90604 matches found
The vulnerability in the structure of const nla_policy nl80211_policy{} in the net/wireless/nl80211.c module of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the const nlapolicy nl80211policy structure in the net/wireless/nl80211.c module of the Linux kernel is related to a single-shift error. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the pci_slot_release() function in the drivers/pci/slot.c module of the Linux kernel allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the pcislotrelease function in the drivers/pci/slot.c module of the Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...
The vulnerability of the BIOS microprogramming system in Dell laptops allows a hacker to execute arbitrary code.
The vulnerability of the BIOS microprogramming system in Dell laptops is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the sched_ext component of the pick_task_scx function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the schedext component in the picktaskscx function of the Linux operating system is related to mutual blocking of execution threads. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the PowerScale OneFS operating system, related to deficiencies in authentication procedures, allows a perpetrator to gain access to user accounts.
The vulnerability of the PowerScale OneFS operating system is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to gain access to the user account...
The vulnerability of the virtual server “1C-Bitrix: Virtual Machine” involves deficiencies in access control, allowing attackers to elevate their privileges to the root level.
The vulnerability of the virtual server “1C-Bitrix: Virtual Machine” is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to elevate their privileges to the root level...
The vulnerability of the ndisc_alloc_skb() function in the net/ipv6/ndisc.c module of the Linux operating system’s IPv6 kernel implementation allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the ndiscallocskb function in the net/ipv6/ndisc.c module of the Linux operating system’s IPv6 kernel implementation is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity,...
The vulnerabilities of the functions nfsacld_proc_getacl() and nfsd3_proc_getacl() in the fs/nfsd/nfs2acl.c module compromise the support for the Network File System (NFS) in Linux kernels. These vulnerabilities allow attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the functions nfsacldprocgetacl and nfsd3procgetacl in the fs/nfsd/nfs2acl.c module related to the support for the Network File System in Linux operating systems is associated with the reutilization of previously freed memory. Exploiting this vulnerability could allow an...
The vulnerability of the nci_close_device() function in the net/nfc/nci/core.c module, which is part of the NFC NCI support for Linux operating systems, allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the nciclosedevice function in the net/nfc/nci/core.c module, which supports NFC NCI implementations in Linux operating systems, is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality...
The vulnerability of the l3mdev_l3_out() function in the include/net/l3mdev.h module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the l3mdevl3out function in the include/net/l3mdev.h module of the Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...
The vulnerability of Microsoft 365 Apps for Enterprise and Office, related to the use of memory after it is freed, allows attackers to increase their privileges.
The vulnerability of Microsoft 365 Apps for Enterprise and Office relates to the use of memory after it is released. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the application software interfaces of Session Smart Router and WAN Assurance, Session Smart Conductor, relates to bypassing the authentication process by using an alternative path or channel. This allows a perpetrator to gain full control over the device.
The vulnerability of the Application Programming Interface of routers like Session Smart Router and WAN Assurance, Session Smart Conductor, lies in the ability to bypass authentication procedures by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor,...
The vulnerability of the software interface of the XWiki Platform, a platform for creating collaborative web applications. This vulnerability arises from the failure to implement measures to neutralize instructions in dynamically executed code, allowing attackers to execute arbitrary code.
The vulnerability of the software interface of the XWiki Platform for creating collaborative web applications lies in the failure to implement measures to neutralize instructions within the dynamically executed code. Exploiting this vulnerability allows a malicious actor to execute arbitrary code...
The vulnerability of the MP3 Stream Handler component in the Live555 multimedia streaming library allows a attacker to cause a service failure.
The vulnerability of the MP3 Stream Handler component in the Live555 multimedia streaming library lies in its ability to read data from buffers beyond acceptable limits. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the iommu/vt-d component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the iommu/vt-d component in the Linux operating system’s kernel is related to excessive resource consumption during the loop. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the GLPI system for managing requests, incidents, and inventory of computer equipment, related to incorrect authorization, allows a violator to disclose protected information.
The vulnerability of the GLPI system for requests, incidents, and inventory management is related to improper authorization. Exploiting this vulnerability can allow a malicious actor to disclose protected information...
The vulnerability of the dma-mapping component in the Linux operating system allows a hacker to gain access to confidential data and also cause a service failure.
The vulnerability of the dma-mapping component in the Linux operating system’s kernel is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to access confidential data and also cause service failures...
The vulnerability of Microsoft Office and Microsoft 365 Apps for Enterprise applications relates to the use of memory after it is freed, allowing an attacker to execute arbitrary code.
The vulnerability of Microsoft Office and Microsoft 365 Apps for Enterprise applications is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability in the web interface of the Cisco Prime Infrastructure monitoring and management system, as well as the Cisco Evolved Programmable Network Manager (EPNM) software for managing network services, allows a perpetrator to carry out cross-site scripting attacks.
The vulnerability of the web interface for managing Cisco Prime Infrastructure network equipment and the Cisco Evolved Programmable Network Manager EPNM software lies in the insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to perform...
The vulnerability of the webapi component in the operating systems Synology BeeStation Manager (BSM), Synology DiskStation Manager (DSM), and Synology BeeStation OS allows a malicious individual to gain unauthorized access to protected information.
The vulnerability of the webapi component in Synology BeeStation Manager BSM, Synology DiskStation Manager DSM, and Synology BeeStation OS is related to a lack of mechanisms for encoding or shielding output data. Exploiting this vulnerability can allow an attacker operating remotely to gain...
The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.
The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created link...
The vulnerability of the Apache Fineract digital financial services platform, related to the lack of measures to protect the SQL query structure, allows attackers to execute arbitrary SQL code.
The vulnerability of the Apache Fineract digital financial services platform lies in the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary SQL code...
The vulnerability of the bond_ipsec_add_sa() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the bondipsecaddsa function in the Linux operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability described in the structure of wwan_rtnl_link_ops{} within the drivers/net/wwan/wwan_core.c file of the Linux kernel allows a attacker to compromise the confidentiality and accessibility of protected information.
The vulnerability described in the structure of wwanrtnllinkops within the drivers/net/wwan/wwancore.c file of the Linux kernel relates to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility of protected...
The vulnerability of the bpf_link_show_fdinfo() function in the kernel/bpf/syscall.c module of the Linux operating system allows a attacker to compromise the confidentiality and accessibility of the protected information.
The vulnerability of the bpflinkshowfdinfo function in the kernel/bpf/syscall.c module of the Linux operating system is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility of the protected...
Vulnerability of the md_check_recovery() function in the drivers/md/md.c module – The driver for supporting multiple devices (RAID and LVM) in the Linux kernel allows a hacker to trigger a service failure.
Vulnerability of the mdcheckrecovery function in the drivers/md/md.c module – The Linux kernel’s device support driver for multiple devices such as RAID and LVM is vulnerable due to improper disabling or release of resources. Exploiting this vulnerability could allow an attacker to cause system...
Vulnerability of the start_io_acct() function in the drivers/md/dm.c module – The driver for supporting multiple devices (such as RAID and LVM) in the Linux kernel allows a hacker to trigger a service failure.
Vulnerability of the startioacct function in the drivers/md/dm.c module – The driver for supporting multiple devices such as RAID and LVM in the Linux operating system is vulnerable due to the use of a NULL pointer. Exploiting this vulnerability could allow an attacker to cause service failures...
Vulnerability of the corsair_void_remove() function in the drivers/hid/hid-corsair-void.c module – This driver of the user interface subsystem of the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the corsairvoidremove function in the drivers/hid/hid-corsair-void.c module – the driver for the user interface devices in the Linux operating system – relates to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise...
The vulnerability of the formPortalAuth() function in the Tenda W15E router’s microprogramming software allows a hacker to trigger a service failure.
The vulnerability of the formPortalAuth function in the Tenda W15E router’s microprogramming software is related to the issue of the operation going beyond the buffer boundaries in memory when processing the gotoUrl parameter. Exploiting this vulnerability can allow a malicious actor to cause...
The vulnerability of DRM/AMD components in Linux operating systems allows a hacker to trigger a service failure.
The vulnerability of DRM/AMD kernel components in the Linux operating system is related to the assignment of the NULL pointer in the amdgpuatifcall function. Exploiting this vulnerability can allow a hacker to trigger a service failure...
The vulnerability of the __sock_create() function in the net/socket.c module of the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the sockcreate function in the net/socket.c module of the Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected informatio...
The vulnerability of the ip_tunnel_find() function in the net/ipv4/ip_tunnel.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the iptunnelfind function in the net/ipv4/iptunnel.c module of the Linux operating system is related to incorrect resource locking. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Assimp::SplitLargeMeshesProcess_Triangle::UpdateNode() function in the Open Asset Import Library (Assimp) import library allows a malicious actor to trigger a denial-of-service attack.
The vulnerability of the OpenDDLParser::parseStructure function in the Open Asset Import Library Assimp import library is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to cause a service failure...
Vulnerability of components of Linux operating system’s kernel/mlx5, allowing a hacker to cause a service failure
The vulnerability of the net/mlx5 components in the Linux operating system is related to a memory leak. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerabilities of Linux operating system’s x86/hypervisor kernel components, which allow attackers to cause service interruptions.
The vulnerability of the hvmachineshutdown function in Linux kernel-based x86/hyperv components is related to improper initialization. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Kernel Streaming WOW Thunk Service Driver (Drivers\ksthunk.sys) on Windows operating systems allows a hacker to elevate their privileges to a system level.
The vulnerability of the Kernel Streaming WOW Thunk Service Driver Drivers\ksthunk.sys on Windows operating systems is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to elevate their privileges to a system level...
The vulnerability of the mtk_vcodec_fw_scp_init() function in the mediatek/vcodec/common/mtk_vcodec_fw_scp.c file of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the mtkvcodecfwscpinit function in the drivers/media/platform/mediatek/vcodec/common/mtkvcodecfwscp.c file of the Linux kernel is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the a6xx_gpu_init() function in the drivers/gpu/drm/msm/adreno/a6xx_gpu.c kernel of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the a6xxgpuinit function in the drivers/gpu/drm/msm/adreno/a6xxgpu.c module of the Linux kernel is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a system failure...
The vulnerability of the usbtv_video_free() function in the drivers/media/usb/usbtv/usbtv-video.c driver of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the usbtvvideofree function in the drivers/media/usb/usbtv/usbtv-video.c file of the Linux kernel driver module is related to the occurrence of mutual locking. Exploiting this vulnerability could allow an attacker to cause a service failure...
Vulnerability of the devm_spi_alloc_master() function in the drivers/spi/spi.c module – The Linux kernel’s SPI device driver support allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
Vulnerability of the devmspiallocmaster function in the drivers/spi/spi.c module – The Linux kernel’s SPI device driver relies on the reclamation of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...
The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software lies in the lack of measures taken to neutralize specific elements, allowing attackers to influence the integrity, confidentiality, and accessibility of protected information.
The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software exists due to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability can allow a remote attacker to compromise the integrity, confidentiality, and accessibility of the...
Vulnerability of the atomisp_alloc_css_stat_bufs() function in the drivers/staging/media/atomisp/pci/atomisp_ioctl.c module – This driver for Intel Atom-core devices in the Linux operating system allows a hacker to trigger a service failure.
Vulnerability of the atomispalloccssstatbufs function in the drivers/staging/media/atomisp/pci/atomispioctl.c module – The driver for Intel Atom-based devices in the Linux operating system is vulnerable to a vulnerability where memory previously released is re-released. Exploiting this...
The vulnerability of the kprobe_fault_handler() function in the arch/riscv/kernel/probes/kprobes.c file of the module for the Linux operating system’s RISC-V architecture-based kernel, allows a hacker to trigger a service failure.
The vulnerability of the kprobefaulthandler function in the arch/riscv/kernel/probes/kprobes.c file of the module for the Linux operating system’s RISC-V architecture-based kernel involves incorrect input validation. Exploiting this vulnerability could allow an attacker to trigger a service failu...
Vulnerability of the efx_farch_handle_txFlushDone() function in the drivers/net/ethernet/sfc/farch.c module – A driver for supporting Ethernet network adapters in the Linux kernel, which allows a hacker to cause a service failure.
Vulnerability of the efxfarchhandletxFlushDone function in the drivers/net/ethernet/sfc/farch.c module – The Linux kernel’s Ethernet network adapter support driver is vulnerable due to the use of a NULL pointer dereferencing. Exploiting this vulnerability could allow an attacker to cause a system...
The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software lies in the lack of measures to neutralize special elements, allowing attackers to execute arbitrary code.
The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the gitRepo function in the Kubernetes cluster management software allows a attacker to influence the confidentiality and integrity of the protected information.
The vulnerability of the gitRepo function in the Kubernetes cluster management software is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to influence the confidentiality and integrity of the protected information...
The vulnerability of Adobe Substance 3D Modeler software lies in its ability to read data beyond the allowed range of memory. This allows attackers to bypass the ASLR protection mechanism and disclose confidential information.
The vulnerability of the Adobe Substance 3D Modeler software-related to reading data beyond the allowed range of memory. Exploiting this vulnerability could allow an attacker to bypass ASLR protection and disclose confidential information...
The vulnerability of the Internet Printing Protocol (IPP) implementation in multifunctional HP LaserJet MFP devices allows a perpetrator to cause service interruptions.
The vulnerability of the Internet Printing Protocol IPP implementation in microprogrammed multifunctional devices like HP LaserJet MFP is related to improper handling of unexpected types of data. Exploiting this vulnerability allows a malicious actor to cause service interruptions by sending...
The vulnerability of the FortiWeb web applications’ network interface filter component allows attackers to execute arbitrary commands.
The vulnerability of the log removal filter component in FortiWeb web applications is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary commands...
The vulnerability in the WebTransport component of Mozilla Firefox, Firefox ESR, and the Thunderbird email client allows a hacker to induce a service failure.
The vulnerability of the WebTransport component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the possibility of using memory after it is freed. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...