Lucene search
K
Bdu FstecMost viewed

90604 matches found

BDU FSTEC
BDU FSTEC
added 2025/07/08 12:0 a.m.11 views

The vulnerability of PDF document viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the ability to read data beyond the buffer in memory, allowing attackers to disclose protected information.

The vulnerability of PDF document viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the reading of data beyond the buffer boundaries in memory during file processing for U3D files. Exploiting this vulnerability can allow attackers to disclose protecte...

3.3CVSS5.9AI score0.00211EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/07/07 12:0 a.m.11 views

The vulnerability of the microprogrammed software of Ruijie NBR2000G, NBR1300G, and Ruijie NBR1000 lies in the insufficient protection of operational data, allowing attackers to gain access to the administrator account.

The vulnerability of the microprogrammed software of Ruijie NBR2000G, NBR1300G, and Ruijie NBR1000 lies in the insufficient protection of operational data during the processing of the /WEBVMS/LEVEL15/ endpoint. Exploiting this vulnerability can allow a malicious actor to gain access to the...

7.8CVSS5.5AI score0.06444EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/07/07 12:0 a.m.11 views

The vulnerability of the omap_prm.c component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the omapprm.c component in the Linux operating system’s kernel is related to pointer dereferencing errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00223EPSS
Exploits0References11Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/07/07 12:0 a.m.11 views

The vulnerability of the XML Services component of the Oracle BI Publisher software allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the XML Services component of the Oracle BI Publisher software for creating reports is related to insufficient protection of operational data. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to protected information...

7.8CVSS7.1AI score0.00382EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/07 12:0 a.m.11 views

The vulnerability of the CRM User Management Framework component of the Oracle Common Applications suite, a part of the Oracle E-Business Suite, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the CRM User Management Framework component in the Oracle Common Applications of the Oracle E-Business Suite relates to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

7.8CVSS7.2AI score0.006EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/07 12:0 a.m.11 views

The vulnerability of the Adobe Experience Manager content and media data management system, related to the lack of measures taken to protect the website structure, allows a perpetrator to execute arbitrary code.

The vulnerability of the Adobe Experience Manager content and media data management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

5.5CVSS5.9AI score0.003EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/07 12:0 a.m.11 views

The vulnerability of the Adobe Experience Manager content and media data management system, related to the lack of measures taken to protect the website structure, allows a perpetrator to execute arbitrary code.

The vulnerability of the Adobe Experience Manager content and media data management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

5.5CVSS5.9AI score0.003EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/07 12:0 a.m.11 views

The vulnerability of the Adobe Experience Manager content and media data management system, related to the lack of measures taken to protect the website structure, allows a perpetrator to execute arbitrary code.

The vulnerability of the Adobe Experience Manager content and media data management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

5.5CVSS5.9AI score0.003EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/07 12:0 a.m.11 views

The vulnerability of the Adobe Experience Manager content and media data management system, related to the lack of measures taken to protect the website structure, allows a perpetrator to execute arbitrary code.

The vulnerability of the Adobe Experience Manager content and media data management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

5.5CVSS5.9AI score0.003EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/07 12:0 a.m.11 views

The vulnerability of the changepassword.php (/admin/changepassword.php) script of the Employee Management System allows a perpetrator to execute arbitrary code.

The vulnerability of the changepassword.php /admin/changepassword.php script of the Employee Management System is related to the failure to remove special elements during the processing of the currentpassword parameter. Exploiting this vulnerability allows an attacker operating remotely to execut...

6.5CVSS5.8AI score0.00375EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/07 12:0 a.m.11 views

The vulnerability of the DHCP Daemon (jdhcpd) on Juniper Networks Junos OS allows a attacker to cause a service failure.

The vulnerability of the DHCP Daemon jdhcpd on Juniper Networks Junos OS stems from operations that go beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures by sending specially crafted DHCP packets...

7.4CVSS5.7AI score0.00324EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/04 12:0 a.m.11 views

The vulnerability of the web manager for managing files and directories in File Browser, related to the use of default user accounts, allows a perpetrator to execute a brute-force attack.

The vulnerability of the web manager responsible for managing files and directories in File Browser is related to the use of default user accounts. Exploiting this vulnerability could allow a malicious actor to execute a brute-force attack remotely...

5.9CVSS5.8AI score0.00472EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/04 12:0 a.m.11 views

The vulnerability of the xe_pat.c component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the xepat.c component in the Linux operating system’s kernel is related to errors during initialization of variables. Exploiting this vulnerability can allow an attacker to cause a service failure...

4.4CVSS6.3AI score0.00183EPSS
Exploits0References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/07/04 12:0 a.m.11 views

The vulnerability of the `static_key_fast_inc_not_disabled()` function in the `net/ipv4/tcp_ao.c` component of the Linux kernel allows a attacker to cause a service failure.

The vulnerability of the statickeyfastincnotdisabled function in the net/ipv4/tcpao.c component of the Linux kernel relates to the disclosure of information. Exploiting this vulnerability could allow an attacker to cause a service failure...

4.7CVSS6.7AI score0.00189EPSS
Exploits0References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/07/03 12:0 a.m.11 views

The vulnerability of the net/sched component in the Linux operating system’s kernel, which allows a hacker to trigger a service failure

The vulnerability of the net/sched component in the Linux operating system’s kernel is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00245EPSS
Exploits0References16Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/07/03 12:0 a.m.11 views

Vulnerability of components such as drivers, GPU, DRM, AMD, and display cores in the Linux operating system, which allows a hacker to trigger a service failure.

The vulnerability of components such as drivers, GPU, DRM, AMD, and display cores in the Linux operating system is related to synchronization errors. Exploiting this vulnerability can allow an attacker to cause service failures...

5.5CVSS6.7AI score0.00233EPSS
Exploits0References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/07/03 12:0 a.m.11 views

The vulnerability of the http-foundation component of the Symfony software development and web application management platform allows attackers to access confidential data.

The vulnerability of the http-foundation component of the Symfony software development and web application management platform is related to the use of open redirection. Exploiting this vulnerability could allow an attacker to gain access to confidential data...

3.1CVSS5.7AI score0.00565EPSS
Exploits0References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/07/02 12:0 a.m.11 views

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

5.5CVSS5.9AI score0.00325EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/02 12:0 a.m.11 views

The vulnerability of the built-in web server boa (/boafrm/formFilter) of the TOTOLINK N300RH router’s microprogramming software allows a hacker to cause a service failure.

The vulnerability of the built-in web server boa /boafrm/formFilter of the TOTOLINK N300RH router software is related to improper cleaning or release of resources during the processing of the url parameter. Exploiting this vulnerability allows a malicious actor to cause service failures by sendin...

3.5CVSS5.5AI score0.00452EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/02 12:0 a.m.11 views

The vulnerability of the Nix, Lix, and Guix package managers lies in their lack of access control mechanisms, allowing attackers to gain read and write access to data.

The vulnerability of the Nix, Lix, and Guix package managers is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to gain read and write access to data...

3.2CVSS5.5AI score0.00144EPSS
Exploits0References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/07/01 12:0 a.m.11 views

The vulnerability of Adobe InDesign’s computer layout automation tool, related to reading data beyond the buffer in memory, allows attackers to circumvent ASLR protection and gain unauthorized access to protected information.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to reading data outside the buffer in memory. Exploiting this vulnerability can allow an attacker to bypass ASLR protection and gain unauthorized access to protected information...

5.5CVSS6.1AI score0.0024EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/26 12:0 a.m.11 views

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

5.5CVSS6.3AI score0.00305EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/25 12:0 a.m.11 views

The vulnerability of the Zimbra Collaboration Suite’s email management system, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of the Zimbra Collaboration Suite email management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

6.4CVSS6.9AI score0.19543EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.11 views

Vulnerability of the nj_probe() function in the drivers/isdn/hardware/mISDN/netjet.c module – This driver is part of the mISDN device support in the Linux operating system. It allows a hacker to cause a service failure.

Vulnerability of the njprobe function in the drivers/isdn/hardware/mISDN/netjet.c module – The Linux kernel’s mISDN device driver has a vulnerability that leads to uncontrolled resource consumption. Exploiting this vulnerability could allow an attacker to cause service failures...

4.7CVSS6.4AI score0.00226EPSS
Exploits0References20Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.11 views

The vulnerability of the macro definition rtw89_for_each_in_txpwr_conf in the Linux kernel’s drivers/net/wireless/realtek/rtw89/core.h module allows a attacker to compromise the confidentiality and accessibility of the protected information.

The vulnerability of the macro definition rtw89foreachintxpwrconf in the drivers/net/wireless/realtek/rtw89/core.h file of the Linux kernel is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility...

7.1CVSS7.4AI score0.00245EPSS
Exploits0References11Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.11 views

Vulnerability of the uss720_probe() function in the drivers/usb/misc/uss720.c module – The driver for supporting USB devices in Linux kernel allows a hacker to gain access to protected information.

Vulnerability of the uss720probe function in the drivers/usb/misc/uss720.c module – The Linux kernel’s USB device support driver is vulnerable to security-related errors. Exploiting this vulnerability could allow an attacker to gain access to protected information...

5.5CVSS6.4AI score0.00226EPSS
Exploits0References21Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.11 views

Vulnerability of the amd_iommu_probe_finalize() function in the drivers/iommu/amd/iommu.c module – Linux kernel’s IOMMU support driver, which allows a hacker to cause a service failure

Vulnerability of the amdiommuprobefinalize function in the drivers/iommu/amd/iommu.c module – Linux’s IOMMU support driver relies on the assignment of the NULL pointer. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

5.3CVSS5.6AI score0.00603EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/20 12:0 a.m.11 views

The vulnerability of the Windows operating system’s Storage Management Provider component allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Windows operating system’s Storage Management Provider component is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.5CVSS5.6AI score0.00477EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/06/18 12:0 a.m.11 views

XWiki () Has been postponed

...

5.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/06/16 12:0 a.m.11 views

The vulnerability of the “Termide Virtual Desktops Connection Monitor” software agent arises from the lack of protective measures for the request structure, allowing a perpetrator to execute arbitrary code.

The vulnerability of the “Termide Virtual Desktops Connection Monitor” software agent is related to the lack of protective measures for the request structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

6.5CVSS5.9AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/09 12:0 a.m.11 views

The vulnerability of the Q Replication technology in the IBM DB2 database management system and IBM DB2 Connect Server allows a attacker to cause service interruptions.

The vulnerability of the Q Replication technology in IBM DB2 database management systems, including IBM DB2 Connect Server, involves unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

5.3CVSS5.5AI score0.00303EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/06/09 12:0 a.m.11 views

The vulnerability of the SIMATIC PCS neo technology process management web system, related to incorrect session duration, allows a intruder to intercept the user’s session.

The vulnerability of the SIMATIC PCS neo technology process management web system is related to incorrect session duration. Exploiting this vulnerability could allow an attacker to intercept the user’s session...

10CVSS5.4AI score0.00374EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/05 12:0 a.m.11 views

The vulnerability of the ThinServer.exe executable file of the ThinServer component of Rockwell Automation’s ThinManager application management platform allows a attacker to cause a service failure.

The vulnerability of the ThinServer.exe executable file of the ThinServer component of Rockwell Automation’s ThinManager application for centralized application management involves reading data beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to cause...

7.8CVSS7.4AI score0.18335EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/05 12:0 a.m.11 views

The vulnerability of embedded software developed by Qualcomm, related to the execution of operations outside the buffer in memory, allows attackers to disclose protected information.

The vulnerability of embedded Qualcomm software is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to disclose protected information during the processing of RTP packets...

8.5CVSS7.8AI score0.00202EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/06/05 12:0 a.m.11 views

The vulnerability of the deletePackages method in the HPE StoreOnce VSA virtual storage system allows a attacker to gain access to read and delete any files they desire.

The vulnerability of the deletePackages method in the HPE StoreOnce VSA virtual storage system is related to an incorrect restriction on the path name to the restricted-access directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to read and...

7.5CVSS6.9AI score0.0076EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/05 12:0 a.m.11 views

Vulnerabilities of the functions check_session_id(), smb2_check_user_session(), smb2_sess_setup(), smb2_session_logoff(), smb3_decrypt_req(), ksmbd_session_lookup(), ksmbd_session_lookup_slowpath(), and ksmbd_get_encryption_key() in the Linux operating system kernel, allowing a hacker to cause a service failure.

The vulnerabilities of the functions checksessionid, smb2checkusersession, smb2sesssetup, smb2sessionlogoff, smb3decryptreq, ksmbdsessionlookup, ksmbdsessionlookupslowpath, and ksmbdgetencryptionkey in the Linux operating system are related to improper locking mechanisms. Exploiting these...

5.5CVSS7.2AI score0.00449EPSS
Exploits0References14Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/06/05 12:0 a.m.11 views

The vulnerability of the JetBrains YouTrack project and task management software, related to the lack of authentication for a critical function, allows attackers to gain unauthorized access to protected information.

The vulnerability of the JetBrains YouTrack project and task management software lies in the lack of authentication for a critical function. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

4.3CVSS5.5AI score0.00313EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/04 12:0 a.m.11 views

The vulnerability of the “Print” and “Export Word” functions of the Atlassian Jira Service Management Data Center and Server software allows attackers to enhance their privileges.

The vulnerability of the “Print” and “Export Word” functions in the Atlassian Jira Service Management Data Center and Server software products is related to deficiencies in access control. Exploiting this vulnerability could allow attackers to enhance their privileges remotely...

8.7CVSS5.4AI score0.00445EPSS
Exploits0References4Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/05/30 12:0 a.m.11 views

The vulnerability of the Intel Hyperscan library, related to improper handling of streams, allows a perpetrator to cause a service failure.

The vulnerability of the Intel Hyperscan library is related to improper handling of streams. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.9AI score0.00161EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/05/29 12:0 a.m.11 views

The vulnerability of the GetSettings method in the software for controlling and monitoring remote devices in telemetry and telemechanics systems allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.

The vulnerability of the GetSettings method in software for controlling and monitoring remote devices in telemetry and telemechanics systems related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass security restrictions...

9CVSS6.2AI score0.00594EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/26 12:0 a.m.11 views

The vulnerability of the VS6MemInIF!set_temp_typedefault() function in the HMI configuration software for Monitouch V-SFT allows a malicious individual to gain unauthorized access to protected information, execute arbitrary code, or cause service failure.

The vulnerability of the VS6MemInIF!settemptypedefault function in the HMI configuration software for Monitouch V-SFT is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information,...

7.8CVSS7.8AI score0.00191EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/26 12:0 a.m.11 views

The vulnerability of the MagicINFO 9 centralized multimedia content management system lies in the improper restriction on the path name to the restricted catalog. This allows a malicious actor to gain access and add arbitrary files.

The vulnerability of the MagicINFO 9 multi-media content centralized management system is related to an incorrect restriction on the path name to the restricted catalog. Exploiting this vulnerability could allow a malicious actor to gain access and add arbitrary files...

10CVSS8.2AI score0.23953EPSS
Exploits4References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/25 12:0 a.m.11 views

The vulnerability of the web_acl_mgmt_Rules_Edit_postcontains() function in PLANET Technology’s microcontroller software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the webaclmgmtRulesEditpostcontains function of the PLANET Technology microprogramming device is related to the issue of the operation exceeding the buffer boundaries in memory when processing the byruleEditName parameter. Exploitation of this vulnerability could allow an...

10CVSS5.7AI score0.00453EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/25 12:0 a.m.11 views

The vulnerability of the web_acl_mgmt_Rules_Apply_post() function in PLANET Technology’s microcontroller software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the webaclmgmtRulesApplypost function of the PLANET Technology microprogramming device is related to the issue of the operation exceeding the buffer boundaries in memory when processing the parameter ruleNamekey. Exploiting this vulnerability could allow an attacker to...

10CVSS5.7AI score0.00599EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/25 12:0 a.m.11 views

The vulnerability of the web_tacplus_serverEdit_post() function in the microprogramming software for PLANET Technology allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the webtacplusserverEditpost function in the microprogramming software for PLANET Technology relates to the issue of the operation exceeding the buffer boundaries in memory when processing the tacIp parameter. Exploiting this vulnerability could allow an attacker to compromis...

10CVSS5.7AI score0.00453EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/23 12:0 a.m.11 views

The vulnerability of microprogramming software in devices for integration and control of automation and data collection systems, related to the use of cryptographic algorithms containing defects, allows attackers to compromise the confidentiality and integrity of protected information.

The vulnerability of microprogramming software in devices for integration and control of automation systems and data collection servers is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability can allow a malicious actor to compromise the...

9.4CVSS5.5AI score0.00312EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/23 12:0 a.m.11 views

The vulnerability of the free_pages_prepare() function in the Linux kernel’s memory management subsystem allows a hacker to trigger a service failure.

The vulnerability of the freepagesprepare function in the Linux kernel’s memory management subsystem is related to the failure to release resources after their useful lifespan has ended. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS5.9AI score0.00179EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/23 12:0 a.m.11 views

The vulnerability of the /goform/SetNetControlList component in the Tenda TX3 router software allows a attacker to compromise the accessibility of protected information.

The vulnerability of the /goform/SetNetControlList component in the Tenda TX3 router software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to compromise the accessibility of protected information...

7.8CVSS6.6AI score0.01125EPSS
Exploits1References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/23 12:0 a.m.11 views

The vulnerability of the Net::IMAP module in the Ruby programming language, which allows a hacker to trigger a service failure

The vulnerability of the Net::IMAP module in the Ruby programming language is related to uncontrolled memory allocation. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.8CVSS6.6AI score0.00412EPSS
Exploits0References12Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/05/23 12:0 a.m.11 views

The vulnerability of the LibreOffice office software package, related to improper verification of the cryptographic signature, allows a perpetrator to forge digital signatures.

The vulnerability of the LibreOffice office software package is related to improper verification of the cryptographic signature. Exploiting this vulnerability could allow a malicious actor to forge digital signatures remotely...

10CVSS5.5AI score0.00096EPSS
Exploits0References13Affected Software8
Total number of security vulnerabilities5000