Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.12 views

The vulnerability of the br_multicast_del_port() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the br MulticastDelPort function in the net/bridge/br Multicast.c module of the Linux operating system is related to the reutilization of previously freed memory due to concurrent access to resources race condition. Exploiting this vulnerability could allow an attacker to...

7.8CVSS6.9AI score0.00217EPSS
Exploits0References21Affected Software7
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.12 views

The vulnerability of the btnxpuart component in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the btnxpuart component in the Linux operating system is related to improper input validation in the btnxpuartclose function. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.9AI score0.00222EPSS
Exploits0References20Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.12 views

The vulnerability of Siemens Industrial Edge Management’s centralized control platform for industrial peripheral applications and devices lies in its ability to bypass authentication by using a user-controlled key. This allows attackers to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerability of the centralized control platform for industrial peripheral applications and Siemens Industrial Edge Management IEM devices relates to the ability to bypass authentication by using a user-controlled key. Exploiting this vulnerability allows an attacker to circumvent security...

10CVSS5.5AI score0.00764EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.12 views

The vulnerability of the dwc3-am62 component of the Linux operating system’s kernel, which allows a hacker to cause a service failure

The vulnerability of the dwc3-am62 component in the Linux operating system is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.00222EPSS
Exploits0References23Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.12 views

The vulnerability of the Orchid Platform, related to the use of dangerous methods or functions, allows a hacker to obtain the server’s IP address.

The vulnerability of the Orchid Platform is related to the use of dangerous methods or functions. Exploiting this vulnerability can allow a malicious actor, operating remotely, to obtain the server’s IP address through a brute-force attack...

4.1CVSS5.4AI score0.00322EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.12 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from context switching errors related to privilege escalation. This allows attackers to increase their privileges and gain unauthorized access to protected information.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to errors in privilege context switching. Exploiting this vulnerability can allow a malicious actor to enhance their privileges and gain unauthorized access to protected information...

9CVSS5.5AI score0.00457EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.12 views

The vulnerability of the Git-based software platform for collaborative code development in GitLab Enterprise Edition, related to the lack of measures taken to clean up data at the management level, allows a violator to introduce commands into the system.

The vulnerability of the Git-based software platform for collaborative code development in GitLab Enterprise Edition is related to the lack of measures taken to clean up data at the management level. Exploiting this vulnerability allows a malicious actor to execute commands on the connected Cube...

9CVSS5.7AI score0.00984EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/12 12:0 a.m.12 views

The vulnerability of the w3dtk.dll library in Autodesk Navisworks allows a perpetrator to execute arbitrary code.

The vulnerability of the w3dtk.dll library in Autodesk Navisworks software relates to the possibility of using memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS7.5AI score0.00213EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/07 12:0 a.m.12 views

The vulnerability of the /htdocs/web/getcfg.php file in the D-Link DIR-815 router’s microprogramming software allows a hacker to access confidential information.

The vulnerability of the /htdocs/web/getcfg.php file in the D-Link DIR-815 router microprogramming system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to disclose confidential information through a specially crafted GET request...

10CVSS7.8AI score0.01966EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/06 12:0 a.m.12 views

The vulnerability of the ocfs2_xattr_find_entry() function in the ocfs2 file system of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ocfs2xattrfindentry function in the fs/ocfs2/xattr.c file of the Linux operating system’s file system ocfs2 is related to memory allocation beyond the bounds of the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

7.8CVSS7.2AI score0.00239EPSS
Exploits0References24Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/11/03 12:0 a.m.12 views

The vulnerability of the odxsw_dll.dll library in the AutoCAD simulation, design, and drafting software allows a perpetrator to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.

The vulnerability of the odxswdll.dll software for simulation, design, and drawing in AutoCAD is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information, execute arbitrary...

7.8CVSS7.8AI score0.00207EPSS
Exploits0References3Affected Software8
BDU FSTEC
BDU FSTEC
added 2024/11/01 12:0 a.m.12 views

The vulnerability of the Red Hat 3scale API Management software, related to deficiencies in authentication mechanisms, allows attackers to circumvent existing security restrictions.

The vulnerability of the Red Hat 3scale API Management software lies in the deficiencies of its authentication mechanism. Exploiting this vulnerability could allow an attacker to circumvent existing security restrictions...

5.9CVSS7.2AI score0.00387EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/29 12:0 a.m.12 views

The vulnerability of the rt5645 component in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the rt5645 component in the Linux operating system is related to incorrect resource locking. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.3AI score0.00182EPSS
Exploits0References35Affected Software7
BDU FSTEC
BDU FSTEC
added 2024/10/29 12:0 a.m.12 views

The vulnerability in the web interface of the microprogramming software for Cisco Analog Telephone Adapter (ATA) model 190 allows a perpetrator to make limited changes to the configuration or restart the device.

The vulnerability of the web interface for managing microprogrammed software in Cisco Analog Telephone Adapter ATA devices of the 190 series is related to the bypassing of authentication due to a root cause. Exploiting this vulnerability allows an attacker to make limited changes to the...

8.5CVSS5.5AI score0.00342EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/10/29 12:0 a.m.12 views

The vulnerability of the iCMS content management system, related to the manipulation of cross-site requests, allows a hacker to perform a CSRF attack.

The vulnerability of the iCMS content management system is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to execute a CSRF attack using a specially created HTTP request...

5CVSS5.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/10/29 12:0 a.m.12 views

The vulnerability of the ntfs3 component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the ntfs3 component in the Linux operating system’s kernel is related to errors in reading data beyond the boundaries of the buffer memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS7.2AI score0.00244EPSS
Exploits0References30Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/10/25 12:0 a.m.12 views

The vulnerability in the `usb_remote_smb_conf.cgi` script of NETGEAR XR1000 Wi-Fi routers allows a hacker to execute arbitrary commands.

The vulnerability in the usbremotesmbconf.cgi script of NETGEAR XR1000 Wi-Fi routers lies in the lack of measures for sanitizing input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands using the sharename parameter...

8.4CVSS5.9AI score0.14147EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.12 views

The vulnerability of Nomad application orchestrators, related to incorrect resolution of link references before the file name, allows attackers to execute arbitrary code.

The vulnerability of Nomad application orchestrators is related to incorrect resolution of the link before the file is downloaded. Exploiting this vulnerability allows an attacker to execute arbitrary code...

7.7CVSS7.5AI score0.00617EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.12 views

The vulnerability of the Substance 3D Stager software lies in its ability to store arbitrary values anywhere and to overflow the buffer, allowing an attacker to execute arbitrary code.

The vulnerability of the Substance 3D Stager software-related 3D design software lies in the ability to write any arbitrary value anywhere in the memory, thereby overflowing the buffer. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user,...

7.8CVSS6AI score0.00296EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.12 views

The vulnerability of the Quality Manager Specification component in the Oracle Process Manufacturing (OPM) application for process development management system of the Oracle E-Business Suite allows a malicious actor to gain access to read, modify, or delete data.

The vulnerability of the Quality Manager Specification component in the Oracle Process Manufacturing OPM application for process development management system of the Oracle E-Business Suite is related to deficiencies in the authorization procedures. Exploiting this vulnerability could allow an...

8.5CVSS7.6AI score0.00422EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/10/18 12:0 a.m.12 views

The vulnerability of software platforms for developing and managing online stores like Magento Open Source, Adobe Commerce, and Adobe Commerce B2B, arises from lack of access control mechanisms. This allows attackers to bypass security restrictions.

The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to lack of access control mechanisms. Exploiting these vulnerabilities can allow attackers to bypass security restrictions remote...

6.8CVSS5.5AI score0.00626EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.12 views

The vulnerability of the SAP NetWeaver AS ABAP software integration platform, related to deficiencies in access control, allows a perpetrator to gain read, modify, or delete access to data.

The vulnerability of the SAP NetWeaver AS ABAP software integration platform is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to gain read, modify, or delete access to data by injecting CSS code or loading a specially created malicious page...

4.7CVSS5.5AI score0.00302EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.12 views

The vulnerability of the Zimbra Collaboration Suite’s email management system, which stems from insufficient validation of incoming requests, allows attackers to carry out SRF attacks.

The vulnerability of the Zimbra Collaboration Suite’s email management system is related to insufficient validation of incoming requests. Exploiting this vulnerability could allow a malicious actor to carry out a SRF attack remotely...

7.8CVSS7.2AI score0.80906EPSS
Exploits10References9Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.12 views

The vulnerability of the Insights Management component in the SAP CRM ABAP integration module for managing customer relationships allows a attacker to perform an SRF attack.

The vulnerability of the Insights Management component in the SAP CRM ABAP integration module for managing customer relationships is related to insufficient checking of incoming HTTP requests. Exploiting this vulnerability allows a malicious actor to perform an SSRF attack remotely...

5CVSS5.4AI score0.00262EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.12 views

The vulnerability of the Windows Mobile Broadband Driver allows a hacker to execute arbitrary code.

The vulnerability of the Windows Mobile Broadband Driver for Windows operating systems is related to the execution of operations beyond the buffer in memory, due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.2CVSS6.3AI score0.0066EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.12 views

The vulnerability of the cdrom_ioctl_timed_media_change() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the cdromioctltimedmediachange function in the Linux operating system is related to integer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS6.8AI score0.00236EPSS
Exploits0References20Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.12 views

The vulnerability of the mmio_read() function in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the mmioread function in the Linux operating system’s kernel is related to a memory leak that occurs due to incorrect initialization of the variable val. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.1AI score0.00199EPSS
Exploits0References18Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.12 views

The vulnerability of Visual Studio Code’s source editor lies in its failure to properly eliminate special elements used in operating system commands, allowing attackers to execute arbitrary code.

The vulnerability of Visual Studio Code’s source editor is related to the lack of measures taken to neutralize special elements used in the operating system command line. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.1CVSS5.9AI score0.01002EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.12 views

The vulnerability of the seqpacket_allow() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the seqpacketallow function in the Linux operating system’s kernel is related to improper initialization. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS6.5AI score0.00216EPSS
Exploits0References20Affected Software6
BDU FSTEC
BDU FSTEC
added 2024/10/14 12:0 a.m.12 views

The vulnerability of the BitLocker data protection function in Microsoft Windows operating systems allows attackers to circumvent security restrictions.

The vulnerability of the BitLocker data protection function in Microsoft Windows operating systems is related to a breach of the data protection mechanism. Exploiting this vulnerability can allow attackers to circumvent existing security restrictions...

6.4CVSS5.5AI score0.00631EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/10/14 12:0 a.m.12 views

The vulnerability of the Passwork password manager, related to incorrect restrictions on the path to the restricted catalog, allows a intruder to gain unauthorized access to local files and directories on the server.

The vulnerability of the Passwork password manager is related to incorrect restrictions on the path to the restricted catalog. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to local files and directories on the server by manipulating URL...

8CVSS5.5AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/14 12:0 a.m.12 views

The vulnerability of the Passwork password manager, related to the lack of protective measures for the website structure, allows attackers to execute arbitrary JavaScript code.

The vulnerability of the Passwork password manager is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code remotely...

5.8CVSS5.9AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/14 12:0 a.m.12 views

The vulnerability of the “-Oallow-remote-pkcs11” configuration in the ssh-agent service of OpenSSH for Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the -Oallow-remote-pkcs11 configuration in the ssh-agent service of OpenSSH for Windows is related to improper external management of file names or paths. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by loading a malicious DLL library...

7.6CVSS5.9AI score0.01306EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/10/14 12:0 a.m.12 views

The library’s vulnerability in converting files to the base64 format for uploading files to the Angular Base64 Upload web application, allowing a hacker to execute arbitrary code.

The vulnerability of the library for converting files to the base64 format, which is used to upload files to the web application’s server, relates to an incorrect restriction on the path name of the restricted directory. Exploiting this vulnerability could allow a malicious actor to execute...

10CVSS6AI score0.43683EPSS
Exploits5References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/11 12:0 a.m.12 views

The vulnerability of the blkpg_do_ioctl() function (block/ioctl.c) in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the blkpgdoioctl function block/ioctl.c in the Linux operating system is related to integer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS6.5AI score0.00299EPSS
Exploits0References39Affected Software8
BDU FSTEC
BDU FSTEC
added 2024/10/07 12:0 a.m.12 views

The vulnerability of the iopoib component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the iopoib component in the Linux operating system’s kernel is related to incorrect resource blocking. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.4AI score0.00309EPSS
Exploits1References43Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/10/03 12:0 a.m.12 views

The vulnerability of the /core/authorize.php file in the Drupal CMS system allows a hacker to disclose protected information.

The vulnerability of the /core/authorize.php file in the Drupal CMS system relates to the exposure of system data by unauthorized individuals in the controlled area. Exploiting this vulnerability could allow attackers to disclose protected information through the hashsalt parameter in the...

5.3CVSS5.4AI score0.09269EPSS
Exploits4References12Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.12 views

The vulnerability of the cgi_get_fullscreen_photos() function (/cgi-bin/photocenter_mgr.cgi) in the microprogramming software of D-Link devices such as DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 allows a hacker to execute arbitrary commands.

The vulnerability of the cgigetfullscreenphotos function /cgi-bin/photocentermgr.cgi in the microprogramming software of D-Link devices such as DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345,...

9CVSS8.1AI score0.0214EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.12 views

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software lies in the possibility of an operation going beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing functionality is related to the execution of operations outside the buffer during file U3D processing. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.9AI score0.00283EPSS
Exploits0References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.12 views

The vulnerability of the Skia graphic library used by Microsoft Edge and Google Chrome browsers allows attackers to execute arbitrary code.

The vulnerability of the Skia graphic library in Microsoft Edge and Google Chrome exists due to a boundary error in processing untrusted HTML content. Exploiting this vulnerability can allow an attacker to execute arbitrary code remotely...

10CVSS7.6AI score0.00428EPSS
Exploits0References12Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.12 views

The vulnerability in the Firefox web browser, related to vulnerabilities in the authentication process, allows attackers to compromise data integrity.

The vulnerability in the Firefox web browser is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to compromise data integrity remotely...

6.8CVSS7.1AI score0.01147EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.12 views

The vulnerability of the fastrpc component in the Linux operating system’s kernel allows for attacks that can affect the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the fastrpc component in the Linux operating system’s kernel is related to a race condition that occurs after memory is freed. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

7CVSS6.2AI score0.00242EPSS
Exploits0References16Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.12 views

The vulnerability of the cgi_del_photo() function (/cgi-bin/photocenter_mgr.cgi) in the microprogramming software of D-Link devices such as DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 allows a hacker to execute arbitrary commands.

The vulnerability of the cgidelphoto function /cgi-bin/photocentermgr.cgi in the microprogramming software of D-Link devices such as DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4,...

9CVSS8.1AI score0.01821EPSS
Exploits1References7
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.12 views

The vulnerability of the storvsc component in the Linux operating system’s kernel allows for a malfunction to occur, leading to service failure.

The vulnerability of the storvsc component in the Linux operating system’s kernel is related to a buffer overflow in the swiotlb daemon in the confidential virtual machine. Exploiting this vulnerability could allow an attacker to trigger a system failure...

5.5CVSS6.2AI score0.00208EPSS
Exploits0References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.12 views

The vulnerability of the cgi_FMT_R12R5_3rd_DiskMGR() function (/cgi-bin/hd_config.cgi) in the D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 devices allows a hacker to execute arbitrary commands.

The vulnerability of the cgiFMTR12R53rdDiskMGR function /cgi-bin/hdconfig.cgi in the D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04...

9CVSS7AI score0.07482EPSS
Exploits1References7
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.12 views

The vulnerability of the sof-nau8825 component in the Linux operating system allows for a malfunction to occur, leading to service failure.

The vulnerability of the sof-nau8825 component in the Linux operating system is related to an overflow in the length of a pseudonym. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.9AI score0.00205EPSS
Exploits0References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/09/23 12:0 a.m.12 views

The vulnerability of the buffer.c component of the Vim text editor allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the buffer.c component of the Vim text editor is related to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service interruptions...

7.8CVSS7.2AI score0.00373EPSS
Exploits0References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/09/13 12:0 a.m.12 views

The vulnerability of the command-line interface of the Cisco NX-OS operating system in Cisco Nexus switches allows a perpetrator to execute arbitrary commands.

The vulnerability of the command-line interface of the Cisco NX-OS operating system in Cisco Nexus switches exists due to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability can allow an attacker to execute arbitrary commands on the basic operating system...

4.4CVSS5.9AI score0.00227EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/09/13 12:0 a.m.12 views

The vulnerability of the start_decoder component in the C/C++ Libstb library, related to integer overflow, allows an attacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the startdecoder component in the C/C++ Libstb library is related to integer overflow. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and even cause service failures through a specially created file...

7.8CVSS7.2AI score0.00518EPSS
Exploits0References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/09/13 12:0 a.m.12 views

The vulnerability of the “identify -help” command in the console-based image editing tool ImageMagick arises from improper memory release before deleting the last link. This allows a malicious actor to compromise data integrity and cause service failures.

The vulnerability of the “identify -help” command in the console-based image editing tool ImageMagick is related to improper memory release before deleting the last link. Exploiting this vulnerability can allow an attacker to compromise data integrity and cause service failures...

8.5CVSS7.1AI score0.01188EPSS
Exploits1References10Affected Software3
Total number of security vulnerabilities5000