Lucene search
K
Bdu FstecMost viewed

90336 matches found

BDU FSTEC
BDU FSTEC
added 2025/03/27 12:0 a.m.12 views

The vulnerability of the Golang programming language, related to improper validation of input data, allows attackers to circumvent established security restrictions.

The vulnerability of the Golang programming language is related to improper validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to circumvent established security measures...

6.4CVSS6.4AI score0.00458EPSS
Exploits0References6Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/03/27 12:0 a.m.12 views

The vulnerability of the amd_pmc_s2d_init() function in the drivers/platform/x86/amd/pmc.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the amdpmcs2dinit function in the module drivers/platform/x86/amd/pmc.c of the Linux kernel is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00238EPSS
Exploits0References15Affected Software7
BDU FSTEC
BDU FSTEC
added 2025/03/27 12:0 a.m.12 views

The vulnerability of the Linux operating system’s serial kernel component, which allows a hacker to trigger a service failure

The vulnerability of the Linux operating system’s serial kernel component is related to improper validation of input data in the function uartshutdown. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00245EPSS
Exploits0References12Affected Software10
BDU FSTEC
BDU FSTEC
added 2025/03/27 12:0 a.m.12 views

The vulnerability of the pinctrl component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the pinctrl component in the Linux operating system’s kernel is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00206EPSS
Exploits0References14Affected Software8
BDU FSTEC
BDU FSTEC
added 2025/03/27 12:0 a.m.12 views

The vulnerability of the Linux operating system’s FPGA kernel component, which allows a hacker to trigger a service failure

The vulnerability of the Linux operating system’s FPGA kernel component is related to the dereferencing of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6AI score0.00228EPSS
Exploits0References14Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/03/27 12:0 a.m.12 views

The vulnerability of the nsim_dev_trap_report_work() function in the drivers/net/netdevsim/dev.c module of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the nsimdevtrapreportwork function in the drivers/net/netdevsim/dev.c module of the Linux kernel is related to code errors. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS6.7AI score0.0023EPSS
Exploits0References19Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/03/18 12:0 a.m.12 views

The vulnerability of the FortiClient for MAC installer allows a perpetrator to execute arbitrary commands.

The vulnerability of the FortiClient for MAC installer is related to improper external management of the file name or path to the /tmp directory. Exploiting this vulnerability allows an attacker to execute arbitrary commands...

8.2CVSS6.1AI score0.00262EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/18 12:0 a.m.12 views

The vulnerability of the adv7511_probe() function in the drivers/gpu/drm/bridge/adv7511/adv7511_drv.c kernel module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the adv7511probe function in the drivers/gpu/drm/bridge/adv7511/adv7511drv.c kernel module of the Linux operating system is related to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

7.8CVSS7.2AI score0.00205EPSS
Exploits0References14Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/03/18 12:0 a.m.12 views

The vulnerability of the xiic_xfer() function in the drivers/i2c/busses/i2c-xiic.c file of the Linux operating system allows a hacker to gain access to protected information.

The vulnerability of the xiicxfer function in the drivers/i2c/busses/i2c-xiic.c file of the Linux operating system’s kernel is related to security configuration errors. Exploiting this vulnerability could allow an attacker to gain access to protected information...

5.5CVSS5.5AI score0.00225EPSS
Exploits0References15Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/03/18 12:0 a.m.12 views

The vulnerability of the qcom_mhi_qrtr_send() function in the net/qrtr/mhi.c module allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information in Qualcomm Linux-based system kernels.

The vulnerability of the qcommhiqtrSend function in the net/qrtr/mhi.c module, which is part of the Qualcomm IPC kernel for the Linux operating system, relates to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

8.4CVSS5.9AI score0.00236EPSS
Exploits0References16Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/03/18 12:0 a.m.12 views

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the execution of operations beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS6.3AI score0.00162EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/03/18 12:0 a.m.12 views

The vulnerability of the String.toUpperCase() function in Mozilla Firefox and the Thunderbird email client allows a hacker to execute arbitrary code.

The vulnerability of the String.toUpperCase function in Mozilla Firefox and the Thunderbird email client is related to access to an uninitialized pointer. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

7.5CVSS7.3AI score0.00446EPSS
Exploits0References18Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/03/17 12:0 a.m.12 views

The vulnerability in the GraphQL library for Ruby and the git-based software platform for collaborative code development on GitLab CE/EE arises from improper code generation management. This vulnerability allows a perpetrator to execute arbitrary code.

The vulnerability of the GraphQL library for Ruby and the git-based software platform used for collaborative code development on GitLab CE/EE is related to improper code generation management. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

9CVSS8.4AI score0.02865EPSS
Exploits2References12Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/03/17 12:0 a.m.12 views

Vulnerability of the siw_create_listen() function in the drivers/infiniband/sw/siw/siw_cm.c module – the Linux kernel’s InfiniBand support driver, which allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the siwcreatelisten function in the drivers/infiniband/sw/siw/siwcm.c module – The Linux kernel’s InfiniBand support driver is vulnerable due to the repeated use of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality...

7.8CVSS6.7AI score0.00208EPSS
Exploits0References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/03/17 12:0 a.m.12 views

The vulnerability of the corporate messaging system ROSSAT, related to insufficient protection of operational data, allows a perpetrator to gain unauthorized access to read, modify, or delete data.

The vulnerability of the corporate messaging system ROSSAT is related to insufficient protection of operational data. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to read, modify, or delete data by sending a specially crafted GET request...

10CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/17 12:0 a.m.12 views

The vulnerability of the PHP programming language interpreter, related to deficiencies in handling HTTP request headers, allows attackers to send hidden HTTP requests (HTTP Request Smuggling attack).

The vulnerability of the PHP programming language interpreter is related to deficiencies in the processing of HTTP request headers. Exploiting this vulnerability allows a malicious actor to send hidden HTTP requests a type of HTTP Request Smuggling attack...

5CVSS6.4AI score0.00547EPSS
Exploits1References10Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/03/13 12:0 a.m.12 views

The vulnerability of Google Chrome, related to errors in the user interface’s information representation, allows a perpetrator to replace the user interface.

The vulnerability of Google Chrome relates to errors in information representation by the user interface. Exploiting this vulnerability allows a malicious actor to replace the user interface with a specially created HTML page...

5CVSS6.6AI score0.00206EPSS
Exploits0References10Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/03/11 12:0 a.m.12 views

The vulnerability of the DNN CMS system, related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely.

The vulnerability of the DNN CMS system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

6.8CVSS5.4AI score0.00198EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/10 12:0 a.m.12 views

The vulnerability of the rproc_alloc() function in the remoteproc driver (drivers/remoteproc/remoteproc_core.c) of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the rprocalloc function in the remoteproc driver drivers/remoteproc/remoteproccore.c in Linux operating systems is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause service failures...

5.5CVSS6.6AI score0.00167EPSS
Exploits0References14Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/03/06 12:0 a.m.12 views

Vulnerability of the hypervisor in VMware ESXi, VMware Workstation, VMware Fusion, the virtualization platform VMware Cloud Foundation, the telecommunications cloud platform VMware Telco Cloud Platform, and VMware Telco Cloud Infrastructure—related to reading beyond the allowed range in memory, allowing an intruder to gain unauthorized access to protected information.

The vulnerability of VMware ESXi, VMware Workstation, VMware Fusion, the virtualization platform VMware Cloud Foundation, the telecommunications cloud platform VMware Telco Cloud Platform, and VMware Telco Cloud Infrastructure is related to reading data beyond the allowed range in memory...

7.1CVSS7.8AI score0.01676EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/02/26 12:0 a.m.12 views

The vulnerability in the VERM_AJAX_functions.php script of the software for managing call centers allows a violator to execute arbitrary code.

The vulnerability of the VERMAJAXfunctions.php software for the Vicidial call processing center is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

10CVSS8.2AI score0.80023EPSS
Exploits10References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/24 12:0 a.m.12 views

The vulnerability of the iio component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the iio component in the Linux operating system’s kernel is related to improper validation of input data in the afe4403readraw function. Exploiting this vulnerability can allow an attacker to cause service failures...

7.1CVSS6.5AI score0.00244EPSS
Exploits0References23Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/02/24 12:0 a.m.12 views

The vulnerability of Linux operating system’s DRM/AMDGPU cores allows a hacker to trigger a service failure.

The vulnerability of Linux operating system’s DRM/AMDGPU kernel components is related to the assignment of the NULL pointer in the amdgpurasinterruptprocesshandler function. Exploiting this vulnerability can allow an attacker to trigger a service failure...

5.5CVSS6.6AI score0.00217EPSS
Exploits0References39Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/02/24 12:0 a.m.12 views

The vulnerability of the `char` component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the char component in the Linux operating system’s kernel is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures...

7.8CVSS6.5AI score0.00223EPSS
Exploits0References28Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/02/24 12:0 a.m.12 views

The vulnerability of the Mongoose library, related to the lack of protection for SQL query structures, allows attackers to execute arbitrary code and gain access to read and modify data.

The vulnerability of the Mongoose library relates to the lack of protection for the SQL query structure when the $where operator is used. Exploiting this vulnerability allows an attacker to execute arbitrary code and gain access to read and modify data...

9.4CVSS8.5AI score0.03988EPSS
Exploits3References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/24 12:0 a.m.12 views

The vulnerability of the TestEmail command in the Reolink RLC-410W, C1 Pro, Reolink C2 Pro, RLC-422W, and RLC-511W software-based cameras allows a intruder to execute arbitrary commands.

The vulnerability of the TestEmail command in the Reolink RLC-410W, C1 Pro, Reolink C2 Pro, RLC-422W, and RLC-511W software-based cameras is related to the failure to take measures to neutralize special elements during the processing of the addr1 field. Exploiting this vulnerability can allow a...

9CVSS7.6AI score0.38369EPSS
Exploits1References4Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/02/19 12:0 a.m.12 views

The vulnerability of the setL2tpServerCfg() function in the cstecgi.cgi script of the TOTOLINK X5000R router’s software allows a hacker to execute arbitrary commands.

The vulnerability of the setL2tpServerCfg function in the cstecgi.cgi script of the TOTOLINK X5000R router’s microprogramming system is related to the failure to take measures to neutralize special elements used in the operating system’s command processing when dealing with parameters such as mtu...

9CVSS5.9AI score0.02175EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/16 12:0 a.m.12 views

The vulnerability of the platform’s management interface for deploying and managing LoadMaster applications allows a perpetrator to execute arbitrary commands.

The vulnerability of the platform’s management interface for deploying and managing LoadMaster applications is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using a specially created HTTP request...

8.4CVSS8.2AI score0.00591EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/02/14 12:0 a.m.12 views

The vulnerabilities of the Generic Data Mapper, Engineering Adapter, and Engineering Interface modules of the software for designing, operating, and maintaining technological installations like COMOS, allow attackers to execute XXE attacks.

The vulnerability of the Generic Data Mapper, Engineering Adapter, and Engineering Interface modules of the COMOS software for designing, operating, and maintaining technological installations is related to a bug that restricts XML references to external objects. Exploiting this vulnerability cou...

5.5CVSS5.6AI score0.00186EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/13 12:0 a.m.12 views

The vulnerability of the Kernel Streaming WOW Thunk Service Driver (ksthunk.sys) in Windows operating systems, which allows a hacker to increase their privileges

The vulnerability of the Kernel Streaming WOW Thunk Service Driver ksthunk.sys in Windows operating systems is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

7.8CVSS8.1AI score0.00602EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/02/13 12:0 a.m.12 views

The vulnerability of the formSetFirewallCfg function in the microprogramming software for Tenda AC18 allows a hacker to trigger a service failure.

The vulnerability of the formSetFirewallCfg function in the Tenda AC18 router microprogramming system is related to buffer overflow during the processing of the firewallEn parameter. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

10CVSS8.4AI score0.00725EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/13 12:0 a.m.12 views

The vulnerability of the Internet Connection Sharing (ICS) function in Windows operating systems allows a hacker to cause a service failure.

The vulnerability of the Internet Connection Sharing ICS function in Windows operating systems is related to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

6.5CVSS7.8AI score0.00931EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/02/13 12:0 a.m.12 views

The vulnerability in the `drivers/net/ethernet/broadcom/bnxt/bnxt.c` module of Linux kernel allows a hacker to cause a service failure.

The vulnerability in the drivers/net/ethernet/broadcom/bnxt/bnxt.c module of Linux operating systems is related to pointer manipulation. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00208EPSS
Exploits0References8Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/02/13 12:0 a.m.12 views

The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in the lack of protective measures for website structures, allowing attackers to perform cross-site scripting attacks (XSS).

The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to the lack of measures taken to protect the website structure. Exploiting these vulnerabilities allows attackers to perform...

8.9CVSS5.2AI score0.00656EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/02/13 12:0 a.m.12 views

The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in the lack of protective measures for website structures, allowing attackers to perform cross-site scripting attacks (XSS).

The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to the lack of measures taken to protect the website structure. Exploiting these vulnerabilities allows attackers to perform...

8.9CVSS5.2AI score0.00656EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/02/12 12:0 a.m.12 views

The vulnerability in the net_openvswitch/actions.c module of Linux kernel allows a hacker to cause a service failure.

The vulnerability in the netopenvswitch/actions.c module of Linux operating systems relates to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.9AI score0.002EPSS
Exploits0References18Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/02/12 12:0 a.m.12 views

The vulnerability of the pfn_section_valid() function in the include/linux/mmzone.h module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the pfnsectionvalid function in the include/linux/mmzone.h module of the Linux operating system is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00255EPSS
Exploits0References43Affected Software7
BDU FSTEC
BDU FSTEC
added 2025/02/06 12:0 a.m.12 views

The vulnerability of the CMSimple content management system’s link validation function allows attackers to perform SSRF attacks.

The vulnerability of the CMSimple content management system’s link validation function is related to insufficient protection of operational data. Exploiting this vulnerability could allow a malicious actor to carry out an SSRF attack remotely...

7.8CVSS5.4AI score0.00559EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/03 12:0 a.m.12 views

The vulnerability of DRM/LIMA components in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of DRM/LIMA components in the Linux operating system is related to incorrect calculations. Exploiting this vulnerability can allow a perpetrator to cause service failures...

5.6CVSS6.3AI score0.00013EPSS
Exploits0References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/01/30 12:0 a.m.12 views

The vulnerability of the CFileNameAttr::Parse() function in the NtfsHandler.cpp file of the 7-Zip archive tool allows a hacker to load arbitrary files and gain unauthorized access to protected information.

The vulnerability of the CFileNameAttr::Parse function in the NtfsHandler.cpp file of the 7-Zip archive processor is related to the occurrence of operations outside the buffer in memory, due to incorrect processing of two-byte elements in the NTFS file system. Exploiting this vulnerability allows...

8.5CVSS7.6AI score0.00989EPSS
Exploits1References8Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/01/28 12:0 a.m.12 views

Vulnerability of the driver/net/wireless/mediatek/mt76/mt7915/mcu.c component in Linux kernel, allowing a hacker to cause a service failure

The vulnerability in the drivers/net/wireless/mediatek/mt76/mt7915/mcu.c component of the Linux operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures...

7.8CVSS5.4AI score0.00245EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/01/28 12:0 a.m.12 views

The vulnerability of the nft_ct_expect_obj_eval() function in the net/netfilter/nft_ct.c component of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the nftctexpectobjeval function in the net/netfilter/nftct.c component of the Linux operating system is related to improper checking of removed users. Exploiting this vulnerability could allow a attacker to cause service failures...

5.5CVSS6.4AI score0.00546EPSS
Exploits0References11Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/01/27 12:0 a.m.12 views

The vulnerability of the microprogramming software of the Rockwell Automation PowerMonitor 1000 device, caused by buffer overflows, allows a hacker to trigger a maintenance failure.

The vulnerability of the microprogramming software of the Rockwell Automation PowerMonitor 1000 monitoring and control device is caused by buffer overflow. Exploiting this vulnerability can allow a malicious actor to cause a service failure remotely...

10CVSS8.5AI score0.00507EPSS
Exploits0References2Affected Software14
BDU FSTEC
BDU FSTEC
added 2025/01/22 12:0 a.m.12 views

The vulnerability of the NWS_PF_setMacAddrExceptionIP handler of the NetworkingService service in the Mercedes-Benz User Experience (MBUX) system allows a hacker to execute arbitrary commands.

The vulnerability of the NWSPFsetMacAddrExceptionIP handler of the NetworkingService service in the Mercedes-Benz User Experience MBUX system is related to insufficient validation of input data during MAC address processing. Exploiting this vulnerability can allow an attacker to execute arbitrary...

5.5CVSS7.5AI score0.00463EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/01/22 12:0 a.m.12 views

The vulnerability of the Core server component of Oracle WebLogic Server, a software platform of Oracle Fusion Middleware, allows attackers to disclose protected information.

The vulnerability of the Core server component of Oracle WebLogic Server, a software platform of Oracle Fusion Middleware, is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to disclose sensitive information using the T3/IIOP protocol...

7.8CVSS7.6AI score0.49689EPSS
Exploits3References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/22 12:0 a.m.12 views

The vulnerability of the Tooltip module in the Drupal CMS system allows attackers to perform cross-site scripting attacks.

The vulnerability of the Tooltip module in the Drupal CMS system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

5.5CVSS5.2AI score0.00228EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/20 12:0 a.m.12 views

The vulnerability of the QuTS operating systems and QTS network devices from Qnap, related to the failure to eliminate CRLF sequences, allows attackers to execute arbitrary code.

The vulnerability of the QuTS operating systems and QTS network devices involves a lack of measures to neutralize CRLF sequences. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

6.5CVSS5.9AI score0.00495EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/01/19 12:0 a.m.12 views

The vulnerability of the SuiteCRM customer relationship management system is related to deficiencies in authentication procedures, which allow attackers to circumvent security restrictions and gain access to read, modify, or delete data.

The vulnerability of the SuiteCRM customer relationship management system is related to deficiencies in the authentication process. Exploiting this vulnerability allows an attacker to bypass security restrictions and gain access to read, modify, or delete data...

8.5CVSS5.5AI score0.00541EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/15 12:0 a.m.12 views

The vulnerability of the Drupal Private Content CMS system, related to improper privilege assignment, allows attackers to bypass security restrictions and gain unauthorized access to protected information.

The vulnerability of the Drupal Content Management System’s Private Content module is related to the improper assignment of privileges. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain unauthorized access to protected information...

6.5CVSS5.5AI score0.00182EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/14 12:0 a.m.12 views

The vulnerability of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller lies in the use of strictly encrypted accounting data. This allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller lies in the use of rigidly encrypted account data. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized acces...

6.8CVSS5.5AI score0.0049EPSS
Exploits0References2Affected Software2
Total number of security vulnerabilities5000