Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2025/02/11 12:0 a.m.11 views

The vulnerability of JavaScript script handlers in Google Chrome browsers allows attackers to partially compromise the accessibility of protected information.

The vulnerability of JavaScript script handlers in Google Chrome browsers relates to reading beyond the buffer boundary. Exploiting this vulnerability allows a malicious actor to partially compromise the accessibility of protected information through a specially crafted HTML page...

7.8CVSS7.3AI score0.00375EPSS
Exploits0References12Affected Software7
BDU FSTEC
BDU FSTEC
added 2025/02/10 12:0 a.m.11 views

The vulnerability of the Device Settings module in the LibreNMS network monitoring system allows a violator to perform cross-site scripting attacks.

The vulnerability of the Device Settings module in the LibreNMS network monitoring system is related to the lack of protective measures taken for the website structure when processing the Display Name field. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting...

5.5CVSS5.2AI score0.42464EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/10 12:0 a.m.11 views

The vulnerability of the functions sock_set_flag() and spin_unlock() (net/ipv4/udp.c) in the Linux kernel’s UDP component allows a attacker to cause a service failure.

The vulnerabilities of the functions socksetflag and spinunlock net/ipv4/udp.c in the Linux kernel’s UDP component are related to resource management errors. Exploiting these vulnerabilities could allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.0028EPSS
Exploits0References50Affected Software7
BDU FSTEC
BDU FSTEC
added 2025/02/05 12:0 a.m.11 views

The vulnerability of the CassandraNetworkAuthorizer and CassandraCIDRAuthorizer components of the distributed Apache Cassandra database management system allows attackers to enhance their privileges.

The vulnerability of the CassandraNetworkAuthorizer and CassandraCIDRAuthorizer components of the distributed Apache Cassandra database management system is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow a malicious actor to enhance their...

9.9CVSS5.7AI score0.01056EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/02/03 12:0 a.m.11 views

The vulnerability of the Plasma Workspace graphical environment, related to incorrect session duration, allows a intruder to trigger a service failure.

The vulnerability of the Plasma Workspace graphical environment is related to incorrect session duration settings. Exploiting this vulnerability can allow an attacker to trigger a service failure...

7.8CVSS7.1AI score0.00293EPSS
Exploits0References11Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/02/03 12:0 a.m.11 views

The vulnerability in the host_templates.php script of the Cacti network monitoring software allows a hacker to execute arbitrary code.

The vulnerability of the hosttemplates.php script of the Cacti network monitoring software is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code...

8CVSS6AI score0.40996EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/03 12:0 a.m.11 views

The vulnerability of the Identity Manager software component, used for managing and controlling access to corporate resources and IBM Security Verify Governance applications, allows a perpetrator to execute a type of “man-in-the-middle” attack.

The vulnerability of the Identity Manager software component, which is used for managing and controlling access to corporate resources and applications in IBM Security Verify Governance, relates to the storage of sensitive data in an open manner. Exploiting this vulnerability could allow a...

5.9CVSS5.6AI score0.0023EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/03 12:0 a.m.11 views

The vulnerability of the Linux operating system’s Bluetooth kernel component, which allows a hacker to trigger a service failure

The vulnerability of the Linux operating system’s Bluetooth kernel component is related to errors that occur after the release of the software. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.4AI score0.00233EPSS
Exploits0References12Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/01/28 12:0 a.m.11 views

The vulnerability of the Linux operating system’s kernel, related to unvalidated array indexing, allows a hacker to trigger a service failure.

The vulnerability of the Linux operating system’s kernel is related to unvalidated array indexing. Exploiting this vulnerability can allow an attacker to cause a service failure...

7.8CVSS6.9AI score0.00256EPSS
Exploits0References15Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/01/27 12:0 a.m.11 views

The vulnerability of SimpleHelp’s software for remote support stems from an incorrect limitation on the path to the restricted-access directory, allowing a perpetrator to disclose protected information.

The vulnerability of SimpleHelp’s software for remote support is related to an incorrect limitation on the path to the restricted-access directory. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...

7.8CVSS7.8AI score0.95151EPSS
Exploits2References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/27 12:0 a.m.11 views

The vulnerability of the QuTS operating systems and QTS network devices allows unauthorized access to protected information with root privileges, due to insufficient handling of format lines.

The vulnerability of the QuTS operating systems and QTS network devices involves insufficient handling of the format string. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information with root privileges...

6.5CVSS5.5AI score0.00533EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/01/14 12:0 a.m.11 views

The vulnerability of the CookieSigner class in the Apache Spark framework and the Apache Hive database allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the CookieSigner class in the Apache Spark framework and the Apache Hive database is related to the disclosure of the digital signature of cookies due to an incorrect mechanism for generating error reports. Exploiting this vulnerability can allow a remote attacker to gain...

5.9CVSS5.5AI score0.01468EPSS
Exploits1References12Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.11 views

The vulnerability in the web interface of the Cisco Crosswork Network Controller (CNC) allows a attacker to execute XSS attacks.

The vulnerability in the web interface of the Cisco Crosswork Network Controller CNC management interface is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

5.5CVSS5.5AI score0.00256EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.11 views

The vulnerability of the System component of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of the System component of the Android operating system is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8AI score0.00199EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.11 views

Vulnerability of web-based interfaces for microprogramming systems: Wi-Fi routers such as Netis NX10, Netis 11AC Router NC65, Netis 11AC Router NC63, Netis 11AC Router NC21, and Netis Wifi Router MW5360 allow attackers to disclose protected information.

The vulnerability of the web-based management interfaces for Netis microprogramming systems, including Netis NX10, Netis 11AC Router NC65, Netis 11AC Router NC63, Netis 11AC Router NC21, and Netis Wifi Router MW5360, is related to insufficient protection for sensitive data. Exploiting this...

4CVSS7.6AI score0.06249EPSS
Exploits1References3Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.11 views

The vulnerability of the SSH configuration function on SonicOS operating systems allows a hacker to perform an SSRF attack.

The vulnerability of the SSH configuration function in SonicOS operating systems is related to insufficient validation of requests on the server side. Exploiting this vulnerability allows a malicious actor to perform an SSRF attack remotely...

7.8CVSS7.4AI score0.00711EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/27 12:0 a.m.11 views

The vulnerabilities of the `runtime_suspend()` and `runtime_resume()` functions of the `cadence-qspi` component in the Linux operating system allow a hacker to trigger a service failure.

The vulnerability of the runtimesuspend and runtimeresume functions of the cadence-qspi component in Linux operating systems is related to a freeze that occurs due to repeated locking of resources. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS5.9AI score0.00149EPSS
Exploits0References10Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/27 12:0 a.m.11 views

The vulnerability of Adobe InDesign’s computer layout automation tool, related to memory-walking attacks, allows attackers to bypass ASLR protection and disclose the protected information.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to memory-walking attacks. Exploiting this vulnerability can allow an attacker to bypass ASLR protection and disclose the protected information...

5.5CVSS5.4AI score0.00322EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/26 12:0 a.m.11 views

The vulnerability of the monitoring, control, automation, and management tool for IBM Cloud Pak for Multicloud Management Monitoring lies in its deserialization mechanism flaws, which allows attackers to execute arbitrary commands.

The vulnerability of the monitoring, control, automation, and management tool for IBM Cloud Pak for Multicloud Management lies in the shortcomings of the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by sending a specially crafted...

9CVSS6AI score0.00837EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/12/26 12:0 a.m.11 views

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the execution of operations beyond the buffer in memory when processing WRL files. Exploiting this vulnerability could allow an attacker to...

7.8CVSS7.9AI score0.00255EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/12/25 12:0 a.m.11 views

The vulnerability of the jffs2 component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the jffs2 component in the Linux operating system’s kernel is related to errors in reading beyond the boundary in the dojffs2setxattr function. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00245EPSS
Exploits0References44Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.11 views

The vulnerability of the fromSetSysTime function in Tenda AC6 software allows a hacker to execute arbitrary code.

The vulnerability of the fromSetSysTime function in Tenda AC6 software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS6AI score0.00544EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/13 12:0 a.m.11 views

The vulnerability of the software development environment for systems that automate technological processes, the Totally Integrated Automation Portal (Portal TIA), and the software used for modeling and simulating the operation of Siemens S7 controllers, arises from insufficient validation of input data. This allows attackers to execute arbitrary code.

The vulnerability of the software development environment for systems that automate technological processes, such as the Totally Integrated Automation Portal Portal TIA and software for simulating and testing the operation of Siemens S7 controllers, is related to insufficient verification of inpu...

7.3CVSS5.8AI score0.00179EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/12/04 12:0 a.m.11 views

The vulnerability of the n_gsm component in the Linux operating system’s kernel allows a hacker to execute arbitrary code.

The vulnerability of the ngsm component in the Linux operating system’s kernel is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.4AI score0.00276EPSS
Exploits0References20Affected Software6
BDU FSTEC
BDU FSTEC
added 2024/12/02 12:0 a.m.11 views

The vulnerability of Adobe Dimension’s 3D design software lies in the possibility of an operation occurring outside the buffer boundaries of memory, allowing a hacker to execute arbitrary code.

The vulnerability of Adobe Dimension’s 3D design software relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS7.9AI score0.00307EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.11 views

The vulnerability of the library for optimizing machine learning models, Intel Neural Compressor, related to errors in processing input data, allows attackers to exploit it to gain increased privileges.

The vulnerability of the Intel Neural Compressor library for optimizing machine learning models is related to errors in processing input data. Exploiting this vulnerability can allow attackers to enhance their privileges remotely...

7.5CVSS5.4AI score0.003EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.11 views

The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation, related to buffer overflow in the stack, allows a hacker to execute arbitrary code.

The vulnerability of the software environment for simulation modeling of systems and processes in Siemens Tecnomatix Plant Simulation lies in buffer overflows in the stack. Exploiting this vulnerability can allow attackers to execute arbitrary code using specially created WRL files...

7.8CVSS7.8AI score0.00236EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.11 views

The vulnerability of the file conversion tools between different formats—PS/IGES Parasolid Translator and the simulation modeling application Simcenter Femap—allows a perpetrator to execute arbitrary code.

The vulnerability of the file conversion tools between different formats, such as PS/IGES Parasolid Translator and the simulation application Simcenter Femap, is related to reading data beyond the acceptable range in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary...

7.8CVSS7.6AI score0.0039EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.11 views

The vulnerability of the QuRouter operating system for QNAP network devices lies in the lack of measures taken to neutralize special elements used in the operating system’s commands. This allows attackers to execute arbitrary commands.

The vulnerability of the QuRouter operating system for QNAP network devices is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

10CVSS5.9AI score0.01472EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.11 views

The vulnerability of the Intel Alias Checking Trusted Module (Intel ACTM), a microprogramming software component for Intel 4th Generation and 5th Generation processors, allows attackers to exploit it to increase their privileges.

The vulnerability of the Intel Alias Checking Trusted Module Intel ACTM, a microprogramming software component of Intel’s 4th and 5th generation processors, relates to the disclosure of information in the erroneous data area. Exploiting this vulnerability can allow attackers to enhance their...

7.2CVSS5.5AI score0.0017EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.11 views

The vulnerability of the software tools for accelerated video processing at the hardware level, the Intel Video Processing Library (VPL), is related to integer overflow. This vulnerability allows an attacker to exploit their privileges.

The vulnerability of the Intel Video Processing Library VPL, a software tool designed for accelerated video processing at the hardware level, is related to a numerical overflow vulnerability. Exploiting this vulnerability can allow an attacker to gain increased privileges...

4.8CVSS5.5AI score0.0021EPSS
Exploits0References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.11 views

The vulnerability of the CLI command-line interface of the GitHub collaborative development platform, related to the failure to remove special elements, allows a perpetrator to execute arbitrary code.

The vulnerability of the CLI command-line interface of the GitHub collaborative development platform is related to the lack of measures to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8CVSS8.1AI score0.00861EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/21 12:0 a.m.11 views

A vulnerability in the netfilter component of the Linux operating system’s kernel, which allows a hacker to cause a service failure

The vulnerability in the netfilter component of the Linux operating system’s kernel is related to improper validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.4AI score0.0023EPSS
Exploits0References20Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/11/21 12:0 a.m.11 views

Vulnerability of components of Linux operating system’s kernel/mlx5, allowing a hacker to cause a service failure

The vulnerability of the net/mlx5 components of the Linux operating system’s kernel is related to incorrect initialization of a resource in the addrulefg function. Exploiting this vulnerability can allow an attacker to cause service failures...

9.1CVSS6.5AI score0.01401EPSS
Exploits0References46Affected Software7
BDU FSTEC
BDU FSTEC
added 2024/11/21 12:0 a.m.11 views

The vulnerability of DRM/VMWGFX components in Linux operating systems allows attackers to increase their privileges within the system.

The vulnerability of DRM/VMWGFX components in Linux operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to increase their privileges within the system...

5.5CVSS7.1AI score0.00225EPSS
Exploits0References21Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/11/21 12:0 a.m.11 views

The vulnerability of the hci_event component in the Linux operating system’s kernel allows a perpetrator to gain access to confidential information.

The vulnerability of the hcievent component in the Linux operating system’s kernel is related to the disclosure of information within the hciiocaparequestevt function. Exploiting this vulnerability can allow an attacker to gain access to confidential information...

3.3CVSS6.8AI score0.00244EPSS
Exploits0References45Affected Software6
BDU FSTEC
BDU FSTEC
added 2024/11/18 12:0 a.m.11 views

The vulnerability of the opennurbs.dll and ODXSW_DLL.dll libraries, which are software components for modeling, design, and drafting in AutoCAD, allows a malicious individual to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.

The vulnerability of the opennurbs.dll and ODXSWDLL.dll libraries, which are software for modeling, design, and drafting in AutoCAD, is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information, execute...

10CVSS7.8AI score0.00345EPSS
Exploits0References6Affected Software9
BDU FSTEC
BDU FSTEC
added 2024/11/18 12:0 a.m.11 views

The vulnerability of the emu10k1 component of the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the emu10k1 kernel component of the Linux operating system is related to errors in reading beyond the buffer boundary in the sndemu10k1pcmchannelalloc function. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.8AI score0.00237EPSS
Exploits0References23Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/11/15 12:0 a.m.11 views

The vulnerability of the GRUB loader program, related to bypassing authentication methods through spoofing techniques, allows a perpetrator to circumvent the authentication process and enhance their privileges within the system.

The vulnerability of the GRUB bootloader is related to the ability to bypass authentication methods using spoofing techniques. Exploiting this vulnerability allows an attacker to circumvent the authentication process and enhance their privileges within the system...

5.6CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/15 12:0 a.m.11 views

The vulnerability of the CharxSystemConfigManager service in the microprogramming software for modular control devices for AC charging stations and wall-mounted charging devices from Phoenix Contact, CHARX SEC-3100, allows a hacker to execute arbitrary code.

The vulnerability of the CharxSystemConfigManager service in the microprogramming software for modular control devices for AC charging stations and wall-mounted charging devices from Phoenix Contact, the CHARX SEC-3100, is related to the absence of authentication procedures. Exploiting this...

10CVSS8.1AI score0.01404EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.11 views

The vulnerability of the Telerik Report Server software’s reporting control tool lies in its reliance on external controls for selecting classes. This allows an attacker to execute arbitrary code.

The vulnerability of the Telerik Report Server reporting management software lies in the use of external control for selecting classes when input data is provided. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS5.8AI score0.00221EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.11 views

The vulnerability of the btrfs component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the btrfs component in the Linux operating system’s kernel is related to incorrect blocking in the closectree function. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.2AI score0.00236EPSS
Exploits0References16Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.11 views

The vulnerability of the Symfony software platform for developing and managing web applications arises from the lack of measures taken to neutralize special elements, allowing attackers to execute arbitrary code.

The vulnerability of the Symfony software platform for developing and managing web applications exists due to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

7.5CVSS6.2AI score0.63422EPSS
Exploits0References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.11 views

The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in its ability to read data beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Adobe After Effects’ video and dynamic image editing software relates to reading beyond the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user, using a specially created file...

7.8CVSS6.2AI score0.00311EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.11 views

The vulnerabilities of the s390/zcrypt components of the Linux operating system’s kernel allow attackers to gain elevated privileges within the system.

The vulnerability of the s390/zcrypt components in Linux operating systems is related to errors that occur after liberation. Exploiting this vulnerability can allow an attacker to gain elevated privileges within the system...

8.8CVSS6.6AI score0.00239EPSS
Exploits0References47Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.11 views

The vulnerability of Adobe After Effects’ video and dynamic image editing software arises from operations that go beyond buffer boundaries in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerability of Adobe After Effects video and dynamic image editing software relates to the execution of operations beyond buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created file...

5.5CVSS5.8AI score0.00258EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.11 views

The vulnerability of the NFS kernel component in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the NFS kernel component in Linux operating systems is related to incorrect blocking in the nfsnetfsissueread function. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.002EPSS
Exploits0References21Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.11 views

The vulnerability of the Buildah container management tool arises due to an incorrect path name limitation for the restricted access catalog. This allows a malicious user to elevate their privileges within the system.

The vulnerability of the Buildah container management tool exists due to an incorrect restriction on the path name to the restricted catalog. Exploiting this vulnerability can allow a malicious user to gain increased privileges within the system...

4.4CVSS7.2AI score0.00392EPSS
Exploits0References9Affected Software7
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.11 views

The vulnerability of the clk component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the clk component in the Linux operating system’s kernel is related to improper locking of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00173EPSS
Exploits0References24Affected Software7
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.11 views

The vulnerability of the dwc3-am62 component of the Linux operating system’s kernel, which allows a hacker to cause a service failure

The vulnerability of the dwc3-am62 component in the Linux operating system is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.00222EPSS
Exploits0References23Affected Software4
Total number of security vulnerabilities5000