Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2022/08/24 12:0 a.m.12 views

The vulnerability of the Adobe Framemaker desktop publishing system lies in its memory management after memory is freed, allowing an attacker to execute arbitrary code.

The vulnerability of the desktop publishing system Adobe Framemaker relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created malicious file...

7.8CVSS7.6AI score0.0043EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/08/22 12:0 a.m.12 views

The vulnerability of PDFTron software components, used by Autodesk for modeling, design, and drafting, allows a hacker to execute arbitrary code.

The vulnerability of PDFTron software components, used by Autodesk for modeling, design, and drawing tasks, involves unlimited distribution of resources. Exploiting this vulnerability allows a malicious actor to execute arbitrary code during PDF file analysis...

9.3CVSS7.7AI score0.00727EPSS
Exploits0References3Affected Software12
BDU FSTEC
BDU FSTEC
added 2022/08/18 12:0 a.m.12 views

The vulnerability of the MiUI mobile operating system in devices like Redmi Note 11 and Redmi Note 9T, related to writing beyond the buffer in memory, allows a hacker to trigger a service failure.

The vulnerability of the mobile operating system MIUI is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.8CVSS7.7AI score0.06935EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/08/12 12:0 a.m.12 views

The vulnerability of the PAN-OS operating system, related to errors in configuring URL filtering policies, allows a perpetrator to trigger a Denial-of-Service Attack (RDoS).

The vulnerability of the PAN-OS operating system is related to errors in configuring URL filtering policies. Exploiting this vulnerability can allow a malicious actor to perform a Denial-of-Service Attack RDoS...

8.6CVSS7.6AI score0.02041EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/08/12 12:0 a.m.12 views

The vulnerability of Microsoft Excel editors, related to security configuration errors, allows attackers to circumvent existing security restrictions.

The vulnerability of Microsoft Excel editors is related to security configuration errors. Exploiting this vulnerability can allow attackers to circumvent existing security restrictions...

7.3CVSS7.3AI score0.00767EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/08/05 12:0 a.m.12 views

The vulnerability of the Open Plug and Play (PnP) microprogramming software module of Cisco Small Business routers such as RV160, RV260, RV340, and RV345 is related to errors in processing input data. This vulnerability allows a hacker to execute arbitrary commands in the basic operating system.

The vulnerability of the Open Plug and Play PnP microprogramming software for Cisco Small Business routers such as RV160, RV260, RV340, and RV345 is related to errors in processing input data. Exploiting this vulnerability can allow a remote attacker to execute arbitrary commands on the operating...

10CVSS8.4AI score0.02877EPSS
Exploits0References2Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/08/01 12:0 a.m.12 views

The vulnerability of the “Main” function in the TOTOLink A860R microcontroller software allows a intruder to execute any command they desire.

The vulnerability of the “Main” function in the TOTOLink A860R microcontroller software is related to the lack of measures for cleaning input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands through the QUERYSTRING parameter...

10CVSS8.2AI score0.03158EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/27 12:0 a.m.12 views

The default installation configuration “[webserver] secret_key” of the Airflow data processing software’s creation, monitoring, and orchestration tools makes it possible for a malicious individual to gain unauthorized access to an external web server.

The vulnerability of the default installation configuration “webserver secretkey” in software for creating, monitoring, and orchestrating Airflow data processing scenarios is related to the use of pre-installed credentials. Exploiting this vulnerability could allow an attacker, operating remotely...

7.7CVSS7.2AI score0.23336EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/07/26 12:0 a.m.12 views

The vulnerability in the web interface for managing device information on the Cisco Common Services Platform Collector allows a attacker to carry out cross-site scripting attacks.

The vulnerability in the web interface for collecting device information on the Cisco Common Services Platform Collector exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks using a...

6.4CVSS6.2AI score0.00685EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/20 12:0 a.m.12 views

The vulnerability of the Apache Tomcat application server’s Realm implementation, related to information disclosure due to mismatches, allows attackers to determine all existing user names.

The vulnerability of the Apache Tomcat application server’s Realm implementation is related to the exposure of information through mismatches. Exploiting this vulnerability allows a remote attacker to discover all existing user names...

5.9CVSS6.5AI score0.07991EPSS
Exploits0References21Affected Software10
BDU FSTEC
BDU FSTEC
added 2022/07/20 12:0 a.m.12 views

The vulnerability of the njs_vmcode_interpreter function (src/njs_vmcode.c) in the njs interpreter of the nginx server allows a hacker to cause a service failure.

The vulnerability of the njsvmcodeinterpreter function src/njsvmcode.c in the njs interpreter of the nginx server involves an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

5.5CVSS5.9AI score0.00628EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.12 views

The vulnerability of the network software for social games and heroiclabs/nakama applications relates to insufficient restrictions on authentication attempts, allowing a perpetrator to gain unauthorized access to protected information.

The vulnerability of the network software for social games and heroiclabs/nakama applications is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

7.8CVSS7.2AI score0.01468EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.12 views

The vulnerability of the ssh_command function in the web interface for managing Roxy-wi servers allows a hacker to execute arbitrary code.

The vulnerability of the sshcommand function in the web interface for managing Roxy-wi servers is related to incorrect elimination of special elements in the output data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.1AI score0.49937EPSS
Exploits3References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.12 views

The vulnerability of the software platform for industrial automation and IoT solutions, Elcomplus SmartICS, is related to inadequate access control mechanisms. This allows a malicious individual to complete any process within the system.

The vulnerability of the software platform for industrial automation and IoT solutions, Elcomplus SmartICS, is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to complete any process within the system remotely...

6.8CVSS5.6AI score0.00741EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.12 views

The vulnerability of the mobile plugin for data processing in Atlassian Jira Server and Data Center allows a perpetrator to execute an SSRF attack.

The vulnerability of the mobile plugin for data processing in Atlassian Jira Server and Data Center is related to insufficient testing of requests on the server side. Exploiting this vulnerability allows a malicious actor to perform an SSRF attack remotely...

7.5CVSS6.5AI score0.71169EPSS
Exploits1References4Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.12 views

The vulnerability of Microprogrammed Software in Omron NJ/NX automation controllers, related to bypassing the authentication process using capture-replay techniques for intercepted parameters, allows a intruder to trigger a service failure or execute arbitrary code.

The vulnerability of Microprogrammed Software in Omron NJ/NX automation controllers lies in the ability to bypass the authentication process by using capture-replay techniques to intercept and replay captured parameters. Exploiting this vulnerability allows a malicious actor to trigger malfunctio...

7.6CVSS7.5AI score0.01146EPSS
Exploits0References4Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.12 views

The software for configuring, testing, and deploying Schneider Electric EcoStruxure Power Commission is vulnerable due to incorrect restrictions on the path to the restricted access catalog. This allows attackers to create or overwrite critical files and execute arbitrary code.

The vulnerability of the software used for configuring, testing, and deploying Schneider Electric EcoStruxure Power Commission involves incorrect restrictions on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to create or re-record...

7.8CVSS8.1AI score0.00782EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/08 12:0 a.m.12 views

The vulnerability of the OAS Engine SecureAddUser function in the platform for data transmission between devices and applications allows a perpetrator to gain unauthorized access to the system.

The vulnerability of the OAS Engine SecureAddUser function on the platform for data transfer between devices and applications is related to the lack of authentication checks for this critical function. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized...

7.8CVSS7.2AI score0.01208EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/08 12:0 a.m.12 views

The vulnerability of the QTS operating system, specifically the QuTS Hero operating system, is related to the lack of protective measures for website structures. This allows attackers to compromise the confidentiality and integrity of information.

The vulnerability of the QTS operating system is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality and integrity of information...

6.1CVSS6.6AI score0.00706EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/08 12:0 a.m.12 views

The vulnerability of the modular interface between web servers and web applications in Rack, related to improper neutralization of special elements used in operating system commands, allows attackers to execute arbitrary shell commands on the target system.

The vulnerability of the modular interface between web servers and web applications in Rack is related to improper input validation during data processing. This issue occurs when data is transmitted through the intermediate software Rack Lint and CommonLogger. Exploiting this vulnerability allows...

10CVSS7.1AI score0.01801EPSS
Exploits0References10Affected Software9
BDU FSTEC
BDU FSTEC
added 2022/07/08 12:0 a.m.12 views

The vulnerability of the AuthToken component in the microprogramming software for Desigo DXR2, PXC3, PXC4, and PXC5 modules allows a hacker to gain access to the device by intercepting the authentication token.

The vulnerability of the AuthToken component in the microprogramming software for Desigo DXR2, PXC3, PXC4, and PXC5 modules is related to an incorrect expiration time of the session. Exploiting this vulnerability can allow attackers to gain access to the device by intercepting the authentication...

9.1CVSS7.7AI score0.00918EPSS
Exploits0References2Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/07/08 12:0 a.m.12 views

The vulnerability in the implementation of diagnostic commands and the import of operating systems for Fireware devices used in network security solutions like WatchGuard Firebox and XTM allows attackers to upload and download arbitrary files.

The vulnerability of the diagnostic commands and the import functions of Fireware operating systems for network security devices like WatchGuard Firebox and XTM lies in the possibility of these commands being exploited. Exploiting this vulnerability allows a malicious actor to upload and download...

7.8CVSS7.6AI score0.01242EPSS
Exploits2References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/29 12:0 a.m.12 views

The vulnerability of the Teamcenter product lifecycle management system lies in the improper restriction of XML references to external objects, which allows attackers to perform XXE attacks.

The vulnerability of the Teamcenter product lifecycle management system is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability could allow a malicious actor to perform XXE attacks remotely...

7.8CVSS7.1AI score0.00964EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/27 12:0 a.m.12 views

The vulnerability of the Infrastructure component of the Oracle Banking Trade Finance software allows a perpetrator to create, delete, or alter access to critical data, gain read-only access to data, or cause partial service disruption.

The vulnerability of Oracle Banking Trade Finance’s Infrastructure component is related to errors in the code. Exploiting this vulnerability allows a malicious actor to create, delete, or alter access to critical data, gain read-only access to data, or cause partial service interruptions through...

6.1CVSS6.8AI score0.00609EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/27 12:0 a.m.12 views

The vulnerability of the Web Services Security component of the Oracle Web Services Manager allows a perpetrator to gain read access to data or modify data.

The vulnerability of the Web Services Security component of the Oracle Web Services Manager exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain read access to data or modify data using specially crafted HTTP...

8.1CVSS6.9AI score0.01623EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/27 12:0 a.m.12 views

The vulnerability of the Financial Gateway component of the PeopleSoft Enterprise FIN Cash Management software allows a perpetrator to gain read access to data or modify data.

The vulnerability of the Financial Gateway component of the PeopleSoft Enterprise FIN Cash Management software exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain read access to data or modify data using specially...

5.4CVSS6.6AI score0.00498EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/27 12:0 a.m.12 views

The vulnerability of the OGG Core Library, a data stream management tool from Oracle GoldenGate, allows a hacker to gain full control over the application.

The vulnerability of the OGG Core Library, a data stream management tool of Oracle GoldenGate, is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain full control over the application...

8.8CVSS7.6AI score0.00308EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/27 12:0 a.m.12 views

The vulnerability of the Core server component of Oracle WebLogic Server allows a attacker to trigger a service failure.

The vulnerability of the Core server component of Oracle WebLogic Server is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions using network T3/IIOP protocols...

7.8CVSS6.9AI score0.01303EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/27 12:0 a.m.12 views

The vulnerability of the Core component in Oracle VM VirtualBox allows a hacker to gain access to modify, add, or delete data, or cause the system to crash or fail in rare cases.

The vulnerability of the Core component in Oracle VM VirtualBox exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to modify, add, or delete data, or cause the system to freeze or, in rare cases, crash...

6.7CVSS6.7AI score0.00358EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/08 12:0 a.m.12 views

The vulnerability of the MultipartStream.java file in the Apache Commons FileUpload library allows a hacker to induce a service failure.

The vulnerability of the MultipartStream.java file in the Apache Commons FileUpload library is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to cause a service failure by manipulating the Content-Type header created by the...

7.5CVSS6.6AI score0.83175EPSS
Exploits8References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/06/07 12:0 a.m.12 views

The vulnerability of the Business Logic Infra SEC component of the JD Edwards EnterpriseOne Tools system for managing enterprise resources allows a perpetrator to gain access to data or cause service interruptions.

The vulnerability of the Business Logic Infra SEC component of the JD Edwards EnterpriseOne Tools system exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to gain read access to data or cause service failures through HTTP requests...

8.5CVSS7.5AI score0.02089EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/05/20 12:0 a.m.12 views

Microsoft Edge’s vulnerability, related to security configuration errors, allows attackers to escalate their privileges.

The vulnerability of Microsoft Edge is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

7.5CVSS7.1AI score0.01307EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/05/13 12:0 a.m.12 views

The vulnerability of the Kerberos KDC component of the Active Directory service for Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the Kerberos KDC component of the Active Directory catalog service on Windows operating systems is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remotely...

9CVSS7.9AI score0.83277EPSS
Exploits8References4
BDU FSTEC
BDU FSTEC
added 2022/04/28 12:0 a.m.12 views

The vulnerability of the networkd-dispatcher component, which manages connection states in Linux operating systems, and is part of the Systemd subsystem responsible for service initialization and management, allows a malicious actor to escalate their privileges or execute arbitrary code.

The vulnerabilities of the networkd-dispatcher component, which manages connection states and initializes services within Systemd in Linux operating systems, stem from synchronization errors when using shared resources. Exploiting these vulnerabilities can allow attackers to increase their...

8.4CVSS5.9AI score0.06716EPSS
Exploits2References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/21 12:0 a.m.12 views

The vulnerability of the audit log of the Cisco Digital Network Architecture (DNA) Center allows attackers to disclose protected information.

The vulnerability of the audit journal of the Cisco Digital Network Architecture DNA Center relates to the lack of protection for operational data. Exploiting this vulnerability could allow an attacker to disclose protected information...

5.5CVSS5.5AI score0.00226EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/21 12:0 a.m.12 views

The vulnerability of the command interface of Cisco IP Phone microprogramming software arises due to an incorrect restriction on the path to the restricted access directory. This allows a malicious individual to read any file in the device’s file system.

The vulnerability of the command interface of Cisco IP Phone microprogramming software exists due to an incorrect restriction on the path name to the restricted access directory. Exploiting this vulnerability could allow a attacker to read any file in the device’s file system...

5.5CVSS5.9AI score0.00258EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/04/21 12:0 a.m.12 views

The vulnerability of the microprogramming software check function for Cisco Small Business routers such as RV160, RV160W, RV260, RV260P, RV260W, RV340, RV340W, RV345, and RV345P allows attackers to install and load malicious software or execute unsigned binary files on vulnerable devices.

The vulnerability of the microprogramming software-based image verification function in Cisco Small Business RV160, RV160W, RV260, RV260P, RV260W, RV340, RV340W, RV345, and RV345P routers is related to improper verification of the cryptographic signature. Exploiting this vulnerability can allow...

9.3CVSS7.7AI score0.09203EPSS
Exploits0References4Affected Software9
BDU FSTEC
BDU FSTEC
added 2022/04/21 12:0 a.m.12 views

The vulnerability of the ext/session/session.c component in the PHP programming language allows a attacker to cause a service failure or potentially cause other effects.

The vulnerability of the ext/session/session.c component of the PHP programming language interpreter is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to cause service interruptions or potentially cause other adverse effects...

10CVSS7.5AI score0.0548EPSS
Exploits0References13Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/04/15 12:0 a.m.12 views

The vulnerability of the FortiOS operating system’s signature verification function allows a hacker to execute arbitrary code.

The vulnerability of the FortiOS operating system’s signature verification function is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially created installation images...

9.3CVSS8.4AI score0.0144EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/04/07 12:0 a.m.12 views

The vulnerabilities of the Go programming language’s `net.ParseIP` and `net.ParseCIDR` components allow attackers to compromise data integrity.

The vulnerability of the net.ParseIP and net.ParseCIDR components in the Go programming language is related to incorrect handling of zeros at the beginning of an IP address octal number. Exploiting this vulnerability allows a remote attacker to compromise data integrity...

7.8CVSS6.9AI score0.03775EPSS
Exploits1References8Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/04/05 12:0 a.m.12 views

Vulnerability of the Server: Optimizer component of the MySQL database management system, which allows a hacker to cause a service failure.

The vulnerability of the Server: Optimizer component of the MySQL database management system is related to errors during resource release. Exploiting this vulnerability allows a malicious actor to cause service interruptions remotely...

6.8CVSS6.4AI score0.02196EPSS
Exploits0References7Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/04/01 12:0 a.m.12 views

The vulnerability of Xen hypervisors is related to deficiencies in authentication procedures. This allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of Xen hypervisors is related to deficiencies in the authentication process. Exploiting this vulnerability allows attackers to access confidential data, compromise its integrity, and cause service failures...

7.2CVSS6.6AI score0.00378EPSS
Exploits0References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/04/01 12:0 a.m.12 views

The vulnerability of the PCRB decoder in the MPEG-4 multimedia platform GPAC’s decoding function allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the PCRB decoder for MPEG-4 multimedia platform GPAC is related to the lack of verification for the result of arithmetic operations. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity, and cause service failure...

9.3CVSS7.6AI score0.0201EPSS
Exploits1References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/03/31 12:0 a.m.12 views

The vulnerability of the zlib library, related to the execution of operations beyond buffer boundaries in memory, allows attackers to cause a service failure.

The vulnerability of the zlib library lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending specially crafted data to the application...

8.5CVSS7AI score0.51733EPSS
Exploits1References35Affected Software15
BDU FSTEC
BDU FSTEC
added 2022/03/25 12:0 a.m.12 views

The vulnerability of the `pjsua_recorder_create` function in the PJSIP multimedia communication library, related to buffer overflow in the stack, allows a attacker to execute arbitrary code.

The vulnerability of the pjsuarecordercreate function in the PJSIP multimedia communication library is related to a boundary error in the PJSUA API when calling pjsuarecordercreate. Exploiting this vulnerability allows an attacker to execute arbitrary code...

10CVSS8.3AI score0.02376EPSS
Exploits0References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/03/18 12:0 a.m.12 views

The vulnerability of the WLAN AutoConfig service in the Microsoft Windows operating system allows a hacker to gain increased privileges.

The vulnerability of the WLAN AutoConfig service in the Microsoft Windows operating system is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

8.3CVSS7.2AI score0.00734EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/03/09 12:0 a.m.12 views

The vulnerability of HEVC Video Extensions relates to improper code generation, allowing attackers to execute arbitrary code.

The vulnerability of HEVC Video Extensions is related to incorrect code generation management. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.8AI score0.02512EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/03/09 12:0 a.m.12 views

The vulnerability of the embedded software of NETGEAR routers such as R7900P, R7960P, R8000, R8000P, MR60, RAX20, RAX45, RAX80, MS60, RAX15, RAX50, RAX75 lies in the lack of measures to sanitize input data. This allows a hacker to execute arbitrary commands.

The vulnerability of NETGEAR R7900P, R7960P, R8000, R8000P, MR60, RAX20, RAX45, RAX80, MS60, RAX15, RAX50, and RAX75 router software lies in the lack of measures for cleaning input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

8.4CVSS7.1AI score0.00631EPSS
Exploits0References3Affected Software12
BDU FSTEC
BDU FSTEC
added 2022/03/09 12:0 a.m.12 views

The vulnerability of the embedded software of NETGEAR routers such as R7850, R7900P, R7960P, R8000, R8000P, RAX200, RAX75, RAX80, RBK752, RBK852, RBR750, RBR850, RBS750, and RBS850 lies in the absence of measures to sanitize input data. This allows attackers to execute arbitrary commands.

The vulnerability of NETGEAR’s integrated routing software devices such as R7850, R7900P, R7960P, R8000, R8000P, RAX200, RAX75, RAX80, RBK752, RBK852, RBR750, RBR850, RBS750, and RBS850 lies in the lack of measures to sanitize input data. Exploiting this vulnerability allows a remote attacker to...

9CVSS8AI score0.01482EPSS
Exploits0References3Affected Software14
BDU FSTEC
BDU FSTEC
added 2022/03/09 12:0 a.m.12 views

The vulnerability of the File Manager API of Google Chrome allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the File Manager API in Google Chrome browser relates to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information through a specially crafted HTML...

9.3CVSS7.7AI score0.00941EPSS
Exploits1References8Affected Software4
Total number of security vulnerabilities5000