90509 matches found
The vulnerability of the System component of the Android operating system, allowing a hacker to execute arbitrary code
The vulnerability of the System component of the Android operating system is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Vulnerability of web-based interfaces for microprogramming systems: Wi-Fi routers such as Netis NX10, Netis 11AC Router NC65, Netis 11AC Router NC63, Netis 11AC Router NC21, and Netis Wifi Router MW5360 allow attackers to disclose protected information.
The vulnerability of the web-based management interfaces for Netis microprogramming systems, including Netis NX10, Netis 11AC Router NC65, Netis 11AC Router NC63, Netis 11AC Router NC21, and Netis Wifi Router MW5360, is related to insufficient protection for sensitive data. Exploiting this...
The vulnerability of the SSH configuration function on SonicOS operating systems allows a hacker to perform an SSRF attack.
The vulnerability of the SSH configuration function in SonicOS operating systems is related to insufficient validation of requests on the server side. Exploiting this vulnerability allows a malicious actor to perform an SSRF attack remotely...
The vulnerability of AMD Secure Processor’s microprogramming software is related to improper validation of input data, allowing attackers to exploit their privileges.
The vulnerability of AMD Secure Processor ASP microprogramming software relates to improper validation of input data. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability in the web interface of the Cisco Crosswork Network Controller (CNC) allows a attacker to execute XSS attacks.
The vulnerability in the web interface of the Cisco Crosswork Network Controller CNC management interface is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
The vulnerability of the Substance 3D Painter software for creating textures and materials for 3D models arises from buffer overflows in the queue, allowing an attacker to execute arbitrary code.
The vulnerability of the Substance 3D Painter software for creating textures and materials for 3D models arises due to an overflow in the buffer area. Exploiting this vulnerability allows a hacker to execute arbitrary code using a specially created file...
The vulnerability of Adobe InDesign’s computer layout automation tool, related to memory-walking attacks, allows attackers to bypass ASLR protection and disclose the protected information.
The vulnerability of Adobe InDesign’s computer layout automation tool is related to memory-walking attacks. Exploiting this vulnerability can allow an attacker to bypass ASLR protection and disclose the protected information...
The vulnerability of the monitoring, control, automation, and management tool for IBM Cloud Pak for Multicloud Management Monitoring lies in its deserialization mechanism flaws, which allows attackers to execute arbitrary commands.
The vulnerability of the monitoring, control, automation, and management tool for IBM Cloud Pak for Multicloud Management lies in the shortcomings of the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by sending a specially crafted...
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the execution of operations beyond the buffer in memory when processing WRL files. Exploiting this vulnerability could allow an attacker to...
The vulnerability of the jffs2 component in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the jffs2 component in the Linux operating system’s kernel is related to errors in reading beyond the boundary in the dojffs2setxattr function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the fromSetSysTime function in Tenda AC6 software allows a hacker to execute arbitrary code.
The vulnerability of the fromSetSysTime function in Tenda AC6 software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the software development environment for systems that automate technological processes, the Totally Integrated Automation Portal (Portal TIA), and the software used for modeling and simulating the operation of Siemens S7 controllers, arises from insufficient validation of input data. This allows attackers to execute arbitrary code.
The vulnerability of the software development environment for systems that automate technological processes, such as the Totally Integrated Automation Portal Portal TIA and software for simulating and testing the operation of Siemens S7 controllers, is related to insufficient verification of inpu...
The vulnerability in the RMT_invite.cgi script of NETGEAR R7000 Wi-Fi routers allows a hacker to execute arbitrary commands.
The vulnerability in the RMTinvite.cgi script of NETGEAR R7000 Wi-Fi routers lies in the lack of data cleaning at the control level when processing the parameter devicename2. Exploiting this vulnerability allows an attacker to execute arbitrary commands remotely...
The vulnerability of the atob method in the universal monitoring system Zabbix allows attackers to compromise the integrity of the protected information.
The vulnerability of the atob method in the Zabbix universal monitoring system is related to access to a critical private variable through a publicly accessible method. Exploiting this vulnerability allows an attacker to compromise the integrity of the protected information...
The vulnerability of SketchUp Viewer, a 3D design and architectural drafting software, arises from the possibility of an operation exceeding the buffer in memory. This allows attackers to execute arbitrary code.
The vulnerability of SketchUp Viewer, a 3D design and architectural drafting software, lies in the escape from buffer boundaries during the processing of SKP files. Exploiting this vulnerability allows an attacker to execute arbitrary code...
The vulnerability of the n_gsm component in the Linux operating system’s kernel allows a hacker to execute arbitrary code.
The vulnerability of the ngsm component in the Linux operating system’s kernel is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of Adobe Dimension’s 3D design software lies in the possibility of an operation occurring outside the buffer boundaries of memory, allowing a hacker to execute arbitrary code.
The vulnerability of Adobe Dimension’s 3D design software relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability of the driver for the imon component (drivers/media/rc/imon.c) in Linux operating systems allows a hacker to cause a service failure.
The vulnerability of the driver for the imon component drivers/media/rc/imon.c in Linux operating systems is related to an incorrect binding of the interface to the driver due to insufficient validation of input data. Exploiting this vulnerability can allow a perpetrator to cause service failures...
The vulnerability of the qd_check_sync() function in the imon component of Linux operating systems allows a hacker to trigger a service failure.
The vulnerability of the qdchecksync function in the imon component of Linux operating systems is related to an uncontrolled, exploitable condition. Exploiting this vulnerability could allow a attacker to cause a service failure...
The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation, related to buffer overflow in the stack, allows a hacker to execute arbitrary code.
The vulnerability of the software environment for simulation modeling of systems and processes in Siemens Tecnomatix Plant Simulation lies in buffer overflows in the stack. Exploiting this vulnerability can allow attackers to execute arbitrary code using specially created WRL files...
The vulnerability of the software tools for accelerated video processing at the hardware level, the Intel Video Processing Library (VPL), is related to integer overflow. This vulnerability allows an attacker to exploit their privileges.
The vulnerability of the Intel Video Processing Library VPL, a software tool designed for accelerated video processing at the hardware level, is related to a numerical overflow vulnerability. Exploiting this vulnerability can allow an attacker to gain increased privileges...
The vulnerability of Siemens SINEMA Remote Connect arises from the use of incorrect authentication tokens due to unlimited distribution of resources, which can lead to service failures.
The vulnerability of Siemens SINEMA Remote Connect relates to the use of incorrect authentication tokens due to unlimited distribution of resources. Exploiting this vulnerability can allow a perpetrator to cause service failures...
The vulnerability of the file conversion tools between different formats—PS/IGES Parasolid Translator and the simulation modeling application Simcenter Femap—allows a perpetrator to execute arbitrary code.
The vulnerability of the file conversion tools between different formats, such as PS/IGES Parasolid Translator and the simulation application Simcenter Femap, is related to reading data beyond the acceptable range in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary...
The vulnerability of the Intel Alias Checking Trusted Module (Intel ACTM), a microprogramming software component for Intel 4th Generation and 5th Generation processors, allows attackers to exploit it to increase their privileges.
The vulnerability of the Intel Alias Checking Trusted Module Intel ACTM, a microprogramming software component of Intel’s 4th and 5th generation processors, relates to the disclosure of information in the erroneous data area. Exploiting this vulnerability can allow attackers to enhance their...
The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the execution of operations beyond the buffer boundaries in memory. This allows attackers to execute arbitrary code.
The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created PAR file...
The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation in simulation models for systems and processes involves writing beyond buffer boundaries, allowing attackers to execute arbitrary code.
The vulnerability of the software environment for simulation modeling of systems and processes in Siemens Tecnomatix Plant Simulation lies in the issue of buffer overflow attacks. Exploiting this vulnerability can allow attackers to execute arbitrary code using specially created WRL files...
The vulnerability of the library for optimizing machine learning models, Intel Neural Compressor, related to errors in processing input data, allows attackers to exploit it to gain increased privileges.
The vulnerability of the Intel Neural Compressor library for optimizing machine learning models is related to errors in processing input data. Exploiting this vulnerability can allow attackers to enhance their privileges remotely...
The vulnerability of the CLI command-line interface of the GitHub collaborative development platform, related to the failure to remove special elements, allows a perpetrator to execute arbitrary code.
The vulnerability of the CLI command-line interface of the GitHub collaborative development platform is related to the lack of measures to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the QuRouter operating system for QNAP network devices lies in the lack of measures taken to neutralize special elements used in the operating system’s commands. This allows attackers to execute arbitrary commands.
The vulnerability of the QuRouter operating system for QNAP network devices is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the Spectrum Power 7 software, related to incorrect privilege assignment, allows a perpetrator to elevate their privileges.
The vulnerability of the Spectrum Power 7 software is related to the improper assignment of privileges by running binary files with the SUID privilege. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability in the virtual learning environment Moodle arises from the lack of measures taken to protect the structure of web pages. This allows attackers to carry out attacks using cross-site scripting (XSS).
The vulnerability in the virtual learning environment Moodle exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out attacks using cross-site scripting XSS...
The vulnerability of DRM/VMWGFX components in Linux operating systems allows attackers to increase their privileges within the system.
The vulnerability of DRM/VMWGFX components in Linux operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to increase their privileges within the system...
Vulnerability of components of Linux operating system’s kernel/mlx5, allowing a hacker to cause a service failure
The vulnerability of the net/mlx5 components of the Linux operating system’s kernel is related to incorrect initialization of a resource in the addrulefg function. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the hci_event component in the Linux operating system’s kernel allows a perpetrator to gain access to confidential information.
The vulnerability of the hcievent component in the Linux operating system’s kernel is related to the disclosure of information within the hciiocaparequestevt function. Exploiting this vulnerability can allow an attacker to gain access to confidential information...
The vulnerability of the mptcp component in Linux operating systems, which allows attackers to manipulate data
The vulnerability of the mptcp component in Linux operating systems is related to the state of the race condition when using shared resources. Exploiting this vulnerability allows an attacker to manipulate data...
The vulnerability of the nbd component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the nbd component in the Linux operating system’s kernel is related to improper error handling in the nbdgenlstatus function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the emu10k1 component of the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the emu10k1 kernel component of the Linux operating system is related to errors in reading beyond the buffer boundary in the sndemu10k1pcmchannelalloc function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the opennurbs.dll and ODXSW_DLL.dll libraries, which are software components for modeling, design, and drafting in AutoCAD, allows a malicious individual to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.
The vulnerability of the opennurbs.dll and ODXSWDLL.dll libraries, which are software for modeling, design, and drafting in AutoCAD, is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information, execute...
The vulnerability of the apcli_wps_gen_pincode function in the TOTOLINK A6000R router’s microprogramming system allows a hacker to execute arbitrary commands.
The vulnerability of the apcliwpsgenpincode function in the TOTOLINK A6000R router’s microprogramming system is related to the lack of measures taken to neutralize special elements used in the command when processing the ifname parameter. Exploiting this vulnerability allows a remote attacker to...
The vulnerability of the CharxSystemConfigManager service in the microprogramming software for modular control devices for AC charging stations and wall-mounted charging devices from Phoenix Contact, CHARX SEC-3100, allows a hacker to execute arbitrary code.
The vulnerability of the CharxSystemConfigManager service in the microprogramming software for modular control devices for AC charging stations and wall-mounted charging devices from Phoenix Contact, the CHARX SEC-3100, is related to the absence of authentication procedures. Exploiting this...
The vulnerability of PDF-XChange Editor’s document viewing and editing software, related to errors in the certificate validation process, allows a perpetrator to execute arbitrary code.
The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software is related to errors in the certificate authenticity verification process. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the GRUB loader program, related to bypassing authentication methods through spoofing techniques, allows a perpetrator to circumvent the authentication process and enhance their privileges within the system.
The vulnerability of the GRUB bootloader is related to the ability to bypass authentication methods using spoofing techniques. Exploiting this vulnerability allows an attacker to circumvent the authentication process and enhance their privileges within the system...
The vulnerability of the Action Dispatch component in the Action Pack extension’s Ruby interpreter allows a attacker to trigger a service failure.
The vulnerability of the Action Dispatch component in the Action Pack extension’s Ruby interpreter involves unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...
The vulnerability of Microsoft Exchange Server servers, related to errors in information representation by the user interface, allows attackers to perform spear-phishing attacks.
The vulnerability of Microsoft Exchange Server servers is related to errors in information representation by the user interface. Exploiting this vulnerability can allow attackers to carry out spear-phishing attacks...
The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the structure of web pages, allows attackers to carry out XSS attacks.
The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
The vulnerability of the Telerik Report Server software’s reporting control tool lies in its reliance on external controls for selecting classes. This allows an attacker to execute arbitrary code.
The vulnerability of the Telerik Report Server reporting management software lies in the use of external control for selecting classes when input data is provided. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in its ability to read data beyond the buffer in memory, allowing an attacker to execute arbitrary code.
The vulnerability of Adobe After Effects’ video and dynamic image editing software relates to reading beyond the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user, using a specially created file...
The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit, related to the disclosure of information, allows attackers to access confidential data, compromise its integrity, and cause service failures.
The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit relates to the disclosure of information. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data, compromise its integrity, and even cause service failures through the use of a...
The vulnerability of the Symfony software platform for developing and managing web applications arises from the lack of measures taken to neutralize special elements, allowing attackers to execute arbitrary code.
The vulnerability of the Symfony software platform for developing and managing web applications exists due to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the btrfs component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the btrfs component in the Linux operating system’s kernel is related to incorrect blocking in the closectree function. Exploiting this vulnerability can allow an attacker to cause a service failure...