90509 matches found
The vulnerability of the `ksmbd_krb5_authenticate()` function in the `ksmbd` component of the Linux operating system allows a hacker to induce a service failure.
The vulnerability of the ksmbdkrb5authenticate function in the ksmbd component of the Linux operating system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to trigger a denial-of-service attack...
The vulnerability of the br_multicast_port_ctx_init() function in the net/bridge/br_multicast.c module, which is part of the Linux kernel’s networking functions, allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the br Multicast Port Context Initialization function in the net/bridge/br Multicast.c module, which implements networking functions in the Linux kernel, is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to...
The vulnerability of the monitoring and control tool for solar energy systems, Tigo Cloud Connect Advanced (CCA), arises from incorrect generation of session identifiers. This allows attackers to gain unauthorized access to protected information.
The vulnerability of the monitoring and control tool for solar energy systems, Tigo Cloud Connect Advanced CCA, is related to the improper generation of session identifiers. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...
The vulnerability in the web interface for managing the Cisco Unified Intelligence Center reporting software and the Cisco Unified Contact Center Express operator automation software allows a malicious individual to execute arbitrary commands and increase their privileges.
The vulnerability in the web interface for creating reports using the Cisco Unified Intelligence Center and the Cisco Unified Contact Center Express software lies in the unlimited download of dangerous files. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands and...
The vulnerability of the ptp_rate() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the ptprate function in the Linux operating system’s kernel is related to the lack of checks for division by zero. Exploiting this vulnerability could allow a attacker to cause a service failure...
The vulnerability of the mgmt_hci_cmd_sync() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the mgmthcicmdsync function in the Linux operating system is related to the execution of operations outside the buffer in memory due to incorrect validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the dm_get_live_table() function in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the dmgetlivetable function in the Linux operating system is related to the use of memory after it has been freed. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the web interface of the information system for state and municipal payments in the Republic of Tatarstan (GIS GMPl) stems from errors in the logic of the web application’s operation. This vulnerability allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the web interface of the information system for state and municipal payments in the Republic of Tatarstan GIS GMPl is related to errors in the logic of the web application’s operation. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthoriz...
The vulnerabilities of the `bnxt_ulp_stop()` and `bnxt_ulp_start()` functions in the Linux operating system’s RoCE kernel driver allow a hacker to trigger a service failure.
The vulnerability of the bnxtulpstop and bnxtulpstart functions in the RoCE kernel driver of the Linux operating system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the FortiIsolator browser isolation platform and the FortiSandbox threat detection and mitigation system lies in the incorrect session duration, allowing attackers to compromise the confidentiality and integrity of protected information.
The vulnerability of the FortiIsolator browser isolation platform and the FortiSandbox threat detection and mitigation system is related to an incorrect session duration. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality and integrity of the protected...
The vulnerability of the IBM Aspera Faspex file-sharing application, related to the implementation of security functions at the client side, allows attackers to compromise the integrity of the protected information.
The vulnerability of the IBM Aspera Faspex file-sharing application is related to the implementation of security functions at the client side. Exploiting this vulnerability allows a malicious actor to compromise the integrity of the protected information from a remote location...
The vulnerability of D-Link DIR-890L router’s microprogramming software, which stems from the use of rigidly encoded login credentials, allows a hacker to execute arbitrary code.
The vulnerability of D-Link DIR-890L router’s microprogramming software is related to the use of rigidly encoded login credentials. Exploiting this vulnerability could allow a hacker to execute arbitrary code...
The vulnerability of the FUN_00425fd8() function (/biurl_grou) of the D-Link DIR-632 router’s microprogramming software allows a hacker to induce a service failure.
The vulnerability of the FUN00425fd8 function /biurlgrou of the D-Link DIR-632 router’s microprogramming system is related to the output of operations that go beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause a service failure by sending a specially...
The vulnerability of Apache CXF web services, related to uncontrolled resource consumption, allows attackers to cause service failures.
The vulnerability of Apache CXF web services is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability in the Web Console management console for OSGi frameworks like Apache Felix allows a attacker to execute cross-site scripting attacks.
The vulnerability of the Web Console Management for OSGi frameworks like Apache Felix is related to the lack of protective measures for the structure of web pages. Exploiting this vulnerability allows a malicious actor to carry out a cross-site scripting attack remotely...
The vulnerability of the ASUS DriverHub tool for installing and updating drivers is related to deficiencies in the data source verification mechanism. This allows a hacker to execute arbitrary code.
The vulnerability of the ASUS DriverHub tool for installing and updating drivers is related to deficiencies in the data source verification mechanism. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code with administrator privileges remotely...
The vulnerability of the software platform for managing execution environments of virtual machines in Apache CloudStack lies in the insecure management of privileges, allowing attackers to escalate their privileges.
The vulnerability of the software platform that manages virtual machine environments in Apache CloudStack relates to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside the buffer in memory, allowing an attacker to cause a service failure.
The vulnerability in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird, related to the disclosure of information, allow attackers to compromise the confidentiality and integrity of protected information.
The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird are related to the exposure of information. Exploiting these vulnerabilities can allow a malicious actor to compromise the confidentiality and integrity of the protected information...
The vulnerability of the default_version_is_new() function in Netgear’s JWNR2000v2 router software allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the defaultversionisnew function in Netgear’s JWNR2000v2 router software lies in the copying of buffers without checking the size of the input data when processing the host parameter. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrit...
The vulnerability of the AI-based code editor Cursor lies in its lack of measures to neutralize special elements used in the operating system command. This allows a perpetrator to execute arbitrary code.
The vulnerability of the AI-based code editor Cursor relates to the failure to take measures to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Cast component of the Google Chrome browser, which allows a perpetrator to gain unauthorized access to protected information
The vulnerability of the Cast component of the Google Chrome browser relates to the use of memory after it is freed. Exploiting this vulnerability allows an attacker who operates remotely to gain unauthorized access to protected information...
The vulnerability of PackageKit in macOS operating systems allows attackers to circumvent security restrictions and compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of PackageKit for macOS operating systems is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and compromise the confidentiality, integrity, and accessibility of protected information...
The vulnerability of the DDSH CLI interface for Dell EMC Data Domain Operating Systems allows a perpetrator to execute arbitrary commands.
The vulnerability of the DDSH CLI interface for Dell EMC Data Domain Operating Systems is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability can allow attackers to execute arbitrary commands...
The vulnerability in the web interface for managing Microprogramming Software on Intelbras RX 1500 and RX 3000 allows attackers to carry out cross-site scripting attacks.
The vulnerability of the web interface for managing Microprogramming Software on Intelbras RX 1500 and RX 3000 is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks by sendi...
The vulnerability of the getAuthCode() function in D-Link DIR-605L router microprogramming software allows a hacker to execute any code with root privileges.
The vulnerability of the getAuthCode function in D-Link DIR-605L router microprogramming software is related to buffer overflows in the CAPTCHA processing stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands with root privileges...
The vulnerability of the Accessibility component in operating systems such as iOS and iPadOS allows attackers to disclose protected information.
The vulnerability of the “Accessibility” component in iOS and iPadOS operating systems is related to deficiencies in restricting access to personal information. Exploiting this vulnerability can allow attackers to disclose protected information...
The vulnerability of the Framework component in Android operating systems, which allows a hacker to increase their privileges
The vulnerability of the Framework component in Android operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of NVIDIA GeForce, Quadro, NVS, and Tesla graphics processors’ microprogramming software relates to the disclosure of system data by unauthorized individuals, allowing attackers to gain unauthorized access to protected information.
The vulnerability of NVIDIA GeForce, Quadro, NVS, and Tesla graphics processors’ microprogramming software relates to the disclosure of system data by unauthorized individuals. Exploiting this vulnerability can allow a hacker to gain unauthorized access to protected information...
The vulnerability of the Wlan AP Driver software driver from MediaTek’s microprogramming chips allows attackers to enhance their privileges.
The vulnerability of the Wlan AP Driver software driver from MediaTek is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow a remote attacker to gain increased privileges...
The vulnerability of the formSetEmail function (/goform/formSetEmail) in the D-Link DIR-619L router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the formSetEmail function /goform/formSetEmail of the D-Link DIR-619L router’s microprogramming software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...
The vulnerability in the proxy_client.asp script of the D-Link DI-7300G+ router’s software allows a hacker to execute arbitrary commands.
The vulnerability of the proxyclient.asp script in the D-Link DI-7300G+ router microprogramming system is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary command...
The vulnerability of the qfq_aggregate() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the qfqaggregate function in the Linux operating system’s kernel is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the ep_poll() function in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the eppoll function in the Linux operating system’s kernel is related to improper resource locking. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the eir_create_adv_data() function in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the eircreateadvdata function in the Linux operating system is related to incorrect initialization of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the formWebTypeLibrary() function in the Tenda FH451 router’s microprogramming software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the formWebTypeLibrary function in the Tenda FH451 router’s microprogramming software is related to the operation of writing data outside the buffer in memory when processing the webSiteId parameter. Exploiting this vulnerability allows an attacker to execute arbitrary code o...
The vulnerability of the k3_udma_glue_reset_rx_chn() function in Linux operating systems allows a hacker to trigger a service failure.
The vulnerability of the k3udmaglueresetrxchn function in Linux operating systems is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the LeAudioService service in Android operating systems allows a hacker to gain access to read and modify data.
The vulnerability of the LeAudioService service on Android operating systems is related to access control errors. Exploiting this vulnerability can allow an attacker to gain access to read and modify data...
The vulnerability of the driver module edac/igen6_edac.c in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the drivers/edac/igen6edac.c module in the Linux operating system is related to pointer manipulation. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the software for organizing and managing knowledge bases and documentation, KBPublisher, arises from the lack of protective measures for website structures. This allows attackers to carry out XSS attacks.
The vulnerability of the software for organizing and managing knowledge bases and documentation, KBPublisher, is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks...
The vulnerability of the 3D model texturing program Adobe Substance 3D Designer, related to writing beyond buffer boundaries in memory, allows a hacker to gain unauthorized access to protected information.
The vulnerability of the 3D model texturing program Adobe Substance 3D Designer lies in the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...
The vulnerability in the driver module drivers/net/vxlan/vxlan_core.c of Linux operating systems allows a attacker to compromise the integrity of protected information.
The vulnerability in the drivers/net/vxlan/vxlancore.c module of Linux operating systems is related to the state of the network competition. Exploiting this vulnerability can allow an attacker to compromise the integrity of protected information...
The vulnerability of Adobe Illustrator’s graphic editor lies in the possibility of an operation going beyond the buffer boundaries in memory, allowing a hacker to execute arbitrary code.
The vulnerability of Adobe Illustrator’s graphic editor is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially created malicious file...
The vulnerability of the LSILogic software module in Oracle VM VirtualBox allows a hacker to gain unauthorized access to protected information.
The vulnerability of the LSILogic software module in Oracle VM VirtualBox relates to the insecure management of privileges due to improper memory release. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...
The vulnerability of the Internal Operations component of the Oracle Lease and Finance Management system, a business automation solution, allows a perpetrator to gain access to read, modify, and delete information.
The vulnerability of the Internal Operations component of the Oracle Lease and Finance Management system, a part of the Oracle E-Business Suite, relates to deficiencies in the authorization process. Exploiting this vulnerability could allow an attacker to gain access to read, modify, and delete...
Vulnerability of the Server component: The MySQL Server database management system, which allows a hacker to cause service interruptions.
Vulnerability of the MySQL Server component: The DDL system for database management of MySQL Server is vulnerable to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
The vulnerability of the Consul and Consul Enterprise service configuration tool, related to unvalidated returned values, allows attackers to circumvent established security restrictions.
The vulnerability of the Consul and Consul Enterprise service configuration tool is related to an unvalidated returned value. Exploiting this vulnerability allows a malicious actor to bypass established security restrictions from a remote location...
The vulnerability of the netdev_lock() function in the iavf component of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the netdevlock function in the iavf component of the Linux operating system is related to mutual locking of execution threads. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the Windows RRAS operating system’s routing and remote access service allows a hacker to execute arbitrary code.
The vulnerability of the Windows RRAS operating system’s routing and remote access service is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the OpenSearch software package lies in its lack of measures to protect the structure of web pages, allowing attackers to execute arbitrary code.
The vulnerability of the OpenSearch software package is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a perpetrator to execute arbitrary code...