Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2024/02/06 12:0 a.m.12 views

The vulnerability of the aiohttp HTTP client, related to incorrect path name restrictions for restricted access directories, allows attackers to gain unauthorized access to protected information.

The vulnerability of the aiohttp HTTP client is related to incorrect restrictions on the path name to the restricted directory. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

7.8CVSS6.6AI score0.76875EPSS
Exploits15References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/02/06 12:0 a.m.12 views

The vulnerability of FireEye EX 3500, 5500, 8500 email security systems allows attackers to execute cross-site scripting attacks.

The vulnerability of FireEye EX 3500, 5500, and 8500 email security systems lies in the lack of protective measures for website structures. Exploiting this vulnerability allows a malicious actor to execute cross-site scripting using parameters “type” and “sfname”...

6.4CVSS6.2AI score0.00309EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/02/06 12:0 a.m.12 views

The vulnerability of the pskmad_64.sys driver used by Watchguard Endpoint Protection, Detection and Response (EPDR), Panda Adaptive Defense 360 (Panda AD360), and Panda Dome allows a malicious actor to gain unauthorized access to confidential information.

The vulnerability of the pskmad64.sys driver used by Watchguard Endpoint Protection, Detection and Response EPDR, Panda Adaptive Defense 360 Panda AD360, and Panda Dome involves the disclosure of information. Exploiting this vulnerability can allow an attacker to gain unauthorized access to...

4.1CVSS5.5AI score
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/02/05 12:0 a.m.12 views

The vulnerability of the Rapid SCADA system, related to the storage of passwords in an unencrypted form, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the SCADA system Rapid SCADA is related to the storage of passwords in an unencrypted form. Exploiting this vulnerability can allow a intruder to gain unauthorized access to protected information...

6.2CVSS5.9AI score0.0016EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/05 12:0 a.m.12 views

The vulnerability of the Rapid SCADA system, related to the use of open redirection, allows a hacker to redirect a user to any arbitrary URL address.

The vulnerability of the SCADA system Rapid SCADA is related to the use of open redirection as a result of incorrect data cleaning on the user input page. Exploiting this vulnerability allows an attacker to redirect the user to any desired URL address...

5.5CVSS5.9AI score0.00315EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/05 12:0 a.m.12 views

The vulnerability of the Setting Handler component in the software for creating, testing, documenting, publishing, and maintaining the API interface of applications allows a perpetrator to execute arbitrary code.

The vulnerability of the Setting Handler component in software for creating, testing, documenting, publishing, and maintaining the API interface of an application relates to the copying of buffers without checking the size of input data when processing PDF files. Exploiting this vulnerability...

10CVSS8.2AI score0.01457EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/02 12:0 a.m.12 views

The vulnerability of the DevmemIntMapPMR() function in the PowerVR GPU driver for Android and ChromeOS allows a hacker to execute arbitrary code and gain elevated privileges.

The vulnerability of the DevmemIntMapPMR function in the PowerVR GPU driver for Android and ChromeOS operating systems is related to the use of memory after it has been freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code and gain elevated privileges...

7.8CVSS8.1AI score0.00414EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/01/31 12:0 a.m.12 views

The vulnerability of the protect_dir function (pam_namespace.so) in the Linux-PAM authentication module allows a attacker to cause a service failure.

The vulnerability of the protectdir function in the Linux-PAM authentication module pamnamespace.so is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...

3.3CVSS6.3AI score0.00459EPSS
Exploits1References10Affected Software6
BDU FSTEC
BDU FSTEC
added 2024/01/22 12:0 a.m.12 views

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to execute arbitrary code or cause service interruptions.

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers is related to operations that go beyond buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure...

10CVSS8.3AI score0.21697EPSS
Exploits0References15Affected Software7
BDU FSTEC
BDU FSTEC
added 2024/01/19 12:0 a.m.12 views

The vulnerability of the Centralized Third-party Jars component (OkHttp) of the Oracle Access Manager control system allows a hacker to disclose protected information.

The vulnerability of the Centralized Third-party Jars component OkHttp in the Oracle Access Manager access control tool is related to the lack of protection for service data. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...

7.8CVSS6.6AI score0.00877EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/01/17 12:0 a.m.12 views

The vulnerability of the PPT-file processor in Hancom Office software allows a hacker to execute arbitrary code.

The vulnerability of the PPT-file processor in Hancom Office software is related to buffer overflow in the stack. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created PPT-file...

7.8CVSS8AI score0.0039EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/12/18 12:0 a.m.12 views

The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to execute arbitrary code.

The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

5.5CVSS6.3AI score0.00597EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/15 12:0 a.m.12 views

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code or cause service interruptions.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to access to resources through incompatible types. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure by using a specially created malicious web page...

10CVSS8.1AI score0.4351EPSS
Exploits1References10Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/12/14 12:0 a.m.12 views

The vulnerability of the urllib3 module in the Python programming language lies in the lack of protection for service data, which allows attackers to exploit the exposed information.

The vulnerability of the urllib3 module in the Python programming language is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information that should be protected...

8.5CVSS6.5AI score0.01207EPSS
Exploits0References18Affected Software15
BDU FSTEC
BDU FSTEC
added 2023/12/14 12:0 a.m.12 views

The vulnerability of the BIOS loading, update, backup, and recovery utility from the Phoenix WinPhlash flash device (previously known as Phoenix SecureCore Tiano WinFlash) is related to deficiencies in access control mechanisms, allowing attackers to escalate their privileges.

The vulnerability of the BIOS loading, backup, and recovery utility for the Phoenix WinPhlash flash device previously known as Phoenix SecureCore Tiano WinFlash is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to enhance their privileges...

10CVSS7.7AI score0.01265EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/11 12:0 a.m.12 views

The vulnerability in the Web Browser UI interface of Google Chrome and Microsoft Edge allows attackers to perform spoofing attacks.

The vulnerability of the Web Browser UI interface in Google Chrome and Microsoft Edge is related to improperly implemented security checks for standard elements. Exploiting this vulnerability allows a malicious actor to carry out spear-phishing attacks using a specially created HTML page...

5CVSS6.8AI score0.01268EPSS
Exploits0References14Affected Software7
BDU FSTEC
BDU FSTEC
added 2023/11/29 12:0 a.m.12 views

The vulnerability of the python-eventlet library used by the OpenStack Platform for building cloud solutions allows a attacker to cause service failures.

The vulnerability of the python-eventlet library used by the OpenStack Platform for building cloud solutions is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...

7.8CVSS6.4AI score0.00802EPSS
Exploits0References5Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/11/18 12:0 a.m.12 views

The vulnerability of the SerializationTypeConverter class in the Microsoft Exchange Server mail server allows attackers to perform spoofing attacks.

The vulnerability of the SerializationTypeConverter class in Microsoft Exchange Server lies in the deserialization mechanism’s deficiencies, resulting from insufficient protection of service data. Exploiting this vulnerability allows attackers to perform spoofing attacks remotely...

8CVSS7.6AI score0.392EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/11/16 12:0 a.m.12 views

The vulnerability of the PowerDNS Recursor DNS server stems from the practice of marking authoritative servers as unavailable, allowing attackers to trigger a service failure.

The vulnerability of the PowerDNS Recursor DNS server is related to the marking of authoritative servers as unavailable. Exploiting this vulnerability could allow a malicious actor to cause service failures...

5.3CVSS5.9AI score0.00593EPSS
Exploits0References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/11/15 12:0 a.m.12 views

The vulnerability of the Bulkmodifications component in NagiosXI software, related to the lack of measures taken to protect the SQL query structure, allows attackers to execute arbitrary SQL queries.

The vulnerability of the Bulkmodifications component in NagiosXI software is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

9.1CVSS5.9AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/11 12:0 a.m.12 views

The vulnerability in the cr parser_parse_selector_core function of the cr-parser.c library, used for working with cascade CSS2 Libcroco tables, allows a attacker to cause a service failure.

The vulnerability of the cr parserparseselectorcore function in the cr-parser.c component, a library for working with cascading CSS tables, is related to the execution of a loop with an unavailable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service failur...

7.1CVSS6.6AI score0.12996EPSS
Exploits4References11Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/11/03 12:0 a.m.12 views

The vulnerability of the IBM DB2 database management system, related to deficiencies in access control, allows a perpetrator to execute arbitrary code.

The vulnerability of the IBM DB2 database management system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

9CVSS7.5AI score0.01513EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/02 12:0 a.m.12 views

The vulnerability of the Samba networking communication package lies in the overflow of buffers in dynamic memory, allowing an attacker to cause a service failure.

The vulnerability of the Samba networking communication package is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

7.8CVSS7.1AI score0.01573EPSS
Exploits0References8Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/11/02 12:0 a.m.12 views

The vulnerability of the nginx.ingress.kubernetes.io/permanent-redirect controller in the Kubernetes ingress-nginx cluster allows a attacker to execute arbitrary commands.

The vulnerability of the nginx.ingress.kubernetes.io/permanent-redirect controller in the Kubernetes ingress-nginx cluster is related to errors in processing incoming data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

8CVSS8.2AI score0.56568EPSS
Exploits2References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/02 12:0 a.m.12 views

The vulnerability of Siemens Solid Edge, a tool for design and simulation, relates to buffer overflow attacks, allowing an attacker to execute arbitrary code.

The vulnerability of Siemens Solid Edge’s design and simulation tools is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow attackers to execute arbitrary code using specially created PAR files...

7.8CVSS8AI score0.00217EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/11/02 12:0 a.m.12 views

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to reading beyond the memory boundary, allowing attackers to disclose protected information.

The vulnerability of Siemens Solid Edge’s design and modeling tools is related to reading beyond the memory limit. Exploiting this vulnerability can allow attackers to disclose sensitive information using specially created STL files...

3.3CVSS6AI score0.00201EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/11/02 12:0 a.m.12 views

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the use of memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the use of memory after it is freed. Exploiting this vulnerability can allow attackers to execute arbitrary code using specially created STL files...

7.8CVSS7.6AI score0.00237EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/11/01 12:0 a.m.12 views

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, Adobe Acrobat Reader 2020, and Adobe Acrobat 2017 involve reading data beyond the buffer in memory, allowing attackers to disclose protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, Adobe Acrobat Reader 2020, Adobe Acrobat 2017, and Adobe Acrobat Reader 2017 are related to reading data beyond the buffer in memory. Exploiting...

5.5CVSS6.7AI score0.00261EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/10/21 12:0 a.m.12 views

The vulnerability of the ms_lib_process_bootblock() function in the drivers/usb/storage/ene_ub6250.c file of the ene_usb6250 driver for the ENE SD/MS embedded system in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the mslibprocessbootblock function in the drivers/usb/storage/eneub6250.c file of the eneusb6250 driver for the ENE SD/MS embedded system in the Linux operating system is related to access to memory beyond the allocated buffer. Exploiting this vulnerability could allow a...

5.5CVSS6.1AI score0.00282EPSS
Exploits0References22Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/10/13 12:0 a.m.12 views

The vulnerability of the Navigation component in Google Chrome allows attackers to carry out spoofing attacks.

The vulnerability of the Navigation component in Google Chrome is related to information representation errors in the user interface. Exploiting this vulnerability allows a remote attacker to perform spear-phishing attacks using a specially created HTML page...

7.8CVSS6.6AI score0.00997EPSS
Exploits0References12Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/10/10 12:0 a.m.12 views

The vulnerability of the SetWLanRadioSettings function in D-Link DIR-823G router software allows a hacker to cause a service failure.

The vulnerability of the SetWLanRadioSettings function in D-Link DIR-823G router microprogramming software is related to the output of operations that go beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using the SSID parameter...

7.8CVSS7.9AI score0.00865EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/10 12:0 a.m.12 views

The vulnerability of the prog.cgi component in D-Link DIR-3040 wireless router software allows a hacker to execute arbitrary code.

The vulnerability of the prog.cgi component in D-Link DIR-3040 wireless router software lies in the fact that the output of operations goes beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted HNAP requests to T...

8.8CVSS8.3AI score0.00846EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/10/04 12:0 a.m.12 views

The vulnerability of the imgsys component in MediaTek’s microprogramming software allows attackers to enhance their privileges.

The vulnerability of the imgsys microprogramming system component of MediaTek’s chips is related to insufficient testing of input data. Exploiting this vulnerability can allow attackers to enhance their privileges...

6.8CVSS6.5AI score0.00092EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/02 12:0 a.m.12 views

The vulnerability of the Threat Intelligence service of the Nozomi Guardian detection and monitoring network activity tool, as well as the Nozomi Central Management Console (CMC) – a centralized security management tool – allows attackers to carry out cross-site scenario attacks.

The vulnerability of the Threat Intelligence service of the Nozomi Guardian detection and monitoring network activity tool, as well as the Nozomi Central Management Console CMC, relates to the lack of protective measures taken for the web page structure during the processing of threat analysis...

8.7CVSS5.4AI score0.00284EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/10/02 12:0 a.m.12 views

The vulnerability of the formSetWanNonLogin function in the D-Link DIR-619L router software allows a hacker to cause a service failure.

The vulnerability of the formSetWanNonLogin function in the D-Link DIR-619L router microprogramming system is related to the writing of data beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failure...

7.8CVSS7.4AI score0.0074EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/09/29 12:0 a.m.12 views

The vulnerability of the keyinstall component in MediaTek’s microprogramming software allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the keyinstall component in MediaTek’s microprogramming software is related to insufficient protection of sensitive data due to incorrect validation of input data. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...

4.6CVSS5.5AI score0.00104EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/09/28 12:0 a.m.12 views

The vulnerability of the SetAPLanSettings function in the microprogramming software of the D-Link DAP-1325 wireless signal booster allows a intruder to execute arbitrary code.

The vulnerability of the SetAPLanSettings function in the microprogramming software of the D-Link DAP-1325 wireless signal booster is related to the execution of operations outside the buffer in memory when processing XML data. Exploiting this vulnerability allows a remote attacker to execute...

8.8CVSS8.4AI score0.00855EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/09/26 12:0 a.m.12 views

The vulnerability of the Prompts component in the Google Chrome browser allows attackers to perform spoofing attacks.

The vulnerability of the Prompts component in the Google Chrome browser is related to the improper use of standard permissions. Exploiting this vulnerability allows a malicious actor to carry out spam attacks using a specially created HTML page...

5CVSS5.4AI score0.00717EPSS
Exploits0References12Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/09/22 12:0 a.m.12 views

The vulnerability of the Ansible Semaphore configuration management interface, related to improper control of code generation, allows a attacker to execute arbitrary code.

The vulnerability of the Ansible Semaphore configuration management interface is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS8.1AI score0.01429EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/09/15 12:0 a.m.12 views

The vulnerability of the bt_quickfix function in the Vim text editor allows a hacker to execute arbitrary code.

The vulnerability of the Vim text editor is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.5AI score0.00528EPSS
Exploits1References11Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/09/13 12:0 a.m.12 views

Vulnerability of the CMS system: 1C-Bitrix – Website management related to authentication procedures’ flaws, allowing attackers to access confidential information and perform operations with privileged access rights of compromised accounts.

Vulnerability of the CMS system: 1C-Bitrix. Website management is associated with deficiencies in authentication procedures. Exploiting this vulnerability can allow a malicious actor to gain access to confidential information and perform operations under the privileges of a compromised account...

10CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/09/12 12:0 a.m.12 views

The vulnerability of the DDP microprogramming software-based wireless access points from D-Link, model DAP-2622, allows a intruder to execute any arbitrary code.

The vulnerability of the DDP microprogramming software used in D-Link DAP-2622 wireless access points lies in the fact that the execution of commands is carried out outside of the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code...

8.8CVSS8.3AI score0.00637EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/09/05 12:0 a.m.12 views

The vulnerability of the Apache Airflow Spark Provider, a network-based software tool, allows a hacker to execute arbitrary code.

The vulnerability of the Apache Airflow Spark Provider network software is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

9CVSS8.1AI score0.01413EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/31 12:0 a.m.12 views

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, and Adobe Acrobat 2020/Adobe Acrobat Reader 2020 involve memory-walking attacks, allowing attackers to execute arbitrary code.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 are related to memory-walking attacks. Exploiting these vulnerabilities can allow attackers to execute arbitrary cod...

7.8CVSS6.6AI score0.02346EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/08/29 12:0 a.m.12 views

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, and Adobe Acrobat 2020/Adobe Acrobat Reader 2020 involve an exploit that allows unauthorized access beyond the buffer in memory. This vulnerability enables attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 are related to the execution of operations beyond the buffer in memory. Exploiting these vulnerabilities can allow...

7.8CVSS5.9AI score0.0213EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/08/23 12:0 a.m.12 views

The vulnerability of the Fullscreen application interface of Google Chrome’s browser allows a hacker to bypass existing security restrictions.

The vulnerability of the Fullscreen application interface of Google Chrome’s browser is related to improperly implemented security checks for standard elements. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions on the browser page through a specially...

5CVSS5.5AI score0.00657EPSS
Exploits0References9Affected Software6
BDU FSTEC
BDU FSTEC
added 2023/08/21 12:0 a.m.12 views

The vulnerability in the Firefox web browser, related to writing beyond the buffer, allows attackers to access confidential data, compromise its integrity, and cause service interruptions.

The vulnerability in the Firefox web browser is related to writing beyond the buffer limit. Exploiting this vulnerability can allow a remote attacker to access confidential data, compromise its integrity, and cause service interruptions...

10CVSS7.6AI score0.00668EPSS
Exploits0References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/08/14 12:0 a.m.12 views

The vulnerability of Google Chrome’s WebRTC technology allows attackers to circumvent existing security restrictions.

The vulnerability of Google Chrome’s WebRTC technology relates to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions by using a specially crafted HTML page...

10CVSS7.7AI score0.00535EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/11 12:0 a.m.12 views

The vulnerability of the saveParentControlInfo() function in Tenda AC8 router software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the saveParentControlInfo function in the Tenda AC8 router’s microprogramming software is related to the issue of the operation going beyond the buffer in memory when processing the deviceId parameter. Exploiting this vulnerability allows a malicious actor to execute arbitrar...

10CVSS8.4AI score0.00857EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/07 12:0 a.m.12 views

The vulnerability of the application programming interface of Google Chrome’s File System allows a hacker to circumvent existing security restrictions.

The vulnerability of the Google Chrome browser’s application programming interface for the File System is related to improper security checks for standard elements. Exploiting this vulnerability can allow a remote attacker to circumvent existing security restrictions...

7.8CVSS6.6AI score0.00469EPSS
Exploits1References4Affected Software2
Total number of security vulnerabilities5000