90509 matches found
The vulnerability of the Internal Operations component of the Oracle Lease and Finance Management system, a business automation solution, allows a perpetrator to gain access to read, modify, and delete information.
The vulnerability of the Internal Operations component of the Oracle Lease and Finance Management system, a part of the Oracle E-Business Suite, relates to deficiencies in the authorization process. Exploiting this vulnerability could allow an attacker to gain access to read, modify, and delete...
Vulnerability of the Server component: The MySQL Server database management system, which allows a hacker to cause service interruptions.
Vulnerability of the MySQL Server component: The DDL system for database management of MySQL Server is vulnerable to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
The vulnerability of the Consul and Consul Enterprise service configuration tool, related to unvalidated returned values, allows attackers to circumvent established security restrictions.
The vulnerability of the Consul and Consul Enterprise service configuration tool is related to an unvalidated returned value. Exploiting this vulnerability allows a malicious actor to bypass established security restrictions from a remote location...
The vulnerability of the netdev_lock() function in the iavf component of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the netdevlock function in the iavf component of the Linux operating system is related to mutual locking of execution threads. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the CADImage plugin in the IrfanView software, which is used for viewing and playing graphic, video, and audio files, allows a hacker to execute arbitrary code.
The vulnerability of the CADImage plugin for viewing and playing back graphic, video, and audio files in IrfanView arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially...
The vulnerability of the Windows RRAS operating system’s routing and remote access service allows a hacker to execute arbitrary code.
The vulnerability of the Windows RRAS operating system’s routing and remote access service is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the Microsoft 365 Apps for Enterprise package, related to the use of cryptographic algorithms containing defects, allows a hacker to circumvent security restrictions.
The vulnerability of the Microsoft 365 Apps for Enterprise package is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow an attacker to circumvent security restrictions...
The vulnerability of Websoft HCM’s automation software for HR processes stems from the lack of measures taken to neutralize special elements used in the operating system’s commands. This allows attackers to execute arbitrary commands.
The vulnerability of Websoft HCM’s automation software for HR processes is related to the lack of measures taken to neutralize special elements used in the operating system’s commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by invoking methods from th...
The vulnerability of the Public Update Page component in microprogramming software for Ethernet modules WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN allows attackers to enhance their privileges.
The vulnerability of the Public Update Page component in microprogramming software for Ethernet modules WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN is related to the absence of authentication for a critical function. Exploiting this vulnerability can allow an attacker to increase their privilege...
The vulnerability of the JTAG microprogramming software components in Ethernet modules WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN allows intruders to implant or modify the firmware.
The vulnerability of the JTAG microprogramming software components in Ethernet modules WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN is related to access control deficiencies. Exploiting this vulnerability can allow attackers to implant or modify the firmware...
The vulnerability of the OpenSearch software package lies in its lack of measures to protect the structure of web pages, allowing attackers to execute arbitrary code.
The vulnerability of the OpenSearch software package is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a perpetrator to execute arbitrary code...
The vulnerability of the Session Cookie Handler component in the microprogramming-based Ethernet modules WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN allows a hacker to obtain user passwords by force.
The vulnerability of the Session Cookie Handler component in the microprogramming-based Ethernet modules WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN relates to the ability to retrieve user credentials. Exploiting this vulnerability could allow a malicious actor to obtain user passwords through...
The vulnerability of the formConnectionSetting() function (/goform/formConnectionSetting) in the Wi-Fi range extension software by Belkin, allows a intruder to cause a service failure.
The vulnerability of the formConnectionSetting function /goform/formConnectionSetting of the Belkin F9K1122 Wi-Fi range extender software is due to a buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to cause a service failure remotely...
The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software, related to the occurrence of operations outside the buffer in memory, allows attackers to disclose protected information.
The vulnerability of PDF-XChange Editor’s PDF document viewing and editing functionality is related to the occurrence of operations outside the buffer during the processing of PRC files. Exploiting this vulnerability can allow an attacker to disclose protected information...
The vulnerability of PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO programs relates to the use of memory after it is freed, allowing an attacker to execute arbitrary code.
The vulnerability of PDF viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the use of memory after it is freed during file processing for U3D operations. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the HarmonyOS operating system, related to buffer overflows in the stack, allows attackers to compromise the accessibility of protected information.
The vulnerability of the HarmonyOS operating system is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to compromise the accessibility of protected information...
The vulnerability of the PDF Preview module in the HarmonyOS operating system, which allows a hacker to trigger a service failure
The vulnerability of the PDF Preview module in the HarmonyOS operating system is related to pointer manipulation. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...
The vulnerability of the HarmonyOS operating system, related to buffer overflows in the stack, allows a attacker to trigger a service failure.
The vulnerability of the HarmonyOS operating system is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to trigger a service failure...
The vulnerability of the omap_prm.c component in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the omapprm.c component in the Linux operating system’s kernel is related to pointer dereferencing errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the microprogrammed software of Ruijie NBR2000G, NBR1300G, and Ruijie NBR1000 lies in the insufficient protection of operational data, allowing attackers to gain access to the administrator account.
The vulnerability of the microprogrammed software of Ruijie NBR2000G, NBR1300G, and Ruijie NBR1000 lies in the insufficient protection of operational data during the processing of the /WEBVMS/LEVEL15/ endpoint. Exploiting this vulnerability can allow a malicious actor to gain access to the...
The vulnerability of the web manager for managing files and directories in File Browser, related to the use of default user accounts, allows a perpetrator to execute a brute-force attack.
The vulnerability of the web manager responsible for managing files and directories in File Browser is related to the use of default user accounts. Exploiting this vulnerability could allow a malicious actor to execute a brute-force attack remotely...
The vulnerability of the exfat_load_bitmap() function in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the exfatloadbitmap function in the Linux operating system’s kernel is related to improper memory release before deleting the last reference. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the xe_pat.c component in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the xepat.c component in the Linux operating system’s kernel is related to errors during initialization of variables. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the mwifiexcmd_802_11_scan_ext() function in the drivers/net/wireless/marvell/mwifiex/scan.c file of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the mwifiexcmd80211scanext function in the drivers/net/wireless/marvell/mwifiex/scan.c file of the Linux kernel is related to the copying of buffers without checking the input data. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the http-foundation component of the Symfony software development and web application management platform allows attackers to access confidential data.
The vulnerability of the http-foundation component of the Symfony software development and web application management platform is related to the use of open redirection. Exploiting this vulnerability could allow an attacker to gain access to confidential data...
The vulnerability of the net/sched component in the Linux operating system’s kernel, which allows a hacker to trigger a service failure
The vulnerability of the net/sched component in the Linux operating system’s kernel is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the drivers/gpu/drm/vc4 cores of the Linux operating system, which allows a hacker to cause a service failure
The vulnerability of the drivers/gpu/drm/vc4 components of the Linux operating system is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the netfilter component in the Linux operating system’s kernel allows a hacker to induce a service failure.
The vulnerability of the netfilter component in the Linux operating system’s kernel is related to the simultaneous execution using shared resources with incorrect synchronization. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability in the `drivers/infiniband/hw/bnxt_re/main.c` component of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability in the drivers/infiniband/hw/bnxtre/main.c component of the Linux operating system is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability can allow an attacker to cause a service failure...
Vulnerability of components such as drivers, GPU, DRM, AMD, and display cores in the Linux operating system, which allows a hacker to trigger a service failure.
The vulnerability of components such as drivers, GPU, DRM, AMD, and display cores in the Linux operating system is related to synchronization errors. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the Nix, Lix, and Guix package managers lies in their lack of access control mechanisms, allowing attackers to gain read and write access to data.
The vulnerability of the Nix, Lix, and Guix package managers is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to gain read and write access to data...
The vulnerability in the LLVM Toolchain development tools relates to reading data beyond the allowed buffer boundaries, allowing an attacker to trigger a service failure.
The vulnerability of the LLVM Toolchain development tools is related to reading data beyond the allowed buffer size. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the software for the Hitachi Energy MicroSCADA X SYS600 system, related to insecure management of privileges, allows a perpetrator to disclose protected information.
The vulnerability of the software used in the Hitachi Energy MicroSCADA X SYS600 equipment management system is related to insecure management of privileges. Exploiting this vulnerability could allow an attacker to disclose protected information...
The vulnerability of the net/smc component in Linux operating systems allows attackers to compromise data integrity.
The vulnerability of the net/smc component in Linux operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to compromise the integrity of data...
The vulnerability in the LLVM Toolchain development tools relates to the execution of operations outside of the buffer in memory, allowing an attacker to trigger a service failure.
The vulnerability of the LLVM Toolchain development tools is related to the execution of operations outside of the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to trigger a service failure...
The vulnerability in the implementation of the TLS protocol by Mozilla Firefox allows a perpetrator to circumvent existing security restrictions and gain unauthorized access to protected information.
The vulnerability in the TLS protocol implementation of Mozilla Firefox is related to errors in the certificate validation process. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and gain unauthorized access to protected information...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
Vulnerability of the vmbus_connect() function in the drivers/hv/connection.c module – Microsoft Hyper-V guest mode support driver for Linux operating systems. This vulnerability allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
Vulnerability of the vmbusconnect function in the drivers/hv/connection.c module – Microsoft’s Linux-based Hyper-V guest mode driver has a vulnerability that exposes confidential system information due to unprocessed debugging information. Exploitation of this vulnerability could allow an attacke...
The vulnerability of the Zimbra Collaboration Suite’s email management system, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.
The vulnerability of the Zimbra Collaboration Suite email management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...
The vulnerability of the Apache Answer Q&A platform, related to the return of references to protected data from a public method, allows a violator to execute arbitrary code.
The vulnerability of the Apache Answer Q&A platform relates to the return of references to protected data from a public method. Exploiting this vulnerability could allow an attacker operating remotely to execute arbitrary code...
Vulnerability of the amd_iommu_probe_finalize() function in the drivers/iommu/amd/iommu.c module – Linux kernel’s IOMMU support driver, which allows a hacker to cause a service failure
Vulnerability of the amdiommuprobefinalize function in the drivers/iommu/amd/iommu.c module – Linux’s IOMMU support driver relies on the assignment of the NULL pointer. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
Vulnerability of the nj_probe() function in the drivers/isdn/hardware/mISDN/netjet.c module – This driver is part of the mISDN device support in the Linux operating system. It allows a hacker to cause a service failure.
Vulnerability of the njprobe function in the drivers/isdn/hardware/mISDN/netjet.c module – The Linux kernel’s mISDN device driver has a vulnerability that leads to uncontrolled resource consumption. Exploiting this vulnerability could allow an attacker to cause service failures...
The vulnerability of the Windows operating system’s Storage Management Provider component allows a hacker to gain unauthorized access to protected information.
The vulnerability of the Windows operating system’s Storage Management Provider component is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability of the Telpo MDM mobile device management platform lies in its ability to disclose information through registration files. This allows a malicious actor to gain unauthorized access to the system with administrative rights and to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the Telpo MDM mobile device management platform lies in the ability to disclose information through registration files. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to the system with administrative privileges and compromise the...
XWiki () Has been postponed
...
The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to unlimited resource distribution, allows a hacker to cause a service failure.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the unlimited distribution of resources during HTTP response processing. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
The vulnerability of the Git-based software platform for collaborative code development on GitLab arises from the execution of a loop with an unreachable exit condition, allowing a hacker to trigger a service failure.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...
The vulnerability of the “Termide Virtual Desktops Connection Monitor” software agent arises from the lack of protective measures for the request structure, allowing a perpetrator to execute arbitrary code.
The vulnerability of the “Termide Virtual Desktops Connection Monitor” software agent is related to the lack of protective measures for the request structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the do_uaccessFlush_fixups() function in the arch/powerpc/lib/feature-fixups.c module, which is part of the PowerPC platform support for the Linux operating system, allows a hacker to trigger a service failure.
The vulnerability of the douaccessFlushfixups function in the arch/powerpc/lib/feature-fixups.c module of the PowerPC platform support for the Linux operating system is related to incorrect input validation. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the j1939_session_deactivate() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the j1939sessiondeactivate function in the Linux operating system is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...