Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2023/06/23 12:0 a.m.11 views

The vulnerability in the set of Sysinternals system utilities for Windows operating systems allows a hacker to trigger a service failure.

The vulnerability in the Sysinternals system utilities for Windows operating systems is related to the improper release of resources. Exploiting this vulnerability can allow an attacker to cause service failures...

5.5CVSS6.6AI score0.00771EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/22 12:0 a.m.11 views

The vulnerability of the Snowflake NodeJS driver for working with cloud-based data processing platforms and Snowflake’s data processing capabilities on the NodeJS platform allows attackers to execute arbitrary code.

The vulnerability of the Snowflake NodeJS driver for working with cloud-based data processing platforms and Snowflake data on the NodeJS platform is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.5CVSS8AI score0.01897EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/19 12:0 a.m.11 views

The vulnerability of the Windows GDI component in Microsoft Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the Windows GDI component in Microsoft Windows systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.4AI score0.00549EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.11 views

The vulnerability of the /userfs/bin/tcapi file of the Diagnostics microprogramming system for the D-Link DSL-3782 router, related to the issue of writing operations outside the buffer in memory, allows a hacker to execute arbitrary code.

The vulnerability of the /userfs/bin/tcapi file of the Diagnostics microprogramming system for the D-Link DSL-3782 router lies in the fact that the output of the operation goes beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS8.3AI score0.02727EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.11 views

Vulnerability of the Server component: Security: Privileges of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Server component, specifically the Security: Privileges section of the Oracle MySQL Server database management system, is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using the MySQL...

6.8CVSS6.3AI score0.02EPSS
Exploits0References5Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.11 views

The vulnerability of the /userfs/bin/tcapi file of the Diagnostics microprogramming system for the D-Link DSL-3782 router allows a hacker to execute arbitrary code.

The vulnerability of the /userfs/bin/tcapi file of the Diagnostics microprogramming system for the D-Link DSL-3782 router lies in the fact that the output of the operation goes beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS8.3AI score0.02653EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.11 views

Vulnerability of the Server component: The Oracle MySQL Server database management system’s DDL functions allow attackers to gain unauthorized access to protected information.

Vulnerability of the Server component: The DDL system for managing databases, Oracle MySQL Server, has vulnerabilities related to insufficient protection of operational data. Exploiting these vulnerabilities can allow unauthorized attackers to gain unauthorized access to protected information usi...

4CVSS6.3AI score0.01354EPSS
Exploits0References5Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.11 views

The vulnerability of the GetDeviceSettings function in the application software interface of D-Link DIR-2150 router software allows a hacker to execute arbitrary code.

The vulnerability of the GetDeviceSettings function in the application software interface of D-Link DIR-2150 router microprogramming devices is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using specially...

7.7CVSS7.2AI score0.01429EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.11 views

The vulnerability of the microprogramming software for Rockwell Automation’s ArmorStart ST distributed controllers allows attackers to execute cross-site scripting (XSS) attacks.

The vulnerability of the microprogramming software for Rockwell Automation’s ArmorStart ST distributed controllers is related to deficiencies in the validation of user-input data. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting XSS attacks remotely...

5.9CVSS5.9AI score0.0062EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.11 views

The vulnerability of the SetSysEmailSettings function in the application software interface of D-Link DIR-2150 router software allows a hacker to execute arbitrary code.

The vulnerability of the SetSysEmailSettings function in the application software interface of D-Link DIR-2150 router microprogramming devices is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially...

7.7CVSS7.1AI score0.0176EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.11 views

The vulnerability of HMI/SCADA CONPROSYS HMI, which stems from insufficient verification of incoming requests, allows a hacker to perform an SSRF attack.

The vulnerability of HMI/SCADA CONPROSYS HMI is related to insufficient checking of incoming requests. Exploiting this vulnerability can allow a malicious actor to perform an SSRF attack remotely...

4.3CVSS6.3AI score0.00641EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.11 views

The vulnerability of the ABB eSOMS software for managing production processes allows a hacker to execute arbitrary code.

The vulnerability of the ABB eSOMS software for managing production processes is related to the absence of the X-Content-Type-Options Header in the HTTP response. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

6.1CVSS6.7AI score0.01047EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.11 views

The vulnerability of the LoginPassword function in the application software interface of D-Link DIR-2150 router software allows a hacker to bypass existing security restrictions.

The vulnerability of the LoginPassword function in the application software interface of D-Link DIR-2150 router software relates to the bypassing of authentication processes. Exploiting this vulnerability allows an attacker to circumvent existing security restrictions by using a specially created...

8.8CVSS7.6AI score0.01108EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.11 views

The vulnerabilities of D-Link DIR-550A and DIR-604M router microprogramming software allow attackers to enhance their privileges.

The vulnerability of D-Link DIR-550A and DIR-604M router microprogramming software is related to insecure resource initialization. Exploiting this vulnerability can allow a malicious actor to gain increased privileges...

9CVSS7.8AI score0.01776EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.11 views

The vulnerability of the D-Link DIR-615 T1 network device’s microprogramming software arises from the lack of protective measures for the website structure. This allows attackers to carry out XSS attacks.

The vulnerability of the D-Link DIR-615 T1 network device’s microprogramming software exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

4.9CVSS5.5AI score0.03503EPSS
Exploits5References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/06 12:0 a.m.11 views

The vulnerability of Juniper Networks’ Junos OS Evolved operating system, related to deficiencies in authentication procedures, allows attackers to execute arbitrary commands.

The vulnerability of Juniper Networks’ Junos OS Evolved operating system is related to deficiencies in the authentication process. Exploiting this vulnerability allows an attacker to execute arbitrary commands using the sysmanctl command...

7.1CVSS7.4AI score0.00146EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/06 12:0 a.m.11 views

The vulnerability of the drivers zam64.sys and zam32.sys in the MalwareFox AntiMalware antivirus software allows a hacker to gain increased privileges.

The vulnerability of the zam64.sys and zam32.sys drivers in the MalwareFox AntiMalware software is related to deficiencies in access control. Exploiting this vulnerability can allow a hacker to enhance their privileges...

7.8CVSS7.2AI score0.03239EPSS
Exploits2References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/05 12:0 a.m.11 views

The vulnerability of Emerson Rosemount X-STREAM Enhanced flow analyzers’ microprogramming software lies in the possibility of sending a cookie session file, allowing an intruder to gain unauthorized access to protected information.

The vulnerability of Emerson Rosemount X-STREAM Enhanced flow analyzers’ microprogramming software relates to the ability to send a cookie session file. Exploiting this vulnerability could allow an unauthorized actor to gain unauthorized access to protected information...

5.3CVSS5.9AI score0.009EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/06/05 12:0 a.m.11 views

Vulnerability of the Server component: Security: Roles of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Server component: Security: Roles of the Oracle MySQL Server database management system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using the MySQL protocol...

5.4CVSS6.4AI score0.01726EPSS
Exploits0References5Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/06/05 12:0 a.m.11 views

The vulnerability of the HNAP1 protocol implementation in D-Link DIR-846 router microprogramming software allows a attacker to execute arbitrary commands.

The vulnerability of the HNAP1 protocol implementation in D-Link DIR-846 router microprogramming software is related to the failure to take measures to neutralize special elements used in the operating system’s command processing for handling the tomographypingaddress parameter. Exploiting this...

9CVSS8.2AI score0.32561EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/05 12:0 a.m.11 views

The vulnerability of the Schema Handler component in the PostgreSQL database management system allows attackers to circumvent security restrictions.

The vulnerability of the Schema Handler component in the PostgreSQL database management system is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to bypass security restrictions remotely...

4.2CVSS6.4AI score0.00694EPSS
Exploits0References19Affected Software13
BDU FSTEC
BDU FSTEC
added 2023/06/05 12:0 a.m.11 views

Vulnerability of the Server component: Security: Roles of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Server component: Security: Roles of the Oracle MySQL Server database management system is related to insufficient validation of input data. Exploiting this vulnerability may allow an attacker to cause service interruptions using the MySQL protocol...

6.3CVSS6.4AI score0.01791EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/05/30 12:0 a.m.11 views

The vulnerability of the built-in software of the ARIS controller, related to the disclosure of confidential information, allows a perpetrator to gain access to critical data.

The vulnerability of the built-in software of the ARIS controller relates to the exposure of confidential information. Exploiting this vulnerability could allow a remote attacker to gain access to critical information...

6.5CVSS5.6AI score
Exploits0Affected Software10
BDU FSTEC
BDU FSTEC
added 2023/05/29 12:0 a.m.11 views

The vulnerability of the Red Hat Enterprise Linux operating system, related to access control deficiencies, allows a intruder to gain unauthorized access to limited functions.

The vulnerability of the Red Hat Enterprise Linux operating system is related to lack of access control. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to limited functions...

9.4CVSS6.8AI score0.00974EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/05/25 12:0 a.m.11 views

The vulnerability of the xt_replace_table() function in the net/netfilter/x_tables.c module of the Linux kernel’s netfilter firewall allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the xtreplacetable function in the net/netfilter/xtables.c module of the Linux kernel’s netfilter firewall is related to the use of previously freed memory due to competitive access to resources. This occurs due to insufficient synchronization between processes. Exploiting th...

9.3CVSS6.6AI score0.00444EPSS
Exploits1References12Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/05/24 12:0 a.m.11 views

The vulnerability in the web interface for managing microprogrammed software in Cisco Small Business Series switches allows a perpetrator to execute arbitrary code.

The vulnerability in the web interface for managing microprogrammed software in Cisco Small Business Series switches is related to buffer overflow in the stack. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted request...

10CVSS8.8AI score0.11101EPSS
Exploits0References3Affected Software6
BDU FSTEC
BDU FSTEC
added 2023/05/17 12:0 a.m.11 views

The vulnerability of the adreno_set_param() function in the drivers/gpu/drm/msm/adreno/adreno_gpu.c file of the MSM DRM kernel in the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the adrenosetparam function in the drivers/gpu/drm/msm/adreno/adrenogpu.c file of the MSM DRM kernel in the Linux operating system is related to the use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

7.8CVSS6.8AI score0.00112EPSS
Exploits0References16Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/05/15 12:0 a.m.11 views

The vulnerability of the Linux operating system’s kernel InfiniBand driver allows a hacker to trigger a service failure or increase their privileges.

The vulnerability in the Linux operating system’s kernel InfiniBand driver is related to the improper preparation of parameters for the rdmabindaddr function. This leads to reading beyond the allocated memory boundary in the comparenetdevandip function within the drivers/infiniband/core/cma.c...

7.8CVSS6.6AI score0.0024EPSS
Exploits0References18Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/05/15 12:0 a.m.11 views

The vulnerability of the microprogrammed software of NETGEAR’s RAX30, RAX35, RAX38, RAX40, and RAXE300 routers allows a hacker to execute arbitrary code.

The vulnerability of the microprogrammed software of NETGEAR’s RAX30, RAX35, RAX38, RAX40, and RAXE300 routers lies in the lack of protection for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary code using specially crafted SOAP requests...

8.4CVSS8.2AI score0.00877EPSS
Exploits0References5Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/05/12 12:0 a.m.11 views

The vulnerability of the Interoperability SEC component of the JD Edwards EnterpriseOne Tools system for resource management allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Interoperability SEC component of the JD Edwards EnterpriseOne Tools system for resource management involves insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected...

4.3CVSS6.4AI score0.00479EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/05/10 12:0 a.m.11 views

The vulnerability of the start() function in the implementation of the WindowsContainerStartRequest class on the Docker Desktop for Windows development and delivery platform allows a attacker to gain access to read, modify, and delete data, thereby increasing their privileges.

The vulnerability of the start function in the implementation of the WindowsContainerStartRequest class for the Docker Desktop for Windows development and delivery platform is related to a race condition that allows tracking of links in the data-root directory for the DaemonJSON parameter...

8.3CVSS6.5AI score0.0029EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/05/04 12:0 a.m.11 views

The vulnerability of the centralized identification and access control solution FortiAuthenticator lies in its failure to address HTML tags, allowing attackers to carry out cross-site scripting attacks.

The vulnerability of the centralized authentication and access management solution FortiAuthenticator is related to the failure to implement measures to neutralize HTML tags. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks using a password reset...

5CVSS6AI score0.00494EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/05/04 12:0 a.m.11 views

The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business models RV016, RV042, RV042G, RV082, RV320, and RV325 allows a hacker to execute arbitrary commands.

The vulnerability of the web interface for managing microprogrammed software routers from Cisco, such as Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325, is related to insufficient validation of input data during the processing of HTTP packets. Exploiting this vulnerability...

8.5CVSS7.7AI score0.53827EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/04/13 12:0 a.m.11 views

The vulnerability of the Substance 3D Stager software lies in its reliance on memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of the Substance 3D Stager software-related 3D design software is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created file...

7.8CVSS7.7AI score0.00302EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/04/13 12:0 a.m.11 views

The vulnerability of the CAPWAP control protocol implementation in the Cisco IOS XE operating system allows a attacker to trigger a service failure.

The vulnerability of the CAPWAP control protocol implementation in the Cisco IOS XE operating system is related to the use of resources with similar identifiers. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

6.8CVSS6.7AI score0.00775EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/04/12 12:0 a.m.11 views

The vulnerability of the Screen Creator Advance 2 software lies in the execution of operations beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Screen Creator Advance 2 software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created malicious file...

7.5CVSS8AI score0.00219EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/04/12 12:0 a.m.11 views

The vulnerability of Hitachi Vantara Pentaho Business Analytics Server’s server lies in its report-generation mechanism’s deficiencies, which allows attackers to gain unauthorized access to protected information.

The vulnerability of Hitachi Vantara Pentaho Business Analytics Server relates to deficiencies in the mechanism for generating error reports. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

5CVSS5.5AI score0.00435EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/03/20 12:0 a.m.11 views

The vulnerability of the SCADA system ProMIS InSCADA, related to improper protection of error messages sent out, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the SCADA system ProMIS InSCADA is related to improper protection of error messages sent out. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

10CVSS7.8AI score0.0064EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/03/15 12:0 a.m.11 views

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to type conversion errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created HTML page...

10CVSS8.2AI score0.00668EPSS
Exploits0References11Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/03/15 12:0 a.m.11 views

The vulnerability in the implementation of the TLS protocol in the Linux operating system allows a attacker to cause a service failure.

The vulnerability in the implementation of the TLS protocol in Linux operating systems is related to the lack of checks on a certain data structure field, which can lead to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

3.3CVSS6.5AI score0.00217EPSS
Exploits0References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/03/01 12:0 a.m.11 views

The vulnerability of the goform/formWPS component of D-Link’s N300 WI-Fi DIR-605 router software allows a hacker to execute arbitrary code.

The vulnerability of the goform/formWPS component of D-Link’s N300 WI-Fi DIR-605L router software arises due to an overflow in the buffer on the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.4AI score0.01224EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2023/03/01 12:0 a.m.11 views

The vulnerability of NVIDIA GeForce Experience’s software, related to an uncontrolled search path, allows a hacker to execute arbitrary code.

The vulnerability of NVIDIA GeForce Experience software relates to an uncontrolled element in the search process. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS7.6AI score0.00209EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/03/01 12:0 a.m.11 views

The vulnerability of FortiWeb web applications’ network firewalls arises from incorrect restrictions on the path to the restricted access catalog, allowing attackers to gain unauthorized access to protected information.

The vulnerability of FortiWeb web applications’ network firewalls is related to incorrect restrictions on the path name to the restricted access catalog. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information through a special...

6.8CVSS6.5AI score0.00802EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/28 12:0 a.m.11 views

The vulnerability of the Micrium real-time operating system’s HTTP server allows attackers to execute arbitrary code.

The vulnerability of a real-time Micrium operating system’s HTTP server relates to buffer overflow attacks. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary code by sending a specially crafted HTTP request...

10CVSS8.6AI score0.01862EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/27 12:0 a.m.11 views

The vulnerability of the WDAC OLE DB driver for SQL Server on Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the WDAC OLE DB driver for SQL Server on Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted malicious packages remotely...

9CVSS8.3AI score0.01206EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/02/27 12:0 a.m.11 views

The vulnerability of the Protected Extensible Authentication Protocol (PEAP) implementation in Windows operating systems allows a perpetrator to induce a service failure.

The vulnerability of the Protected Extensible Authentication Protocol PEAP implementation in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...

7.8CVSS7.3AI score0.01654EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/02/27 12:0 a.m.11 views

The vulnerability of the System Management Unit (SMU) component of AMD processors allows a hacker to trigger a service failure.

The vulnerability of the System Management Unit SMU component of AMD processors exists due to insufficient testing of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

5.3CVSS5.8AI score0.00557EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/02/27 12:0 a.m.11 views

The vulnerability of the HTTP.sys driver on Windows operating systems allows a hacker to gain unauthorized access to protected information.

The vulnerability of the HTTP.sys driver in Windows operating systems is related to the disclosure of information in the erroneous data area. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.5CVSS6.6AI score0.00465EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/02/27 12:0 a.m.11 views

The vulnerability of the kernel (NTOSKRNL) of Microsoft Windows operating systems, which allows a perpetrator to increase their privileges

The vulnerability of the kernel NTOSKRNL of Microsoft Windows is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS7.7AI score0.03603EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/02/27 12:0 a.m.11 views

The vulnerability of the PowerScale OneFS operating systems, related to the disclosure of information through registration files, allows a perpetrator to gain full control over the system.

The vulnerability of the PowerScale OneFS operating system lies in the fact that information can be disclosed through registration files when changing the password via the interface. Exploiting this vulnerability could allow an attacker to gain full control over the system...

7.8CVSS7.2AI score0.0018EPSS
Exploits0References3Affected Software1
Total number of security vulnerabilities5000