Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2023/08/21 12:0 a.m.12 views

The vulnerability in the Firefox web browser, related to writing beyond the buffer, allows attackers to access confidential data, compromise its integrity, and cause service interruptions.

The vulnerability in the Firefox web browser is related to writing beyond the buffer limit. Exploiting this vulnerability can allow a remote attacker to access confidential data, compromise its integrity, and cause service interruptions...

10CVSS7.6AI score0.00668EPSS
Exploits0References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/08/14 12:0 a.m.12 views

The vulnerability of Google Chrome’s WebRTC technology allows attackers to circumvent existing security restrictions.

The vulnerability of Google Chrome’s WebRTC technology relates to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions by using a specially crafted HTML page...

10CVSS7.7AI score0.00535EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/11 12:0 a.m.12 views

The vulnerability of the saveParentControlInfo() function in Tenda AC8 router software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the saveParentControlInfo function in the Tenda AC8 router’s microprogramming software is related to the issue of the operation going beyond the buffer in memory when processing the deviceId parameter. Exploiting this vulnerability allows a malicious actor to execute arbitrar...

10CVSS8.4AI score0.00857EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/07 12:0 a.m.12 views

The vulnerability of the application programming interface of Google Chrome’s File System allows a hacker to circumvent existing security restrictions.

The vulnerability of the Google Chrome browser’s application programming interface for the File System is related to improper security checks for standard elements. Exploiting this vulnerability can allow a remote attacker to circumvent existing security restrictions...

7.8CVSS6.6AI score0.00469EPSS
Exploits1References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/08/03 12:0 a.m.12 views

The vulnerability of the macOS operating system’s kernel allows a hacker to bypass security restrictions and gain unauthorized access to protected information.

The vulnerability of the macOS operating system’s kernel is related to security configuration errors. Exploiting this vulnerability can allow an attacker to bypass security restrictions and gain unauthorized access to protected information...

5.5CVSS6.6AI score0.00206EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/02 12:0 a.m.12 views

The vulnerability of the microprogrammed software of SIMATIC MV540, MV550, and MV560 barcode readers, related to uncontrolled resource consumption, allows a intruder to cause malfunctions during maintenance operations.

The vulnerability of the microprogramming software for SIMATIC MV540, MV550, and MV560 barcode readers is related to an uncontrolled consumption of resources during the processing of IP packets. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

7.8CVSS7.3AI score0.00653EPSS
Exploits0References4Affected Software6
BDU FSTEC
BDU FSTEC
added 2023/07/26 12:0 a.m.12 views

The vulnerability of the FvDesigner software for creating operator panels, related to the execution of operations outside the buffer boundaries in memory, allows a hacker to execute arbitrary code on the target system.

The vulnerability of the FvDesigner software for creating operator panels is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code on the target system...

7.8CVSS8.1AI score0.00394EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/07/20 12:0 a.m.12 views

The vulnerability of the Runc command-line tool for isolated containers arises from incorrect handling of symbolic links before accessing the file. This allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Runc container launch tool is related to incorrect handling of symbolic links before accessing the file. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

7.8CVSS6.8AI score0.00343EPSS
Exploits0References11Affected Software7
BDU FSTEC
BDU FSTEC
added 2023/07/20 12:0 a.m.12 views

The vulnerability in the /sqlite3_aflpp/shell.c component of the SQLite database management system allows a attacker to cause a service failure.

The vulnerability in the /sqlite3aflpp/shell.c component of the SQLite database management system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

5.5CVSS6.7AI score
Exploits0References6Affected Software7
BDU FSTEC
BDU FSTEC
added 2023/06/26 12:0 a.m.12 views

The vulnerability of the librenderdoc.so library, a standalone visual debugger for RenderDoc, allows attackers to increase their privileges.

The vulnerability of the librenderdoc.so library, a standalone visual debugger for RenderDoc, is related to an incorrect definition of symbolic references before accessing the file. Exploiting this vulnerability could allow an attacker to increase their privileges...

7.8CVSS7.8AI score0.00891EPSS
Exploits3References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/26 12:0 a.m.12 views

The vulnerability of the GLPI system’s handling of requests and incidents lies in the improper cancellation of input during the generation of web pages, allowing a malicious user to execute arbitrary SQL queries in the database.

The vulnerability of the GLPI system for handling requests and incidents is related to insufficient cleaning of user data on search pages. A malicious actor can trick a victim into clicking on a specially created link, allowing arbitrary HTML code and scripts to be executed in the user’s browser...

6.4CVSS6.5AI score0.00605EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/06/16 12:0 a.m.12 views

The vulnerability of the UDPv6 network protocol implementation in Linux operating systems allows attackers to cause service failures.

The vulnerability of the UDPv6 network protocol implementation in Linux operating systems is related to concurrent access to the dstentry structure during a race condition, due to the lack of synchronization in the sksetupcaps function within the net/core/sock.c module. Exploiting this...

5.1CVSS5.5AI score
Exploits0References10Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.12 views

The vulnerabilities of D-Link DIR-550A and DIR-604M router microprogramming software allow attackers to enhance their privileges.

The vulnerability of D-Link DIR-550A and DIR-604M router microprogramming software is related to insecure resource initialization. Exploiting this vulnerability can allow a malicious actor to gain increased privileges...

9CVSS7.8AI score0.01776EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.12 views

The vulnerability of the /userfs/bin/tcapi file of the Diagnostics microprogramming system for the D-Link DSL-3782 router allows a hacker to execute arbitrary code.

The vulnerability of the /userfs/bin/tcapi file of the Diagnostics microprogramming system for the D-Link DSL-3782 router lies in the fact that the output of the operation goes beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS8.3AI score0.03308EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.12 views

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to execute arbitrary code.

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers is related to type conversion errors. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

10CVSS8.3AI score0.32724EPSS
Exploits2References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.12 views

The vulnerability of the PnPSCADA automation system’s software lies in the lack of protective measures for SQL query structures. This allows attackers to gain unauthorized access to protected information and compromise the system.

The vulnerability of the PnPSCADA automation system’s software is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information and compromise the system...

10CVSS7.3AI score0.08079EPSS
Exploits3References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.12 views

The vulnerability of the SetSysEmailSettings function in the application software interface of D-Link DIR-2150 router software allows a hacker to execute arbitrary code.

The vulnerability of the SetSysEmailSettings function in the application software interface of D-Link DIR-2150 router microprogramming devices is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially...

7.7CVSS7.1AI score0.0176EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.12 views

Vulnerability of the Server component: The Oracle MySQL Server database management system’s DDL functions allow attackers to gain unauthorized access to protected information.

Vulnerability of the Server component: The DDL system for managing databases, Oracle MySQL Server, has vulnerabilities related to insufficient protection of operational data. Exploiting these vulnerabilities can allow unauthorized attackers to gain unauthorized access to protected information usi...

4CVSS6.3AI score0.01354EPSS
Exploits0References5Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/06/05 12:0 a.m.12 views

The vulnerability of the SetTriggerPPPoEValidate function in the application software interface of D-Link DIR-2150 router microprogramming system allows a hacker to execute arbitrary code.

The vulnerability of the SetTriggerPPPoEValidate function in the application software interface of D-Link DIR-2150 router microprogramming devices is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially...

7.7CVSS7.1AI score0.0176EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/05 12:0 a.m.12 views

The vulnerability of the dialog/select_media.php implementation in the DedeCMS content management system allows attackers to read arbitrary files.

The vulnerability of the dialog/selectmedia.php implementation in the DedeCMS content management system is related to an incorrect restriction on the path to the restricted catalog. Exploiting this vulnerability could allow a malicious actor to read arbitrary files...

7.8CVSS6.9AI score0.01223EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/05/29 12:0 a.m.12 views

The vulnerability of the Apache InLong data integration platform lies in the improper assignment of permissions to critical resources, allowing attackers to increase their privileges and perform arbitrary cluster binding.

The vulnerability of the Apache InLong data integration platform is related to the improper assignment of permissions for a critical resource. Exploiting this vulnerability can allow an attacker to enhance their privileges and perform arbitrary cluster binding...

10CVSS7.3AI score0.01182EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/05/17 12:0 a.m.12 views

The vulnerability in the prog.cgi web interface script of D-Link DIR-2640-US’s router software allows a hacker to execute arbitrary code.

The vulnerability in the prog.cgi web interface for managing D-Link DIR-2640-US router microprogramming software relates to the escape of operations beyond the buffer in memory when checking the length of data entered by the user. Exploiting this vulnerability allows a remote attacker to execute...

8.8CVSS8.2AI score0.0124EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/05/15 12:0 a.m.12 views

The vulnerability of the function dvb_frontend_test_event() in the driver drivers/media/dvb-core/dvb_frontend.c of the Linux operating system’s DVB kernel, which allows a hacker to cause a service failure.

The vulnerability of the function dvbfrontendtestevent in the driver drivers/media/dvb-core/dvbfrontend.c of the Linux operating system’s DVB kernel is related to incorrect use of synchronization mechanisms. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.00413EPSS
Exploits0References14Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/05/10 12:0 a.m.12 views

The vulnerability of the Python Charmers Future version compatibility program, related to an incorrect regular expression, allows a violator to trigger a service failure.

The vulnerability of the Python Charmers Future version compatibility program is related to incorrect input validation during the processing of Set-Cookie headers. Exploiting this vulnerability allows a remote attacker to send a specially crafted HTTP request to the application and execute a...

7.8CVSS6.7AI score0.01804EPSS
Exploits1References11Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/04/17 12:0 a.m.12 views

The vulnerability of the Delta Electronics InfraSuite Device Master software in monitoring devices in real time, due to insufficient validation of input data, allows attackers to exploit their privileges.

The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

9CVSS6.9AI score0.0055EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/03/27 12:0 a.m.12 views

The vulnerability of the stat() function in the OverlayFS subsystem of Linux kernels allows attackers to increase their privileges.

The vulnerability of the stat function in the OverlayFS subsystem of Linux operating systems is related to deficiencies in access control when processing setuid and setgid attributes. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7AI score0.0788EPSS
Exploits14References11Affected Software7
BDU FSTEC
BDU FSTEC
added 2023/03/23 12:0 a.m.12 views

The vulnerability lies in the executable file IGSSdataServer.exe of the SCADA system’s data server, IGSS Data Server, as well as the executable file DashBoard.exe of the IGSS Dashboard. Additionally, the RMS16.dll library from the report module Custom Reports allows a hacker to delete arbitrary data.

The vulnerability of the IGSSdataServer.exe executable of the SCADA system’s data server, the DashBoard.exe executable of the IGSS Dashboard, and the RMS16.dll library of the report module Custom Reports is related to the absence of authentication for a critical function. Exploiting this...

6.5CVSS6.2AI score0.00437EPSS
Exploits0References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/03/22 12:0 a.m.12 views

The vulnerability of the Substance 3D Stager software lies in its ability to read data beyond the buffer in memory, allowing an attacker to exploit this to disclose protected information.

The vulnerability of the Substance 3D Stager software-related 3D design software is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected information through a specially created file...

7.8CVSS7.3AI score0.00332EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/03/03 12:0 a.m.12 views

The vulnerability of the MKLogic-500 PLC, related to the use of hidden functions, allows a hacker to gain full control over the device.

The vulnerability of the MKLogic-500 PLC is related to the presence of hidden features such as SSH access. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain full control over the device...

9CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/03/03 12:0 a.m.12 views

Vulnerability of the ntfsattr_find() function (fs/ntfs/attrib.c) in Linux operating system kernels, allowing a hacker to cause a service failure

The vulnerability of the ntfsattrfind function fs/ntfs/attrib.c in Linux operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

9.3CVSS7AI score0.00608EPSS
Exploits1References18Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/03/01 12:0 a.m.12 views

The vulnerability of the goform/formWPS component of D-Link’s N300 WI-Fi DIR-605 router software allows a hacker to execute arbitrary code.

The vulnerability of the goform/formWPS component of D-Link’s N300 WI-Fi DIR-605L router software arises due to an overflow in the buffer on the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.4AI score0.01224EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2023/02/27 12:0 a.m.12 views

The vulnerability of the Protected Extensible Authentication Protocol (PEAP) implementation in Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the Protected Extensible Authentication Protocol PEAP implementation in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted PEAP packets...

7.5CVSS8.2AI score0.01048EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/02/27 12:0 a.m.12 views

The vulnerability of Microsoft Edge browsers, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Edge browsers is related to information representation errors in the user interface. Exploiting this vulnerability allows a malicious actor to carry out spear-phishing attacks using a specially created malicious web page...

5CVSS6.4AI score0.00729EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/27 12:0 a.m.12 views

The vulnerability of Adobe Connect’s instant messaging program, related to deficiencies in access control, allows attackers to circumvent existing security restrictions.

The vulnerability of Adobe Connect’s instant messaging program is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to bypass existing security restrictions remotely...

5.3CVSS5.8AI score0.81875EPSS
Exploits4References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/27 12:0 a.m.12 views

The vulnerability of the Internet Storage Name Service (iSNS) for Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Internet Storage Name Service iSNS for Windows operating systems is related to insufficient protection of service data due to operations going beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected...

6.2CVSS6.8AI score0.00497EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/02/21 12:0 a.m.12 views

The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in the ability to write code beyond the buffer boundaries in memory, allowing attackers to execute arbitrary code.

The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in the writing of code beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code within the context of the current user...

7.8CVSS7.8AI score0.00302EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/17 12:0 a.m.12 views

The vulnerability of the password restoration mechanism of the Apex-VUZ system allows a hacker to obtain the email address associated with the restored password.

The vulnerability of the password restoration mechanism of the Apex-VUZ educational automation system is related to the disclosure of information. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain the email address associated with the recoverable password...

5.3CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/01/30 12:0 a.m.12 views

Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the MySQL Server component of the database management system involves insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...

6.8CVSS6.3AI score0.00853EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/01/25 12:0 a.m.12 views

The vulnerability of the ALSA:pcm component (the audio subsystem of the Linux operating system), which allows a hacker to cause a service failure and gain unauthorized access to protected information.

The vulnerability of the ALSA:pcm component the audio subsystem of the Linux operating system is related to a synchronization violation in sndctlelemreaduser. Exploiting this vulnerability can allow an attacker to cause service failures and gain unauthorized access to protected information...

7.8CVSS7AI score0.03702EPSS
Exploits0References16Affected Software7
BDU FSTEC
BDU FSTEC
added 2023/01/23 12:0 a.m.12 views

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud, which stem from violations of secure design principles, allow attackers to enhance their privileges.

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud are related to violations of secure design principles. Exploiting these vulnerabilities can allow attackers to enhance their privileges...

5.6CVSS7.2AI score0.00397EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/01/20 12:0 a.m.12 views

The vulnerability of the CIFS file system’s arbitrary utility command, related to the lack of measures for cleaning input data, allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the CIFS file system’s arbitrary utility command related to the lack of measures for cleaning input data. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity, and cause service failures...

7CVSS6.5AI score0.00652EPSS
Exploits1References12Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/12/30 12:0 a.m.12 views

The vulnerability of the remote access tool for VMware Workspace ONE Assist exists due to the lack of security measures taken to protect the website structure. This allows attackers to carry out XSS attacks.

The vulnerability of the remote access tool for VMware Workspace ONE Assist exists due to the lack of security measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks...

6.4CVSS7.2AI score0.00434EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/28 12:0 a.m.12 views

The vulnerability of Huawei FusionCube’s supervisor, related to incorrect restrictions on the path name to the restricted access catalog, allows a intruder to disclose protected information.

The vulnerability of Huawei FusionCube relates to an incorrect limitation on the path name to the restricted access catalog. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose protected information through a specially crafted HTTP request...

7.8CVSS7.2AI score0.00828EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/24 12:0 a.m.12 views

The vulnerability of the Fax Compose Form component in Windows operating systems allows attackers to exploit their privileges.

The vulnerability of the Fax Compose Form component in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.3AI score0.00515EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.12 views

The vulnerability of the UDF file system functionality in Linux operating systems allows a hacker to execute arbitrary code.

The vulnerability of the UDF file system functionality in Linux operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.5AI score0.00282EPSS
Exploits0References21Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.12 views

The vulnerability of the microprogramming software of the AMI MegaRAC Baseboard Management Controller (BMC) allows a intruder to gain full access to the device.

The vulnerability of the microprogramming software of the AMI MegaRAC Baseboard Management Controller BMC relates to the use of rigidly encrypted credentials. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain full access to the device via SSH...

8.3CVSS8.2AI score0.00655EPSS
Exploits0References5Affected Software7
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.12 views

The vulnerability of the jlink_init() function (monitor/jlink.c) in Linux operating systems allows a hacker to cause a service failure.

The vulnerability of the jlinkinit function monitor/jlink.c in Linux operating systems is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.00257EPSS
Exploits0References4Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.12 views

The vulnerability of the “Language” parameter in the web interface of the POWER METER SICAM Q100 microprogramming system allows a hacker to disable the device (with subsequent automatic reboot) or execute arbitrary code.

The vulnerability of the “Language” parameter in the web interface of the POWER METER SICAM Q100 microprogramming system for power measurement devices is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to disable the device remotely, causing it to...

9CVSS7.3AI score0.01488EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.12 views

The vulnerability in the driver drivers/char/pcmcia/synclink_cs.c of Linux operating systems allows a hacker to cause a service failure.

The vulnerability in the drivers/char/pcmcia/synclinkcs.c file of Linux operating systems is related to the behavior during the removal of a PCMCIA device when the ioctl function is called. Exploiting this vulnerability could allow an attacker to cause a service failure...

4.2CVSS6.6AI score0.00243EPSS
Exploits0References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/11/22 12:0 a.m.12 views

The vulnerability in the open-source development environment for UEFI EDK2, related to uncontrolled recursion, allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of open-source development environments for UEFI EDK2 is related to uncontrolled recursion. Exploiting this vulnerability allows attackers to access confidential data, compromise its integrity, and cause service failures...

7.8CVSS6.2AI score0.00399EPSS
Exploits1References8Affected Software3
Total number of security vulnerabilities5000