Lucene search
K
Bdu FstecMost viewed

90336 matches found

BDU FSTEC
BDU FSTEC
added 2024/12/11 12:0 a.m.12 views

The vulnerability of the virtio component in the Linux operating system, which allows a hacker to trigger a service failure

The vulnerability of the virtio component in the Linux operating system is related to the operation of writing data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.7AI score0.00214EPSS
Exploits0References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/12/11 12:0 a.m.12 views

The vulnerability of the ops component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the ops component in the Linux operating system’s kernel is related to errors in reading beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.00234EPSS
Exploits0References14Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/12/09 12:0 a.m.12 views

The vulnerability of the channel_request_lookahead() function in the WSGI server for Python Waitress allows a attacker to send hidden HTTP requests (HTTP Request Smuggling attack).

The vulnerability of the channelrequestlookahead function in the WSGI server for Python Waitress is related to synchronization errors when using shared resources due to inconsistent interpretation of HTTP requests. Exploiting this vulnerability allows a remote attacker to send hidden HTTP request...

9.4CVSS6.5AI score0.00496EPSS
Exploits0References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/12/05 12:0 a.m.12 views

The vulnerability of the ar5523 component in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the ar5523 component in the Linux operating system is related to errors in resource management within the ar5523probe function. Exploiting this vulnerability can allow an attacker to cause a service failure...

6.5CVSS6.4AI score0.00741EPSS
Exploits0References45Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/12/03 12:0 a.m.12 views

The vulnerability of the Linux operating system’s kernel component “oss”, which allows a hacker to trigger a service failure

The vulnerability of the Linux operating system’s kernel’s OSS component arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.1AI score0.0024EPSS
Exploits0References13Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/11/29 12:0 a.m.12 views

The vulnerability of the monitoring tool for VMware Aria Operations, related to the lack of protective measures for the website structure, allows attackers to execute cross-site scripting attacks (XSS).

The vulnerability of the monitoring tool for VMware Aria Operations is related to the lack of security measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks XSS remotely...

6.5CVSS5.2AI score0.0032EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/27 12:0 a.m.12 views

A vulnerability in the f2fs kernel component of the Linux operating system, which allows a hacker to trigger a service failure.

The vulnerability in the f2fs kernel of the Linux operating system is related to improper input validation in the f2fsPutSuper function. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.9AI score0.00236EPSS
Exploits0References10Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.12 views

The vulnerability of the access control and working time recording system within SIPORT is related to the improper assignment of permissions for critical resources, allowing intruders to increase their privileges.

The vulnerability of the access control and working time recording system within SIPORT is related to the improper assignment of permissions for critical resources. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.5AI score0.00141EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.12 views

The vulnerability of the CopyCoder component of the 7-Zip archive, which allows a hacker to trigger a service failure.

The vulnerability of the CopyCoder component in the 7-Zip compressor is related to insufficient memory allocation for operations. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.8CVSS6.8AI score0.01703EPSS
Exploits0References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.12 views

The vulnerability of the Intel Extension for Transformers tool set arises from incorrect name restrictions for paths to the restricted catalog. This allows attackers to escalate their privileges.

The vulnerability of the Intel Extension for Transformers tool set is related to an incorrect name restriction for the path to the restricted access catalog. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.1CVSS5.5AI score0.00748EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.12 views

The vulnerability of the administration interface of the Fortinet FortiPortal security analysis and management tool allows a perpetrator to interact with resources of other organizations.

The vulnerability of the administration interface of the Fortinet FortiPortal security analysis and management tool involves bypassing authentication using a user-controlled key. Exploiting this vulnerability allows a malicious actor to interact with resources of other organizations by sending...

5.5CVSS5.5AI score0.00381EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.12 views

The vulnerability of the network control tools Ivanti Connect Secure (previously Pulse Connect Secure) and Ivanti Policy Secure access, related to incorrect processing of input data, allows a perpetrator to execute arbitrary code.

The vulnerability of the Ivanti Connect Secure previously Pulse Connect Secure and Ivanti Policy Secure access controls lies in the improper processing of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted request...

9.1CVSS8.2AI score0.01652EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.12 views

The vulnerability of the hypervisor in FreeBSD operating systems allows a hacker to execute arbitrary code.

The vulnerability of the hypervisor in FreeBSD operating systems relates to a single-shift error. Exploiting this vulnerability allows an attacker to execute arbitrary code...

8.2CVSS5.8AI score0.00213EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.12 views

The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation in simulation models for systems and processes involves writing beyond buffer boundaries, allowing attackers to execute arbitrary code.

The vulnerability of the software environment for simulation modeling of systems and processes in Siemens Tecnomatix Plant Simulation lies in the issue of buffer overflow attacks. Exploiting this vulnerability can allow attackers to execute arbitrary code using specially created WRL files...

7.8CVSS7.9AI score0.00236EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/21 12:0 a.m.12 views

The vulnerability of the “mana component” of the Linux operating system’s kernel, which allows a hacker to cause a service failure

The vulnerability of the “mana component” in the Linux operating system’s kernel is related to errors in resource management in the “managetrxbufcfg” function. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.0021EPSS
Exploits0References22Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/11/21 12:0 a.m.12 views

The vulnerability of the ice component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the ice component in the Linux operating system’s kernel is related to the assignment of the NULL pointer in the icevsirebuild function. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.0022EPSS
Exploits0References17Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/11/21 12:0 a.m.12 views

The vulnerability of the PDF document viewing tool within the XWiki PDF Viewer Macro (Pro) allows attackers to perform cross-site scripting attacks by exploiting a lack of protection for the structure of web pages.

The vulnerability of the PDF document viewing tool within the XWiki PDF Viewer Macro Pro is related to the lack of measures taken to protect the structure of the web page during the processing of the width parameter. Exploiting this vulnerability allows a malicious actor to perform cross-site...

9CVSS5.2AI score0.00418EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/18 12:0 a.m.12 views

The vulnerability of Linux operating system’s DRM/AMDGPU cores allows a hacker to trigger a service failure.

The vulnerability of the DRM/AMDGPU kernel components in the Linux operating system is related to errors in the resource management of the amdgputtmgartbind function. Exploiting this vulnerability can allow a hacker to cause service failures...

5.5CVSS6.7AI score0.00228EPSS
Exploits0References33Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/11/18 12:0 a.m.12 views

The vulnerability of the psi/zfile.c component in the software suite for processing, transforming, and generating Ghostscript documents allows a perpetrator to execute arbitrary code.

The vulnerability of the psi/zfile.c component of the software for processing, transforming, and generating Ghostscript documents is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.8AI score0.00388EPSS
Exploits0References20Affected Software10
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.12 views

The vulnerability of the 3D model texturing software Adobe Substance 3D Painter lies in a buffer overflow in the dynamic memory, allowing an attacker to execute arbitrary code.

The vulnerability of the 3D model texturing software Adobe Substance 3D Painter lies in the overflow of memory buffers in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user, using a specially created file...

7.8CVSS6AI score0.00328EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.12 views

The vulnerability of the software for deploying and executing AI models, NVIDIA Triton Inference Server (previously TensorRT Inference Server), allows a malicious actor to trigger a service failure.

The vulnerability of the software for deploying and executing AI models developed by NVIDIA Triton Inference Server previously known as TensorRT Inference Server relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a malicious actor to...

6.8CVSS6AI score0.00447EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.12 views

The vulnerability of the WireGuard component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the WireGuard component in the Linux operating system’s kernel is related to the assignment of the NULL pointer in the getpeer function. Exploiting this vulnerability can allow a hacker to trigger a service failure...

5.5CVSS6.7AI score0.00236EPSS
Exploits0References39Affected Software6
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.12 views

The vulnerability of the Git-based software platform for collaborative code development in GitLab Enterprise Edition, related to the lack of measures taken to clean up data at the management level, allows a violator to introduce commands into the system.

The vulnerability of the Git-based software platform for collaborative code development in GitLab Enterprise Edition is related to the lack of measures taken to clean up data at the management level. Exploiting this vulnerability allows a malicious actor to execute commands on the connected Cube...

9CVSS5.7AI score0.00984EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.12 views

The vulnerability of Siemens Industrial Edge Management’s centralized control platform for industrial peripheral applications and devices lies in its ability to bypass authentication by using a user-controlled key. This allows attackers to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerability of the centralized control platform for industrial peripheral applications and Siemens Industrial Edge Management IEM devices relates to the ability to bypass authentication by using a user-controlled key. Exploiting this vulnerability allows an attacker to circumvent security...

10CVSS5.5AI score0.00764EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.12 views

The vulnerability of the btnxpuart component in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the btnxpuart component in the Linux operating system is related to improper input validation in the btnxpuartclose function. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.9AI score0.00222EPSS
Exploits0References20Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.12 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from context switching errors related to privilege escalation. This allows attackers to increase their privileges and gain unauthorized access to protected information.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to errors in privilege context switching. Exploiting this vulnerability can allow a malicious actor to enhance their privileges and gain unauthorized access to protected information...

9CVSS5.5AI score0.00457EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/12 12:0 a.m.12 views

The vulnerability of the w3dtk.dll library in Autodesk Navisworks allows a perpetrator to execute arbitrary code.

The vulnerability of the w3dtk.dll library in Autodesk Navisworks software relates to the possibility of using memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS7.5AI score0.00213EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/07 12:0 a.m.12 views

The vulnerability of the /htdocs/web/getcfg.php file in the D-Link DIR-815 router’s microprogramming software allows a hacker to access confidential information.

The vulnerability of the /htdocs/web/getcfg.php file in the D-Link DIR-815 router microprogramming system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to disclose confidential information through a specially crafted GET request...

10CVSS7.8AI score0.01966EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/06 12:0 a.m.12 views

The vulnerability of the ocfs2_xattr_find_entry() function in the ocfs2 file system of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ocfs2xattrfindentry function in the fs/ocfs2/xattr.c file of the Linux operating system’s file system ocfs2 is related to memory allocation beyond the bounds of the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

7.8CVSS7.2AI score0.00239EPSS
Exploits0References24Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/11/03 12:0 a.m.12 views

The vulnerability of the odxsw_dll.dll library in the AutoCAD simulation, design, and drafting software allows a perpetrator to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.

The vulnerability of the odxswdll.dll software for simulation, design, and drawing in AutoCAD is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information, execute arbitrary...

7.8CVSS7.8AI score0.00207EPSS
Exploits0References3Affected Software8
BDU FSTEC
BDU FSTEC
added 2024/11/01 12:0 a.m.12 views

The vulnerability of the Red Hat 3scale API Management software, related to deficiencies in authentication mechanisms, allows attackers to circumvent existing security restrictions.

The vulnerability of the Red Hat 3scale API Management software lies in the deficiencies of its authentication mechanism. Exploiting this vulnerability could allow an attacker to circumvent existing security restrictions...

5.9CVSS7.2AI score0.00387EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/29 12:0 a.m.12 views

The vulnerability of the iCMS content management system, related to the manipulation of cross-site requests, allows a hacker to perform a CSRF attack.

The vulnerability of the iCMS content management system is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to execute a CSRF attack using a specially created HTTP request...

5CVSS5.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/10/29 12:0 a.m.12 views

The vulnerability of the ntfs3 component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the ntfs3 component in the Linux operating system’s kernel is related to errors in reading data beyond the boundaries of the buffer memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS7.2AI score0.00244EPSS
Exploits0References30Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/10/29 12:0 a.m.12 views

The vulnerability in the web interface of the microprogramming software for Cisco Analog Telephone Adapter (ATA) model 190 allows a perpetrator to make limited changes to the configuration or restart the device.

The vulnerability of the web interface for managing microprogrammed software in Cisco Analog Telephone Adapter ATA devices of the 190 series is related to the bypassing of authentication due to a root cause. Exploiting this vulnerability allows an attacker to make limited changes to the...

8.5CVSS5.5AI score0.00342EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/10/25 12:0 a.m.12 views

The vulnerability in the `usb_remote_smb_conf.cgi` script of NETGEAR XR1000 Wi-Fi routers allows a hacker to execute arbitrary commands.

The vulnerability in the usbremotesmbconf.cgi script of NETGEAR XR1000 Wi-Fi routers lies in the lack of measures for sanitizing input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands using the sharename parameter...

8.4CVSS5.9AI score0.14147EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.12 views

The vulnerability of the Quality Manager Specification component in the Oracle Process Manufacturing (OPM) application for process development management system of the Oracle E-Business Suite allows a malicious actor to gain access to read, modify, or delete data.

The vulnerability of the Quality Manager Specification component in the Oracle Process Manufacturing OPM application for process development management system of the Oracle E-Business Suite is related to deficiencies in the authorization procedures. Exploiting this vulnerability could allow an...

8.5CVSS7.6AI score0.00422EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.12 views

The vulnerability of the Substance 3D Stager software lies in its ability to store arbitrary values anywhere and to overflow the buffer, allowing an attacker to execute arbitrary code.

The vulnerability of the Substance 3D Stager software-related 3D design software lies in the ability to write any arbitrary value anywhere in the memory, thereby overflowing the buffer. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user,...

7.8CVSS6AI score0.00296EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/18 12:0 a.m.12 views

The vulnerability of software platforms for developing and managing online stores like Magento Open Source, Adobe Commerce, and Adobe Commerce B2B, arises from lack of access control mechanisms. This allows attackers to bypass security restrictions.

The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to lack of access control mechanisms. Exploiting these vulnerabilities can allow attackers to bypass security restrictions remote...

6.8CVSS5.5AI score0.00626EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.12 views

The vulnerability of the Zimbra Collaboration Suite’s email management system, which stems from insufficient validation of incoming requests, allows attackers to carry out SRF attacks.

The vulnerability of the Zimbra Collaboration Suite’s email management system is related to insufficient validation of incoming requests. Exploiting this vulnerability could allow a malicious actor to carry out a SRF attack remotely...

7.8CVSS7.2AI score0.80906EPSS
Exploits10References9Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.12 views

The vulnerability of the Windows Mobile Broadband Driver allows a hacker to execute arbitrary code.

The vulnerability of the Windows Mobile Broadband Driver for Windows operating systems is related to the execution of operations beyond the buffer in memory, due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.2CVSS6.3AI score0.0066EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.12 views

The vulnerability of the Insights Management component in the SAP CRM ABAP integration module for managing customer relationships allows a attacker to perform an SRF attack.

The vulnerability of the Insights Management component in the SAP CRM ABAP integration module for managing customer relationships is related to insufficient checking of incoming HTTP requests. Exploiting this vulnerability allows a malicious actor to perform an SSRF attack remotely...

5CVSS5.4AI score0.00262EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.12 views

The vulnerability of the mmio_read() function in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the mmioread function in the Linux operating system’s kernel is related to a memory leak that occurs due to incorrect initialization of the variable val. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.1AI score0.00199EPSS
Exploits0References18Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.12 views

The vulnerability of the cdrom_ioctl_timed_media_change() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the cdromioctltimedmediachange function in the Linux operating system is related to integer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS6.8AI score0.00236EPSS
Exploits0References20Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/10/14 12:0 a.m.12 views

The library’s vulnerability in converting files to the base64 format for uploading files to the Angular Base64 Upload web application, allowing a hacker to execute arbitrary code.

The vulnerability of the library for converting files to the base64 format, which is used to upload files to the web application’s server, relates to an incorrect restriction on the path name of the restricted directory. Exploiting this vulnerability could allow a malicious actor to execute...

10CVSS6AI score0.43683EPSS
Exploits5References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/14 12:0 a.m.12 views

The vulnerability of the “-Oallow-remote-pkcs11” configuration in the ssh-agent service of OpenSSH for Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the -Oallow-remote-pkcs11 configuration in the ssh-agent service of OpenSSH for Windows is related to improper external management of file names or paths. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by loading a malicious DLL library...

7.6CVSS5.9AI score0.01306EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/10/14 12:0 a.m.12 views

The vulnerability of the BitLocker data protection function in Microsoft Windows operating systems allows attackers to circumvent security restrictions.

The vulnerability of the BitLocker data protection function in Microsoft Windows operating systems is related to a breach of the data protection mechanism. Exploiting this vulnerability can allow attackers to circumvent existing security restrictions...

6.4CVSS5.5AI score0.00631EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/10/11 12:0 a.m.12 views

The vulnerability of the blkpg_do_ioctl() function (block/ioctl.c) in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the blkpgdoioctl function block/ioctl.c in the Linux operating system is related to integer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS6.5AI score0.00299EPSS
Exploits0References39Affected Software8
BDU FSTEC
BDU FSTEC
added 2024/10/07 12:0 a.m.12 views

The vulnerability of the iopoib component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the iopoib component in the Linux operating system’s kernel is related to incorrect resource blocking. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.4AI score0.00309EPSS
Exploits1References43Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/10/04 12:0 a.m.12 views

The vulnerability of the mt76_connac_mcu_add_nested_tlv() function in the MediaTek kernel driver for Linux operating systems allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the mt76connacmcuaddnestedtlv function in the drivers/net/wireless/mediatek/mt76/mt76connacmcu.c file of the MediaTek Linux kernel driver is related to the absence of initialization for variables. Exploiting this vulnerability could allow a remote attacker to compromise the...

7.5CVSS6.5AI score0.00478EPSS
Exploits0References21Affected Software6
BDU FSTEC
BDU FSTEC
added 2024/10/03 12:0 a.m.12 views

The vulnerability of the /core/authorize.php file in the Drupal CMS system allows a hacker to disclose protected information.

The vulnerability of the /core/authorize.php file in the Drupal CMS system relates to the exposure of system data by unauthorized individuals in the controlled area. Exploiting this vulnerability could allow attackers to disclose protected information through the hashsalt parameter in the...

5.3CVSS5.4AI score0.09269EPSS
Exploits4References12Affected Software1
Total number of security vulnerabilities5000