Lucene search
K
Bdu FstecMost viewed

90604 matches found

BDU FSTEC
BDU FSTEC
added 2020/12/01 12:0 a.m.12 views

The vulnerability of the SSL/TLS module of Cisco Adaptive Security Appliance’s network firewall allows a attacker to cause a service failure.

The vulnerability of the SSL/TLS module of the Cisco Adaptive Security Appliance software lies in errors during initialization of pointers. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

8.6CVSS5.5AI score0.00883EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/10/29 12:0 a.m.12 views

The vulnerability of the Windows Codecs Library component in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Windows Codecs Library component in Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.9AI score0.03593EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/10/29 12:0 a.m.12 views

The vulnerability of the Microsoft .NET Framework software, related to errors in memory object handling, allows an attacker to gain unauthorized access to protected information.

The vulnerability of the Microsoft .NET Framework software platform is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

4.7CVSS5.5AI score0.03045EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/10/22 12:0 a.m.12 views

The vulnerability of the Windows Backup Service allows attackers to exploit their privileges.

The vulnerability of the Windows Backup Service in Microsoft Windows operating systems is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS7.2AI score0.00885EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/10/22 12:0 a.m.12 views

The vulnerability of the Windows Backup Service allows attackers to exploit their privileges.

The vulnerability of the Windows Backup Service in Microsoft Windows operating systems is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS7.2AI score0.00912EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/08/12 12:0 a.m.12 views

The vulnerability of the Blink rendering module in Google Chrome browsers allows a hacker to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of Google Chrome’s Blink rendering module relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and even cause service failures through a specially created HTML page...

7.3CVSS7.4AI score0.01706EPSS
Exploits1References13Affected Software5
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.12 views

Vulnerability of the Microsoft Graphics component in the Windows operating system, allowing a hacker to execute arbitrary code

The vulnerability of the Microsoft Graphics component in the Windows operating system relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted file...

7.5CVSS8.2AI score0.14041EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.12 views

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015/Reader 2015 involve reading beyond the buffer in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 are related to reading data beyond the buffer in memory. Exploiting these vulnerabilities can...

7.1CVSS7.7AI score0.03181EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.12 views

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, and Adobe Acrobat Reader 2017 are related to writing data beyond the buffer in memory, allowing attackers to execute arbitrary code in the context of the current user.

The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 is related to data writing beyond the buffer boundaries in memory. Exploiting this vulnerability...

10CVSS8.4AI score0.04564EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.12 views

The vulnerability of the memcpy function in the glibc library, which allows a hacker to execute arbitrary code in the context of a privileged process

The vulnerability of the memcpy function in the glibc library arises from an operation that occurs outside the buffer boundaries. Exploiting this vulnerability allows a remote attacker to execute arbitrary code within the privileged process context...

8.1CVSS8.2AI score0.05223EPSS
Exploits0References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.12 views

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Core component of the Oracle VM VirtualBox software relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

7.5CVSS7AI score0.00448EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.12 views

The vulnerability of the Segment component in the Oracle Retail Customer Management and Segmentation software application allows a hacker to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Segment component in Oracle Retail Customer Management and Segmentation Foundation software relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker operating remotely to modify, add, or delete data, or gain unauthorized access...

5.5CVSS6.6AI score0.00799EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.12 views

The vulnerability of the Mobile Expenses Admin Utilities component of the Oracle Internet Expenses financial management application allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the Mobile Expenses Admin Utilities component of the Oracle Internet Expenses application relates to insufficient validation of entered data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...

7.7CVSS7.4AI score0.01324EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/09 12:0 a.m.12 views

The vulnerability of the gf_text_get_utf8_line function in the multimedia platform GPAC, related to writing beyond buffer boundaries, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the gftextgetutf8line function on the multimedia platform GPAC is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS7.5AI score0.01411EPSS
Exploits1References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2020/07/03 12:0 a.m.12 views

The vulnerability of Adobe Audition for Windows and macOS, related to recording beyond buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of Adobe Audition for Windows and macOS lies in the recording of data beyond the buffer limits in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user...

7.8CVSS7.8AI score0.0309EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/05/21 12:0 a.m.12 views

The vulnerability of the Windows Update Stack component allows attackers to enhance their privileges.

The vulnerability of the Windows Update Stack component in Windows operating systems is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...

7.8CVSS7.2AI score0.00856EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/05/21 12:0 a.m.12 views

The vulnerability of the Microsoft Windows Graphics component in Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Microsoft Windows Graphics subsystem in Windows operating systems is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created application...

5.5CVSS6.2AI score0.01277EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/05/21 12:0 a.m.12 views

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, Adobe Acrobat 2015, and Adobe Acrobat Reader 2015 are related to memory usage after it is freed. This allows attackers to execute arbitrary code.

The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 is related to the use of memory after it is freed. Exploiting this vulnerability can allow an...

9.3CVSS7.8AI score0.03637EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2020/04/23 12:0 a.m.12 views

The vulnerability of the Blink web browser component in Google Chrome, which allows a hacker to compromise data integrity

The vulnerability of the Blink web browser component in Google Chrome is related to the lack of a mechanism for checking input data. Exploiting this vulnerability allows an attacker to affect data integrity through a specially created HTML page...

7.1CVSS7AI score0.00718EPSS
Exploits0References10Affected Software5
BDU FSTEC
BDU FSTEC
added 2020/04/23 12:0 a.m.12 views

Vulnerabilities of Microsoft Visio graphic editors, Microsoft Excel electronic spreadsheet editors, Microsoft PowerPoint presentation creation software, Microsoft Word text editors, the Microsoft Office and Office 365 software suite, Microsoft Outlook email client, Microsoft Publisher publishing software, Microsoft Project project management software, Microsoft Access database management systems. These vulnerabilities are related to insufficient input validation, allowing attackers to execute arbitrary code.

The vulnerabilities of Microsoft Visio, a graphic editor; Microsoft Excel, an electronic spreadsheet editor; Microsoft PowerPoint, a presentation software; Microsoft Word, a text editor; the Microsoft Office and Office 365 software suite; Microsoft Outlook, a mail client; Microsoft Publisher,...

9.3CVSS7.9AI score0.0861EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2020/04/23 12:0 a.m.12 views

The vulnerability of Google Chrome’s browser, related to incorrect security policy settings, allows a malicious actor to access confidential data.

The vulnerability of Google Chrome is related to incorrect configuration of security policies. Exploiting this vulnerability can allow a remote attacker to gain access to confidential data through a specially created HTML page...

5.3CVSS6.7AI score0.0118EPSS
Exploits0References10Affected Software4
BDU FSTEC
BDU FSTEC
added 2020/02/17 12:0 a.m.12 views

The vulnerability of the SCTP control protocol implementation in the StarOS operating system allows a attacker to induce a service failure.

The vulnerability of the SCTP control protocol implementation in the StarOS operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

7.1CVSS6.5AI score0.01389EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/02/11 12:0 a.m.12 views

The vulnerability of the libzypp library in software developed for the SUSE CaaS Platform and SUSE Linux Enterprise Server allows a perpetrator to gain unauthorized access to information.

The vulnerability of the libzypp library in SUSE CaaS Platform and SUSE Linux Enterprise Server software is related to errors in the use of standard permissions. Exploiting this vulnerability can allow an attacker to gain unauthorized access to information...

4CVSS6.3AI score0.00301EPSS
Exploits0References4Affected Software5
BDU FSTEC
BDU FSTEC
added 2020/01/13 12:0 a.m.12 views

The vulnerability of the cfg80211_mgd_wext_giwessid function (net/wireless/wext-sme.c) in the Linux kernel allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the cfg80211mgdwextgiwessid function in the Linux kernel’s net/wireless/wext-sme.c file is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause service...

10CVSS7.5AI score0.06652EPSS
Exploits0References47Affected Software5
BDU FSTEC
BDU FSTEC
added 2019/12/13 12:0 a.m.12 views

The vulnerability of the i40e controller drivers for Intel Ethernet Series 700 models allows a hacker to cause a service failure.

The vulnerability of the i40e controller drivers for Intel Ethernet Series 700 models is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a perpetrator to cause service failures...

5.5CVSS6.1AI score0.00294EPSS
Exploits0References13Affected Software8
BDU FSTEC
BDU FSTEC
added 2019/12/13 12:0 a.m.12 views

The vulnerability of the RouterOS operating system’s automatic update function in MikroTik routers allows a intruder to gain unauthorized access to protected information.

The vulnerability of the RouterOS operating system’s automatic update function for MikroTik routers involves loading code without checking its integrity. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to protected information by resetting t...

8.5CVSS7.5AI score0.01059EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2019/12/13 12:0 a.m.12 views

The vulnerability of Intel Active Management Technology’s microprogramming software, related to insufficient validation of input data, allows attackers to execute cross-site scripting (XSS) attacks.

The vulnerability of Intel Active Management Technology’s microprogramming software is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute cross-site scripting XSS attacks...

9CVSS7.7AI score0.01272EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/12/03 12:0 a.m.12 views

The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) management platform allows a perpetrator to perform cross-site scripting attacks or gain unauthorized access to protected information.

The vulnerability of the Cisco Identity Services Engine ISE web interface relates to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks or gain unauthorized access to protected information by...

4.9CVSS5.4AI score0.00622EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2019/11/19 12:0 a.m.12 views

The vulnerability in the web interface of the Cisco Prime Infrastructure monitoring and management system allows a perpetrator to execute arbitrary code or gain access to confidential information.

The vulnerability in the web interface for managing Cisco Prime Infrastructure network equipment is related to insufficient verification of the data entered by users in several sections of the web interface. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or gain...

6.1CVSS6.8AI score0.01057EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/11/14 12:0 a.m.12 views

The vulnerability in the implementation of the interaction protocol between the “ARM Reliezer” software and the “Communication Server” software of the EKRASMS-SP software suite allows a violator to modify the list of servers.

The vulnerability of the interaction protocol between the “ARM Rielshchika” software and the “Server Connect” software of the EKRASMS-SP suite lies in the absence of authentication in the mechanism for extending the list of servers. Exploiting this vulnerability allows a malicious actor to modify...

4.3CVSS5.5AI score
Exploits0Affected Software3
BDU FSTEC
BDU FSTEC
added 2019/10/24 12:0 a.m.12 views

The vulnerability of Moxa EDS-810 microcontroller software, related to access control deficiencies, allows a intruder to disclose protected information.

The vulnerability of Moxa EDS-810 microcontroller-based software is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose protected information using specially crafted queries...

5.3CVSS5.5AI score0.06344EPSS
Exploits5References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/08/16 12:0 a.m.12 views

The vulnerability in the Google Chrome web browser, related to incorrect filtering of ports by CORS, allows a hacker to bypass existing security restrictions.

The vulnerability in the Google Chrome web browser is related to improper filtering of ports by CORS. Exploiting this vulnerability allows a remote attacker to circumvent existing security restrictions through a specially crafted web page...

4.3CVSS7.8AI score0.00464EPSS
Exploits0References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2019/08/08 12:0 a.m.12 views

The vulnerability of the WritePNMImage function in the console-based image editing tool ImageMagick allows a hacker to cause a service failure or execute arbitrary code.

The vulnerability of the WritePNMImage function in the console-based image editing tool ImageMagick is related to the execution of operations beyond the buffer’s boundaries. Exploiting this vulnerability could allow a remote attacker to cause service interruptions or execute arbitrary code using ...

6.8CVSS8.4AI score0.02082EPSS
Exploits1References12Affected Software3
BDU FSTEC
BDU FSTEC
added 2019/07/11 12:0 a.m.12 views

The vulnerability of the QPID broker software used in the centralized lifecycle management software for Red Hat Satellite products allows a malicious actor to gain access to the QMF methods and execute arbitrary commands in a privileged mode.

The vulnerability of the QPID broker software used in the Red Hat Satellite product lifecycle management system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to gain access to the QMF methods and execute arbitrary commands in privileged mode...

8CVSS5.8AI score0.00692EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/03/13 12:0 a.m.12 views

The vulnerability of the WebKit rendering module arises from an operation that goes beyond the buffer boundaries in memory, allowing a malicious actor to execute arbitrary code.

The vulnerability of the WebKit rendering module arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted web page...

9.3CVSS8.3AI score0.0179EPSS
Exploits0References8Affected Software8
BDU FSTEC
BDU FSTEC
added 2019/01/23 12:0 a.m.12 views

The vulnerability of the Oracle One-to-One Fulfillment component (OCM Query) within the Oracle E-Business Suite automation system, which allows a perpetrator to modify protected information.

The vulnerability of the Oracle One-to-One Fulfillment OCM Query component of the Oracle E-Business Suite automation system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to modify protected information using the HTTP protocol...

9.4CVSS7.8AI score0.02114EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/10 12:0 a.m.12 views

The vulnerability of the interface page of the D-Link DVA-5592 router’s microprogramming software allows a hacker to gain access to the router’s control panel with administrator privileges.

The vulnerability of the login page /ui/cbpc/login of the D-Link DVA-5592 router’s microprogramming software is related to the use of a pre-set PIN code 0000. Exploiting this vulnerability allows an attacker to bypass authentication procedures and gain access to the router’s control panel with...

5.5CVSS7.8AI score0.01866EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2018/12/07 12:0 a.m.12 views

The vulnerability of the JavaScript script handler ChakraCore in Microsoft Edge browsers allows a hacker to execute arbitrary code.

The vulnerability of the JavaScript script handler ChakraCore in Microsoft Edge browsers is caused by an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created web page...

4.2CVSS8.4AI score0.14227EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/12/07 12:0 a.m.12 views

The vulnerability of Microsoft Word’s text editor lies in memory object processing errors, which allow attackers to execute arbitrary code.

The vulnerability of Microsoft Word relates to errors in memory object handling. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code with user privileges using a specially crafted file...

9CVSS8AI score0.19059EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2018/12/07 12:0 a.m.12 views

The vulnerability in the web interface of the microprogramming software for Cisco Wireless LAN Controllers of the 5500 series allows a hacker to inject arbitrary code into the uploaded web page.

The vulnerability of the web interface of microprogramming software for Cisco Wireless LAN Controllers of the 5500 series is related to insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary code into the web page via a...

4.8CVSS5.7AI score0.01015EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2018/11/20 12:0 a.m.12 views

The vulnerability of Junos Operating System’s Routing Protocol Daemon (RPD) allows a hacker to execute arbitrary code.

The vulnerability of the Junos operating system’s Routing Protocol Daemon RPD arises from errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending numerous specially crafted Draft-Rosen MPLS packets...

8.8CVSS6AI score0.01148EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/11/15 12:0 a.m.12 views

The vulnerability in the implementation of the Precision Time Protocol (PTP) in the network operating system of Cisco NX-OS on Cisco Nexus switches of the 5500, 5600, and 6000 series allows a attacker to cause a service failure.

The vulnerability of the Precision Time Protocol PTP implementation in the network operating system of Cisco NX-OS on Cisco Nexus series 5500, 5600, and 6000 switches is caused by errors in processing input data. Exploiting this vulnerability can allow a malicious actor to cause service...

8.6CVSS5.5AI score0.04483EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/10/26 12:0 a.m.12 views

The vulnerability of Adobe Acrobat and Adobe Reader PDF viewer/editor programs, related to memory usage after memory release, allows attackers to execute arbitrary code.

The vulnerability of Adobe Acrobat and Adobe Reader PDF viewer/editor programs relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created PDF file...

10CVSS7.6AI score0.04833EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2018/08/14 12:0 a.m.12 views

The vulnerability of the Flash Player software platform, related to the use of memory after it is freed, allows a hacker to execute arbitrary code.

The vulnerability of the Flash Player software is related to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted document or a web page containing malicious Flash content...

10CVSS7.9AI score0.89618EPSS
Exploits19References14Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/08/10 12:0 a.m.12 views

The vulnerability of the Outside In Filters component of the software development kit (SDK) provided by Outside In Technology allows a perpetrator to gain unauthorized access to protected data or cause service failures.

The vulnerability of the Outside In Filters component within the software development kit SDK of Outside In Technology is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected data or cause service failures...

8.5CVSS7.8AI score0.01769EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/08/10 12:0 a.m.12 views

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain full control over the application.

The vulnerability of the Core component of the Oracle VM VirtualBox software is related to lack of access control. Exploiting this vulnerability can allow an attacker to gain full control over the application...

8.6CVSS7.6AI score0.00584EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/08/10 12:0 a.m.12 views

The vulnerability of the Preferences component of the Oracle CRM Technical Foundation system, which allows a malicious actor to gain unauthorized access to protected data

The vulnerability of the Preferences component of the Oracle CRM Technical Foundation system relates to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected data using the HTTP protocol...

8.2CVSS7.8AI score0.02024EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/08/10 12:0 a.m.12 views

The vulnerability of the Outside In Filters component of the software development kit (SDK) provided by Outside In Technology allows a perpetrator to gain unauthorized access to protected data or cause service failures.

The vulnerability of the Outside In Filters component within the software development kit SDK of Outside In Technology is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected data or...

8.5CVSS7.8AI score0.35515EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/07/30 12:0 a.m.12 views

The vulnerability of the NAS Device Addition component in the Solaris Cluster software allows a hacker to gain full control over the application.

The vulnerability of the NAS Device Addition component in the Solaris Cluster software lies in its lack of access control mechanisms. Exploiting this vulnerability could allow an attacker, operating remotely, to gain full control over the application using the RPC network protocol...

9.8CVSS7.8AI score0.03222EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/07/27 12:0 a.m.12 views

The vulnerability of the Nikto web application security scanner lies in the lack of mechanisms to neutralize special elements in the input commands of the operating system. This allows attackers to execute arbitrary commands on the operating system.

The vulnerability of the Nikto web scanner is related to the lack of neutralization of special elements in the input data of the operating system during the generation of CSV files containing the results of scanning. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS6AI score0.24727EPSS
Exploits5References4Affected Software1
Total number of security vulnerabilities5000