90509 matches found
The vulnerability of JavaScript script handlers in Google Chrome browsers allows attackers to partially compromise the accessibility of protected information.
The vulnerability of JavaScript script handlers in Google Chrome browsers relates to reading beyond the buffer boundary. Exploiting this vulnerability allows a malicious actor to partially compromise the accessibility of protected information through a specially crafted HTML page...
The vulnerability of the Device Settings module in the LibreNMS network monitoring system allows a violator to perform cross-site scripting attacks.
The vulnerability of the Device Settings module in the LibreNMS network monitoring system is related to the lack of protective measures taken for the website structure when processing the Display Name field. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting...
The vulnerability of the functions sock_set_flag() and spin_unlock() (net/ipv4/udp.c) in the Linux kernel’s UDP component allows a attacker to cause a service failure.
The vulnerabilities of the functions socksetflag and spinunlock net/ipv4/udp.c in the Linux kernel’s UDP component are related to resource management errors. Exploiting these vulnerabilities could allow an attacker to cause a service failure...
The vulnerability of the CassandraNetworkAuthorizer and CassandraCIDRAuthorizer components of the distributed Apache Cassandra database management system allows attackers to enhance their privileges.
The vulnerability of the CassandraNetworkAuthorizer and CassandraCIDRAuthorizer components of the distributed Apache Cassandra database management system is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow a malicious actor to enhance their...
The vulnerability of the Plasma Workspace graphical environment, related to incorrect session duration, allows a intruder to trigger a service failure.
The vulnerability of the Plasma Workspace graphical environment is related to incorrect session duration settings. Exploiting this vulnerability can allow an attacker to trigger a service failure...
The vulnerability in the host_templates.php script of the Cacti network monitoring software allows a hacker to execute arbitrary code.
The vulnerability of the hosttemplates.php script of the Cacti network monitoring software is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code...
The vulnerability of the Identity Manager software component, used for managing and controlling access to corporate resources and IBM Security Verify Governance applications, allows a perpetrator to execute a type of “man-in-the-middle” attack.
The vulnerability of the Identity Manager software component, which is used for managing and controlling access to corporate resources and applications in IBM Security Verify Governance, relates to the storage of sensitive data in an open manner. Exploiting this vulnerability could allow a...
The vulnerability of the Linux operating system’s Bluetooth kernel component, which allows a hacker to trigger a service failure
The vulnerability of the Linux operating system’s Bluetooth kernel component is related to errors that occur after the release of the software. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Linux operating system’s kernel, related to unvalidated array indexing, allows a hacker to trigger a service failure.
The vulnerability of the Linux operating system’s kernel is related to unvalidated array indexing. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of SimpleHelp’s software for remote support stems from an incorrect limitation on the path to the restricted-access directory, allowing a perpetrator to disclose protected information.
The vulnerability of SimpleHelp’s software for remote support is related to an incorrect limitation on the path to the restricted-access directory. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...
The vulnerability of the QuTS operating systems and QTS network devices allows unauthorized access to protected information with root privileges, due to insufficient handling of format lines.
The vulnerability of the QuTS operating systems and QTS network devices involves insufficient handling of the format string. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information with root privileges...
The vulnerability of the CookieSigner class in the Apache Spark framework and the Apache Hive database allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the CookieSigner class in the Apache Spark framework and the Apache Hive database is related to the disclosure of the digital signature of cookies due to an incorrect mechanism for generating error reports. Exploiting this vulnerability can allow a remote attacker to gain...
The vulnerability in the web interface of the Cisco Crosswork Network Controller (CNC) allows a attacker to execute XSS attacks.
The vulnerability in the web interface of the Cisco Crosswork Network Controller CNC management interface is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
The vulnerability of the System component of the Android operating system, allowing a hacker to execute arbitrary code
The vulnerability of the System component of the Android operating system is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Vulnerability of web-based interfaces for microprogramming systems: Wi-Fi routers such as Netis NX10, Netis 11AC Router NC65, Netis 11AC Router NC63, Netis 11AC Router NC21, and Netis Wifi Router MW5360 allow attackers to disclose protected information.
The vulnerability of the web-based management interfaces for Netis microprogramming systems, including Netis NX10, Netis 11AC Router NC65, Netis 11AC Router NC63, Netis 11AC Router NC21, and Netis Wifi Router MW5360, is related to insufficient protection for sensitive data. Exploiting this...
The vulnerability of the SSH configuration function on SonicOS operating systems allows a hacker to perform an SSRF attack.
The vulnerability of the SSH configuration function in SonicOS operating systems is related to insufficient validation of requests on the server side. Exploiting this vulnerability allows a malicious actor to perform an SSRF attack remotely...
The vulnerabilities of the `runtime_suspend()` and `runtime_resume()` functions of the `cadence-qspi` component in the Linux operating system allow a hacker to trigger a service failure.
The vulnerability of the runtimesuspend and runtimeresume functions of the cadence-qspi component in Linux operating systems is related to a freeze that occurs due to repeated locking of resources. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of Adobe InDesign’s computer layout automation tool, related to memory-walking attacks, allows attackers to bypass ASLR protection and disclose the protected information.
The vulnerability of Adobe InDesign’s computer layout automation tool is related to memory-walking attacks. Exploiting this vulnerability can allow an attacker to bypass ASLR protection and disclose the protected information...
The vulnerability of the monitoring, control, automation, and management tool for IBM Cloud Pak for Multicloud Management Monitoring lies in its deserialization mechanism flaws, which allows attackers to execute arbitrary commands.
The vulnerability of the monitoring, control, automation, and management tool for IBM Cloud Pak for Multicloud Management lies in the shortcomings of the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by sending a specially crafted...
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the execution of operations beyond the buffer in memory when processing WRL files. Exploiting this vulnerability could allow an attacker to...
The vulnerability of the jffs2 component in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the jffs2 component in the Linux operating system’s kernel is related to errors in reading beyond the boundary in the dojffs2setxattr function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the fromSetSysTime function in Tenda AC6 software allows a hacker to execute arbitrary code.
The vulnerability of the fromSetSysTime function in Tenda AC6 software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the software development environment for systems that automate technological processes, the Totally Integrated Automation Portal (Portal TIA), and the software used for modeling and simulating the operation of Siemens S7 controllers, arises from insufficient validation of input data. This allows attackers to execute arbitrary code.
The vulnerability of the software development environment for systems that automate technological processes, such as the Totally Integrated Automation Portal Portal TIA and software for simulating and testing the operation of Siemens S7 controllers, is related to insufficient verification of inpu...
The vulnerability of the n_gsm component in the Linux operating system’s kernel allows a hacker to execute arbitrary code.
The vulnerability of the ngsm component in the Linux operating system’s kernel is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of Adobe Dimension’s 3D design software lies in the possibility of an operation occurring outside the buffer boundaries of memory, allowing a hacker to execute arbitrary code.
The vulnerability of Adobe Dimension’s 3D design software relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability of the library for optimizing machine learning models, Intel Neural Compressor, related to errors in processing input data, allows attackers to exploit it to gain increased privileges.
The vulnerability of the Intel Neural Compressor library for optimizing machine learning models is related to errors in processing input data. Exploiting this vulnerability can allow attackers to enhance their privileges remotely...
The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation, related to buffer overflow in the stack, allows a hacker to execute arbitrary code.
The vulnerability of the software environment for simulation modeling of systems and processes in Siemens Tecnomatix Plant Simulation lies in buffer overflows in the stack. Exploiting this vulnerability can allow attackers to execute arbitrary code using specially created WRL files...
The vulnerability of the file conversion tools between different formats—PS/IGES Parasolid Translator and the simulation modeling application Simcenter Femap—allows a perpetrator to execute arbitrary code.
The vulnerability of the file conversion tools between different formats, such as PS/IGES Parasolid Translator and the simulation application Simcenter Femap, is related to reading data beyond the acceptable range in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary...
The vulnerability of the QuRouter operating system for QNAP network devices lies in the lack of measures taken to neutralize special elements used in the operating system’s commands. This allows attackers to execute arbitrary commands.
The vulnerability of the QuRouter operating system for QNAP network devices is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the Intel Alias Checking Trusted Module (Intel ACTM), a microprogramming software component for Intel 4th Generation and 5th Generation processors, allows attackers to exploit it to increase their privileges.
The vulnerability of the Intel Alias Checking Trusted Module Intel ACTM, a microprogramming software component of Intel’s 4th and 5th generation processors, relates to the disclosure of information in the erroneous data area. Exploiting this vulnerability can allow attackers to enhance their...
The vulnerability of the software tools for accelerated video processing at the hardware level, the Intel Video Processing Library (VPL), is related to integer overflow. This vulnerability allows an attacker to exploit their privileges.
The vulnerability of the Intel Video Processing Library VPL, a software tool designed for accelerated video processing at the hardware level, is related to a numerical overflow vulnerability. Exploiting this vulnerability can allow an attacker to gain increased privileges...
The vulnerability of the CLI command-line interface of the GitHub collaborative development platform, related to the failure to remove special elements, allows a perpetrator to execute arbitrary code.
The vulnerability of the CLI command-line interface of the GitHub collaborative development platform is related to the lack of measures to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
A vulnerability in the netfilter component of the Linux operating system’s kernel, which allows a hacker to cause a service failure
The vulnerability in the netfilter component of the Linux operating system’s kernel is related to improper validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...
Vulnerability of components of Linux operating system’s kernel/mlx5, allowing a hacker to cause a service failure
The vulnerability of the net/mlx5 components of the Linux operating system’s kernel is related to incorrect initialization of a resource in the addrulefg function. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of DRM/VMWGFX components in Linux operating systems allows attackers to increase their privileges within the system.
The vulnerability of DRM/VMWGFX components in Linux operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to increase their privileges within the system...
The vulnerability of the hci_event component in the Linux operating system’s kernel allows a perpetrator to gain access to confidential information.
The vulnerability of the hcievent component in the Linux operating system’s kernel is related to the disclosure of information within the hciiocaparequestevt function. Exploiting this vulnerability can allow an attacker to gain access to confidential information...
The vulnerability of the opennurbs.dll and ODXSW_DLL.dll libraries, which are software components for modeling, design, and drafting in AutoCAD, allows a malicious individual to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.
The vulnerability of the opennurbs.dll and ODXSWDLL.dll libraries, which are software for modeling, design, and drafting in AutoCAD, is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information, execute...
The vulnerability of the emu10k1 component of the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the emu10k1 kernel component of the Linux operating system is related to errors in reading beyond the buffer boundary in the sndemu10k1pcmchannelalloc function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the GRUB loader program, related to bypassing authentication methods through spoofing techniques, allows a perpetrator to circumvent the authentication process and enhance their privileges within the system.
The vulnerability of the GRUB bootloader is related to the ability to bypass authentication methods using spoofing techniques. Exploiting this vulnerability allows an attacker to circumvent the authentication process and enhance their privileges within the system...
The vulnerability of the CharxSystemConfigManager service in the microprogramming software for modular control devices for AC charging stations and wall-mounted charging devices from Phoenix Contact, CHARX SEC-3100, allows a hacker to execute arbitrary code.
The vulnerability of the CharxSystemConfigManager service in the microprogramming software for modular control devices for AC charging stations and wall-mounted charging devices from Phoenix Contact, the CHARX SEC-3100, is related to the absence of authentication procedures. Exploiting this...
The vulnerability of the Telerik Report Server software’s reporting control tool lies in its reliance on external controls for selecting classes. This allows an attacker to execute arbitrary code.
The vulnerability of the Telerik Report Server reporting management software lies in the use of external control for selecting classes when input data is provided. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the btrfs component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the btrfs component in the Linux operating system’s kernel is related to incorrect blocking in the closectree function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Symfony software platform for developing and managing web applications arises from the lack of measures taken to neutralize special elements, allowing attackers to execute arbitrary code.
The vulnerability of the Symfony software platform for developing and managing web applications exists due to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in its ability to read data beyond the buffer in memory, allowing an attacker to execute arbitrary code.
The vulnerability of Adobe After Effects’ video and dynamic image editing software relates to reading beyond the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user, using a specially created file...
The vulnerabilities of the s390/zcrypt components of the Linux operating system’s kernel allow attackers to gain elevated privileges within the system.
The vulnerability of the s390/zcrypt components in Linux operating systems is related to errors that occur after liberation. Exploiting this vulnerability can allow an attacker to gain elevated privileges within the system...
The vulnerability of Adobe After Effects’ video and dynamic image editing software arises from operations that go beyond buffer boundaries in memory, allowing attackers to gain unauthorized access to protected information.
The vulnerability of Adobe After Effects video and dynamic image editing software relates to the execution of operations beyond buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created file...
The vulnerability of the NFS kernel component in Linux operating systems allows a hacker to trigger a service failure.
The vulnerability of the NFS kernel component in Linux operating systems is related to incorrect blocking in the nfsnetfsissueread function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Buildah container management tool arises due to an incorrect path name limitation for the restricted access catalog. This allows a malicious user to elevate their privileges within the system.
The vulnerability of the Buildah container management tool exists due to an incorrect restriction on the path name to the restricted catalog. Exploiting this vulnerability can allow a malicious user to gain increased privileges within the system...
The vulnerability of the clk component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the clk component in the Linux operating system’s kernel is related to improper locking of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the dwc3-am62 component of the Linux operating system’s kernel, which allows a hacker to cause a service failure
The vulnerability of the dwc3-am62 component in the Linux operating system is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...