Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2021/07/20 12:0 a.m.12 views

The vulnerability of the cachekey plugin in the Apache Traffic Server web server allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the cachekey plugin in the Apache Traffic Server web server arises from an operation that occurs outside the buffer limits of the stack. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected...

10CVSS8AI score0.02711EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/07/20 12:0 a.m.12 views

The vulnerability of the writeTileData function in the OpenEXR library, related to writing beyond the buffer boundary, allows a attacker to cause a service failure.

The vulnerability of the writeTileData function in the OpenEXR library lies in the issue of writing beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

6.5CVSS6.9AI score0.01134EPSS
Exploits1References12Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/07/20 12:0 a.m.12 views

The vulnerability of the MagickCore/visual-effects.c file, a set of programs for reading and editing ImageMagisk files, arises from the lack of zero-division checking. This allows an attacker to trigger a service failure.

The vulnerability of the MagickCore/visual-effects.c file, a set of programs for reading and editing ImageMagisk files, is related to the lack of checks for division by zero. Exploiting this vulnerability could allow an attacker to cause service interruptions...

7.1CVSS6.7AI score0.01199EPSS
Exploits0References13Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/07/20 12:0 a.m.12 views

The vulnerability of Google Chrome’s V8 engine, related to the execution of operations beyond the buffer in memory, allows attackers to access confidential information or cause service failures.

The vulnerability of Google Chrome’s V8 engine is related to insufficient input validation. Exploiting this vulnerability can allow an attacker to access confidential information or cause service failures...

8.8CVSS7.9AI score0.70435EPSS
Exploits6References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2021/07/20 12:0 a.m.12 views

The vulnerability of the Mozilla Thunderbird email client, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of Mozilla Thunderbird’s email client is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in an MITM Man-In-The-Middle scenario by sending an arbitrary IMAP command...

6.5CVSS7.4AI score0.012EPSS
Exploits0References11Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/07/15 12:0 a.m.12 views

The vulnerability of several functions in libscp_v0.c allows an attacker to access confidential information or cause service failures, due to buffer overflows in the stack of the RDP server xrdp.

The vulnerability of several functions in libscpv0.c affects the RDP server xrdp. It involves buffer overflow in the data stack buffer. Exploiting this vulnerability can allow an attacker to access confidential information or cause service failures...

7.8CVSS7.5AI score0.02404EPSS
Exploits0References8Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/07/15 12:0 a.m.12 views

The vulnerability of the Archive_Tar class in the PHP classes library of PEAR allows a attacker to overwrite protected files.

The vulnerability of the ArchiveTar class in the PHP classes library of PEAR is related to insufficient cleaning of special elements in the output data used by the incoming component. Exploiting this vulnerability could allow an attacker to overwrite protected files by using a specially crafted...

8.8CVSS7.5AI score0.84554EPSS
Exploits4References12Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/07/13 12:0 a.m.12 views

The vulnerability of the WriteSGIImage function in the console-based image editing tool ImageMagick, related to writing beyond buffer boundaries, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the WriteSGIImage function in the console-based image editing tool ImageMagick is related to the execution of operations that exceed the allowable buffer data size. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its...

9.8CVSS8.1AI score0.03678EPSS
Exploits0References9Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/07/07 12:0 a.m.12 views

The vulnerability of the ReadBMPImage function in the coders/bmp.c component of the console image editing tool ImageMagick, related to infinite loop execution, allows attackers to cause a service failure.

The vulnerability of the ReadBMPImage function in the coders/bmp.c component of the ImageMagick console graphics editor is related to the infinite execution of a loop. Exploiting this vulnerability allows an attacker to cause a service failure by using a specially created BMP file...

6.5CVSS6.9AI score0.03003EPSS
Exploits1References10Affected Software3
BDU FSTEC
BDU FSTEC
added 2021/07/06 12:0 a.m.12 views

The vulnerability of the MagickCore/resize.c component of the console-based image editing tool ImageMagick, related to division by zero, allows a hacker to cause a service failure.

The vulnerability of the MagickCore/resize.c component in the console-based image editing tool ImageMagick is related to division by zero. Exploiting this vulnerability allows a remote attacker to cause a service failure using a specially created file...

5.3CVSS6.6AI score0.00914EPSS
Exploits0References14Affected Software4
BDU FSTEC
BDU FSTEC
added 2021/06/30 12:0 a.m.12 views

Microsoft Edge’s browser vulnerability, related to security mechanism flaws, allows attackers to escalate their privileges.

The vulnerability of Microsoft Edge is related to security flaws in its mechanisms. Exploiting this vulnerability can allow a malicious actor to gain increased privileges...

6.4CVSS6.6AI score0.02068EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.12 views

The vulnerability of the K2dobj.dl library of the COMPAS-3D 3D modeling system, related to the execution of operations outside the buffer boundaries in memory, allows attackers to cause system failures.

The vulnerability of the K2dobj.dl library in the KOMPAS-3D 3D modeling system is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to cause a service failure using a specially crafted CDW format file...

4.9CVSS5.9AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.12 views

The vulnerability of the ksys2.dll library in the KOMPAS-3D 3D modeling system, which is related to the execution of operations outside the buffer in memory, allows a hacker to cause a service failure.

The vulnerability of the ksys2.dll library in the KOMPAS-3D three-dimensional modeling system is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure using a specially crafted CDW format file...

4.9CVSS5.9AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/05/20 12:0 a.m.12 views

Vulnerability of the Windows Media Foundation Core component in Microsoft Windows operating systems, allowing attackers to execute arbitrary code

The vulnerability of the Windows Media Foundation Core component in Microsoft Windows operating systems is related to improper code generation. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.3CVSS7.6AI score0.02253EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2021/05/12 12:0 a.m.12 views

The vulnerability of the Bill Issues component of the Oracle Bills of Material application in the Oracle E-Business Suite allows a malicious individual to gain access to modify, add, or delete data, as well as to unauthorizedly access protected information.

The vulnerability of the Bill Issues component of the Oracle Bills of Material application within the Oracle E-Business Suite is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, as well as gain...

8.1CVSS6.8AI score0.00931EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/05/05 12:0 a.m.12 views

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Core component of the Oracle VM VirtualBox software lies in insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

7.1CVSS6.8AI score0.00373EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/05/05 12:0 a.m.12 views

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to execute arbitrary code.

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers is related to buffer overflow attacks. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

5.3CVSS7.8AI score0.01755EPSS
Exploits0References12Affected Software6
BDU FSTEC
BDU FSTEC
added 2021/05/05 12:0 a.m.12 views

The vulnerability of the Shopping Cart component in the Oracle iStore system, which is used for creating, managing, and personalizing online stores, allows a hacker to gain access to modify, add, or delete data, or to gain full control over the application.

The vulnerability of the Shopping Cart component in the Oracle iStore system, which is used for creating, managing, and personalizing online stores, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data, o...

8.5CVSS6.8AI score0.00933EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/05/05 12:0 a.m.12 views

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Core component of the Oracle VM VirtualBox software lies in insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

7.1CVSS6.8AI score0.00373EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/05/05 12:0 a.m.12 views

The vulnerability of Microprogramming Software for Cisco Adaptive Security Appliance Software (ASA) and Cisco Firepower Threat Defense (FTD) relates to writing beyond the buffer boundaries, allowing attackers to trigger a system reboot or cause service failure.

The vulnerability of Microprogrammed Network Interface Software of Cisco Adaptive Security Appliance Software ASA and Cisco Firepower Threat Defense FTD is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow a malicious actor to trigger a system reboot or caus...

8.6CVSS7.4AI score0.01656EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/05/05 12:0 a.m.12 views

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to execute arbitrary code.

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers relates to access to resources through incompatible types. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.3CVSS8.3AI score0.57736EPSS
Exploits1References14Affected Software6
BDU FSTEC
BDU FSTEC
added 2021/04/06 12:0 a.m.12 views

The vulnerability of the dockerd daemon, a deployment and application management automation tool in Docker-enabled environments, relates to a resource consumption control mechanism error. This vulnerability allows attackers to trigger service failures.

The vulnerability of the dockerd daemon, a tool for automating the deployment and management of applications in Docker containerized environments, is related to improper handling of the image manifest file. Exploiting this vulnerability allows an attacker to cause service interruptions...

6.5CVSS6.8AI score0.03287EPSS
Exploits0References10Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/04/06 12:0 a.m.12 views

The vulnerability of the Node.js software platform, related to the presence of localhost6 in the white list, allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Node.js software platform is related to the presence of localhost6 in the white list. Exploiting this vulnerability allows a remote attacker to access confidential data, compromise its integrity, and cause service failures...

7.5CVSS6.9AI score0.32362EPSS
Exploits1References12Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.12 views

The vulnerability of the IPv6 implementation of the Cisco NX-OS network operating system for Cisco routers allows a attacker to cause a service failure.

The vulnerability of the IPv6 implementation of the Cisco NX-OS network operating system’s Cisco routers is related to a memory release error. Exploiting this vulnerability could allow a malicious actor to cause service failure remotely...

8.6CVSS7.4AI score0.01369EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.12 views

The vulnerability of the installation file FortiClientEMSOnlineInstaller.exe of the Fortinet FortiClient Enterprise Management Server (EMS) allows a perpetrator to execute arbitrary code.

The vulnerability of the installation file FortiClientEMSOnlineInstaller.exe of the Fortinet FortiClient Enterprise Management Server EMS server is related to errors in the path validation mechanism. Exploiting this vulnerability could allow an attacker to execute arbitrary code using specially...

7.8CVSS7.7AI score0.00599EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/08 12:0 a.m.12 views

The vulnerability in the web interface of the Cisco Unified Communications Manager IM & Presence Service allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Cisco Unified Communications Manager IM & Presence Service web interface is related to input validation errors. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

6.8CVSS6.5AI score0.01352EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/01/26 12:0 a.m.12 views

The vulnerability of Microsoft Azure Kubernetes operating system allows a hacker to gain unauthorized access to protected information.

The vulnerability of Microsoft Azure Kubernetes operating system-related to Windows is related to information disclosure. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information through a specially crafted IMDS request...

5.5CVSS5.9AI score0.01133EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/12/01 12:0 a.m.12 views

The vulnerability of the SSL/TLS module of Cisco Adaptive Security Appliance’s network firewall allows a attacker to cause a service failure.

The vulnerability of the SSL/TLS module of the Cisco Adaptive Security Appliance software lies in errors during initialization of pointers. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

8.6CVSS5.5AI score0.00883EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/10/29 12:0 a.m.12 views

The vulnerability of the Microsoft .NET Framework software, related to errors in memory object handling, allows an attacker to gain unauthorized access to protected information.

The vulnerability of the Microsoft .NET Framework software platform is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

4.7CVSS5.5AI score0.03045EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/10/29 12:0 a.m.12 views

The vulnerability of the Windows Codecs Library component in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Windows Codecs Library component in Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.9AI score0.03593EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/10/27 12:0 a.m.12 views

The vulnerability of the Helm package manager exists due to an incorrect restriction on the path name to the restricted access catalog. This allows a malicious actor to unpack the files from the diagram archive outside of the target directory.

The vulnerability of the Helm package manager exists due to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability allows a malicious actor to unpack the diagram archive files outside of the target directory using commands like “helm fetch --untar” an...

7.1CVSS6.8AI score0.01483EPSS
Exploits1References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2020/10/22 12:0 a.m.12 views

The vulnerability of the Windows Backup Service allows attackers to exploit their privileges.

The vulnerability of the Windows Backup Service in Microsoft Windows operating systems is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS7.2AI score0.00912EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/08/12 12:0 a.m.12 views

The vulnerability of the Blink rendering module in Google Chrome browsers allows a hacker to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of Google Chrome’s Blink rendering module relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and even cause service failures through a specially created HTML page...

7.3CVSS7.4AI score0.01706EPSS
Exploits1References13Affected Software5
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.12 views

The vulnerability of the memcpy function in the glibc library, which allows a hacker to execute arbitrary code in the context of a privileged process

The vulnerability of the memcpy function in the glibc library arises from an operation that occurs outside the buffer boundaries. Exploiting this vulnerability allows a remote attacker to execute arbitrary code within the privileged process context...

8.1CVSS8.2AI score0.05223EPSS
Exploits0References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.12 views

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Core component of the Oracle VM VirtualBox software relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

7.5CVSS7AI score0.00448EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.12 views

The vulnerability of the Segment component in the Oracle Retail Customer Management and Segmentation software application allows a hacker to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Segment component in Oracle Retail Customer Management and Segmentation Foundation software relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker operating remotely to modify, add, or delete data, or gain unauthorized access...

5.5CVSS6.6AI score0.00799EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.12 views

Vulnerability of the Microsoft Graphics component in the Windows operating system, allowing a hacker to execute arbitrary code

The vulnerability of the Microsoft Graphics component in the Windows operating system relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted file...

7.5CVSS8.2AI score0.14041EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.12 views

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015/Reader 2015 involve reading beyond the buffer in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 are related to reading data beyond the buffer in memory. Exploiting these vulnerabilities can...

7.1CVSS7.7AI score0.03181EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.12 views

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, and Adobe Acrobat Reader 2017 are related to writing data beyond the buffer in memory, allowing attackers to execute arbitrary code in the context of the current user.

The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 is related to data writing beyond the buffer boundaries in memory. Exploiting this vulnerability...

10CVSS8.4AI score0.04564EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2020/07/09 12:0 a.m.12 views

The vulnerability of the gf_text_get_utf8_line function in the multimedia platform GPAC, related to writing beyond buffer boundaries, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the gftextgetutf8line function on the multimedia platform GPAC is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS7.5AI score0.01411EPSS
Exploits1References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2020/07/03 12:0 a.m.12 views

The vulnerability of Adobe Audition for Windows and macOS, related to recording beyond buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of Adobe Audition for Windows and macOS lies in the recording of data beyond the buffer limits in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user...

7.8CVSS7.8AI score0.0309EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/05/21 12:0 a.m.12 views

The vulnerability of the Windows Update Stack component allows attackers to enhance their privileges.

The vulnerability of the Windows Update Stack component in Windows operating systems is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...

7.8CVSS7.2AI score0.00856EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/05/21 12:0 a.m.12 views

The vulnerability of the Microsoft Windows Graphics component in Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Microsoft Windows Graphics subsystem in Windows operating systems is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created application...

5.5CVSS6.2AI score0.01277EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/04/23 12:0 a.m.12 views

Vulnerabilities of Microsoft Visio graphic editors, Microsoft Excel electronic spreadsheet editors, Microsoft PowerPoint presentation creation software, Microsoft Word text editors, the Microsoft Office and Office 365 software suite, Microsoft Outlook email client, Microsoft Publisher publishing software, Microsoft Project project management software, Microsoft Access database management systems. These vulnerabilities are related to insufficient input validation, allowing attackers to execute arbitrary code.

The vulnerabilities of Microsoft Visio, a graphic editor; Microsoft Excel, an electronic spreadsheet editor; Microsoft PowerPoint, a presentation software; Microsoft Word, a text editor; the Microsoft Office and Office 365 software suite; Microsoft Outlook, a mail client; Microsoft Publisher,...

9.3CVSS7.9AI score0.0861EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2020/04/23 12:0 a.m.12 views

The vulnerability of the HTMLParser module from django.utils.html.strip_tags in the Django web development framework allows a attacker to cause a denial-of-service attack.

The vulnerability of the HTMLParser module in django.utils.html.striptags of the Django web development framework is related to a slow evaluation of large input data, which contain large sequences of incomplete HTML objects. Exploiting this vulnerability may allow an attacker to cause service...

7.8CVSS6.8AI score0.03172EPSS
Exploits0References9Affected Software7
BDU FSTEC
BDU FSTEC
added 2020/04/23 12:0 a.m.12 views

The vulnerability of the Blink web browser component in Google Chrome, which allows a hacker to compromise data integrity

The vulnerability of the Blink web browser component in Google Chrome is related to the lack of a mechanism for checking input data. Exploiting this vulnerability allows an attacker to affect data integrity through a specially created HTML page...

7.1CVSS7AI score0.00718EPSS
Exploits0References10Affected Software5
BDU FSTEC
BDU FSTEC
added 2020/04/22 12:0 a.m.12 views

The vulnerability of the serialization mechanism in Firefox web browsers, Firefox ESR, and the Thunderbird email client arises from the lack of checks on the size of input data when using buffers. This allows attackers to gain unauthorized access to confidential data, cause service failures, and compromise data integrity.

The vulnerability of the serialization mechanism in Firefox web browsers, Firefox ESR, and the Thunderbird email client is related to the lack of checks on the size of input data when using buffers. Exploiting this vulnerability can allow an attacker to gain unauthorized access to confidential...

9.3CVSS7.7AI score0.01892EPSS
Exploits1References13Affected Software8
BDU FSTEC
BDU FSTEC
added 2020/02/03 12:0 a.m.12 views

The vulnerability in HMI/SCADA Equinox Control Expert, related to the failure to protect the SQL query structure, allows a intruder to gain unauthorized access to protected information.

The vulnerability in HMI/SCADA Equinox Control Expert relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information by sending specially crafted SQL queries to the database...

10CVSS7.9AI score0.01889EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2020/01/13 12:0 a.m.12 views

The vulnerability of the cfg80211_mgd_wext_giwessid function (net/wireless/wext-sme.c) in the Linux kernel allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the cfg80211mgdwextgiwessid function in the Linux kernel’s net/wireless/wext-sme.c file is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause service...

10CVSS7.5AI score0.06652EPSS
Exploits0References47Affected Software5
BDU FSTEC
BDU FSTEC
added 2019/12/13 12:0 a.m.12 views

The vulnerability of Intel Active Management Technology’s microprogramming software, related to insufficient validation of input data, allows attackers to execute cross-site scripting (XSS) attacks.

The vulnerability of Intel Active Management Technology’s microprogramming software is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute cross-site scripting XSS attacks...

9CVSS7.7AI score0.01272EPSS
Exploits0References2Affected Software1
Total number of security vulnerabilities5000