Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2024/10/25 12:0 a.m.12 views

The vulnerability in the `usb_remote_smb_conf.cgi` script of NETGEAR XR1000 Wi-Fi routers allows a hacker to execute arbitrary commands.

The vulnerability in the usbremotesmbconf.cgi script of NETGEAR XR1000 Wi-Fi routers lies in the lack of measures for sanitizing input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands using the sharename parameter...

8.4CVSS5.9AI score0.14147EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.12 views

The vulnerability of the Quality Manager Specification component in the Oracle Process Manufacturing (OPM) application for process development management system of the Oracle E-Business Suite allows a malicious actor to gain access to read, modify, or delete data.

The vulnerability of the Quality Manager Specification component in the Oracle Process Manufacturing OPM application for process development management system of the Oracle E-Business Suite is related to deficiencies in the authorization procedures. Exploiting this vulnerability could allow an...

8.5CVSS7.6AI score0.00422EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.12 views

The vulnerability of Nomad application orchestrators, related to incorrect resolution of link references before the file name, allows attackers to execute arbitrary code.

The vulnerability of Nomad application orchestrators is related to incorrect resolution of the link before the file is downloaded. Exploiting this vulnerability allows an attacker to execute arbitrary code...

7.7CVSS7.5AI score0.00617EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.12 views

The vulnerability of the Substance 3D Stager software lies in its ability to store arbitrary values anywhere and to overflow the buffer, allowing an attacker to execute arbitrary code.

The vulnerability of the Substance 3D Stager software-related 3D design software lies in the ability to write any arbitrary value anywhere in the memory, thereby overflowing the buffer. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user,...

7.8CVSS6AI score0.00296EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/18 12:0 a.m.12 views

The vulnerability of software platforms for developing and managing online stores like Magento Open Source, Adobe Commerce, and Adobe Commerce B2B, arises from lack of access control mechanisms. This allows attackers to bypass security restrictions.

The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to lack of access control mechanisms. Exploiting these vulnerabilities can allow attackers to bypass security restrictions remote...

6.8CVSS5.5AI score0.00626EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.12 views

The vulnerability of the Zimbra Collaboration Suite’s email management system, which stems from insufficient validation of incoming requests, allows attackers to carry out SRF attacks.

The vulnerability of the Zimbra Collaboration Suite’s email management system is related to insufficient validation of incoming requests. Exploiting this vulnerability could allow a malicious actor to carry out a SRF attack remotely...

7.8CVSS7.2AI score0.80906EPSS
Exploits10References9Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.12 views

The vulnerability of the Insights Management component in the SAP CRM ABAP integration module for managing customer relationships allows a attacker to perform an SRF attack.

The vulnerability of the Insights Management component in the SAP CRM ABAP integration module for managing customer relationships is related to insufficient checking of incoming HTTP requests. Exploiting this vulnerability allows a malicious actor to perform an SSRF attack remotely...

5CVSS5.4AI score0.00262EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.12 views

The vulnerability of Visual Studio Code’s source editor lies in its failure to properly eliminate special elements used in operating system commands, allowing attackers to execute arbitrary code.

The vulnerability of Visual Studio Code’s source editor is related to the lack of measures taken to neutralize special elements used in the operating system command line. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.1CVSS5.9AI score0.01002EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.12 views

The vulnerability of the SAP NetWeaver AS ABAP software integration platform, related to deficiencies in access control, allows a perpetrator to gain read, modify, or delete access to data.

The vulnerability of the SAP NetWeaver AS ABAP software integration platform is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to gain read, modify, or delete access to data by injecting CSS code or loading a specially created malicious page...

4.7CVSS5.5AI score0.00302EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.12 views

The vulnerability of the Windows Mobile Broadband Driver allows a hacker to execute arbitrary code.

The vulnerability of the Windows Mobile Broadband Driver for Windows operating systems is related to the execution of operations beyond the buffer in memory, due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.2CVSS6.3AI score0.0066EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.12 views

The vulnerability of the seqpacket_allow() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the seqpacketallow function in the Linux operating system’s kernel is related to improper initialization. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS6.5AI score0.00216EPSS
Exploits0References20Affected Software6
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.12 views

The vulnerability of the mmio_read() function in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the mmioread function in the Linux operating system’s kernel is related to a memory leak that occurs due to incorrect initialization of the variable val. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.1AI score0.00199EPSS
Exploits0References18Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.12 views

The vulnerability of the cdrom_ioctl_timed_media_change() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the cdromioctltimedmediachange function in the Linux operating system is related to integer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS6.8AI score0.00236EPSS
Exploits0References20Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/10/14 12:0 a.m.12 views

The vulnerability of the “-Oallow-remote-pkcs11” configuration in the ssh-agent service of OpenSSH for Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the -Oallow-remote-pkcs11 configuration in the ssh-agent service of OpenSSH for Windows is related to improper external management of file names or paths. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by loading a malicious DLL library...

7.6CVSS5.9AI score0.01306EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/10/14 12:0 a.m.12 views

The vulnerability of the Passwork password manager, related to incorrect restrictions on the path to the restricted catalog, allows a intruder to gain unauthorized access to local files and directories on the server.

The vulnerability of the Passwork password manager is related to incorrect restrictions on the path to the restricted catalog. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to local files and directories on the server by manipulating URL...

8CVSS5.5AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/14 12:0 a.m.12 views

The vulnerability of the Passwork password manager, related to the lack of protective measures for the website structure, allows attackers to execute arbitrary JavaScript code.

The vulnerability of the Passwork password manager is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code remotely...

5.8CVSS5.9AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/14 12:0 a.m.12 views

The library’s vulnerability in converting files to the base64 format for uploading files to the Angular Base64 Upload web application, allowing a hacker to execute arbitrary code.

The vulnerability of the library for converting files to the base64 format, which is used to upload files to the web application’s server, relates to an incorrect restriction on the path name of the restricted directory. Exploiting this vulnerability could allow a malicious actor to execute...

10CVSS6AI score0.43683EPSS
Exploits5References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/14 12:0 a.m.12 views

The vulnerability of the BitLocker data protection function in Microsoft Windows operating systems allows attackers to circumvent security restrictions.

The vulnerability of the BitLocker data protection function in Microsoft Windows operating systems is related to a breach of the data protection mechanism. Exploiting this vulnerability can allow attackers to circumvent existing security restrictions...

6.4CVSS5.5AI score0.00631EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/10/11 12:0 a.m.12 views

The vulnerability of the blkpg_do_ioctl() function (block/ioctl.c) in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the blkpgdoioctl function block/ioctl.c in the Linux operating system is related to integer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS6.5AI score0.00299EPSS
Exploits0References39Affected Software8
BDU FSTEC
BDU FSTEC
added 2024/10/07 12:0 a.m.12 views

The vulnerability of the iopoib component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the iopoib component in the Linux operating system’s kernel is related to incorrect resource blocking. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.4AI score0.00309EPSS
Exploits1References43Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/10/03 12:0 a.m.12 views

The vulnerability of the /core/authorize.php file in the Drupal CMS system allows a hacker to disclose protected information.

The vulnerability of the /core/authorize.php file in the Drupal CMS system relates to the exposure of system data by unauthorized individuals in the controlled area. Exploiting this vulnerability could allow attackers to disclose protected information through the hashsalt parameter in the...

5.3CVSS5.4AI score0.09269EPSS
Exploits4References12Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.12 views

The vulnerability of the OpenCV library, which is used for computer vision, image processing, and general numerical algorithms, relates to the issue of re-liberating memory. This allows attackers to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the OpenCV library, which is used for computer vision, image processing, and general numerical algorithms, relates to repeated memory reclamation. Exploiting this vulnerability can allow remote attackers to gain access to confidential data, compromise its integrity, and cause...

8.8CVSS6.7AI score0.02337EPSS
Exploits1References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.12 views

The vulnerability of the libavfilter/af_stereowiden.c file in the FFmpeg multimedia library allows a hacker to execute arbitrary code.

The vulnerability of the libavfilter/afstereowiden.c file in the FFmpeg multimedia library is related to buffer overflow attacks. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.1AI score0.00225EPSS
Exploits0References10Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.12 views

The vulnerability of the sof-nau8825 component in the Linux operating system allows for a malfunction to occur, leading to service failure.

The vulnerability of the sof-nau8825 component in the Linux operating system is related to an overflow in the length of a pseudonym. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.9AI score0.00205EPSS
Exploits0References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.12 views

The vulnerability of the fastrpc component in the Linux operating system’s kernel allows for attacks that can affect the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the fastrpc component in the Linux operating system’s kernel is related to a race condition that occurs after memory is freed. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

7CVSS6.2AI score0.00242EPSS
Exploits0References16Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.12 views

The vulnerability in the Firefox web browser, related to vulnerabilities in the authentication process, allows attackers to compromise data integrity.

The vulnerability in the Firefox web browser is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to compromise data integrity remotely...

6.8CVSS7.1AI score0.01147EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.12 views

The vulnerability of the storvsc component in the Linux operating system’s kernel allows for a malfunction to occur, leading to service failure.

The vulnerability of the storvsc component in the Linux operating system’s kernel is related to a buffer overflow in the swiotlb daemon in the confidential virtual machine. Exploiting this vulnerability could allow an attacker to trigger a system failure...

5.5CVSS6.2AI score0.00208EPSS
Exploits0References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.12 views

The vulnerability of the cgi_del_photo() function (/cgi-bin/photocenter_mgr.cgi) in the microprogramming software of D-Link devices such as DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 allows a hacker to execute arbitrary commands.

The vulnerability of the cgidelphoto function /cgi-bin/photocentermgr.cgi in the microprogramming software of D-Link devices such as DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4,...

9CVSS8.1AI score0.01821EPSS
Exploits1References7
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.12 views

The vulnerability of the cgi_get_fullscreen_photos() function (/cgi-bin/photocenter_mgr.cgi) in the microprogramming software of D-Link devices such as DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 allows a hacker to execute arbitrary commands.

The vulnerability of the cgigetfullscreenphotos function /cgi-bin/photocentermgr.cgi in the microprogramming software of D-Link devices such as DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345,...

9CVSS8.1AI score0.0214EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.12 views

The vulnerability of the cgi_FMT_R12R5_3rd_DiskMGR() function (/cgi-bin/hd_config.cgi) in the D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 devices allows a hacker to execute arbitrary commands.

The vulnerability of the cgiFMTR12R53rdDiskMGR function /cgi-bin/hdconfig.cgi in the D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04...

9CVSS7AI score0.07482EPSS
Exploits1References7
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.12 views

The vulnerability of the Skia graphic library used by Microsoft Edge and Google Chrome browsers allows attackers to execute arbitrary code.

The vulnerability of the Skia graphic library in Microsoft Edge and Google Chrome exists due to a boundary error in processing untrusted HTML content. Exploiting this vulnerability can allow an attacker to execute arbitrary code remotely...

10CVSS7.6AI score0.00428EPSS
Exploits0References12Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/09/23 12:0 a.m.12 views

The vulnerability of the buffer.c component of the Vim text editor allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the buffer.c component of the Vim text editor is related to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service interruptions...

7.8CVSS7.2AI score0.00373EPSS
Exploits0References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/09/13 12:0 a.m.12 views

The vulnerability of the start_decoder component in the C/C++ Libstb library, related to integer overflow, allows an attacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the startdecoder component in the C/C++ Libstb library is related to integer overflow. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and even cause service failures through a specially created file...

7.8CVSS7.2AI score0.00518EPSS
Exploits0References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/09/13 12:0 a.m.12 views

The vulnerability of the “identify -help” command in the console-based image editing tool ImageMagick arises from improper memory release before deleting the last link. This allows a malicious actor to compromise data integrity and cause service failures.

The vulnerability of the “identify -help” command in the console-based image editing tool ImageMagick is related to improper memory release before deleting the last link. Exploiting this vulnerability can allow an attacker to compromise data integrity and cause service failures...

8.5CVSS7.1AI score0.01188EPSS
Exploits1References10Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/09/12 12:0 a.m.12 views

The vulnerability of the Windows Installer component on Windows operating systems, which allows a hacker to increase their privileges

The vulnerability of the Windows Installer component in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS8AI score0.06008EPSS
Exploits2References3
BDU FSTEC
BDU FSTEC
added 2024/09/09 12:0 a.m.12 views

The vulnerability of the Adobe Experience Manager content and media data management system lies in the insufficient protection of website structures, allowing attackers to carry out cross-site scripting attacks.

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...

5.5CVSS5.2AI score0.00296EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/21 12:0 a.m.12 views

Vulnerability of the Layer-2 Bridge Network Driver for Windows operating systems, allowing a hacker to cause service failure.

The vulnerability of the Layer-2 Bridge Network Driver for Windows operating systems is related to pointer dereferencing errors. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

7.8CVSS5.5AI score0.02457EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/08/21 12:0 a.m.12 views

The vulnerability of the Netcat module in CMS systems allows attackers to gain unauthorized access to protected information.

The vulnerability of the messaging module in the CMS system Netcat is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to the protected information from the database...

9.1CVSS5.6AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/19 12:0 a.m.12 views

The vulnerability of the web interface of the microprogramming software for Cisco Small Business SPA300 and SPA500 allows a perpetrator to execute arbitrary commands in the basic operating system.

The vulnerability of the web interface of Cisco Small Business SPA300 and SPA500 microprogramming software lies in the copying of input data into memory without checking its size. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary commands on the basic...

10CVSS6.2AI score0.066EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/08/14 12:0 a.m.12 views

The vulnerability of the software for detecting vulnerabilities and errors in PT Application Inspector, due to improper checking of query parameters, allows a perpetrator to execute arbitrary code.

The vulnerability of the PT Application Inspector’s software for detecting vulnerabilities and errors is related to improper checking of query parameters. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS5.9AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/13 12:0 a.m.12 views

The vulnerability of the Demon Routing Protocol Daemon (rpd) in Junos OS and Junos OS Evolved operating systems allows a attacker to cause a service failure.

The vulnerability of the Demon Routing Protocol Daemon rpd in Junos OS and Junos OS Evolved lies in the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to trigger a service failure through a specially crafted SNMP request...

6.8CVSS5.5AI score0.00335EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/08/07 12:0 a.m.12 views

The vulnerability of the raid5d() function in the Linux kernel driver for block devices allows a hacker to cause a service failure.

The vulnerability of the raid5d function in the driver/md/raid5.c file of the Linux kernel’s block device driver is related to an infinite waiting loop for resources. Exploiting this vulnerability could allow a attacker to cause a service failure...

5.5CVSS6.5AI score0.0018EPSS
Exploits0References28Affected Software7
BDU FSTEC
BDU FSTEC
added 2024/08/01 12:0 a.m.12 views

The vulnerability of Moxa EDS-510A switch microprogramming software, related to the use of cryptographic algorithms containing defects, allows attackers to exploit their privileges.

The vulnerability of Moxa EDS-510A microcontroller software is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability can allow a remote attacker to gain increased privileges...

10CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/31 12:0 a.m.12 views

The vulnerability of the Microprogramming Software of Supermicro BMC controllers, related to the execution of operations outside the buffer in memory, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Microprogrammed Software of Supermicro controllers involves the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

7.5CVSS5.9AI score0.00152EPSS
Exploits0References4Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/07/24 12:0 a.m.12 views

The vulnerabilities of the CPCI85 and SICORE processor control modules from Siemens SICAM, such as CP-8031, CP-8050, and SICAM EGS, allow attackers to downgrade the firmware version of the devices.

The vulnerability of the CPCI85 and SICORE processor module control systems from Siemens SICAM, such as CP-8031, CP-8050, and SICAM EGS, stems from the lack of authentication for critical functions. Exploiting this vulnerability allows a malicious actor to downgrade the firmware version of the...

6.8CVSS7.1AI score0.00524EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2024/07/23 12:0 a.m.12 views

The vulnerability of the SCADA system MasterSCADA 4D, related to insufficient restrictions on authentication attempts, allows a perpetrator to carry out an attack using brute-force methods.

The vulnerability of the SCADA system MasterSCADA 4D is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability allows a malicious actor to carry out an attack using brute-force methods...

10CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/23 12:0 a.m.12 views

The vulnerability of the microprogramming software of the ICU device and the iSTAR Pro door controller allows a intruder to carry out a “machine-in-the-midden” attack.

The vulnerability of the ICU tool and the iSTAR Pro door controller is related to the lack of authentication for critical functions. Exploiting this vulnerability could allow a remote attacker to execute a “midair attack”...

9.4CVSS5.7AI score0.00586EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/07/19 12:0 a.m.12 views

The vulnerability of Themes component in Windows operating systems, which allows attackers to carry out spoofing attacks

The vulnerability of Themes Windows themes in Windows operating systems is related to insufficient protection of service data. Exploiting this vulnerability allows a remote attacker to carry out spoofing attacks...

7.8CVSS8AI score0.51097EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/07/19 12:0 a.m.12 views

The vulnerability of the Request Submission and Scheduling components of the Oracle Concurrent Processing application in the Oracle E-Business Suite allows attackers to disclose sensitive information.

The vulnerability of the Request Submission and Scheduling components in Oracle Concurrent Processing of the Oracle E-Business Suite exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose sensitive...

6.8CVSS7.1AI score0.00509EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/07/17 12:0 a.m.12 views

The vulnerability of the Web Services Dynamic Discovery (WS-Discovery) protocol in Windows operating systems allows a perpetrator to cause a service failure.

The vulnerability of the Web Services Dynamic Discovery WS-Discovery protocol in Windows operating systems is related to improper handling of the absence of a specific element. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

7.8CVSS5.4AI score0.01889EPSS
Exploits0References3
Total number of security vulnerabilities5000