Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2025/05/23 12:0 a.m.23 views

The vulnerability of the /cgi-bin/ExportIbmsConfig.sh file, a component of the IBMS Configuration File Handler microprogramming system for TOTOLINK A3000RU routers, allows a hacker to trigger a service failure.

The vulnerability of the /cgi-bin/ExportIbmsConfig.sh file, a component of the IBMS Configuration File Handler microprogramming system for TOTOLINK A3000RU routers, is related to access control deficiencies. Exploiting this vulnerability could allow an attacker to cause service interruptions...

5.3CVSS5.9AI score0.00598EPSS
Exploits1References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/30 12:0 a.m.23 views

Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the MySQL Server component of the database management system involves the improper assignment of permissions to a critical resource. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...

6.8CVSS6.4AI score0.0076EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/23 12:0 a.m.23 views

The vulnerability of the PHP library TCPDF, related to incorrect pathname restrictions for restricted access directories, allows attackers to gain unauthorized access to protected information.

The vulnerability of the PHP library TCPDF lies in the incorrect path limitation for the access to the restricted directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

6.8CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/16 12:0 a.m.23 views

The vulnerability of the E-Staff automation system for recruitment processes is related to errors in data filtering when obtaining information about the target. This allows a violator to gain unauthorized access to protected information.

The vulnerability of the E-Staff recruitment process automation system is related to errors in data filtering when obtaining information about the target. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

7.7CVSS5.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/04/14 12:0 a.m.23 views

Vulnerability of the dpll_nl_pin_get_dumpit() function in the drivers/dpll/dpll_netlink.c module – A DPLL driver for the Linux operating system that allows a hacker to cause a service failure.

Vulnerability of the dpllnlpingetdumpit function in the drivers/dpll/dpllnetlink.c module – The DPLL driver support in Linux kernels is vulnerable to synchronization errors when using shared resources. Exploiting this vulnerability can allow attackers to cause service failures...

5.5CVSS6.4AI score0.0015EPSS
Exploits0References8Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/04/10 12:0 a.m.23 views

The vulnerability of BitLocker’s data protection function in the Microsoft Windows operating system allows attackers to circumvent existing security restrictions.

The vulnerability of BitLocker’s data protection function in the Microsoft Windows operating system is related to a breach of the data protection mechanism. Exploiting this vulnerability could allow an attacker to circumvent existing security restrictions...

7.2CVSS7.6AI score0.00767EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/04/02 12:0 a.m.23 views

The vulnerability of the ipsec_net_asp function in the D-Link DI-8100 network device allows a hacker to execute arbitrary code.

The vulnerability of the ipsecnetasp function in the D-Link DI-8100 network device’s microprogramming software is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially...

10CVSS6AI score0.00586EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/18 12:0 a.m.23 views

The vulnerability of the adjust_ptr_min_max_vals() function in the kernel/bpf/verifier.c module, which is part of the BPF interpreter support in the Linux operating system’s kernel, allows attackers to compromise the confidentiality and accessibility of protected information.

The vulnerability of the adjustptrminmaxvals function in the kernel/bpf/verifier.c module, which is part of the BPF interpreter for Linux operating systems, is related to incorrect validation of input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality an...

5.5CVSS6.7AI score0.00232EPSS
Exploits0References14Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/03/13 12:0 a.m.23 views

The vulnerability of the PAN-OS OpenConfig Plugin in the PAN-OS operating system, related to the failure to eliminate special elements, allows a perpetrator to execute arbitrary commands.

The vulnerability of the PAN-OS OpenConfig Plugin in the PAN-OS operating system is related to the failure to take measures to neutralize specific elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

9CVSS7.7AI score0.01238EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/11 12:0 a.m.23 views

Vulnerability eliminated

...

5.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/02/21 12:0 a.m.23 views

The vulnerability of the task and project management service WEEEK lies in the improper restriction on recursive references to entities in the DTD. This allows a violator to trigger a service failure.

The vulnerability of the WEEEK task and project management service is related to improper restrictions on recursive references to entities in the DTD. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.7CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/18 12:0 a.m.23 views

The vulnerability of the Linux operating system’s kernel Wi-Fi component, which allows a hacker to trigger a service failure

The vulnerability of the Linux operating system’s kernel Wi-Fi component is related to improper validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures...

8.8CVSS5.9AI score0.00793EPSS
Exploits0References22Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/02/06 12:0 a.m.23 views

The vulnerability of the Drupal Security Kit module in the Drupal CMS system allows attackers to trigger a service failure.

The vulnerability of the Drupal Security Kit CMS system’s module is related to access to resources through incompatible types. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

5.3CVSS5.5AI score0.00349EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/31 12:0 a.m.23 views

The vulnerability of the mgmt_mesh_foreach() function in the net/bluetooth/mgmt_util.c module of operating systems running on Linux allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information, or cause service failures.

The vulnerability of the mgmtmeshforeach function in the net/bluetooth/mgmtutil.c module of Linux operating systems is related to iterating over an inappropriate list called mgmtpending, which contains elements of type struct mgmtpendingCmd instead of struct mgmtmeshtx. Exploiting this...

8.2CVSS5.5AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/30 12:0 a.m.23 views

The vulnerability of the network authentication protocol used by the Firebird software components, “Population Cancer Registry” and “Hospital Cancer Registry,” allows attackers to intercept traffic.

The vulnerability of the network authentication protocol used by the Firebird software’s “Population Cancer Registry” and “Hospital Cancer Registry” components is related to the use of a insecure authentication method called LegacyAuth. Exploiting this vulnerability allows a malicious actor to...

8.3CVSS5.5AI score
Exploits0Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/01/23 12:0 a.m.23 views

The vulnerability of the formSetCfm() function in the Tenda AC18 router’s microprogramming software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the formSetCfm function in the Tenda AC18 router’s microprogramming software is related to the issue where the write operation goes beyond the buffer boundaries in memory when processing the funcpara1 parameter. Exploiting this vulnerability allows a remote attacker to execut...

5.7CVSS6.3AI score0.00531EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/15 12:0 a.m.23 views

The vulnerability of Websoft HCM’s automation software for HR processes stems from improper path handling, allowing attackers to perform arbitrary file operations outside of the directory.

The vulnerability of Websoft HCM’s automation software for HR processes arises from improper handling of paths during the loading of specially crafted files. Exploiting this vulnerability allows an attacker to perform arbitrary file operations outside the directory...

9.9CVSS5.6AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/23 12:0 a.m.23 views

The vulnerability in the getSyslogFile function of the mainfunction.cgi web interface of the DrayTek Vigor router software allows a malicious individual to gain unauthorized access to confidential system files.

The vulnerability of the getSyslogFile function in the mainfunction.cgi web interface of the DrayTek Vigor router software is related to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain...

6.8CVSS6.6AI score0.01769EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/23 12:0 a.m.23 views

The vulnerability in the SSLapp.cgi web interface of the DrayTek Vigor router software allows a attacker to trigger a Denial-of-Service Attack (DoS).

The vulnerability in the SSLapp.cgi web interface of the DrayTek Vigor router software lies in the buffer overflow that occurs during the processing of the sAppName parameter. Exploiting this vulnerability allows an attacker to trigger a Denial-of-Service Attack DoS from a remote location...

7.8CVSS5.8AI score0.00523EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.23 views

The vulnerabilities of the 3D viewing tool JTJT2Go, the Product Lifecycle Management system Teamcenter Visualization, and the 3D geometric modeling tool Parasolid allow a perpetrator to execute arbitrary code.

The vulnerability of the 3D viewing tool JT, JT2Go, the product lifecycle management system Teamcenter Visualization, and the 3D geometric modeling tool Parasolid relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code using...

7.8CVSS6.2AI score0.00279EPSS
Exploits0References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/11/07 12:0 a.m.23 views

The vulnerability of the virtio-net component of the QEMU hardware emulation software allows a attacker to induce a service failure.

The vulnerability of the virtio-net device emulation component in QEMU is related to the operation of writing data beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to cause a system failure...

6.8CVSS7.1AI score0.0065EPSS
Exploits0References9Affected Software6
BDU FSTEC
BDU FSTEC
added 2024/09/17 12:0 a.m.23 views

The vulnerability of the frommacFilterModify function in the /goform/operateMacFilter module of the Tenda wireless access point software allows a intruder to execute arbitrary code or cause a service failure.

The vulnerability of the frommacFilterModify function in the /goform/operateMacFilter microprogramming system for the wireless access point Tenda is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrar...

10CVSS8.5AI score0.01297EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2024/07/31 12:0 a.m.23 views

The vulnerability of the Frames component in Google Chrome and Microsoft Edge browsers allows a hacker to execute arbitrary code.

The vulnerability of the Frames component in Google Chrome and Microsoft Edge is related to synchronization errors when using a shared resource. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

8.8CVSS6.9AI score0.00365EPSS
Exploits0References10Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/07/17 12:0 a.m.23 views

The vulnerability of the IBM InfoSphere Information Server software platform, related to the manipulation of cross-site requests, allows a perpetrator to carry out a CSRF attack.

The vulnerability of the IBM InfoSphere Information Server software integration platform is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to execute a CSRF attack remotely...

6.4CVSS5.4AI score0.00256EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/05/24 12:0 a.m.23 views

The vulnerabilities of LOV components in terms of technical maintenance, repairs, and major system overhauls of Oracle Complex Maintenance, Repair, and Overhaul systems. These systems are part of the Oracle E-Business Suite, allowing attackers to gain access to read, modify, add, or delete data.

The vulnerability of LOV components in terms of technical maintenance, repairs, and major overhauls of Oracle system equipment exists due to insufficient verification of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to read, modify, add, or...

6.4CVSS7.2AI score0.00382EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/04/03 12:0 a.m.23 views

The vulnerability of the CRI-O Container Engine’s application programming interface, a software platform for managing clusters of virtual machines in Kubernetes, relates to the distribution of resources without any restrictions or controls. This allows a malicious actor to trigger service failures.

The vulnerability of the CRI-O Container Engine’s application programming interface, a software platform for managing clusters of virtual machines in Kubernetes, is related to an experimental exploit that allows containers to become unlimited in size. Exploiting this vulnerability could enable a...

7.8CVSS6.8AI score0.00859EPSS
Exploits0References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/01/31 12:0 a.m.23 views

The vulnerability of the microprogrammed software of Emerson Rosemount X-STREAM flow analyzers allows a intruder to disclose protected information.

The vulnerability of Microprogrammed Software in Emerson Rosemount X-STREAM flow analyzers is related to insufficient encryption reliability. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...

7.8CVSS7.2AI score0.00452EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/01/17 12:0 a.m.23 views

The vulnerability of NVIDIA’s SBIOS system, specifically the DGX A100 server, allows a hacker to trigger a service failure.

The vulnerability of NVIDIA’s SBIOS system, specifically the DGX A100 server, is related to incorrect dynamic analysis of variables. Exploiting this vulnerability can allow attackers to cause service failures...

7.5CVSS5.9AI score0.00163EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/11 12:0 a.m.23 views

The vulnerability of the H5Dchunk.c component in the HDF5 file processing library allows a attacker to cause a service failure.

The vulnerability of the H5Dchunk.c component in the HDF5 file processing library is related to the lack of checks for division by zero. Exploiting this vulnerability can allow a remote attacker to cause a service failure using a specially created HDF file...

7.8CVSS6.9AI score0.01972EPSS
Exploits1References10Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/09/08 12:0 a.m.23 views

The vulnerability of iMind video conferencing software lies in its ability to allow the insertion of code or data, enabling a hacker to execute arbitrary code with administrative privileges.

The vulnerability of the iMind video conference software relates to the possibility of code or data being injected into the system. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with administrative privileges...

10CVSS6AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/05/10 12:0 a.m.23 views

The web interface of Netgear’s SRX5308 router software has vulnerabilities that allow attackers to carry out cross-site scripting attacks.

The vulnerability in the web interface of Netgear’s SRX5308 router software exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to carry out a cross-site scripting attack by sending a specially crafted HTTP request...

3.3CVSS5.1AI score0.00649EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/01/25 12:0 a.m.23 views

The vulnerability of the gf_odf_vvc_cfg_read_bs() function on the GPAC multimedia platform allows a hacker to execute arbitrary code or cause service failures.

The vulnerability of the gfodfvvccfgreadbs function on the GPAC multimedia platform is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code or cause service failures...

7.8CVSS7.7AI score0.00403EPSS
Exploits1References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/09/28 12:0 a.m.23 views

The vulnerability of the Mozilla Firefox browser for Android, related to deficiencies in access control, allows attackers to circumvent existing security restrictions.

The vulnerability of the Mozilla Firefox browser for Android is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions remotely...

7.8CVSS6.8AI score0.00858EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/06 12:0 a.m.23 views

Microsoft Edge browser’s vulnerability, related to improper code generation management, allows attackers to escalate their privileges.

The vulnerability of Microsoft Edge is related to incorrect code generation management. Exploiting this vulnerability can allow a remote attacker to gain increased privileges...

8.3CVSS7.8AI score0.01742EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/10/13 12:0 a.m.23 views

The vulnerability of the XNU kernel in Apple iOS and Mac OS systems allows attackers to escalate their privileges or execute arbitrary code.

The vulnerability of the XNU kernel in Apple’s iOS and Mac OS systems is related to type conversion errors. Exploiting this vulnerability can allow attackers to enhance their privileges or execute arbitrary code by running a specially created application...

8.8CVSS8.1AI score0.0415EPSS
Exploits0References8Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/10/05 12:0 a.m.23 views

The vulnerability of Google Chrome web browser’s Safe Browsing service allows a hacker to execute arbitrary code on the target system.

The vulnerability of Google Chrome’s Safe Browsing service is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code on the target system...

10CVSS6AI score0.01303EPSS
Exploits0References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.23 views

The vulnerability of the production automation system’s System Platform, related to the storage of confidential information in unencrypted form, may allow a hacker to gain access to user account data.

The vulnerability of the production automation system’s platform lies in the storage of confidential information in an unencrypted form. Exploiting this vulnerability could allow attackers to gain access to user account information...

6.6CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/10/27 12:0 a.m.23 views

The vulnerability of the tcpdump tool for capturing and analyzing network traffic arises from buffer overflows, which allow attackers to disclose sensitive information that is protected by security measures.

The vulnerability of the tcpdump tool for capturing and analyzing network traffic arises due to buffer overflow. Exploiting this vulnerability can allow a hacker to disclose sensitive information using a specially created pcap file...

3.3CVSS6.5AI score0.01348EPSS
Exploits0References13Affected Software4
BDU FSTEC
BDU FSTEC
added 2020/08/05 12:0 a.m.23 views

The vulnerability of the Sample apps component of the Oracle WebLogic Server application server allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Sample apps component of the Oracle WebLogic Server application server is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

7.8CVSS7.3AI score0.02249EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/03/12 12:0 a.m.23 views

The vulnerability of the message filtering function of Cisco AsyncOS software for Cisco Email Security Appliances and Cisco Content Security Management Appliances allows a attacker to cause a service failure.

The vulnerability of the message filtering function in Cisco AsyncOS software for Cisco Email Security Appliances and Cisco Content Security Management Appliances exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruption...

7.8CVSS5.5AI score0.01863EPSS
Exploits0References1Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/12/17 12:0 a.m.23 views

The vulnerability of the CGI processor (wlg_adv.cgi) in Netgear Nighthawk’s embedded software allows a hacker to execute arbitrary commands.

The vulnerability of the CGI processor wlgadv.cgi in Netgear Nighthawk router’s embedded software is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

7.7CVSS5.9AI score
Exploits0References2Affected Software15
BDU FSTEC
BDU FSTEC
added 2019/09/19 12:0 a.m.23 views

The vulnerability of the GDB debugger’s module allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the GDB debugger’s gdb module relates to the execution of an operation outside the buffer in memory. Exploiting this vulnerability allows a perpetrator to execute arbitrary code or trigger a service failure using a specially created ELF file...

7.8CVSS8.2AI score0.02628EPSS
Exploits1References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2019/08/22 12:0 a.m.23 views

The vulnerability of the Windows Jet Database Engine database management system allows a hacker to execute arbitrary code.

The vulnerability of the Windows Jet Database Engine database management system in Windows operating systems is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created file...

7.8CVSS6.4AI score0.04321EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2019/07/30 12:0 a.m.23 views

The vulnerability of the eDocLib platform for storing and processing corporate data arises from the lack of measures taken to protect the website structure. This vulnerability allows attackers to carry out cross-site scripting attacks.

The vulnerability of the eDocLib platform for storing and processing corporate data exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the user’s browser by placing it in a speciall...

6CVSS6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2019/07/08 12:0 a.m.23 views

The vulnerability of the information protection system against unauthorized access is caused by an operation that goes beyond the buffer boundaries in memory, allowing a intruder to trigger a service failure.

The vulnerability of the information protection system against unauthorized access is due to an operation going beyond the buffer in memory file handling is not performed; the full path length exceeds 260 characters. Exploiting this vulnerability can allow a local attacker to cause a service...

3.6CVSS5.7AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/06/18 12:0 a.m.23 views

The vulnerability of the extract_status_code function in the Keepalived network traffic balancing system, which allows a attacker to cause a service failure

The vulnerability of the extractstatuscode function in the keepalived network traffic balancing system’s lib/html.c file is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

10CVSS5.8AI score0.03746EPSS
Exploits0References4Affected Software3
BDU FSTEC
BDU FSTEC
added 2019/06/14 12:0 a.m.23 views

The vulnerability of Microsoft SharePoint Foundation and the Microsoft SharePoint Server software suite relates to deficiencies in access control. This allows attackers to carry out cross-site scripting attacks and increase their privileges.

The vulnerability of Microsoft SharePoint Foundation and the Microsoft SharePoint Server software suite is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks and increase their privileges by using a specially...

9CVSS5.2AI score0.03316EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2019/05/06 12:0 a.m.23 views

The vulnerability of the Dr.Web Enterprise Security Suite antivirus protection, related to errors in the proprietary protocol’s operation, allows a hacker to replace the installation file.

The vulnerability of the Dr.Web Enterprise Security Suite antivirus protection lies in errors in the proprietary protocol used to connect the antivirus components to the server. Exploiting this vulnerability allows a malicious actor to create a fake “Dr.Web Enterprise Security Suite” server withi...

8.3CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/03/22 12:0 a.m.23 views

The vulnerability of the get_rgba_default function in the libcaca graphics library allows a hacker to gain unauthorized access to protected information.

The vulnerability of the getrgbadefault function in the libcaca graphics library is related to integer overflow. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

8.8CVSS6.8AI score0.01798EPSS
Exploits1References11Affected Software6
BDU FSTEC
BDU FSTEC
added 2017/12/26 12:0 a.m.23 views

The vulnerability of the libmpeg2 library in the Media Framework of the Android operating system allows a hacker to execute arbitrary code within the context of a privileged process.

The vulnerability of the libmpeg2 library in the Media Framework of the Android operating system is related to lack of access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of a privileged process using a specially crafted file...

9.3CVSS7.7AI score0.01311EPSS
Exploits0References3Affected Software1
Total number of security vulnerabilities5000