Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2022/03/05 12:0 a.m.12 views

The vulnerability of NETGEAR’s integrated routing software for models CBR750, RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850 lies in the lack of measures to sanitize input data. This allows attackers to execute arbitrary commands.

The vulnerability of NETGEAR’s integrated routing software, including models such as CBR750, RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850, stems from the lack of measures to sanitize input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

9.6CVSS8AI score0.00903EPSS
Exploits0References3Affected Software7
BDU FSTEC
BDU FSTEC
added 2022/03/04 12:0 a.m.12 views

The vulnerability of NETGEAR’s integrated routing software, including models like RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850, stems from the lack of measures to sanitize input data. This allows attackers to execute arbitrary commands.

The vulnerability of NETGEAR’s integrated routing software, including models like RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850, stems from the lack of measures to sanitize input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

8.4CVSS7.1AI score0.00695EPSS
Exploits0References3Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/03/04 12:0 a.m.12 views

The vulnerability of the threat detection mechanism for Microsoft Defender for IoT, related to improper code generation, allows a malicious actor to execute arbitrary code.

The vulnerability of the Microsoft Defender for IoT threat detection mechanism is related to improper code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially crafted request...

8.1CVSS8.2AI score0.01992EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/02/28 12:0 a.m.12 views

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2020 are related to memory usage after it is released. This allows attackers to execute arbitrary code.

The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 is related to the use of memory after it is freed. Exploiting this...

9.3CVSS7.6AI score0.05172EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/02/25 12:0 a.m.12 views

The vulnerability of Microsoft Edge browser, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Edge is related to information representation errors in the user interface. Exploiting this vulnerability can allow a malicious actor to perform spear-phishing attacks remotely...

5.3CVSS6.6AI score0.01573EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/02/25 12:0 a.m.12 views

The vulnerability of the Redis database management system for Debian GNU/Linux operating systems, related to improper code generation, allows a hacker to execute arbitrary code.

The vulnerability of the Redis database management system in Debian GNU/Linux operating systems is related to improper code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

8.1CVSS8.2AI score0.9967EPSS
Exploits9References10Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/02/22 12:0 a.m.12 views

The vulnerability of the Web packaging components of Google Chrome and Microsoft Edge allows attackers to execute arbitrary code.

The vulnerability of the Web packaging components in Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code through a specially created web page...

10CVSS8.1AI score0.0075EPSS
Exploits0References11Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/02/17 12:0 a.m.12 views

The vulnerability of the CGI program of the Zyxel NBG6604 switch, related to incorrect session duration, allows attackers to gain access to the device.

The vulnerability of the CGI program of the Zyxel NBG6604 switch is related to an incorrect session duration. Exploiting this vulnerability can allow a malicious actor to gain access to the device by intercepting the authentication token...

9.4CVSS7.7AI score0.01044EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/02/16 12:0 a.m.12 views

The vulnerability of the msp_info.htm file implementation in D-Link DI-7200G V2.E1 microprogrammable router software allows a hacker to execute arbitrary commands.

The vulnerability of the mspinfo.htm file implementation of the D-Link DI-7200G V2.E1 router microprogramming system is related to insufficient cleaning of input data during the processing of the cmd parameter. Exploiting this vulnerability allows an attacker to execute arbitrary commands remotel...

10CVSS8.1AI score0.03746EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/02/16 12:0 a.m.12 views

The vulnerability of the implementation of the SetWLanApcliSettings() function in D-Link DIR-823-Pro wireless router software allows a hacker to execute arbitrary commands.

The vulnerability of the implementation of the SetWLanApcliSettings function in the microprogramming software for D-Link DIR-823-Pro wireless routers is related to insufficient cleaning of input data during the processing of the ApCliKeyStr parameter. Exploiting this vulnerability allows a remote...

10CVSS8.1AI score0.04525EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/02/10 12:0 a.m.12 views

The vulnerability of the logback logging library, related to deficiencies in the deserialization mechanism, allows attackers to execute arbitrary code.

The vulnerability of the logback logging library is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code...

8.5CVSS7.2AI score0.04439EPSS
Exploits1References6Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/02/10 12:0 a.m.12 views

The vulnerability of the Windows GDI+ component in Windows operating systems allows attackers to disclose sensitive information that is protected by security measures.

The vulnerability of the Windows GDI+ component in Windows operating systems is related to deficiencies in the system’s controlled areas. Exploiting this vulnerability can allow attackers to disclose sensitive information that should be protected...

6.8CVSS6.8AI score0.02738EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/02/10 12:0 a.m.12 views

The vulnerability of the Windows Installer component on Windows operating systems, which allows a hacker to increase their privileges

The vulnerability of the Cleanup Manager in Windows operating systems relates to the improper handling of references before accessing files. Exploiting this vulnerability can allow an attacker to increase their privileges...

5.5CVSS7.2AI score0.01483EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/02/10 12:0 a.m.12 views

The vulnerability of the software responsible for creating, monitoring, and orchestrating data processing scripts in Airflow lies in the failure to take measures to neutralize special elements used in the OS commands. This allows a malicious actor to execute arbitrary commands with superuser privileges.

The vulnerability of the software used for creating, monitoring, and orchestrating data processing scripts in Airflow is related to the lack of measures taken to neutralize special elements used in the OS commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary comman...

8.8CVSS8.1AI score0.99118EPSS
Exploits9References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/01/25 12:0 a.m.12 views

The vulnerabilities of NETGEAR Wi-Fi router microprogramming systems, such as AC2100, AC2400, AC2600, D7000, R6220, R6230, R6260, R6330, R6350, R6700v2, R6800, R6850, R6900v2, R7200, R7350, R7400, and R7450, are related to authentication mechanism flaws. These flaws allow attackers to circumvent security restrictions.

The vulnerabilities of NETGEAR Wi-Fi router software models AC2100, AC2400, AC2600, D7000, R6220, R6230, R6260, R6330, R6350, R6700v2, R6800, R6850, R6900v2, R7200, R7350, R7400, and R7450 are related to authentication mechanism flaws. Exploiting these vulnerabilities can allow attackers to bypas...

7.4CVSS7.9AI score0.17641EPSS
Exploits1References3Affected Software17
BDU FSTEC
BDU FSTEC
added 2022/01/25 12:0 a.m.12 views

The vulnerability of the built-in software on NETGEAR RBS50Y, SRK60, SRR60, SRS60, SXK30, SXR30, SXS30, SRC60 Wi-Fi routers lies in the insufficient protection of operational data, allowing attackers to influence the integrity and confidentiality of the protected information.

The vulnerability of the built-in software on NETGEAR Wi-Fi routers such as RBS50Y, SRK60, SRR60, SRS60, SXK30, SXR30, SXS30, and SRC60 relates to insufficient protection for operational data. Exploiting this vulnerability can allow a malicious actor to influence the integrity and confidentiality...

8.2CVSS7.8AI score0.00863EPSS
Exploits0References3Affected Software8
BDU FSTEC
BDU FSTEC
added 2022/01/12 12:0 a.m.12 views

The vulnerability of the DirectX Graphics Kernel File component in the Windows operating system allows a hacker to trigger a service failure.

The vulnerability of the DirectX Graphics Kernel File component in the Windows operating system exists due to insufficient testing of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

6.5CVSS7.3AI score0.03663EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/01/10 12:0 a.m.12 views

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.8CVSS8AI score0.00875EPSS
Exploits0References9Affected Software7
BDU FSTEC
BDU FSTEC
added 2021/12/24 12:0 a.m.12 views

The vulnerability of the “company_filter” parameter in the “user_list” component of the Advantech R-SeeNet monitoring software allows a hacker to execute arbitrary SQL queries.

The vulnerability of the “companyfilter” parameter in the “userlist” component of the Advantech R-SeeNet monitoring software for router status and functions is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execu...

7.7CVSS5.9AI score0.01134EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2021/12/21 12:0 a.m.12 views

The vulnerability of the contrib/vhost-user-gpu/vhost-user-gpu.c and contrib/vhost-user-gpu/virgl.c components of the QEMU hardware emulation software is related to improper memory release before deleting last references. This allows a malicious actor to trigger a service failure.

The vulnerability of the contrib/vhost-user-gpu/vhost-user-gpu.c and contrib/vhost-user-gpu/virgl.c components of the QEMU hardware emulation software is related to improper memory release before deleting last references. Exploiting this vulnerability allows an attacker to cause a service failure...

6.5CVSS6.4AI score0.00436EPSS
Exploits0References13Affected Software4
BDU FSTEC
BDU FSTEC
added 2021/12/20 12:0 a.m.12 views

The vulnerability of the web interface and API of the Cisco Application Policy Infrastructure Controller allows a perpetrator to execute arbitrary commands.

The vulnerability of the Cisco Application Policy Infrastructure Controller’s web interface and API exists due to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands...

8.5CVSS8AI score0.01139EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/11/18 12:0 a.m.12 views

The vulnerability of the PAN-OS operating system, related to deficiencies in access control, allows a perpetrator to perform actions permitted by the EC2 role in AW.

The vulnerability of the PAN-OS operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor, operating remotely, to perform arbitrary actions permitted by the EC2 role in AW...

8.1CVSS7.7AI score0.00697EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/11/12 12:0 a.m.12 views

The vulnerability of the AnyConnect and WebVPN interfaces of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) allows a perpetrator to cause service interruptions.

The vulnerability of AnyConnect and WebVPN web services, which are part of Cisco Adaptive Security Appliance ASA and Cisco Firepower Threat Defense FTD, stems from insufficient validation of input data during syntax analysis of HTTPS requests. Exploiting this vulnerability can allow a malicious...

8.6CVSS7.2AI score0.01307EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/11/12 12:0 a.m.12 views

The vulnerability of the datatables.net package’s DataTables library allows a hacker to execute arbitrary code or cause a denial-of-service attack.

The vulnerability of the datatables.net package’s DataTables library is related to insufficient control over modifications to dynamically defined object properties. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or cause service failures...

7.5CVSS7AI score0.0367EPSS
Exploits2References10Affected Software3
BDU FSTEC
BDU FSTEC
added 2021/11/12 12:0 a.m.12 views

The vulnerability of the command-line interface (CLI) of Cisco IOS XE SD-WAN software allows a attacker to execute arbitrary commands.

The vulnerability of the Cisco IOS XE SD-WAN software’s command-line interface is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows an attacker to execute arbitrary commands...

6.8CVSS6.9AI score0.00346EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/11/11 12:0 a.m.12 views

The vulnerability of Microsoft Exchange Server servers, related to deficiencies in access control, allows attackers to increase their privileges.

The vulnerability of Microsoft Exchange Server is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to increase their privileges...

8CVSS7.2AI score0.00572EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/11/10 12:0 a.m.12 views

The vulnerability of the UserGate UTM corporate network interface of UserGate D500 allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the UserGate UTM corporate network interface of UserGate D500 exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to influence the confidentiality and integrity of the protected information...

4.2CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/10/29 12:0 a.m.12 views

The vulnerability of software for implementing VNC and TigerVNC lies in authentication process errors, which allow attackers to gain access to confidential data and compromise its integrity.

The vulnerability of the software for implementing VNC TigerVNC is related to improper handling of TLS certificate exceptions. Exploiting this vulnerability can allow a remote attacker to access confidential data and compromise its integrity...

8.1CVSS7.5AI score0.0306EPSS
Exploits0References11Affected Software3
BDU FSTEC
BDU FSTEC
added 2021/10/15 12:0 a.m.12 views

The vulnerability of the Hyper-V hardware virtualization system’s Windows operating system, related to improper code generation management, allows attackers to escalate their privileges.

The vulnerability of the Hyper-V hardware virtualization technology in the Windows operating system is related to incorrect code generation. Exploiting this vulnerability can allow a remote attacker to gain increased privileges...

8CVSS7.6AI score0.01064EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/10/13 12:0 a.m.12 views

The vulnerability of the Bluetooth Classic microprogramming device implementations of Zhuhai Jieli ATS2815 and ATS2819 arises due to insufficient verification of input data. This allows a perpetrator to trigger a service failure.

The vulnerability of the Bluetooth Classic microprogramming device implementations of Zhuhai Jieli ATS2815 and ATS2819 exists due to insufficient verification of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures through the created LMP...

6.5CVSS6.6AI score0.00443EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2021/10/13 12:0 a.m.12 views

The vulnerabilities of the ServerProtect Management Console, including the ServerProtect for Storage (SPFS), ServerProtect for EMC Celerra (SPEMC), ServerProtect for Network Appliance Filers (SPNAF), and ServerProtect for Microsoft Windows/Novell Netware (SPNT), allow attackers to bypass authentication procedures and gain unauthorized access to protected information.

The vulnerability of the ServerProtect Management Console for Server Protection and ServerProtect for Storage Systems SPFS, ServerProtect for EMC Celerra SPEMC, ServerProtect for Network Appliance Filers SPNAF, and ServerProtect for Microsoft Windows/Novell Netware SPNT is related to authenticati...

10CVSS7.7AI score0.09019EPSS
Exploits0References6Affected Software4
BDU FSTEC
BDU FSTEC
added 2021/10/13 12:0 a.m.12 views

The vulnerability of the Cypress WICED BT Bluetooth Classic stack implementation for the CYW20735B1 device arises due to insufficient validation of input data. This allows a malicious actor to trigger a service failure.

The vulnerability of the Cypress WICED BT Bluetooth Classic stack implementation for the CYW20735B1 device exists due to insufficient validation of input data. Exploiting this vulnerability could allow a remote attacker to cause service failure...

6.5CVSS6.6AI score0.00581EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/10/13 12:0 a.m.12 views

The vulnerability of the Moxa MXView network control software, related to the use of rigid password encoding, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Moxa MXView network control software lies in the use of fixed password encoding schemes. Exploiting this vulnerability could allow an unauthorized attacker to gain unauthorized access to protected information by using the default passwords...

10CVSS8AI score0.01113EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/10/13 12:0 a.m.12 views

The vulnerability of Visual Studio Code’s source editor lies in its insecure handling of privileges, allowing attackers to elevate their privileges.

The vulnerability of Visual Studio Code’s source editor is related to the insecure management of privileges. Exploiting this vulnerability could allow an attacker to enhance their privileges...

7.8CVSS7.2AI score0.00491EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/10/13 12:0 a.m.12 views

The vulnerability of the Siemens Solid Edge Viewer application, a tool set for design and simulation with Siemens Solid Edge, allows a malicious actor to execute arbitrary code.

The vulnerability of the Siemens Solid Edge Viewer application, a tool for design and simulation, is related to the use of memory after it is freed during OBJ file syntax analysis. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created malicio...

8.8CVSS7.6AI score0.01122EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/10/13 12:0 a.m.12 views

The vulnerability of the SONICWALL Ethernet switch control interface of the SMA 100 series allows a intruder to alter the device’s configuration to the factory settings and trigger a failure in the target system’s service.

The vulnerability of the SMA 100 series SONICWALL network interface controllers is related to access control errors. Exploiting this vulnerability allows a malicious actor to alter the device’s configuration to the factory settings and cause failures in the target system’s services...

9.4CVSS8AI score0.80701EPSS
Exploits4References5Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/10/13 12:0 a.m.12 views

The vulnerability of the Bluetooth Classic platform for software development, developed by Zhuhai Jieli AC6366C BT SDK, stems from insufficient validation of input data. This allows attackers to trigger service failures.

The vulnerability of the Bluetooth Classic platform used for software development by Zhuhai Jieli AC6366C BT SDK exists due to insufficient verification of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure through the created LMP packe...

6.5CVSS6.6AI score0.00688EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/10/08 12:0 a.m.12 views

The vulnerability of the Bluetooth Classic microprogramming device implementations of Zhuhai Jieli AC690X and AC692X arises due to insufficient verification of input data. This allows attackers to trigger malfunctions in the device’s service.

The vulnerability of the Bluetooth Classic microprogramming system implementation in Zhuhai Jieli AC690X and AC692X devices exists due to insufficient verification of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures through the created...

5.7CVSS6.1AI score0.00366EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2021/08/20 12:0 a.m.12 views

The vulnerability of the Server Name Identification (SNI) component of the Cisco Web Security Appliance internet server, the micro-programming software for Cisco Firepower Threat Defense network firewalls, and the intrusion detection systems allows a malicious actor to gain full control over the compromised host and unauthorized access to protected information.

The vulnerability of the Server Name Identification SNI component of the Cisco Web Security Appliance internet server, as well as the micro-programming software for Cisco Firepower Threat Defense and the intrusion detection system Snort, is related to SSL handshake filtering errors. Exploiting th...

5.8CVSS6.5AI score0.01684EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/08/18 12:0 a.m.12 views

The vulnerability of the Adobe Framemaker desktop publishing system, related to writing beyond the buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Framemaker system lies in the writing of data beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user...

8.8CVSS7.9AI score0.04528EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/08/18 12:0 a.m.12 views

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud, as well as Adobe Acrobat 2017 and Adobe Acrobat Reader 2017, are related to memory usage after it is released. These vulnerabilities allow attackers to gain unauthorized access to protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, and Adobe Acrobat Reader 2017 are related to the use of memory after it is freed. Exploiting these vulnerabilities can allow an attacker to gain...

7.1CVSS6.8AI score0.09576EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/08/18 12:0 a.m.12 views

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat, and Adobe Acrobat Reader, related to information disclosure, allow attackers to gain unauthorized access to protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2019, and Adobe Acrobat Reader 2019 are related to information disclosure. Exploiting these vulnerabilities can allow unauthorized actors to gain...

7.8CVSS6.9AI score0.02175EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/08/10 12:0 a.m.12 views

The vulnerability of the wildfly-core Java application server software allows a attacker to compromise the confidentiality and integrity of the protected information.

The vulnerability of the wildfly-core Java application server from WildFly is related to deficiencies in the access control mechanism. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and integrity of the protected information...

3.6CVSS5.7AI score0.00761EPSS
Exploits0References3Affected Software6
BDU FSTEC
BDU FSTEC
added 2021/08/06 12:0 a.m.12 views

The vulnerability in the J-Web web interface of the Junos operating system, which allows a hacker to elevate their privileges to the root level.

The vulnerability in the J-Web web interface of the Junos operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to elevate their privileges to the root level...

10CVSS7.2AI score0.00924EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/07/20 12:0 a.m.12 views

The vulnerability of the Content-Length header in the Apache Traffic Server web server allows a hacker to compromise the integrity of the protected information.

The vulnerability of the Content-Length header in the Apache Traffic Server web server is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a malicious actor to compromise the integrity of the protected information...

7.8CVSS7.2AI score0.02137EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/07/20 12:0 a.m.12 views

The vulnerability of the MagickCore/visual-effects.c file, a set of programs for reading and editing ImageMagisk files, arises from the lack of zero-division checking. This allows an attacker to trigger a service failure.

The vulnerability of the MagickCore/visual-effects.c file, a set of programs for reading and editing ImageMagisk files, is related to the lack of checks for division by zero. Exploiting this vulnerability could allow an attacker to cause service interruptions...

7.1CVSS6.7AI score0.01199EPSS
Exploits0References13Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/07/20 12:0 a.m.12 views

The vulnerability of Google Chrome’s V8 engine, related to the execution of operations beyond the buffer in memory, allows attackers to access confidential information or cause service failures.

The vulnerability of Google Chrome’s V8 engine is related to insufficient input validation. Exploiting this vulnerability can allow an attacker to access confidential information or cause service failures...

8.8CVSS7.9AI score0.70435EPSS
Exploits6References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2021/07/20 12:0 a.m.12 views

The vulnerability of the FortiMail email protection system lies in the lack of measures to protect the SQL query structure, allowing attackers to execute arbitrary code or commands.

The vulnerability of the FortiMail email protection system lies in the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary codes or commands using specially crafted HTTP requests...

9.8CVSS8.2AI score0.0143EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/07/20 12:0 a.m.12 views

The vulnerability of the cachekey plugin in the Apache Traffic Server web server allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the cachekey plugin in the Apache Traffic Server web server arises from an operation that occurs outside the buffer limits of the stack. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected...

10CVSS8AI score0.02711EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/07/20 12:0 a.m.12 views

The vulnerability of the writeTileData function in the OpenEXR library, related to writing beyond the buffer boundary, allows a attacker to cause a service failure.

The vulnerability of the writeTileData function in the OpenEXR library lies in the issue of writing beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

6.5CVSS6.9AI score0.01134EPSS
Exploits1References12Affected Software5
Total number of security vulnerabilities5000