Lucene search
K
Bdu FstecMost viewed

90336 matches found

BDU FSTEC
BDU FSTEC
added 2022/01/12 12:0 a.m.12 views

The vulnerability of the DirectX Graphics Kernel File component in the Windows operating system allows a hacker to trigger a service failure.

The vulnerability of the DirectX Graphics Kernel File component in the Windows operating system exists due to insufficient testing of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

6.5CVSS7.3AI score0.03663EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/12/21 12:0 a.m.12 views

The vulnerability of the contrib/vhost-user-gpu/vhost-user-gpu.c and contrib/vhost-user-gpu/virgl.c components of the QEMU hardware emulation software is related to improper memory release before deleting last references. This allows a malicious actor to trigger a service failure.

The vulnerability of the contrib/vhost-user-gpu/vhost-user-gpu.c and contrib/vhost-user-gpu/virgl.c components of the QEMU hardware emulation software is related to improper memory release before deleting last references. Exploiting this vulnerability allows an attacker to cause a service failure...

6.5CVSS6.4AI score0.00436EPSS
Exploits0References13Affected Software4
BDU FSTEC
BDU FSTEC
added 2021/12/20 12:0 a.m.12 views

The vulnerability of the web interface and API of the Cisco Application Policy Infrastructure Controller allows a perpetrator to execute arbitrary commands.

The vulnerability of the Cisco Application Policy Infrastructure Controller’s web interface and API exists due to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands...

8.5CVSS8AI score0.01139EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/11/16 12:0 a.m.12 views

The vulnerability of the “BKCLogSvr.exe” service in Yokogawa’s software products arises from the issue of buffer overflows occurring outside the scope of the service. This allows attackers to escalate their privileges and execute arbitrary code.

The vulnerability of the “BKCLogSvr.exe” service in Yokogawa’s software products arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to increase their privileges and execute arbitrary code by sending a specially crafted...

10CVSS6.2AI score0.25359EPSS
Exploits4References4
BDU FSTEC
BDU FSTEC
added 2021/11/12 12:0 a.m.12 views

The vulnerability of the command-line interface (CLI) of Cisco IOS XE SD-WAN software allows a attacker to execute arbitrary commands.

The vulnerability of the Cisco IOS XE SD-WAN software’s command-line interface is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows an attacker to execute arbitrary commands...

6.8CVSS6.9AI score0.00346EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/10/15 12:0 a.m.12 views

The vulnerability of the Hyper-V hardware virtualization system’s Windows operating system, related to improper code generation management, allows attackers to escalate their privileges.

The vulnerability of the Hyper-V hardware virtualization technology in the Windows operating system is related to incorrect code generation. Exploiting this vulnerability can allow a remote attacker to gain increased privileges...

8CVSS7.6AI score0.01064EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/10/13 12:0 a.m.12 views

The vulnerability of Visual Studio Code’s source editor lies in its insecure handling of privileges, allowing attackers to elevate their privileges.

The vulnerability of Visual Studio Code’s source editor is related to the insecure management of privileges. Exploiting this vulnerability could allow an attacker to enhance their privileges...

7.8CVSS7.2AI score0.00491EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/10/13 12:0 a.m.12 views

The vulnerability of the newlib library, caused by a numerical overflow, allows an attacker to trigger a buffer overflow.

The vulnerability of the newlib library is caused by a numerical overflow. Exploiting this vulnerability could allow an attacker, operating remotely, to trigger a buffer overflow...

10CVSS8.2AI score0.02103EPSS
Exploits0References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2021/10/13 12:0 a.m.12 views

The vulnerability of the Moxa MXView network control software, related to the use of rigid password encoding, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Moxa MXView network control software lies in the use of fixed password encoding schemes. Exploiting this vulnerability could allow an unauthorized attacker to gain unauthorized access to protected information by using the default passwords...

10CVSS8AI score0.01113EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/10/13 12:0 a.m.12 views

The vulnerability of the SONICWALL Ethernet switch control interface of the SMA 100 series allows a intruder to alter the device’s configuration to the factory settings and trigger a failure in the target system’s service.

The vulnerability of the SMA 100 series SONICWALL network interface controllers is related to access control errors. Exploiting this vulnerability allows a malicious actor to alter the device’s configuration to the factory settings and cause failures in the target system’s services...

9.4CVSS8AI score0.80701EPSS
Exploits4References5Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/10/13 12:0 a.m.12 views

The vulnerability of the Cypress WICED BT Bluetooth Classic stack implementation for the CYW20735B1 device arises due to insufficient validation of input data. This allows a malicious actor to trigger a service failure.

The vulnerability of the Cypress WICED BT Bluetooth Classic stack implementation for the CYW20735B1 device exists due to insufficient validation of input data. Exploiting this vulnerability could allow a remote attacker to cause service failure...

6.5CVSS6.6AI score0.00581EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/10/13 12:0 a.m.12 views

Vulnerability of Windows operating systems, related to errors in code generation, allows a hacker to execute arbitrary code.

The vulnerability of Windows operating systems is related to errors in code generation control. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created file containing a malicious OLE object...

9.3CVSS8AI score0.77553EPSS
Exploits11References10
BDU FSTEC
BDU FSTEC
added 2021/10/08 12:0 a.m.12 views

The vulnerability of the Bluetooth Classic microprogramming device implementations of Zhuhai Jieli AC690X and AC692X arises due to insufficient verification of input data. This allows attackers to trigger malfunctions in the device’s service.

The vulnerability of the Bluetooth Classic microprogramming system implementation in Zhuhai Jieli AC690X and AC692X devices exists due to insufficient verification of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures through the created...

5.7CVSS6.1AI score0.00366EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2021/08/18 12:0 a.m.12 views

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud, as well as Adobe Acrobat 2017 and Adobe Acrobat Reader 2017, are related to memory usage after it is released. These vulnerabilities allow attackers to gain unauthorized access to protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, and Adobe Acrobat Reader 2017 are related to the use of memory after it is freed. Exploiting these vulnerabilities can allow an attacker to gain...

7.1CVSS6.8AI score0.09576EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/08/18 12:0 a.m.12 views

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat, and Adobe Acrobat Reader, related to information disclosure, allow attackers to gain unauthorized access to protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2019, and Adobe Acrobat Reader 2019 are related to information disclosure. Exploiting these vulnerabilities can allow unauthorized actors to gain...

7.8CVSS6.9AI score0.02175EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/08/18 12:0 a.m.12 views

The vulnerability of the Adobe Framemaker desktop publishing system, related to writing beyond the buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Framemaker system lies in the writing of data beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user...

8.8CVSS7.9AI score0.04528EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/08/10 12:0 a.m.12 views

The vulnerability of the wildfly-core Java application server software allows a attacker to compromise the confidentiality and integrity of the protected information.

The vulnerability of the wildfly-core Java application server from WildFly is related to deficiencies in the access control mechanism. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and integrity of the protected information...

3.6CVSS5.7AI score0.00761EPSS
Exploits0References3Affected Software6
BDU FSTEC
BDU FSTEC
added 2021/07/20 12:0 a.m.12 views

The vulnerability of the writeTileData function in the OpenEXR library, related to writing beyond the buffer boundary, allows a attacker to cause a service failure.

The vulnerability of the writeTileData function in the OpenEXR library lies in the issue of writing beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

6.5CVSS6.9AI score0.01134EPSS
Exploits1References12Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/07/20 12:0 a.m.12 views

The vulnerability of the cachekey plugin in the Apache Traffic Server web server allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the cachekey plugin in the Apache Traffic Server web server arises from an operation that occurs outside the buffer limits of the stack. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected...

10CVSS8AI score0.02711EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/07/20 12:0 a.m.12 views

The vulnerability of the FortiMail email protection system lies in the lack of measures to protect the SQL query structure, allowing attackers to execute arbitrary code or commands.

The vulnerability of the FortiMail email protection system lies in the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary codes or commands using specially crafted HTTP requests...

9.8CVSS8.2AI score0.0143EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.12 views

The vulnerability of the ksys2.dll library of the KOMPAS-3D three-dimensional modeling system, related to the execution of operations outside the buffer in memory, allows a hacker to cause a service failure.

The vulnerability of the ksys2.dll library in the KOMPAS-3D three-dimensional modeling system is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure using a specially crafted CDW format file...

4.9CVSS5.9AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.12 views

The vulnerability of the data synchronization module at any time, triggered by user requests or by a special scheduler utility “LOCMAN Master Synchronization” of the engineering data and product lifecycle management system LOCMAN. This vulnerability is related to the unlimited loading of dangerous type files, allowing attackers to execute arbitrary code.

The vulnerability of the data synchronization module at any time, triggered by user requests or by special planning tools like “LOZMAN Master Synchronization” of the Engineering Data and Product Lifecycle management system LOZMAN, is related to the unlimited loading of dangerous files. Exploiting...

6.8CVSS6AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/05/20 12:0 a.m.12 views

Vulnerability of the Windows Media Foundation Core component in Microsoft Windows operating systems, allowing attackers to execute arbitrary code

The vulnerability of the Windows Media Foundation Core component in Microsoft Windows operating systems is related to improper code generation. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.3CVSS7.6AI score0.02253EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2021/05/12 12:0 a.m.12 views

The vulnerability of the Bill Issues component of the Oracle Bills of Material application in the Oracle E-Business Suite allows a malicious individual to gain access to modify, add, or delete data, as well as to unauthorizedly access protected information.

The vulnerability of the Bill Issues component of the Oracle Bills of Material application within the Oracle E-Business Suite is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, as well as gain...

8.1CVSS6.8AI score0.00931EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/05/05 12:0 a.m.12 views

The vulnerability of SonicWall Email Security’s email security software lies in the improper restriction of the path to the restricted directory. This allows attackers to gain unauthorized access to the protected information.

The vulnerability of SonicWall Email Security’s email security software relates to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

4.9CVSS6.8AI score0.51407EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/05/05 12:0 a.m.12 views

The vulnerability of the Shopping Cart component in the Oracle iStore system, which is used for creating, managing, and personalizing online stores, allows a hacker to gain access to modify, add, or delete data, or to gain full control over the application.

The vulnerability of the Shopping Cart component in the Oracle iStore system, which is used for creating, managing, and personalizing online stores, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data, o...

8.5CVSS6.8AI score0.00933EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/05/05 12:0 a.m.12 views

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to execute arbitrary code.

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers relates to access to resources through incompatible types. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.3CVSS8.3AI score0.57736EPSS
Exploits1References14Affected Software6
BDU FSTEC
BDU FSTEC
added 2021/04/06 12:0 a.m.12 views

The vulnerability of the `--userns-remap` option, a Docker containerization-enabled deployment and application management automation tool, is related to an incorrect path name limitation for the directory. This vulnerability allows attackers to compromise data integrity.

The vulnerability of the --userns-remap option, a tool for automating application deployment and management in Docker containerized environments, is related to an incorrect restriction on the path name to the directory. Exploiting this vulnerability allows a malicious actor to compromise data...

6.8CVSS6.9AI score0.01065EPSS
Exploits0References9Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.12 views

The vulnerability of the process-interaction channel of the Cisco AnyConnect Secure Mobility Client encryption protection tool allows a intruder to trigger a service failure.

The vulnerability of the process-interaction channel of the Cisco AnyConnect Secure Mobility Client cryptographic security tool is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

5.5CVSS5.9AI score0.00223EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.12 views

The vulnerability of the IPv6 implementation of the Cisco NX-OS network operating system for Cisco routers allows a attacker to cause a service failure.

The vulnerability of the IPv6 implementation of the Cisco NX-OS network operating system’s Cisco routers is related to a memory release error. Exploiting this vulnerability could allow a malicious actor to cause service failure remotely...

8.6CVSS7.4AI score0.01369EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.12 views

The vulnerability of Dollibarr’s software lies in its lack of protection for SQL query structures, allowing attackers to execute arbitrary SQL commands.

The vulnerability of Dollibarr’s software lies in the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...

10CVSS8.2AI score0.03959EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.12 views

The vulnerability of the installation file FortiClientEMSOnlineInstaller.exe of the Fortinet FortiClient Enterprise Management Server (EMS) allows a perpetrator to execute arbitrary code.

The vulnerability of the installation file FortiClientEMSOnlineInstaller.exe of the Fortinet FortiClient Enterprise Management Server EMS server is related to errors in the path validation mechanism. Exploiting this vulnerability could allow an attacker to execute arbitrary code using specially...

7.8CVSS7.7AI score0.00599EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/08 12:0 a.m.12 views

The vulnerability in the web interface of the Cisco Unified Communications Manager IM & Presence Service allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Cisco Unified Communications Manager IM & Presence Service web interface is related to input validation errors. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

6.8CVSS6.5AI score0.01352EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/02/08 12:0 a.m.12 views

The vulnerability of Microsoft Excel, Microsoft Office products, Microsoft Office Online Server, Microsoft Office Web Apps, Microsoft SharePoint Enterprise Server, and Microsoft 365 Apps relates to insufficient input validation, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Excel, the Microsoft Office suite, Microsoft Office Online Server, Microsoft Office Web Apps, Microsoft SharePoint Enterprise Server, and Microsoft 365 Apps is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to...

7.8CVSS7.5AI score0.03101EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/01/26 12:0 a.m.12 views

The vulnerability of Microsoft Azure Kubernetes operating system allows a hacker to gain unauthorized access to protected information.

The vulnerability of Microsoft Azure Kubernetes operating system-related to Windows is related to information disclosure. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information through a specially crafted IMDS request...

5.5CVSS5.9AI score0.01133EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/10/29 12:0 a.m.12 views

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Foundation, and Microsoft SharePoint Enterprise Server packages lies in memory object processing errors, which allow an attacker to gain unauthorized access to protected information.

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Foundation, and Microsoft SharePoint Enterprise Server lies in memory object processing errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

6.8CVSS6.5AI score0.03558EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/10/29 12:0 a.m.12 views

The vulnerability of the service for managing access to remote catalogs and authentication mechanisms, related to deficiencies in access control, allows attackers to disclose protected information and compromise its integrity.

The vulnerability of the service for managing access to remote catalogs and the authentication mechanism sssd is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose protected information and compromise its integri...

5.5CVSS6.3AI score0.01122EPSS
Exploits0References8Affected Software5
BDU FSTEC
BDU FSTEC
added 2020/10/29 12:0 a.m.12 views

The vulnerability of the Microsoft .NET Framework software, related to errors in memory object handling, allows an attacker to gain unauthorized access to protected information.

The vulnerability of the Microsoft .NET Framework software platform is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

4.7CVSS5.5AI score0.03045EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/10/27 12:0 a.m.12 views

The vulnerability of microprogramming software in server boards, server systems, and Intel computing modules relates to writing beyond the buffer memory boundaries, allowing attackers to exploit their privileges.

The vulnerability of microprogrammed software in server boards, server systems, and Intel computing modules is related to writing beyond the buffer memory boundaries. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

6.3CVSS7.8AI score0.00714EPSS
Exploits0References3Affected Software18
BDU FSTEC
BDU FSTEC
added 2020/10/27 12:0 a.m.12 views

The vulnerability of the Helm package manager exists due to an incorrect restriction on the path name to the restricted access catalog. This allows a malicious actor to unpack the files from the diagram archive outside of the target directory.

The vulnerability of the Helm package manager exists due to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability allows a malicious actor to unpack the diagram archive files outside of the target directory using commands like “helm fetch --untar” an...

7.1CVSS6.8AI score0.01483EPSS
Exploits1References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2020/08/12 12:0 a.m.12 views

The vulnerability of the Blink rendering module in Google Chrome browsers allows a hacker to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of Google Chrome’s Blink rendering module relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and even cause service failures through a specially created HTML page...

7.3CVSS7.4AI score0.01706EPSS
Exploits1References13Affected Software5
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.12 views

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to trigger a service failure.

The vulnerability of the Core component of the Oracle VM VirtualBox software lies in improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

4.9CVSS6.6AI score0.00382EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.12 views

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Core component of the Oracle VM VirtualBox software relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

7.5CVSS7AI score0.00448EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.12 views

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, and Adobe Acrobat Reader 2017 are related to writing data beyond the buffer in memory, allowing attackers to execute arbitrary code in the context of the current user.

The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 is related to data writing beyond the buffer boundaries in memory. Exploiting this vulnerability...

10CVSS8.4AI score0.04564EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.12 views

The vulnerability of the Console component of the Oracle WebLogic Server application server allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Console component of the Oracle WebLogic Server application exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized access to protected information...

6.4CVSS6.7AI score0.01151EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.12 views

The vulnerability of the memcpy function in the glibc library, which allows a hacker to execute arbitrary code in the context of a privileged process

The vulnerability of the memcpy function in the glibc library arises from an operation that occurs outside the buffer boundaries. Exploiting this vulnerability allows a remote attacker to execute arbitrary code within the privileged process context...

8.1CVSS8.2AI score0.05223EPSS
Exploits0References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2020/07/03 12:0 a.m.12 views

The vulnerability of Adobe Audition for Windows and macOS, related to recording beyond buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of Adobe Audition for Windows and macOS lies in the recording of data beyond the buffer limits in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user...

7.8CVSS7.8AI score0.0309EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/05/21 12:0 a.m.12 views

The vulnerability of the Windows Update Stack component allows attackers to enhance their privileges.

The vulnerability of the Windows Update Stack component in Windows operating systems is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...

7.8CVSS7.2AI score0.00856EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/05/21 12:0 a.m.12 views

The vulnerability of the Microsoft Windows Graphics component in Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Microsoft Windows Graphics subsystem in Windows operating systems is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created application...

5.5CVSS6.2AI score0.01277EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/05/21 12:0 a.m.12 views

The vulnerability of the evaluation tool allows an attacker to exploit privileges on Windows System Assessment Tool (WinSAT) running on Windows operating systems.

The vulnerability of the System Assessment Tool WinSAT for evaluating functions and capabilities of Windows operating systems is related to errors in file handling operations. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created application...

7.8CVSS7.2AI score0.01012EPSS
Exploits0References2
Total number of security vulnerabilities5000