Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2023/02/27 12:0 a.m.11 views

The vulnerability of the HTTP.sys driver on Windows operating systems allows a hacker to gain unauthorized access to protected information.

The vulnerability of the HTTP.sys driver in Windows operating systems is related to the disclosure of information in the erroneous data area. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.5CVSS6.6AI score0.00465EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/02/27 12:0 a.m.11 views

The vulnerability of the kernel (NTOSKRNL) of Microsoft Windows operating systems, which allows a perpetrator to increase their privileges

The vulnerability of the kernel NTOSKRNL of Microsoft Windows is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS7.7AI score0.03603EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/02/27 12:0 a.m.11 views

The vulnerability of the PowerScale OneFS operating systems, related to the disclosure of information through registration files, allows a perpetrator to gain full control over the system.

The vulnerability of the PowerScale OneFS operating system lies in the fact that information can be disclosed through registration files when changing the password via the interface. Exploiting this vulnerability could allow an attacker to gain full control over the system...

7.8CVSS7.2AI score0.0018EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/27 12:0 a.m.11 views

The vulnerability of the System Management Unit (SMU) component of AMD processors allows a hacker to trigger a service failure.

The vulnerability of the System Management Unit SMU component of AMD processors exists due to insufficient testing of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

5.3CVSS5.8AI score0.00557EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/02/21 12:0 a.m.11 views

The vulnerability of the get_IFTTTTtoken.cgi function in the microprogramming software for Wi-Fi routers from ASUS, RT-AX82U, allows a hacker to completely compromise the system.

The vulnerability of the getIFTTTTtoken.cgi function in the microprogramming software for Wi-Fi routers from ASUS, the RT-AX82U, is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to completely compromise the system by sending a series...

9CVSS8AI score0.20849EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/21 12:0 a.m.11 views

The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in the ability to write code beyond the buffer boundaries in memory, allowing attackers to execute arbitrary code.

The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in the writing of code beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code within the context of the current user...

7.8CVSS7.8AI score0.00302EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/21 12:0 a.m.11 views

The vulnerability of the System Management Unit (SMU) subsystem in AMD microprogramming software allows a hacker to trigger a service failure.

The vulnerability of the System Management Unit SMU subsystem in AMD microprogramming systems is related to the improper release of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...

7.2CVSS5.9AI score0.00171EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/02/21 12:0 a.m.11 views

The vulnerability of the BIG-IP Access Policy Manager’s access control and remote authentication mechanisms, as well as the software products such as BIG-IP Advanced Firewall Manager, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Hybrid Defender, BIG-IP Domain Name System, BIG-IP Fraud Protection Service, BIG-IP Link Controller, BIG-IP Local Traffic Manager, BIG-IP Policy Enforcement Manager, BIG-IP Orchestrator, allows a perpetrator to trigger a service failure.

The vulnerabilities of the BIG-IP Access Policy Manager, as well as the BIG-IP Advanced Firewall Manager, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Hybrid Defender, BIG-IP Domain Name System, BIG-IP Fraud Protection Service, BIG-IP Link...

7.5CVSS7.2AI score0.00626EPSS
Exploits0References3Affected Software12
BDU FSTEC
BDU FSTEC
added 2023/02/21 12:0 a.m.11 views

The vulnerability of the command-line interface (CLI) implementation of Zyxel networking devices allows a perpetrator to execute arbitrary commands.

The vulnerability of CLI implementations for Zyxel network devices involves a lack of measures to neutralize special elements used in OS commands. Exploiting this vulnerability allows an attacker to execute arbitrary commands remotely...

8.3CVSS7.4AI score0.02806EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/02/21 12:0 a.m.11 views

The vulnerability of the automated Bitcoin payment processing system, BTCPay Server, related to the use of open redirection, allows attackers to carry out phishing attacks.

The vulnerability of the automated Bitcoin payment processing system, BTCPay Server, is related to the use of open redirection when processing the parameter returnUrl=. Exploiting this vulnerability allows a remote attacker to carry out phishing attacks using a specially created malicious link...

7.1CVSS6.3AI score0.00607EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/01/30 12:0 a.m.11 views

Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the MySQL Server component of the database management system involves insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...

6.8CVSS6.3AI score0.00853EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/01/27 12:0 a.m.11 views

The vulnerability of Microsoft Edge browser arises from the lack of measures taken to protect the structure of web pages, allowing attackers to enhance their privileges.

The vulnerability of Microsoft Edge exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

9.3CVSS6.6AI score0.02307EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/01/23 12:0 a.m.11 views

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud, which stem from violations of secure design principles, allow attackers to enhance their privileges.

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud are related to violations of secure design principles. Exploiting these vulnerabilities can allow attackers to enhance their privileges...

5.6CVSS7.2AI score0.00397EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/01/12 12:0 a.m.11 views

The vulnerability of the Advanced Local Procedure Call (ALPC) handler in the Windows operating system allows attackers to escalate their privileges.

The vulnerability of the Advanced Local Procedure Call ALPC in the Windows operating system is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code with SYSTEM privileges...

7.8CVSS8.4AI score0.41538EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/01/10 12:0 a.m.11 views

The vulnerability of the GPU i915 driver core in Linux operating systems allows attackers to increase their privileges or cause service failures.

The vulnerability of the GPU i915 driver core in Linux operating systems is related to improper cleaning of the TLB Translation Lookaside Buffer. Exploiting this vulnerability allows an attacker to gain elevated privileges or cause system failures...

7.8CVSS6.6AI score0.00252EPSS
Exploits0References11Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/12/30 12:0 a.m.11 views

The vulnerability in the web interface of the Cisco BroadWorks CommPilot Application Software allows a perpetrator to execute arbitrary code.

The vulnerability of the Cisco BroadWorks CommPilot Application Software’s web interface is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a specially created HTTP request...

8.7CVSS8AI score0.0095EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/24 12:0 a.m.11 views

The vulnerability of the memset() function in the Dnsmasq DNS server allows a hacker to cause a service failure.

The vulnerability of the memset function in the Dnsmasq DNS server is related to insufficient checking of DNS packet size. Exploiting this vulnerability allows a malicious actor to cause service failures by sending specially crafted requests to port 53/udp...

7.8CVSS7.2AI score0.6541EPSS
Exploits0References17Affected Software8
BDU FSTEC
BDU FSTEC
added 2022/12/23 12:0 a.m.11 views

The vulnerability of the Android operating system’s exchange buffer in Samsung mobile devices allows a hacker to gain access to read, modify, or delete files.

The vulnerability of the exchange buffer in Android mobile devices from Samsung is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to gain access to read, modify, or delete files...

4.9CVSS7.3AI score0.02831EPSS
Exploits0References9Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.11 views

The vulnerability of the `kfd_parse_subtype_iolink` function in the `drivers/gpu/drm/amd/amdkfd/kfd_crat.c` file of the Linux operating system’s kernel allows a hacker to trigger a service failure or increase their privileges.

The vulnerability of the kfdparsesubtypeiolink function in the drivers/gpu/drm/amd/amdkfd/kfdcrat.c file of the Linux operating system’s kernel is related to incorrect checking of the returned value from a method or function. Exploiting this vulnerability could allow an attacker to cause service...

5.5CVSS6.5AI score0.00214EPSS
Exploits0References10Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.11 views

The vulnerability of the queue insertion function sch_sfb in Linux operating system kernels allows a hacker to cause a service failure.

The vulnerability of the queue insertion function schsfb in Linux operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.6AI score0.0045EPSS
Exploits0References9Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.11 views

The vulnerability of network connection tools such as Intel PROSet/Wireless WiFi, Intel vPro CSME WiFi, and Killer WiFi allows a malicious actor to cause service interruptions.

The vulnerability of network connection tools such as Intel PROSet/Wireless WiFi, Intel vPro CSME WiFi, and Killer WiFi is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

6.5CVSS6.6AI score0.00407EPSS
Exploits0References3Affected Software7
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.11 views

The vulnerability of the application software interface of the VMware vRealize Network Insight (vRNI) system, related to the possibility of bypassing the directory protection mechanism, allows attackers to access protected information.

The vulnerability of the application software interface of the VMware vRealize Network Insight vRNI development and optimization software infrastructure is related to the possibility of bypassing the catalog. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain...

7.8CVSS7.4AI score0.01792EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.11 views

The vulnerability of the imx_register_uart_clocks() function in the drivers/clk/imx/clk.c file of the Linux kernel allows a hacker to cause system failures or gain increased privileges.

The vulnerability of the imxregisteruartclocks function in the drivers/clk/imx/clk.c file of the Linux kernel is related to a pointer assignment error. Exploiting this vulnerability could allow an attacker to cause system failures or gain increased privileges...

5.5CVSS6.5AI score0.00219EPSS
Exploits0References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.11 views

The vulnerability of the Linux operating system’s Bluetooth Low Energy driver allows attackers to gain increased privileges.

The vulnerability of the Linux operating system’s Bluetooth Low Energy driver is related to errors during authentication processes. Exploiting this vulnerability can allow a remote attacker to gain increased privileges...

7.5CVSS7.2AI score0.00353EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/19 12:0 a.m.11 views

The vulnerability of the libxrdp_send_to_channel() function on the XRDP server allows a hacker to gain unauthorized access to protected information.

The vulnerability of the libxrdpsendtochannel function on the XRDP server is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

7.8CVSS7.4AI score0.00822EPSS
Exploits0References12Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/11/28 12:0 a.m.11 views

The vulnerability of Microsoft Exchange Server servers, related to errors in information representation by the user interface, allows attackers to perform spoofing attacks.

The vulnerability of Microsoft Exchange Server is related to errors in information representation by the user interface. Exploiting this vulnerability can allow a malicious actor to perform a spoofing attack remotely...

8CVSS7.5AI score0.00776EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/11/23 12:0 a.m.11 views

The vulnerability of Websoft HCM’s automation software for HR processes lies in the incorrect expiration time of sessions. This allows attackers to reuse the session credentials to access user information.

The vulnerability of Websoft HCM’s automation software for HR processes is related to incorrect session duration settings. Exploiting this vulnerability allows a malicious actor to repeatedly use session credentials to access user information...

5.9CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/11/22 12:0 a.m.11 views

The vulnerability in the `create_unbound_ad_servers.sh` component relates to the Unbound DNS server, allowing a attacker to compromise data integrity.

The vulnerability of the createunboundadservers.sh script, executed by the Unbound DNS server, is related to insufficient elimination of certain elements in the request. Exploiting this vulnerability allows a remote attacker to compromise the integrity of data...

7.1CVSS6.8AI score0.01339EPSS
Exploits0References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/11/22 12:0 a.m.11 views

The vulnerability of the htx_add_header function in the include/haproxy/htx.h component of HAProxy’s server software allows a attacker to compromise data integrity.

The vulnerability of the htxaddheader function in the include/haproxy/htx.h component of HAProxy server software is related to integer overflow. Exploiting this vulnerability allows a remote attacker to compromise data integrity...

7.8CVSS7.6AI score0.57934EPSS
Exploits6References11Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/11/21 12:0 a.m.11 views

The vulnerability of the compatibility subsystem’s kernel allows for the execution of Linux applications. The Windows Subsystem for Linux (WSL2) and the Azure IoT Edge for Linux on Windows (EFLOW) environment enable attackers to enhance their privileges.

The vulnerability of the compatibility subsystem’s kernel for running Linux applications is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to gain increased privileges...

7CVSS7.2AI score0.00322EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/11/21 12:0 a.m.11 views

The vulnerability of Windows operating system DHCP clients, related to insecure management of privileges, allows attackers to elevate their own privileges.

The vulnerability of the Windows operating system’s DHCP client is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7.8CVSS7.2AI score0.00542EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/11/21 12:0 a.m.11 views

The vulnerability of the Home Network Administration Protocol (HNAP) implementation in D-Link DIR-1935 router microsoftware allows a attacker to execute arbitrary code.

The vulnerability of the Home Network Administration Protocol HNAP implementation in D-Link DIR-1935 router microprogramming software lies in the copying of a buffer without checking the size of the input data during the processing of the HNAPAUTH header. Exploiting this vulnerability allows an...

8.8CVSS8.2AI score0.01006EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/11/21 12:0 a.m.11 views

The vulnerability of the Cisco AsyncOS operating system in the Cisco Email Security Appliance (ESA) security system allows a perpetrator to trigger a service failure.

The vulnerability of the Cisco AsyncOS operating system in the Cisco Email Security Appliance ESA security system is related to errors in the certificate validation process. Exploiting this vulnerability could allow a malicious actor to cause service interruptions by establishing a large number o...

7.8CVSS7.2AI score0.00778EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/11/17 12:0 a.m.11 views

The vulnerability of the Microsoft ODBC driver for Microsoft Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft ODBC driver for Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.1AI score0.01436EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/11/17 12:0 a.m.11 views

The vulnerability of the BitLocker Device Encryption security function in Windows operating systems allows attackers to circumvent security restrictions.

The vulnerability of the BitLocker Device Encryption security function in Windows operating systems is related to security configuration errors. Exploiting this vulnerability could allow a hacker to circumvent security restrictions...

4.9CVSS6.4AI score0.03601EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2022/11/16 12:0 a.m.11 views

The vulnerability of the RTSP-based microprogramming software for IP cameras such as VPort P16-1MP-M12, VPort P16-1MP-M12-IR, and VPort P06-1MP-M12 allows a intruder to cause service failure.

The vulnerability of the RTSP-based microprogramming software for IP cameras such as VPort P16-1MP-M12, VPort P16-1MP-M12-IR, and VPort P06-1MP-M12 lies in the handling of the zero pointer. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

7.8CVSS5.5AI score
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/11/15 12:0 a.m.11 views

The vulnerability of the WDAC OLE DB driver for SQL Server on the Windows operating system allows a hacker to execute arbitrary code or perform arbitrary actions.

The vulnerability of the WDAC OLE DB driver for SQL Server on the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or perform unauthorized actions remotely...

10CVSS8.1AI score0.01476EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/11/15 12:0 a.m.11 views

The vulnerability of the vector graphics editor CorelDRAW Graphics Suite (formerly CorelDRAW) lies in the ability to read data beyond the buffer boundaries in memory, allowing attackers to execute arbitrary code.

The vulnerability of the CorelDRAW Graphics Suite formerly CorelDRAW graphic editor lies in the reading of data beyond the buffer boundaries in memory during the syntax analysis of EMF files. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created...

7.8CVSS7.8AI score0.00873EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2022/11/15 12:0 a.m.11 views

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to access to resources through incompatible types. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8AI score0.00617EPSS
Exploits0References8Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/10/04 12:0 a.m.11 views

The vulnerability of the OGNL expression transformation class implementation in the Apache Struts software platform allows a hacker to execute arbitrary code.

The vulnerability of the OGNL expression transformation class implementation in the Apache Struts software framework is related to improper code generation management. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially crafted request...

9.6CVSS8.2AI score0.70211EPSS
Exploits1References6Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/09/30 12:0 a.m.11 views

The vulnerability of the Video microprogramming system component in Qualcomm’s embedded chips allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the Video microprogramming software component in Qualcomm’s embedded chips lies in the copying of buffers without checking the size of the input data during the processing of .ps video files. Exploiting this vulnerability can allow an attacker to cause service failures or...

7.5CVSS8AI score0.00321EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/09/12 12:0 a.m.11 views

The vulnerability of the driver vmwgfx (drivers/gpu/vmxgfx/vmxgfx_kms.c) in the Linux operating system allows a hacker to increase their privileges or cause service failures.

The vulnerability of the vmwgfx driver drivers/gpu/vmxgfx/vmxgfxexecbuf.c in the Linux operating system is related to pointer swapping errors. Exploiting this vulnerability can allow an attacker to increase their privileges or cause service failures...

5.5CVSS6.4AI score0.0059EPSS
Exploits0References35Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/09/07 12:0 a.m.11 views

The vulnerability of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 allows a hacker to execute arbitrary code.

The vulnerability of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 lies in the copying of buffers without checking the size of the input data during the processing of the pann file. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

9.6CVSS8.1AI score0.01088EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2022/09/07 12:0 a.m.11 views

The vulnerability of the RPKI validator OctoRPKI, related to insufficient validation of input data, allows a violator to trigger a service failure.

The vulnerability of the RPKI validator OctoRPKI is related to the use of a zero value during the generation of Route Origin Authorisations. Exploiting this vulnerability could allow a malicious actor to cause a service failure...

5.4CVSS7.2AI score0.01255EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/09/07 12:0 a.m.11 views

The vulnerability of extension XEP-0308: Last Message Correction for the Jabber/XMPP client Gajim, which allows a violator to trigger a service failure.

The vulnerability of extension XEP-0308, “Last Message Correction” for the Jabber/XMPP client Gajim, is related to insufficient validation of input data during the verification of message identifiers in a multi-user chat. Exploiting this vulnerability can allow a malicious actor, operating...

7.8CVSS7.2AI score0.01518EPSS
Exploits1References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/09/07 12:0 a.m.11 views

The vulnerability of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 allows a hacker to induce a service failure.

The vulnerability of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 routers lies in the copying of buffers without checking the size of the input data during the processing of the telnetatemonitor file. Exploiting this vulnerability could allow an attacker to...

9.6CVSS7.7AI score0.01088EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2022/09/07 12:0 a.m.11 views

The vulnerability of the microprogramming software of the Cognex 3D-A1000 Dimensioning System lies in the lack of authentication for the password change function, which allows unauthorized users to escalate their privileges.

The vulnerability of the microprogramming software of the Cognex 3D-A1000 Dimensioning System lies in the lack of authentication for the password change function. Exploiting this vulnerability could allow an attacker to gain increased privileges from a remote location...

10CVSS7.8AI score0.00807EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/09/05 12:0 a.m.11 views

The vulnerability of the Vim text editor lies in the fact that an operation can be performed outside the buffer, allowing an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Vim text editor is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS7.6AI score0.01461EPSS
Exploits1References17Affected Software10
BDU FSTEC
BDU FSTEC
added 2022/09/05 12:0 a.m.11 views

The vulnerability of the getAttrValue function in D-Link DSL-3782 router microprogramming software, related to buffer overflow in the stack, allows a hacker to execute arbitrary code.

The vulnerability of the getAttrValue function in D-Link DSL-3782 router microprogramming software is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

5.5CVSS8.3AI score0.01275EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/09/05 12:0 a.m.11 views

The vulnerability of the Microsoft Visual Studio software development tool and the Microsoft.NET Framework software platform lies in the fact that copying buffers without checking the size of the input data allows a perpetrator to execute arbitrary code.

The vulnerability of the Microsoft Visual Studio software development tool and the Microsoft.NET Framework software platform lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

7.5CVSS7.6AI score0.01555EPSS
Exploits0References3Affected Software5
Total number of security vulnerabilities5000