks.

The vulnerability of the Microsoft Outlook email client for the MacOS operating system is related to information representation errors in the user interface. Exploiting this vulnerability allows a malicious actor to carry out spear-phishing attacks using a specially created email message...

7.8CVSS7.3AI score0.01488EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/12/19 12:0 a.m.13 views

The vulnerability of the devredir_proc_client_devlist_announce_req() function on the XRDP server allows a hacker to execute arbitrary code.

The vulnerability of the devredirprocclientdevlistannouncereq function on the XRDP server is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS7.6AI score0.00847EPSS
Exploits0References12Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/12/16 12:0 a.m.13 views

The vulnerability of the Microsoft Dynamics CRM resource planning software lies in the lack of measures taken to protect the SQL query structure, allowing attackers to execute arbitrary code.

The vulnerability of the Microsoft Dynamics CRM resource planning software relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially created queries...

9CVSS8.5AI score0.03076EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/12/12 12:0 a.m.13 views

The vulnerability of the endpoint protection module of the Anti-Ransomware analysis tool for network traffic, network detection, and response of the Cortex XDR Agent on Windows operating systems allows attackers to gain unauthorized access to protected information.

The vulnerability of the endpoint protection module of the Anti-Ransomware analysis tool for network traffic, network detection, and response of the Cortex XDR Agent on Windows operating systems is related to insufficient protection of operational data. Exploiting this vulnerability can allow...

5.3CVSS5.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/11/21 12:0 a.m.13 views

The vulnerability of the Microsoft Windows Sysmon system service, related to access control deficiencies, allows attackers to escalate their privileges.

The vulnerability of the Microsoft Windows Sysmon system service is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS7.3AI score0.01082EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/11/15 12:0 a.m.13 views

The vulnerability of the vector graphics editor CorelDRAW Graphics Suite (formerly CorelDRAW) lies in the ability to read data beyond the buffer boundaries in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the CorelDRAW Graphics Suite formerly CorelDRAW graphic editor relates to the reading of data beyond the buffer boundaries in memory during the syntax analysis of GIF files. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...

3.3CVSS5.6AI score0.00807EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2022/11/02 12:0 a.m.13 views

The vulnerability of the FortiClient NAC (fcnacd) operating system allows a perpetrator to execute arbitrary code or cause service interruptions.

The vulnerability of the FortiOS operating system’s FortiClient NAC fcnacd is related to buffer overflow in the stack. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure by sending a specially crafted request...

9CVSS6.3AI score0.00862EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/10/28 12:0 a.m.13 views

The vulnerability of the FortiTester software-based diagnostic and audit tools for computer networks, as well as the FortiAnalyzer tool for event monitoring and analysis, stems from the lack of protective measures taken for website structures. This allows attackers to carry out cross-site scripting attacks.

The vulnerability of the FortiTester software for diagnosing and auditing computer networks, as well as the FortiAnalyzer software for monitoring and analyzing security events, is related to the lack of protective measures taken for the website structure. Exploiting this vulnerability could allow...

5.5CVSS5.6AI score0.00851EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/10/03 12:0 a.m.13 views

The vulnerability of the LibXfont library lies in the improper definition of symbolic links before accessing the file, allowing attackers to trigger a service failure.

The vulnerability of the LibXfont library is related to the incorrect definition of symbolic links before accessing the file. Exploiting this vulnerability allows an attacker to cause service failures...

5.5CVSS6.4AI score0.0042EPSS
Exploits0References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/10/03 12:0 a.m.13 views

The vulnerability of the `kodak_radc_load_raw` function in the `dcraw_common.cpp` component of the LibRaw image processing library allows a hacker to trigger a service failure.

The vulnerability of the kodakradcloadraw function in the dcrawcommon.cpp component of the LibRaw image processing library is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to trigger a service failure using a specially created POC file...

7.8CVSS6.8AI score0.02988EPSS
Exploits0References9Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/09/30 12:0 a.m.13 views

The vulnerability of the JBIG2Stream::readTextRegionSeg() function in the JBIG2 decoder for PDF file rendering by Poppler allows a malicious actor to cause a service failure or execute arbitrary code.

The vulnerability of the JBIG2Stream::readTextRegionSeg function in the JBIG2 decoder for processing PDF files with Poppler is related to integer overflow. Exploiting this vulnerability could allow an attacker to cause a service failure or execute arbitrary code by opening a specially created PDF...

7.8CVSS7.7AI score0.00574EPSS
Exploits1References22Affected Software8
BDU FSTEC
BDU FSTEC
added 2022/09/07 12:0 a.m.13 views

The vulnerability of the Roundcube webmail client, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of the Roundcube email client relates to the lack of measures taken to protect the website structure during the processing of CSS style sheets. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks by sending specially crafted email...

6.4CVSS6.7AI score0.01045EPSS
Exploits0References10Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/09/07 12:0 a.m.13 views

The vulnerability of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 allows a hacker to execute arbitrary code.

The vulnerability of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 lies in the copying of buffers without checking the size of the input data during the processing of the confcli file. Exploiting this vulnerability allows a remote attacker to execute arbitra...

9.6CVSS8.1AI score0.01088EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2022/09/05 12:0 a.m.13 views

The vulnerability of the ActiveX control on SCADA servers of Measuresoft ScadaPro Server and ScadaPro Server Client allows attackers to enhance their privileges.

The vulnerability of the ActiveX control used by SCADA servers of Measuresoft ScadaPro Server and ScadaPro Server Client is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...

7.8CVSS7.1AI score0.00284EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/09/05 12:0 a.m.13 views

The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business RV110W, RV130, RV130W, and RV215W allows a perpetrator to execute arbitrary commands or cause service failures.

The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business RV110W, RV130, RV130W, and RV215W arises from the copying of buffers without checking the size of the input data during the processing of user fields in incoming HTTP packets. Exploiting...

6.5CVSS7.5AI score0.01081EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/09/05 12:0 a.m.13 views

The vulnerability of the Vim text editor lies in the fact that an operation can be performed outside the buffer, allowing an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Vim text editor is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS7.5AI score0.01792EPSS
Exploits1References16Affected Software9
BDU FSTEC
BDU FSTEC
added 2022/09/05 12:0 a.m.13 views

The vulnerability of the Microsoft Visual Studio software development tool and the Microsoft.NET Framework software platform lies in improper cleaning or release of resources, allowing a perpetrator to cause service failures.

The vulnerability of the Microsoft Visual Studio software development tool and the Microsoft.NET Framework software platform is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

7.8CVSS6.8AI score0.03306EPSS
Exploits0References3Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/08/31 12:0 a.m.13 views

The vulnerability of the software for adjusting Intel XTU performance lies in the uncontrolled search path element, which allows a hacker to increase their privileges.

The vulnerability of the software for adjusting Intel XTU performance is related to an uncontrollable element in the search process. Exploiting this vulnerability can allow a perpetrator to enhance their privileges...

7.3CVSS7.2AI score0.00237EPSS
Exploits0References3Affected Software1
Total number of security vulnerabilities5000