90509 matches found
The vulnerability of the `lim_send_sme_probe_req_ind` function in the Qualcomm WLAN operating system’s Android component from the CAF repository allows a hacker to escalate their privileges.
The vulnerability of the limsendsmeprobereqind function in the Qualcomm WLAN operating system’s Android component, as found in the CAF repository, is due to a buffer overflow. Exploiting this vulnerability could allow a malicious actor to gain increased privileges remotely...
The vulnerability of the extractDir function in the JICompress component of the QuaZIP library allows a hacker to execute arbitrary code.
The vulnerability of the extractDir function in the JICompress component JlCompress.cpp from the QuaZIP library is related to deficiencies in checking the path name of the restricted-access directory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a...
The vulnerability of the `csr_update_fils_params_rso` function in the Qualcomm WLAN operating system for Android, found in the CAF file, allows a attacker to increase their privileges.
The vulnerability of the csrupdatefilsparamsrso function in the Qualcomm WLAN operating system’s Android component, found in the CAF file, is caused by a numerical overflow. Exploiting this vulnerability could allow a malicious actor to gain increased privileges remotely...
The vulnerability of the Windows Server operating system component in Mac OS X allows a hacker to execute arbitrary code with system privileges or cause a service failure.
The vulnerability of the Windows Server operating system component in Mac OS X is caused by an overflow in memory buffers. Exploiting this vulnerability can allow an attacker to execute arbitrary code with system privileges or cause a service failure using a specially created application...
The vulnerability of the NVBUBackup request handler’s software for data archiving and restoration by NetVault Backup allows a perpetrator to execute arbitrary code.
The vulnerability of the NVBUBackup request handler in software for data archiving and restoration by NetVault Backup is related to insufficient protection of the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the NVBUBackupSegment Get request handler in the NetVault Backup software allows a attacker to execute arbitrary code.
The vulnerability of the NVBUBackupSegment Get request handler in the NetVault Backup data archiving and restoration software relates to insufficient protection of the SQL query structure. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...
Vulnerability of the `ihevcd_allocate_static_bufs` and `ihevcd_create` functions in the Android operating system, allowing a hacker to execute arbitrary code
The vulnerability of the ihevcdallocatestaticbufs and ihevcdcreate/media/libstagefright/codecs/hevcdec/SoftHEVC.cpp functions in the Android operating system is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code within...
The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser allows a hacker to execute arbitrary code.
The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser is related to improper handling of objects in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user...
The vulnerability in the implementation of the WebSockets technology in Mozilla Firefox, Firefox ESR, and the Thunderbird email client allows a attacker to trigger a service failure.
The vulnerability in the implementation of the WebSockets technology in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the use of memory after deallocation. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
The vulnerability of the G-Cam/EFD-2250 IP camera’s microprogramming software lies in the improper elimination of certain elements in the data request logic, allowing a intruder to execute arbitrary code.
The vulnerability of the G-Cam/EFD-2250 IP camera’s microprogramming software is related to improper elimination of certain elements in the data query logic. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the operating system with root privileges...
The vulnerability of the ReadBMPImage function (coders/bmp.c) in the console-based image editing tool ImageMagick allows a hacker to cause a service failure.
The vulnerability of the ReadBMPImage function coder/bmp.c in the console-based graphic editor ImageMagick is related to resource management errors. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure memory consumption through a specially created B...
The vulnerability of the NoviWare operating system arises from buffer overflows during the execution of the “show log cli” command, allowing an attacker to gain superuser privileges.
The vulnerability of the NoviWare operating system arises due to an overflow in the buffer during the processing of the “show log cli” command. Exploiting this vulnerability allows a malicious actor, who operates remotely and has read access to data, to gain superuser privileges by using the...
The vulnerability of the ReadPESImage function in the coder/pes.c file of the console image editing tool ImageMagick allows a hacker to cause a service failure.
The vulnerability of the ReadPESImage function in the coder/pes.c file of the console image editing tool ImageMagick arises from the execution of an operation outside the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause a service failure related to...
The vulnerability of the FFmpeg multimedia library, which allows a hacker to perform recording beyond the memory limit
The vulnerability of the FFmpeg multimedia library arises from an overflow in the buffer in the dynamic memory. Exploiting this vulnerability allows a malicious actor to perform write operations beyond the memory boundaries, related to the decodeframecommon function in libavcodec/pngdec.c...
The vulnerability of the org.springframework.core.serializer.DefaultDeserializer component in the Spring AMQP RabbitMQ messaging application, which allows an attacker to execute arbitrary code.
The vulnerability of the org.springframework.core.serializer.DefaultDeserializer component in the Spring AMQP RabbitMQ messaging application exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary code...
The vulnerability of the get_process_ttyname function in the system administration software Sudo may allow attackers to elevate their privileges to superuser status and execute arbitrary code.
The vulnerability of the getprocessttyname function in the Sudo system administration program is related to insufficient input data validation. The vulnerability is exploited by creating a symbolic link to the executable file of Sudo, with the file name formatted in a specific way a space followe...
The vulnerability of the Android operating system, which allows a hacker to execute arbitrary code (memory corruption).
The vulnerability of the libhevc component in the Android operating system’s Mediaserver is caused by an operation that occurs outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code memory corruption...
The vulnerability of the Safari browser, which allows a hacker to gain access to cryptographic keys
The vulnerability of the Safari Login AutoFill component in the Safari browser is related to the lack of protection for service data. Exploiting this vulnerability could allow a local attacker to obtain access to cryptographic keys using uncertain vectors...
Vulnerabilities of iOS and Mac OS X operating systems, allowing attackers to trigger service interruptions
The vulnerability of the CoreText component in iOS and Mac OS X operating systems is related to resource management errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions through a specially created text message...
The vulnerability of the iOS operating system and the Safari browser allows a perpetrator to trigger a service failure or execute arbitrary code.
The vulnerability of the WebKit component of the iOS operating system and the Safari browser arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure memory corruption,...
The vulnerability of the console-based graphic editor ImageMagick, which allows a hacker to trigger a service failure
The vulnerability of the ConcatenateImages function in the MagickWand/magick-cli.c console graphic editor for ImageMagick exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure application terminatio...
The vulnerability of the libxml2 library allows a attacker to trigger a service failure or read arbitrary files.
The vulnerability of the xmlSAX2ResolveEntity and xmlSetExternalEntityLoader functions in the libxml2 library is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause service failures or read arbitrary files using a specially crafted XML...
Vulnerabilities in the Debian GNU/Linux operating system that allow a local malicious individual to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the kernel-image-2.6-k7 package of the Debian GNU/Linux operating system may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited by local malicious actors...
The vulnerability of the Firefox browser allows a hacker to obtain confidential information about the device and PIN code.
The vulnerability of the Firefox browser improperly restricts access to JavaScript for data related to movement. Exploiting this vulnerability can allow a remote attacker to obtain confidential device information and the PIN code through a specially crafted web page...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the kernel-image-2.6.8-12-em64t-p4-smp operating system from Debian GNU/Linux may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the kernel-image-2.6.8-3-mckinley-smp operating system of Debian GNU/Linux may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Vulnerabilities in the Debian GNU/Linux operating system that allow a local malicious individual to compromise the confidentiality, integrity, and accessibility of protected information
The kernel-image-2.6-amd64-k8 package of the Debian GNU/Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited by local...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the kernel-image-2.6.8-2-sparc64 operating system of the Debian GNU/Linux distribution may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
Multiple vulnerabilities exist in the kernel-image-2.6.8-3-64 operating system of the Debian GNU/Linux distribution. Exploitation of these vulnerabilities may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotel...
Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the kernel-bootwrapper package of the Red Hat Enterprise Linux operating system can be exploited, leading to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
The vulnerability of the Cisco IOS operating system, which allows a malicious individual to execute arbitrary code or cause a service failure.
A vulnerability exists in the Line Printer Daemon LPD of the Cisco IOS operating system, which allows a remote attacker to trigger a service failure on the device by sending a long name of a node, or execute arbitrary code on it...
The vulnerability of the Linux operating system, which allows a malicious individual to increase their privileges
The compatsysrecvmmsg function in the net/compat.c file, with the configuration CONFIGX86X32, allows a malicious individual to increase their privileges through the system call recvmmsg...
The vulnerability of the automated system for managing technological processes of SIMATIC WinCC allows a remote attacker to elevate their privileges.
Siemens SIMATIC WinCC software vulnerabilities, related to a tightly encrypted encryption key. Exploiting this vulnerability allows a malicious individual to elevate their privileges in the WinCC Project Administration application, provided that the data transmitted by the authorized user over th...
Vulnerability of the Java Runtime Environment software platform, which allows a malicious attacker to compromise data confidentiality and integrity
Vulnerability of the Java Runtime Environment, related to program subcomponents. Exploiting this vulnerability allows a malicious actor to compromise data confidentiality and integrity by using the subcomponent Deployment...
The vulnerability of the Android operating system allows a hacker to circumvent restrictions
The vulnerability of the server/pm/UserManagerService.java function in the Android Wi-Fi operating system is related to deficiencies in access control. Exploiting this vulnerability allows a local attacker to circumvent restrictions on Wi-Fi configuration changes by using guest access...
The vulnerability of the MySQL database management system allows attackers to manipulate the accessibility of information.
The vulnerability of the MySQL database management system is related to errors in the code. Exploiting this vulnerability can allow a malicious actor, operating remotely, to compromise accessibility by affecting the Optimizer server...
The vulnerability of the MySQL database management system allows attackers to compromise the confidentiality of information.
The vulnerability of the MySQL database management system is related to errors in the code. Exploiting this vulnerability allows a malicious actor to influence the confidentiality of information by manipulating the JSON server...
The vulnerability of Oracle WebLogic Server application servers allows attackers to compromise the integrity, availability, and confidentiality of information.
The vulnerability of the Oracle WebLogic Server application server is related to errors in the code. Exploiting this vulnerability can allow a malicious actor to compromise the integrity, availability, and confidentiality of information by manipulating the Java Messaging Service...
The vulnerability of Safari browser and iOS operating system allows attackers to circumvent existing access restrictions policies and obtain geolocation data.
The vulnerability of the WebKit component in the Safari browser and the iOS operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to bypass existing access restrictions and obtain geolocation data through a specially crafted...
The vulnerability of the Android operating system, which allows a hacker to trigger a service failure
The vulnerability of the getCoverageFormat12 function in the CmapCoverage.cpp library of the Minikin operating system in Android is caused by a numerical overflow. Exploiting this vulnerability could allow an attacker acting locally to trigger a service failure long-term reboot through an...
The vulnerability of the Android operating system allows a hacker to trigger a service failure or execute arbitrary code.
The vulnerability of the libstagefright component in the Android operating system’s media server arises due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure memory corruption by using a specially crafted media file tha...
The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure or cause other effects.
The vulnerability of the ProcessCommandsInternal function in the Brotli data compression algorithm used by Google Chrome can be exploited due to a loss of precision in integer calculations. Exploiting this vulnerability may allow an attacker to cause a service failure buffer overflow, or possibly...
The vulnerability of the FFmpeg multimedia library, which allows a hacker to trigger a service failure
The vulnerability in the decodeuncompressed function in the libavcodec/faxcompr.c multimedia library of FFmpeg exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures by using specially crafted CCITT FAX data...
The vulnerability of the Microsoft .NET Framework software platform, which allows a hacker to bypass the ASLR protection mechanism
The vulnerability of the Microsoft .NET Framework software lies in the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to bypass ASLR protection by using a specially created website...
The vulnerability of Google Chrome browser allows a violator to circumvent existing access restrictions.
The vulnerability of the WebRequest API implementation in the extensions/browser/api/webrequest/webrequestapi.cc component of the Google Chrome browser is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to circumvent existing access restrictions...
The vulnerability of Safari browser and iOS operating system allows a hacker to execute arbitrary code or trigger a service failure.
The vulnerability of the WebKit component in the Safari browser and the iOS operating system is caused by a buffer overflow. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause a service failure through a specially crafted web page...
Vulnerability of Firefox and Firefox ESR browsers, which allow hackers to write arbitrary files and increase their privileges
The vulnerability of the Mozilla Maintenance Service component in Firefox and Firefox ESR browsers arises due to synchronization errors when using a shared resource. Exploiting this vulnerability allows an attacker to write arbitrary files locally and increase their privileges by manipulating...
The vulnerability of the Mac OS X operating system, which allows a hacker to execute arbitrary code
The vulnerability of the SceneKit component in the Mac OS X operating system arises due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted Collada file...
The vulnerability of the WPS protocol, which allows a hacker to obtain the WPA PSK key
Vulnerability exists in the WPS protocol, which is designed for simplified setup of secure Wi-Fi connections. During authentication, when checking the PIN code, the Wi-Fi device returns various EAP-NACK messages, depending on which half of the entered PIN code is incorrect. This allows a remote...
The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the glibc-debuginfo-common-2.17 package in the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...