Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.13 views

The vulnerability of the Linux operating system’s kernel, which allows a hacker to increase their privileges

The vulnerability of the Linux operating system’s kernel is related to incorrect initialization of process identifiers. Exploiting this vulnerability can allow an attacker to increase their privileges...

4.5CVSS6.5AI score0.00225EPSS
Exploits0References24Affected Software6
BDU FSTEC
BDU FSTEC
added 2021/05/25 12:0 a.m.13 views

The vulnerability of the webSetEMailAlert function in the embedded web server, due to insufficient validation of input data, allows a malicious user to elevate their privileges and execute system commands of the operating system.

The vulnerability of the webSetEMailAlert function in the embedded web server is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to enhance their privileges and execute system commands of the operating system...

10CVSS5.6AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/05/25 12:0 a.m.13 views

The vulnerability of the webSetFrmUpgrade function in the embedded web server, which involves copying buffers without checking the size of the input data, allows a hacker to escalate their privileges and cause a service failure.

The vulnerability of the webSetFrmUpgrade function in the embedded web server is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to increase their privileges and cause service interruptions using a specially crafte...

6.8CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/05/05 12:0 a.m.13 views

The vulnerability of SonicWall Email Security’s email security software lies in the improper restriction of the path to the restricted directory. This allows attackers to gain unauthorized access to the protected information.

The vulnerability of SonicWall Email Security’s email security software relates to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

4.9CVSS6.8AI score0.51407EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/04/27 12:0 a.m.13 views

The vulnerability of Microsoft Office packages, Microsoft Office Web Apps Server, Microsoft Excel, Microsoft 365 Apps for Enterprise, and Microsoft Office Online Server relates to insufficient protection of sensitive data, allowing attackers to gain unauthorized access to protected information.

The vulnerabilities of Microsoft Office packages, Microsoft Office Web Apps Server, Microsoft Excel, Microsoft 365 Apps for Enterprise, and Microsoft Office Online Server are related to insufficient protection of sensitive data. Exploiting these vulnerabilities can allow attackers to gain...

5.5CVSS5.9AI score0.03688EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/04/13 12:0 a.m.13 views

The vulnerability of the Apache Guacamole software for remote administration of client machines lies in the fact that operations are performed outside the buffer in memory. This allows an attacker to increase their privileges and execute arbitrary code.

The vulnerability of the Apache Guacamole software for remote administration of client machines is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code...

6.7CVSS7.9AI score0.0074EPSS
Exploits0References10Affected Software3
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.13 views

The vulnerability of the ICMP packet processing service in the NX-OS operating system allows a hacker to induce a service failure.

The vulnerability of the ICMP packet processing service in the NX-OS operating system is related to a memory release error. Exploiting this vulnerability could allow a malicious actor to cause a service failure remotely...

5.8CVSS6.5AI score0.01375EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.13 views

The vulnerability of the Log4j Java logging library, related to the restoration of unreliable data in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Log4j logging library in Java programs relates to the restoration of unreliable data in memory. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

10CVSS7.6AI score0.8904EPSS
Exploits2References48Affected Software48
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.13 views

The vulnerability of the process-interaction channel of the Cisco AnyConnect Secure Mobility Client encryption protection tool allows a intruder to trigger a service failure.

The vulnerability of the process-interaction channel of the Cisco AnyConnect Secure Mobility Client cryptographic security tool is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

5.5CVSS5.9AI score0.00223EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.13 views

The vulnerability of Dollibarr’s software lies in its lack of protection for SQL query structures, allowing attackers to execute arbitrary SQL commands.

The vulnerability of Dollibarr’s software lies in the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...

10CVSS8.2AI score0.03959EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/02/08 12:0 a.m.13 views

The vulnerability of Microsoft Excel, Microsoft Office products, Microsoft Office Online Server, Microsoft Office Web Apps, Microsoft SharePoint Enterprise Server, and Microsoft 365 Apps relates to insufficient input validation, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Excel, the Microsoft Office suite, Microsoft Office Online Server, Microsoft Office Web Apps, Microsoft SharePoint Enterprise Server, and Microsoft 365 Apps is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to...

7.8CVSS7.5AI score0.03101EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/10/29 12:0 a.m.13 views

The vulnerability of the service for managing access to remote catalogs and authentication mechanisms, related to deficiencies in access control, allows attackers to disclose protected information and compromise its integrity.

The vulnerability of the service for managing access to remote catalogs and the authentication mechanism sssd is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose protected information and compromise its integri...

5.5CVSS6.3AI score0.01122EPSS
Exploits0References8Affected Software5
BDU FSTEC
BDU FSTEC
added 2020/10/29 12:0 a.m.13 views

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Foundation, and Microsoft SharePoint Enterprise Server packages lies in memory object processing errors, which allow an attacker to gain unauthorized access to protected information.

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Foundation, and Microsoft SharePoint Enterprise Server lies in memory object processing errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

6.8CVSS6.5AI score0.03558EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/10/29 12:0 a.m.13 views

The vulnerability of the Microsoft Office Access Connectivity Engine component of the Microsoft Office software suite allows a perpetrator to execute arbitrary code.

The vulnerability of the Microsoft Office Access Connectivity Engine component of the Microsoft Office software suite is related to object processing errors in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created file...

7.8CVSS7.6AI score0.03585EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/08/14 12:0 a.m.13 views

The vulnerability of the InnoDB component in the MySQL Database Management System, which is related to insufficient validation of input data, allows attackers to trigger service failures.

The vulnerability of the InnoDB component in the MySQL Database Management System is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause downtime or service failures through the use of MySQL network protocols...

6.8CVSS6.5AI score0.02419EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.13 views

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, and Adobe Acrobat Reader 2017 are related to writing data beyond the buffer in memory, allowing attackers to execute arbitrary code in the context of the current user.

The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 is related to data writing beyond the buffer boundaries in memory. Exploiting this vulnerability...

10CVSS8.4AI score0.04564EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.13 views

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to trigger a service failure.

The vulnerability of the Core component of the Oracle VM VirtualBox software lies in improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

4.6CVSS6.6AI score0.00382EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.13 views

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain access to modify, add, or delete data.

The vulnerability of the Core component of the Oracle VM VirtualBox software lies in insufficient validation of input data. Exploiting this vulnerability can allow an attacker to modify, add, or delete data...

5CVSS6.7AI score0.00396EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.13 views

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015/Reader 2015 involve reading beyond the buffer in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 are related to reading data beyond the buffer in memory. Exploiting these vulnerabilities can...

7.1CVSS7AI score0.02876EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2020/07/21 12:0 a.m.13 views

The vulnerability of the LoRaWAN LoRaMac-Node implementation lies in the copying from the buffer without checking the size of the input data, allowing a intruder to trigger a service failure.

The vulnerability of the LoRaWAN LoRaMac-Node implementation lies in the copying of data from the buffer without checking the size of the input data. Exploiting this vulnerability could allow a malicious actor to cause failures in the operation of end devices during wireless activation OTAA,...

7.8CVSS7.8AI score0.00919EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/05/21 12:0 a.m.13 views

The vulnerability of the evaluation tool allows an attacker to exploit privileges on Windows System Assessment Tool (WinSAT) running on Windows operating systems.

The vulnerability of the System Assessment Tool WinSAT for evaluating functions and capabilities of Windows operating systems is related to errors in file handling operations. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created application...

7.8CVSS7.2AI score0.01012EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/04/23 12:0 a.m.13 views

The vulnerability of Windows operating systems, related to errors in memory object handling, allows attackers to gain unauthorized access to protected information.

The vulnerability of Windows operating systems is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.5CVSS6.1AI score0.01456EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2020/03/25 12:0 a.m.13 views

The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser allows a hacker to execute arbitrary code in the context of the current user.

The vulnerability of the ChakraCore JavaScript script handler in the Microsoft Edge browser is caused by an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user, using a...

4.2CVSS7.2AI score0.07681EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2020/02/06 12:0 a.m.13 views

The vulnerability of the PIA Core Technology component of the PeopleSoft Enterprise PeopleTools business application suite allows a hacker to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the PIA Core Technology component in the PeopleSoft Enterprise PeopleTools business application suite is related to access control deficiencies. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data, or to unauthorizedly access...

6.4CVSS6.7AI score0.01002EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/02/06 12:0 a.m.13 views

The vulnerability of the C API component of the MySQL Database Management System client, which allows a hacker to trigger a service failure.

The vulnerability of the C API component of the MySQL Database Management System client is related to resource release errors. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL Protocol network protocol...

5.9CVSS6.6AI score0.03485EPSS
Exploits0References18Affected Software5
BDU FSTEC
BDU FSTEC
added 2020/01/20 12:0 a.m.13 views

The vulnerability of the ath10k_usb_hif_tx_sg function in the Linux kernel’s drivers/net/wireless/ath/ath10k/usb.c file is related to improper memory release before removing last references. This allows a malicious actor to trigger a service failure.

The vulnerability of the ath10kusbhiftxsg function in the Linux kernel’s drivers/net/wireless/ath/ath10k/usb.c file is related to a lack of a memory release mechanism before deleting the last pointer. Exploiting this vulnerability allows an attacker to cause service failure remotely...

7.8CVSS6.5AI score0.06623EPSS
Exploits0References33Affected Software6
BDU FSTEC
BDU FSTEC
added 2020/01/20 12:0 a.m.13 views

The vulnerability of the ca8210_probe() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the ca8210probe function drivers/net/ieee802154/ca8210.c in the Linux kernel involves an uncontrolled consumption of resources. Exploiting this vulnerability could allow a malicious actor to cause service failures by triggering an error in the ca8210getplatformdata function...

7.8CVSS7.2AI score0.03989EPSS
Exploits0References21Affected Software3
BDU FSTEC
BDU FSTEC
added 2019/12/27 12:0 a.m.13 views

The vulnerability in the driver drivers/net/wireless/ath/ath9k/htc_hst.c of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the drivers/net/wireless/ath/ath9k/htchst.c kernel of the Linux operating system is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

7.8CVSS6.5AI score0.04433EPSS
Exploits0References26Affected Software5
BDU FSTEC
BDU FSTEC
added 2019/12/03 12:0 a.m.13 views

The vulnerability of Blink’s web page display mechanism in Google Chrome browser allows a hacker to gain unauthorized access to local files.

The vulnerability of Blink’s web page rendering mechanism in Google Chrome browsers is related to security configuration errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to local files through a specially created HTML page...

5.4CVSS6.8AI score0.00889EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/08/13 12:0 a.m.13 views

The vulnerability of the WebUSB protocol implementation in Google Chrome web browsers allows a perpetrator to execute arbitrary code.

The vulnerability of the WebUSB protocol implementation in Google Chrome’s web browser is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted web page...

6.8CVSS8.3AI score
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/08/06 12:0 a.m.13 views

The vulnerability of the FortiSIEM security management portal allows a attacker to execute a cross-site scripting attack.

The vulnerability of the FortiSIEM security management portal is related to the disclosure of the unencrypted LDAP server password. Exploiting this vulnerability could allow a malicious actor to perform a cross-site scripting attack remotely...

7.2CVSS5.2AI score0.01286EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/07/16 12:0 a.m.13 views

The vulnerability of the Jenkins Token Macro plugin relates to incorrect restrictions on XML links to external objects. This allows attackers to forge requests on the server side or trigger service failures.

The vulnerability of the Jenkins Token Macro plugin is related to an incorrect limitation on XML links to external objects. Exploiting this vulnerability could allow a malicious actor to forge requests on the server side or cause service failures...

7.8CVSS5.5AI score0.01999EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/07/16 12:0 a.m.13 views

The vulnerability of the twisted.web network framework’s Twisted component allows attackers to compromise the confidentiality and integrity of protected information.

The vulnerability of the twisted.web network framework exists due to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality and integrity of protected information by introducing invalid characters like CRLF...

6.4CVSS7.8AI score0.02535EPSS
Exploits1References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2019/04/25 12:0 a.m.13 views

The vulnerability of the seamless_process_line function in the RDP client rdesktop, related to buffer overflow, allows an attacker to execute arbitrary code.

The vulnerability of the seamlessprocessline function in the RDP client rdesktop is related to buffer overflow. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9.8CVSS8.6AI score0.08214EPSS
Exploits1References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/04/23 12:0 a.m.13 views

The vulnerability of the Connector/J sub-component of the MySQL Connectors component of the Oracle MySQL database management system allows a hacker to gain full control over the application.

The vulnerability of the Connector/J sub-component of the MySQL Connectors component of the Oracle MySQL database management system is related to access control deficiencies. Exploiting this vulnerability can allow an attacker to gain full control over the application using the JDBC protocol...

6.3CVSS6.6AI score0.00501EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/28 12:0 a.m.13 views

The vulnerability of the Cover Letter sub-component of the Oracle Content Manager component in the Oracle E-Business Suite allows a malicious actor to gain access to modify, add, or delete data.

The vulnerability of the Cover Letter sub-component of the Oracle Content Manager component in the Oracle E-Business Suite is related to lack of access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data using the HTTP protocol...

8.2CVSS7.5AI score0.01472EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/12/25 12:0 a.m.13 views

The vulnerability of the implementation of SMBv2 and SMBv3 protocols in Cisco Firepower System software allows a perpetrator to induce a service failure.

The vulnerability of the SMBv2 and SMBv3 protocols implemented by Cisco Firepower System arises from incorrect validation of the SMB message header. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

8.6CVSS7.2AI score0.01485EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/12/18 12:0 a.m.13 views

The vulnerability of the distributed Git version control system, related to errors in the processing of specially crafted submodule names, allows a hacker to execute arbitrary code.

The vulnerability of the distributed Git version control system is related to errors in the processing of specially crafted module names in the .gitmodules file. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.8CVSS7.6AI score0.49188EPSS
Exploits10References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/12/10 12:0 a.m.13 views

The vulnerability of the CUPS printing server lies in its ability to execute arbitrary IPP commands, allowing users to compromise the integrity of data.

The vulnerability of the CUPS printing server relates to the ability to execute arbitrary IPP commands. Exploiting this vulnerability allows a malicious actor to compromise data integrity by sending POST requests to the CUPS service along with reattached DNS information...

7.5CVSS7.2AI score0.02979EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/08/03 12:0 a.m.13 views

The vulnerability of the extractDir function in the JICompress component of the QuaZIP library allows a hacker to execute arbitrary code.

The vulnerability of the extractDir function in the JICompress component JlCompress.cpp from the QuaZIP library is related to deficiencies in checking the path name of the restricted-access directory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a...

10CVSS6AI score0.0595EPSS
Exploits0References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/08/03 12:0 a.m.13 views

The vulnerability of the `lim_send_sme_probe_req_ind` function in the Qualcomm WLAN operating system’s Android component from the CAF repository allows a hacker to escalate their privileges.

The vulnerability of the limsendsmeprobereqind function in the Qualcomm WLAN operating system’s Android component, as found in the CAF repository, is due to a buffer overflow. Exploiting this vulnerability could allow a malicious actor to gain increased privileges remotely...

9.3CVSS7.7AI score0.00386EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/07/27 12:0 a.m.13 views

The vulnerability of the `csr_update_fils_params_rso` function in the Qualcomm WLAN operating system for Android, found in the CAF file, allows a attacker to increase their privileges.

The vulnerability of the csrupdatefilsparamsrso function in the Qualcomm WLAN operating system’s Android component, found in the CAF file, is caused by a numerical overflow. Exploiting this vulnerability could allow a malicious actor to gain increased privileges remotely...

9.3CVSS7.3AI score0.0044EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/07/19 12:0 a.m.13 views

The vulnerability of the Windows Server operating system component in Mac OS X allows a hacker to execute arbitrary code with system privileges or cause a service failure.

The vulnerability of the Windows Server operating system component in Mac OS X is caused by an overflow in memory buffers. Exploiting this vulnerability can allow an attacker to execute arbitrary code with system privileges or cause a service failure using a specially created application...

7.8CVSS8AI score0.0569EPSS
Exploits2References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/04/04 12:0 a.m.13 views

The vulnerability of the NVBUBackup request handler’s software for data archiving and restoration by NetVault Backup allows a perpetrator to execute arbitrary code.

The vulnerability of the NVBUBackup request handler in software for data archiving and restoration by NetVault Backup is related to insufficient protection of the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

9.8CVSS6.1AI score0.03933EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/03/28 12:0 a.m.13 views

The vulnerability of the NVBUBackupSegment Get request handler in the NetVault Backup software allows a attacker to execute arbitrary code.

The vulnerability of the NVBUBackupSegment Get request handler in the NetVault Backup data archiving and restoration software relates to insufficient protection of the SQL query structure. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

9.8CVSS6AI score0.03933EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/03/06 12:0 a.m.13 views

Vulnerability of the `ihevcd_allocate_static_bufs` and `ihevcd_create` functions in the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of the ihevcdallocatestaticbufs and ihevcdcreate/media/libstagefright/codecs/hevcdec/SoftHEVC.cpp functions in the Android operating system is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code within...

10CVSS8.2AI score0.02352EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/02/21 12:0 a.m.13 views

The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser allows a hacker to execute arbitrary code.

The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser is related to improper handling of objects in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user...

7.6CVSS7.6AI score0.80799EPSS
Exploits3References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/02/07 12:0 a.m.13 views

The vulnerability in the implementation of the WebSockets technology in Mozilla Firefox, Firefox ESR, and the Thunderbird email client allows a attacker to trigger a service failure.

The vulnerability in the implementation of the WebSockets technology in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the use of memory after deallocation. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

9.3CVSS7.7AI score0.03036EPSS
Exploits1References15Affected Software10
BDU FSTEC
BDU FSTEC
added 2017/10/11 12:0 a.m.13 views

The vulnerability of the G-Cam/EFD-2250 IP camera’s microprogramming software lies in the improper elimination of certain elements in the data request logic, allowing a intruder to execute arbitrary code.

The vulnerability of the G-Cam/EFD-2250 IP camera’s microprogramming software is related to improper elimination of certain elements in the data query logic. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the operating system with root privileges...

10CVSS8.1AI score0.29578EPSS
Exploits4References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/09/15 12:0 a.m.13 views

The vulnerability of the ReadBMPImage function (coders/bmp.c) in the console-based image editing tool ImageMagick allows a hacker to cause a service failure.

The vulnerability of the ReadBMPImage function coder/bmp.c in the console-based graphic editor ImageMagick is related to resource management errors. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure memory consumption through a specially created B...

7.1CVSS7.1AI score0.0291EPSS
Exploits1References11Affected Software3
Total number of security vulnerabilities5000