90509 matches found
The vulnerability of the opennurbs.dll and ODXSW_DLL.dll libraries, which are software components for modeling, design, and drafting in AutoCAD, allows a malicious individual to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.
The vulnerability of the opennurbs.dll and ODXSWDLL.dll libraries, which are software for modeling, design, and drafting in AutoCAD, is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information, execute...
The vulnerability of the emu10k1 component of the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the emu10k1 kernel component of the Linux operating system is related to errors in reading beyond the buffer boundary in the sndemu10k1pcmchannelalloc function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the GRUB loader program, related to bypassing authentication methods through spoofing techniques, allows a perpetrator to circumvent the authentication process and enhance their privileges within the system.
The vulnerability of the GRUB bootloader is related to the ability to bypass authentication methods using spoofing techniques. Exploiting this vulnerability allows an attacker to circumvent the authentication process and enhance their privileges within the system...
The vulnerability of the CharxSystemConfigManager service in the microprogramming software for modular control devices for AC charging stations and wall-mounted charging devices from Phoenix Contact, CHARX SEC-3100, allows a hacker to execute arbitrary code.
The vulnerability of the CharxSystemConfigManager service in the microprogramming software for modular control devices for AC charging stations and wall-mounted charging devices from Phoenix Contact, the CHARX SEC-3100, is related to the absence of authentication procedures. Exploiting this...
The vulnerability of the Telerik Report Server software’s reporting control tool lies in its reliance on external controls for selecting classes. This allows an attacker to execute arbitrary code.
The vulnerability of the Telerik Report Server reporting management software lies in the use of external control for selecting classes when input data is provided. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the btrfs component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the btrfs component in the Linux operating system’s kernel is related to incorrect blocking in the closectree function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Symfony software platform for developing and managing web applications arises from the lack of measures taken to neutralize special elements, allowing attackers to execute arbitrary code.
The vulnerability of the Symfony software platform for developing and managing web applications exists due to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in its ability to read data beyond the buffer in memory, allowing an attacker to execute arbitrary code.
The vulnerability of Adobe After Effects’ video and dynamic image editing software relates to reading beyond the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user, using a specially created file...
The vulnerabilities of the s390/zcrypt components of the Linux operating system’s kernel allow attackers to gain elevated privileges within the system.
The vulnerability of the s390/zcrypt components in Linux operating systems is related to errors that occur after liberation. Exploiting this vulnerability can allow an attacker to gain elevated privileges within the system...
The vulnerability of Adobe After Effects’ video and dynamic image editing software arises from operations that go beyond buffer boundaries in memory, allowing attackers to gain unauthorized access to protected information.
The vulnerability of Adobe After Effects video and dynamic image editing software relates to the execution of operations beyond buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created file...
The vulnerability of the NFS kernel component in Linux operating systems allows a hacker to trigger a service failure.
The vulnerability of the NFS kernel component in Linux operating systems is related to incorrect blocking in the nfsnetfsissueread function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Buildah container management tool arises due to an incorrect path name limitation for the restricted access catalog. This allows a malicious user to elevate their privileges within the system.
The vulnerability of the Buildah container management tool exists due to an incorrect restriction on the path name to the restricted catalog. Exploiting this vulnerability can allow a malicious user to gain increased privileges within the system...
The vulnerability of the clk component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the clk component in the Linux operating system’s kernel is related to improper locking of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the dwc3-am62 component of the Linux operating system’s kernel, which allows a hacker to cause a service failure
The vulnerability of the dwc3-am62 component in the Linux operating system is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Portal for ArcGIS web portal, related to the use of open redirection, allows a hacker to redirect a user to any given URL address.
The vulnerability of the Portal for ArcGIS web portal is related to the use of open redirection. Exploiting this vulnerability allows a malicious actor to redirect users to any given URL address...
The vulnerability of the dwc2 component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the dwc2 component in the Linux operating system’s kernel is related to improper validation of input data in the dwc2cmplhostisocdmadesc function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of Schneider Electric EcoStruxure IT Gateway’s software for communicating with controlled devices lies in the absence of authentication procedures, allowing attackers to gain full access to the vulnerable software.
The vulnerability of Schneider Electric EcoStruxure IT Gateway’s software for communicating with controlled devices is related to the absence of an authentication procedure. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain full access to the vulnerable...
The vulnerability of the vmk80xx component of the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the vmk80xx component of the Linux operating system’s kernel is related to resource management errors in the vmk80xxfindusbendpoints function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the tmpfs component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the tmpfs component in the Linux operating system’s kernel is related to the state of the race condition. Exploiting this vulnerability can allow an attacker to increase their privileges within the system...
The vulnerability of the qcom component in the Linux operating system’s kernel allows a hacker to manipulate the accessibility of protected information.
The vulnerability of the qcom component in the Linux operating system’s kernel is related to errors in reading beyond the boundary of the function F. Exploiting this vulnerability can allow an attacker to influence the accessibility of protected information...
The vulnerability of the Git-based software platform for collaborative code development on GitLab arises from the use of a regular expression c with inefficient computational complexity, allowing a hacker to trigger a service failure.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the use of a regular expression with inefficient computational complexity. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service failures whe...
The vulnerability of the Windows DWM library in Windows operating systems, related to the swapping of a non-trusted pointer, allows attackers to escalate their privileges.
The vulnerability of the Windows DWM library in Windows operating systems is related to the swapping of a non-trusted pointer. Exploiting this vulnerability can allow an attacker to gain increased privileges...
The vulnerability of the jscript9legacy.dll library in the Antimalware Scan Interface (AMSI) component of Microsoft Windows operating systems allows a malicious actor to circumvent security restrictions.
The vulnerability of the jscript9legacy.dll library in the Antimalware Scan Interface AMSI component of Microsoft Windows operating systems is related to a flaw in the data protection mechanism. Exploiting this vulnerability could allow an attacker to circumvent security restrictions...
The vulnerability of Linux operating system kernel components that implement vfio/pci allows a hacker to trigger a service failure.
The vulnerability of Linux operating system kernel components that use vfio/pci is related to resource management errors in the vfiointxsetsignal function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Android Framework component of the Android operating system allows attackers to elevate their privileges and gain unauthorized access to directories such as Android/data, Android/obb, and Android/sandbox.
The vulnerability of the Android Framework component of the Android operating system is related to insecure management of privileges. Exploiting this vulnerability allows a remote attacker to enhance their privileges and gain unauthorized access to directories such as Android/data, Android/obb, a...
The vulnerability of the kirin_pcie_parse_port() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the kirinpcieparseport function in the Linux kernel’s drivers/pci/controller/dwc/pcie-kirin.c file is related to incorrect calculation of the buffer boundary. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility...
The vulnerability of the AcTranslators.exe executable file of the AutoCAD simulation, design, and drafting software allows a perpetrator to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.
The vulnerability of the AcTranslators.exe executable file of the AutoCAD simulation, design, and drafting software is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected...
The vulnerability of the YouGile project management service, related to insufficient protection of operational data, allows a hacker to disclose the protected information.
The vulnerability of the YouGile project management service is related to insufficient protection of operational data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose the protected information...
The vulnerability of the Audio, Web, and Video Conferencing component of the MiCollab collaboration platform allows a perpetrator to gain unauthorized access to read, modify, or delete data.
The vulnerability of the Audio, Web, and Video Conferencing component of the MiCollab collaboration platform is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to read, modify, or delete data...
The vulnerability of the NuPoint Unified Messaging component of the Mitel MiCollab collaboration platform, related to insufficient validation of input data, allows a perpetrator to execute arbitrary commands.
The vulnerability of the NuPoint Unified Messaging component of the Mitel MiCollab collaboration platform relates to the failure to implement measures to neutralize specific elements. Exploiting this vulnerability allows attackers to execute arbitrary commands...
The vulnerability of the NSG function of Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense microprogramming systems allows attackers to circumvent existing security restrictions.
The vulnerability of the NSG function of Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense microprogramming firewalls involves bypassing authentication through spoofing. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions and allo...
The vulnerability of the subprocess module in the Python programming language interpreter allows a perpetrator to trigger a service failure.
The vulnerability of the subprocess module in the Python programming language interpreter is related to privilege management errors. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability in the web interface of the Cisco Identity Services Engine, a platform for managing network policies, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability in the web interface of the Cisco Identity Services Engine management platform for network policies relates to the lack of data encryption measures. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information through a special...
The vulnerability of the SIMATIC Reader software for editing and managing projects and documents allows a hacker to restart the application.
The vulnerability of the SIMATIC Reader software for editing and managing projects and documents is related to incorrect processing of character definitions during SNMP configuration. Exploiting this vulnerability could allow a malicious actor to remotely restart the application...
The vulnerability of the bpf component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the bpf component in the Linux operating system’s kernel is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the SCSI component in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the SCSI component in the Linux operating system is related to errors in resource management in the pqimapqueues function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the SCKU Dome software, related to deficiencies in access control, allows attackers to gain access to the software’s database.
The vulnerability of the SCKU Dome software is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to the software’s database...
The vulnerability of the Core module of the Indeed Privileged Access Manager allows a perpetrator to trigger a service failure.
The vulnerability of the Core module of the Indeed Privileged Access Manager software lies in its uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain unauthorized access to protected information or cause service failures.
The vulnerability of the Core component of the Oracle VM VirtualBox software lies in insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cause service failures...
The vulnerability of embedded software developed by Qualcomm, related to the possibility of using memory after release, allows a hacker to execute arbitrary code.
The vulnerability of embedded software developed for Qualcomm chips lies in the possibility of exploiting memory after it is freed. Exploiting this vulnerability could allow a hacker to execute arbitrary code...
The vulnerability of the dcn302_fpu_update_bw_bounding_box() function in the amdgpu kernel of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the dcn302fpuupdatebwboundingbox function in the drivers/gpu/drm/amd/display/dc/dml/dcn302/dcn302fpu.c file of the amdgpu kernel in the Linux operating system is related to incorrect calculation of the index. Exploiting this vulnerability may allow an attacker to compromise t...
The vulnerability of the nfnetlink_rcv_batch() function in the netfilter component of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the nfnetlinkrcvbatch function in the net/netfilter/nfnetlink.c module of the Linux kernel’s netfilter component is related to the absence of buffer initialization. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
The vulnerability of the Pandoc format conversion library written in Haskell allows attackers to create or rewrite any files in the system.
The vulnerability of the Pandoc format conversion library written in Haskell is related to insufficient validation of input data. Exploiting this vulnerability allows attackers to create or overwrite arbitrary files in the system by using the --extract-media parameter or by exporting files in PDF...
The vulnerability of Nomad application orchestrators, related to incorrect resolution of link references before the file name, allows attackers to execute arbitrary code.
The vulnerability of Nomad application orchestrators is related to incorrect resolution of the link before the file is downloaded. Exploiting this vulnerability allows an attacker to execute arbitrary code...
The vulnerability of the net/mlx5e component in the Linux operating system, which allows a hacker to cause a service failure.
The vulnerability of the net/mlx5e component in the Linux operating system is related to the swapping of the zero pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the PT MultiScanner malware protection system and the PT Sandbox network sandboxing mechanism is related to the disclosure of information through registration files, which allows attackers to enhance their privileges.
The vulnerability of the PT MultiScanner malware protection system and the PT Sandbox network sandboxing solution is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to elevate their privileges to the role of a “Securit...
The vulnerability of the ltq_etop_free_channel() function in the Linux kernel Ethernet driver allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the ltqetopfreechannel function in the drivers/net/ethernet/lantiqetop.c file of the Linux kernel’s Ethernet driver is related to the repeated release of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...
The vulnerability of the dfe_qexp_list component in the Virtuoso-opensource web application development platform allows a attacker to trigger a service failure.
The vulnerability of the dfeqexplist component in the Virtuoso-opensource web application development platform is related to improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to trigger a service failure using specially created SQL...
The vulnerability of software platforms for developing and managing online stores like Magento Open Source, Adobe Commerce, and Adobe Commerce B2B, arises from lack of access control mechanisms. This allows attackers to bypass security restrictions.
The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to lack of access control mechanisms. Exploiting these vulnerabilities can allow attackers to bypass security restrictions remote...
The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain full control over the application.
The vulnerability of the Core component of the Oracle VM VirtualBox software lies in authentication errors that occur when operations are performed outside the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain full control over the application...