Lucene search
K
Bdu FstecMost viewed

90336 matches found

BDU FSTEC
BDU FSTEC
added 2020/05/26 12:0 a.m.25 views

The vulnerability of the “Estimate and Actual Charges” component of the Oracle Depot Repair automation software allows a intruder to gain unauthorized access to protected information.

The vulnerability of the “Estimate and Actual Charges” component of the Oracle Depot Repair automation software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information through the...

8.2CVSS7.4AI score0.01282EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/06/27 12:0 a.m.25 views

The vulnerability of the wfst_run application, which is part of the speech-tools speech recognition system, allows a violator to cause a service failure.

The vulnerability of the wfstrun application, which is part of the speech-tools speech recognition system, is related to overflow errors in the command line processing. Exploiting this vulnerability can allow an attacker to cause a service failure by submitting commands with specially crafted...

5.1CVSS5.6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2019/06/14 12:0 a.m.25 views

The vulnerability of the LIGO! Soft Comfort software, related to access control errors, allows a intruder to execute arbitrary code.

The vulnerability of the LOGO! Soft Comfort development software is related to access control errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code upon opening a specially crafted project...

7.8CVSS6AI score0.01274EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2019/05/06 12:0 a.m.25 views

The vulnerability of the Dr.Web Enterprise Security Suite antivirus protection, related to errors in processing the relative path to the directory, allows a hacker to execute arbitrary code.

The vulnerability of the Dr.Web Enterprise Security Suite antivirus protection lies in errors in processing the relative path to the catalog during the export of repository content into an archive. Exploiting this vulnerability allows a malicious actor to execute arbitrary code on the server by...

5CVSS6AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/08/11 12:0 a.m.24 views

The vulnerability of the `cscfg_load_config_sets()` function in the Linux operating system’s kernel, which allows a hacker to trigger a service failure

The vulnerability of the cscfgloadconfigsets function in the Linux operating system kernel arises from a race condition. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.2AI score0.00138EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/08/11 12:0 a.m.24 views

The vulnerability of the Azure OpenAI cloud platform, related to insufficient validation of incoming requests, allows a hacker to escalate their privileges.

The vulnerability of the Azure OpenAI cloud platform is related to insufficient validation of incoming requests. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...

10CVSS5.8AI score0.01007EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2025/07/17 12:0 a.m.24 views

The vulnerability of the gf_ac4parser_bs function in the MP4Box multimedia platform of GPAC allows a hacker to cause a service failure or execute arbitrary code.

The vulnerability of the gfac4parserbs function in the MP4Box utility of the GPAC multimedia platform is related to the assignment of a zero pointer. Exploiting this vulnerability can allow an attacker to cause a service failure or execute arbitrary code...

7.8CVSS5.8AI score
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/07/04 12:0 a.m.24 views

The vulnerability of the FreeScout support service management system, related to deficiencies in the deserialization mechanism, allows a hacker to gain unauthorized access and execute arbitrary code.

The vulnerability of the FreeScout support service management system is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability could allow a remote attacker to gain unauthorized access and execute arbitrary code on the application server...

8.7CVSS6.1AI score0.00787EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/26 12:0 a.m.24 views

The vulnerability in the arch/x86/kernel/apic/io_apic.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the arch/x86/kernel/apic/ioapic.c module of the Linux operating system is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00236EPSS
Exploits0References12Affected Software7
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.24 views

The vulnerability of the br_vlan_tunnel_lookup() function in the net/bridge/br_vlan_tunnel.c module, a component of the Linux kernel’s networking functions, allows a hacker to trigger a service failure.

The vulnerability of the brvlantunnellookup function in the net/bridge/brvlantunnel.c module, which is part of the Linux kernel’s networking functions, is related to the use of a NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.00236EPSS
Exploits0References16Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/16 12:0 a.m.24 views

The vulnerability of the “Termide Virtual Desktops Connection Monitor” software agent, which stems from the failure to implement protective measures for the request structure, allows attackers to enhance their privileges.

The vulnerability of the “Termide Virtual Desktops Connection Monitor” software agent is related to the lack of protective measures for the request structure. Exploiting this vulnerability can allow attackers to enhance their privileges by using specially crafted authorized HTTP requests...

6.5CVSS5.5AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/16 12:0 a.m.24 views

The vulnerabilities of MobileHMI and IoTWorX Visualizer SCADA systems from GENESIS64 allow a intruder to gain unauthorized access to protected information.

The vulnerability of MobileHMI and IoTWorX Visualizer SCADA systems from GENESIS64 is related to incorrect restrictions on the path name to the restricted-access catalog. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

7.8CVSS7.2AI score0.0129EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/09 12:0 a.m.24 views

The vulnerability of the Framework component of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the Framework component in the Android operating system relates to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.4CVSS5.4AI score0.00106EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/04 12:0 a.m.24 views

The vulnerability of the SCADA system Pult.online, related to insufficient restrictions on authentication attempts, allows a perpetrator to carry out an attack using brute-force methods.

The vulnerability of the SCADA system Pult.online is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability allows a malicious actor operating remotely to carry out an attack using brute-force methods...

9CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/04 12:0 a.m.24 views

Vulnerabilities of the hci_cmd_sync_queue(), hci_le_terminate_big(), or hci_le_big_terminate() functions in the Linux operating system, allowing attackers to cause service failures

The vulnerabilities of the hcicmdsyncqueue, hcileterminatebig, or hcilebigterminate functions in the Linux operating system are related to memory leaks. Exploiting these vulnerabilities can allow an attacker to cause a service failure...

5.5CVSS6.4AI score0.00149EPSS
Exploits0References8Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/05/29 12:0 a.m.24 views

The vulnerability of VideoGrace video conference software, related to insufficient validation of input data, allows a perpetrator to cause service failures.

The vulnerability of VideoGrace video conferencing software is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...

4CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/25 12:0 a.m.24 views

The vulnerability of the web_stp_globalSetting_post() function in the microprogramming software of PLANET Technology allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the webstpglobalSettingpost function in PLANET Technology’s microcontroller software lies in the issue of the operation exceeding the buffer boundaries in memory when processing the stpconfname parameter. Exploiting this vulnerability allows an attacker to compromise the...

10CVSS5.6AI score0.00453EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/22 12:0 a.m.24 views

The vulnerability of the setOption function in the vConsole software package, which allows a hacker to execute a “prototype contamination” attack.

The vulnerability of the setOption function in the vConsole software package is related to unregulated changes to object prototypes’ attributes. Exploiting this vulnerability could allow a malicious actor to execute a “prototype pollution” attack remotely...

10CVSS7.8AI score0.00965EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/16 12:0 a.m.24 views

The vulnerability of the E-Staff automated recruitment process system, related to data filtering errors, allows a violator to compromise the integrity of the protected information.

The vulnerability of the E-Staff recruitment process automation system is related to errors in data filtering. Exploiting this vulnerability could allow a malicious actor, operating remotely, to compromise the integrity of the protected information...

7.4CVSS5.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/02/14 12:0 a.m.24 views

The vulnerability of the Ivanti Connect Secure access control tool, related to reading data outside the buffer in memory, allows a intruder to execute arbitrary code.

The vulnerability of the Ivanti Connect Secure access control tool lies in the reading of data outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9.9CVSS8.6AI score0.03705EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/12 12:0 a.m.24 views

The vulnerability of the i2c component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the i2c component in the Linux operating system’s kernel is related to improper locking mechanisms. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.00182EPSS
Exploits0References53Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/01/22 12:0 a.m.24 views

The vulnerability of Microsoft On-Premises Data Gateway local servers, related to incorrect authentication, allows attackers to disclose protected information.

The vulnerability of the Microsoft On-Premises Data Gateway local database is related to incorrect authentication. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose protected information...

6.6CVSS7.7AI score0.00582EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/14 12:0 a.m.24 views

The vulnerability of the software for developing and executing applications in the ABAP language on the SAP NetWeaver Application Server ABAP lies in the improper assignment of permissions to critical resources. This allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerabilities in the software used for developing and executing applications in the ABAP language of SAP NetWeaver Application Server ABAP are related to the improper assignment of permissions to critical resources. Exploiting these vulnerabilities can allow attackers, operating remotely, to...

9.9CVSS8.1AI score0.00553EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.24 views

The vulnerability of the user console of the Avanpost IDM system, related to the use of dangerous methods or functions, allows a violator to execute arbitrary code.

The vulnerability of the user console of the Avanpost IDM system is related to the use of dangerous methods or functions. Exploiting this vulnerability may allow a malicious actor to execute arbitrary code remotely...

8.5CVSS5.9AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/09/27 12:0 a.m.24 views

The vulnerability of Flask’s CORS storage library in Python PyPi products allows attackers to circumvent existing security restrictions.

The vulnerability of Flask’s CORS storage library in Python PyPi products is related to incorrect handling of logical operations. Exploiting this vulnerability allows an attacker to bypass existing security restrictions remotely, leading to unexpected implementation of CORS policies...

5.3CVSS6.2AI score0.00281EPSS
Exploits1References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/09/13 12:0 a.m.24 views

The vulnerability of the universal monitoring system Zabbix, related to the replacement of an unreliable indicator, allows a intruder to execute arbitrary code.

The vulnerability of the Zabbix universal monitoring system lies in the ability to directly modify memory pointers in the JavaScript engine. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9.1CVSS8.1AI score0.00755EPSS
Exploits0References10Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/05/17 12:0 a.m.24 views

The vulnerability of the PHP framework Laravel, related to insufficient protection of operational data, allows attackers to gain unauthorized access to protected information.

The vulnerability of the PHP framework Laravel is related to insufficient protection of sensitive data during the processing of the laravel.log file storage/logs/laravel.log. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

4CVSS5.5AI score0.01341EPSS
Exploits3References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/13 12:0 a.m.24 views

The vulnerability of the Substance 3D Sampler software for creating textures and materials for 3D models lies in the ability to write data beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Substance 3D Sampler software for creating textures and materials for 3D models lies in the writing of data beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

7.8CVSS7.8AI score0.00308EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/09/16 12:0 a.m.24 views

The vulnerability of the application programming interface for the declarative delivery tool for GitOps for Kubernetes Argo CD lies in authentication errors, which allow a perpetrator to bypass established access controls.

The vulnerability of the application programming interface for the declarative delivery tool of GitOps for Kubernetes Argo CD is related to authentication errors. Exploiting this vulnerability allows a malicious actor to bypass established access controls...

9CVSS7.7AI score0.00879EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/04/01 12:0 a.m.24 views

The vulnerability of the Mat_VarReadNextInfo5 function in the mat5.c library for reading and writing MATLAB MATIO files allows a hacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the MatVarReadNextInfo5 function in the mat5.c library for reading and writing MATLAB MATIO files is related to integer overflow. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

8.8CVSS7.7AI score0.01368EPSS
Exploits1References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/12/14 12:0 a.m.24 views

The vulnerability of the Dallas Lock Linux event registration subsystem, related to memory release errors, allows a intruder to trigger a service failure on the workstation.

The vulnerability of the Dallas Lock Linux event registration subsystem is related to memory release errors. Exploiting this vulnerability can allow an attacker to cause a system failure by injecting a specially created executable script into the operating system...

5.9CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.24 views

The vulnerability of the database update module of the WorkFlow system in the Engineering Data Management and Product Lifecycle Management system LOCMAN:PLM lies in the possibility of unlimited loading of dangerous files, allowing attackers to execute arbitrary code.

The vulnerability of the database update module of the LOCsman:PLM engineering data and product lifecycle management system is related to the unlimited loading of dangerous files. Exploiting this vulnerability can allow an attacker to execute arbitrary code by replacing the dll library version.dl...

6.8CVSS6AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/19 12:0 a.m.24 views

The vulnerability of the web interface of the microprogramming software for the Advantech BB-ERT351 network router allows a hacker to disclose passwords of network services.

The vulnerability of the web interface of the Advantech BB-ERT351 network router lies in the absence of a mechanism for masking passwords when they are displayed in the web interface. Exploiting this vulnerability can allow an attacker to disclose passwords from network services such as PPTP and...

7.5CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/11/02 12:0 a.m.24 views

The vulnerability of the Java VM component of the Oracle Database Server database management system allows attackers to compromise the integrity of the protected information.

The vulnerability of the Java VM component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to compromise the integrity of the protected information...

3.1CVSS6.7AI score0.00742EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/04/23 12:0 a.m.24 views

The vulnerability of Google Chrome relates to improper control of resources throughout their lifecycle. This allows attackers to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of Google Chrome relates to improper control over the resource throughout its lifecycle. Exploiting this vulnerability can allow a remote attacker to gain access to confidential data, compromise their integrity, and cause service failures...

9.3CVSS7.1AI score0.01647EPSS
Exploits0References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2019/09/27 12:0 a.m.24 views

The vulnerability of the Cisco Fabric Services component of the Cisco NX-OS operating system, which allows a intruder to trigger a service failure.

The vulnerability of the Cisco Fabric Services component of the Cisco NX-OS operating system is related to errors in processing TCP packets. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

8.6CVSS5.4AI score0.01928EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2019/08/13 12:0 a.m.24 views

The vulnerability of the FortiOS operating system, related to access control errors, allows a perpetrator to read and write data in the memory loading sector.

The vulnerability of the FortiOS operating system is related to access control errors. Exploiting this vulnerability allows a person with administrator privileges to read and write data in the memory load sector...

7.2CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/04/30 12:0 a.m.24 views

Multiple vulnerabilities in the configuration function of the administrative graphical interface of Cisco Wireless LAN Controller software allow a malicious individual to cause service failures.

Multiple vulnerabilities exist in the configuration function of the administrative graphical interface of Cisco Wireless LAN Controller microprogramming system. These vulnerabilities arise due to insufficient validation of input data. Exploitation of these vulnerabilities could allow a malicious...

6.8CVSS6.4AI score0.02033EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/06/30 12:0 a.m.24 views

The vulnerability of the FFmpeg multimedia library, which allows a hacker to perform recording beyond the memory limit

The vulnerability of the FFmpeg multimedia library arises from an overflow in the buffer in the dynamic memory. Exploiting this vulnerability allows a malicious actor to perform write operations beyond the memory boundaries, related to the function ffh264SliceContextInit in libavcodec/h264dec.c...

7.5CVSS8AI score0.01934EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/30 12:0 a.m.23 views

The vulnerability of the Adobe Experience Manager content and media data management system lies in the insufficient protection of the website structure, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

5.5CVSS5.9AI score0.00349EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/23 12:0 a.m.23 views

The vulnerability of the setDiagnosisCfg() function in the cstecgi.cgi script of the mesh-system TOTOLink T6 software allows a intruder to execute arbitrary code.

The vulnerability of the setDiagnosisCfg function in the cstecgi.cgi script of the mesh-system TOTOLink T6 software is related to the issue of the operation exceeding the buffer boundaries in memory when processing the ip parameter. Exploiting this vulnerability allows a remote attacker to execut...

9CVSS8.4AI score0.00761EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/23 12:0 a.m.23 views

The vulnerability of software for accessing analytics and planning tools in the IBM Analytics Content Hub, related to the disclosure of information through source code, allows a perpetrator to disclose protected information.

The vulnerability of the software for accessing analytics and planning tools in the IBM Analytics Content Hub is related to the disclosure of information through the source code. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

9CVSS5.4AI score0.00278EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/22 12:0 a.m.23 views

The vulnerability of the online platform GarminConnect, related to the lack of measures taken to protect the SQL query structure, allows a perpetrator to access protected information.

The vulnerability of the online platform GarminConnect relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability could allow an attacker to access protected information...

6.2CVSS5.6AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/07 12:0 a.m.23 views

The vulnerability of the pageattr.c component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the pageattr.c component in the Linux operating system’s kernel is related to the use of blocking code in a single-threaded, non-blocking context. Exploiting this vulnerability can allow an attacker to cause a service failure...

4.1CVSS6.5AI score0.00209EPSS
Exploits0References11Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/06/05 12:0 a.m.23 views

The vulnerability of the SQL concat_ws() function in the SQLite database management system, allowing a hacker to cause a service failure

The vulnerability of the SQL concatws function in the SQLite database management system is related to integer overflow. Exploiting this vulnerability could allow an attacker to cause a service failure through the malloc parameter...

7.8CVSS6.8AI score0.00453EPSS
Exploits0References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/05/23 12:0 a.m.23 views

The vulnerability of the /cgi-bin/ExportIbmsConfig.sh file, a component of the IBMS Configuration File Handler microprogramming system for TOTOLINK A3000RU routers, allows a hacker to trigger a service failure.

The vulnerability of the /cgi-bin/ExportIbmsConfig.sh file, a component of the IBMS Configuration File Handler microprogramming system for TOTOLINK A3000RU routers, is related to access control deficiencies. Exploiting this vulnerability could allow an attacker to cause service interruptions...

5.3CVSS5.9AI score0.00598EPSS
Exploits1References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/14 12:0 a.m.23 views

The vulnerability of the Solar appScreener platform, which stems from insufficient verification of incoming requests, allows a hacker to execute an SSRF attack.

The vulnerability of the Solar appScreener platform is related to insufficient verification of incoming requests. Exploiting this vulnerability could allow a remote attacker to execute an SSRF attack...

6.4CVSS5.7AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/30 12:0 a.m.23 views

Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the MySQL Server component of the database management system involves the improper assignment of permissions to a critical resource. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...

6.8CVSS6.4AI score0.0076EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/23 12:0 a.m.23 views

The vulnerability of the PHP library TCPDF, related to incorrect pathname restrictions for restricted access directories, allows attackers to gain unauthorized access to protected information.

The vulnerability of the PHP library TCPDF lies in the incorrect path limitation for the access to the restricted directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

6.8CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/16 12:0 a.m.23 views

The vulnerability of the E-Staff automation system for recruitment processes is related to errors in data filtering when obtaining information about the target. This allows a violator to gain unauthorized access to protected information.

The vulnerability of the E-Staff recruitment process automation system is related to errors in data filtering when obtaining information about the target. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

7.7CVSS5.5AI score
Exploits0
Total number of security vulnerabilities5000