Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2023/09/25 12:0 a.m.11 views

The vulnerability of the D-View 8 network device management platform, which stems from the use of rigidly encrypted user credentials, allows a malicious actor to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerability of the D-View 8 network device management platform lies in the use of a static key during the processing of JWT tokens. Exploiting this vulnerability allows an attacker to bypass security restrictions and gain unauthorized access to protected information...

10CVSS7.2AI score0.67914EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/09/21 12:0 a.m.11 views

The vulnerability of the `addApplicationFont{FromData}` function in the QFontDatabase class, a cross-platform framework for Qt software development, allows a attacker to cause a service failure.

The vulnerability of the addApplicationFontFromData function in the QFontDatabase class, a cross-platform framework for Qt software development, is related to improper cleaning or release of resources during font processing. Exploiting this vulnerability can allow an attacker to cause service...

3CVSS6.7AI score0.00249EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/09/20 12:0 a.m.11 views

The vulnerability of cloud-based software for creating and using Nextcloud storage solutions is related to improper access control, which allows attackers to gain unauthorized access to protected information.

The vulnerability of cloud-based software for creating and using Nextcloud storage solutions is related to improper access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

6.8CVSS6.5AI score0.00809EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/09/16 12:0 a.m.11 views

The vulnerability of the x3f_utils_patched.cpp component in the LibRaw image processing library allows a hacker to trigger a service failure.

The vulnerability of the x3futilspatched.cpp component in the LibRaw image processing library is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6AI score0.00369EPSS
Exploits1References5Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/09/14 12:0 a.m.11 views

The vulnerability of the read_samples() function in the Sound eXchange (SoX) audio processing software allows a hacker to cause a service failure.

The vulnerability of the readsamples function in the Sound eXchange SoX sound processing software is related to incorrect numerical calculations when processing values with a comma. Exploiting this vulnerability could allow an attacker to cause a service failure...

6.2CVSS6.8AI score0.0028EPSS
Exploits0References11Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/09/08 12:0 a.m.11 views

The vulnerability of the AtlasVPN client, related to the execution of functions from an unreliable controlled area, allows a hacker to obtain user IP addresses.

The vulnerability of the AtlasVPN client relates to the execution of functions from an untrusted controlled area. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain user IP addresses...

7.8CVSS5.7AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/09/08 12:0 a.m.11 views

The vulnerability of the DDP microprogramming software-based wireless access points from D-Link, model DAP-2622, allows a intruder to execute any arbitrary code.

The vulnerability of the DDP microprogramming software used in D-Link DAP-2622 wireless access points lies in the fact that the execution of commands is carried out outside of the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code...

8.8CVSS8.3AI score0.00855EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/09/07 12:0 a.m.11 views

The vulnerability of the partition_search.h component in the library, which implements the AV1 codec of the Debian GNU/Linux operating system, allows a hacker to execute arbitrary code.

The vulnerability of the partitionsearch.h component in the library that implements the AV1 codec in the Debian GNU/Linux operating system is due to buffer overflow in the stack. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

9.3CVSS8.3AI score0.01648EPSS
Exploits1References10Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/08/31 12:0 a.m.11 views

The vulnerability of Zoom’s video conferencing software, related to the implementation of security features at the client side, allows attackers to gain unauthorized access to protected information.

The vulnerability of Zoom, a video conferencing software, is related to the implementation of security features at the client side. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

7.5CVSS6.5AI score0.01032EPSS
Exploits0References3Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/08/24 12:0 a.m.11 views

The vulnerability of the MDPR component in the Gstreamer multimedia framework allows a hacker to execute arbitrary code.

The vulnerability of the MDPR component in the Gstreamer multimedia framework is related to a numerical overflow condition. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

10CVSS7.9AI score0.01201EPSS
Exploits0References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/08/23 12:0 a.m.11 views

The vulnerability of Google Chrome’s Skia graphic library allows a hacker to execute arbitrary code.

The vulnerability of Google Chrome’s Skia graphics library is related to buffer overflow attacks. Exploiting this vulnerability allows an attacker to execute arbitrary code through a specially created HTML page...

10CVSS8.4AI score0.01595EPSS
Exploits0References9Affected Software6
BDU FSTEC
BDU FSTEC
added 2023/08/23 12:0 a.m.11 views

The vulnerability of the CMD_W_REG command processor in the CEAR_MWDI_DFLT_PASSWORD register of the CE805M data collection and transmission device allows a attacker to compromise the integrity of the database or cause service failures.

The vulnerability of the CMDWREG command processor in the CEARMWDIDFLTPASSWORD registry of the CE805M data collection and transmission device is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability could allow an attacker to compromise the...

8.5CVSS5.7AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/14 12:0 a.m.11 views

The vulnerability of the nft_immediate_deactivate() function in the net/netfilter/nft_immediate.c file of the netfilter network interface layer in the Linux operating system allows a hacker to trigger a service failure or exert other effects.

The vulnerability of the nftimmediatedeactivate function in the net/netfilter/nftimmediate.c file of the netfilter network interface layer in the Linux operating system is related to improper handling during rule creation. Exploiting this vulnerability could allow an attacker to cause service...

7.8CVSS6.5AI score0.00285EPSS
Exploits0References14Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/08/11 12:0 a.m.11 views

The vulnerability of the setaccount() function in Tenda’s microprogramming software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the setaccount function in Tenda router microprogramming software lies in the fact that the operation’s output goes beyond the buffer in memory when processing the list parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause servic...

10CVSS8.5AI score0.00701EPSS
Exploits1References4Affected Software7
BDU FSTEC
BDU FSTEC
added 2023/08/08 12:0 a.m.11 views

The vulnerability of the ANGLE library in Google Chrome browsers allows a hacker to execute arbitrary code or trigger a denial-of-service attack.

The vulnerability of the ANGLE library in Google Chrome browsers is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service denial-of-service by loading a specially created...

10CVSS8.5AI score0.01254EPSS
Exploits0References5Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/08/07 12:0 a.m.11 views

The vulnerability of the Data Transfer Security function in software for creating and managing graphical interfaces for control panels in GT Designer3, GOT2000 Series, GOT SIMPLE Series, GT SoftGOT2000, allows a perpetrator to gain unauthorized access to protected information and enhance their privileges.

The vulnerability of the Data Transfer Security function in software for creating and managing graphical interfaces for control panels in GT Designer3, GOT2000 Series, GOT SIMPLE Series, and GT SoftGOT2000 is related to weak cryptography for passwords. Exploiting this vulnerability can allow...

7.8CVSS5.5AI score0.00478EPSS
Exploits0References3Affected Software8
BDU FSTEC
BDU FSTEC
added 2023/08/03 12:0 a.m.11 views

The vulnerability of CODESYS software products, related to insufficient validation of input data, allows a perpetrator to trigger a service failure.

The vulnerability of CODESYS software products is related to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

7.8CVSS7.6AI score0.01871EPSS
Exploits0References2Affected Software19
BDU FSTEC
BDU FSTEC
added 2023/08/03 12:0 a.m.11 views

The vulnerability of the Citrix Workspace App for Linux operating system, related to access control deficiencies, allows a intruder to gain access to user sessions.

The vulnerability of the Citrix Workspace App for Linux operating system is related to lack of access control mechanisms. Exploiting this vulnerability could allow an attacker to gain access to user sessions...

5.5CVSS6.3AI score0.00185EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/03 12:0 a.m.11 views

The vulnerability of the uClibC and uClibC-ng libraries used by Hirschmann EAGLE industrial network interfaces allows attackers to execute arbitrary code.

The vulnerability of the uClibC and uClibC-ng libraries used by Hirschmann EAGLE industrial network switches is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.7AI score0.03261EPSS
Exploits1References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/08/03 12:0 a.m.11 views

The vulnerability of the SAP NetWeaver ABAP software integration platform, related to the failure to take measures to neutralize special elements, allows a perpetrator to execute arbitrary commands.

The vulnerability of the SAP NetWeaver ABAP software integration platform is related to the failure to take measures to neutralize special elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

9.1CVSS7.9AI score0.007EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/03 12:0 a.m.11 views

The vulnerability of the PHP platform pimcore, related to the lack of measures taken to protect the structure of web pages, allows attackers to perform cross-site scripting attacks.

The vulnerability of the PHP platform pimcore is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

6.4CVSS5.9AI score0.00478EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/03 12:0 a.m.11 views

The vulnerability of the DevTools set of tools for web development in the Google Chrome browser allows a hacker to execute arbitrary code.

The vulnerability of the DevTools set of tools for web development in Google Chrome relates to the use of memory after it is released. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

10CVSS8AI score0.00479EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/02 12:0 a.m.11 views

The vulnerability of the web interface of microprogramming software in VMware SD-WAN Edge devices allows a hacker to bypass security restrictions and gain access to read, modify, or delete data.

The vulnerability of the web interface of microprogramming software in VMware SD-WAN Edge devices is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain read, modify, or delete access to data by downloading the...

7.8CVSS7.2AI score0.00632EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/02 12:0 a.m.11 views

The vulnerability of the microprogrammed software of SIMATIC MV540, MV550, and MV560 barcode readers, related to uncontrolled resource consumption, allows a intruder to trigger a service failure.

The vulnerability of the microprogrammed software of SIMATIC MV540, MV550, and MV560 barcode readers is related to an uncontrolled resource consumption during Ethernet frame processing. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

7.8CVSS7.3AI score0.00653EPSS
Exploits0References4Affected Software6
BDU FSTEC
BDU FSTEC
added 2023/08/02 12:0 a.m.11 views

The vulnerability of the web interface of the microprogramming software for routing and switching platforms RUGGEDCOM ROX MX5000, RUGGEDCOM ROX MX5000RE, and RUGGEDCOM ROX RX1400 allows attackers to perform cross-site scripting attacks.

The vulnerability of the web interface of microprogramming software for routing and switching platforms such as RUGGEDCOM ROX MX5000, RUGGEDCOM ROX MX5000RE, and RUGGEDCOM ROX RX1400 arises from the lack of protection for the web page structure during the processing of the getelements parameter...

9CVSS6.7AI score0.00386EPSS
Exploits0References4Affected Software11
BDU FSTEC
BDU FSTEC
added 2023/08/02 12:0 a.m.11 views

The vulnerability of the Apache Airflow Hive Provider, a network software tool, stems from insufficient validation of input data. This vulnerability allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Apache Airflow Hive Provider network software exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information...

9CVSS7.6AI score0.01151EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/02 12:0 a.m.11 views

The vulnerability of Client programs in the MySQL database management system allows a perpetrator to gain unauthorized access to protected information or cause service failures.

The vulnerability of the Server: Optimizer component of the MySQL database management system is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cause service failures...

5.9CVSS6.6AI score0.01152EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/02 12:0 a.m.11 views

The vulnerability of the WebClient component of the Oracle Agile PLM application, which allows a hacker to gain access to and modify data.

The vulnerability of the WebClient component of the Oracle Agile PLM application is related to errors in processing input data. Exploiting this vulnerability may allow an attacker to gain read, modify, add, or delete access to data...

5.5CVSS6.6AI score0.00308EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/02 12:0 a.m.11 views

The vulnerability of the web server of the microprogramming software for SIMATIC MV540, MV550, and MV560 barcode readers allows a perpetrator to cause a service failure.

The vulnerability of the web server of the microprogramming software for SIMATIC MV540, MV550, and MV560 barcode readers is related to the unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

8.6CVSS7.3AI score0.00524EPSS
Exploits0References4Affected Software6
BDU FSTEC
BDU FSTEC
added 2023/08/02 12:0 a.m.11 views

The vulnerability of the DigiExam online test control software lies in the lack of verification data for integrity checks. This allows a perpetrator to gain access to personal data and account information on shared computers.

The vulnerability of the DigiExam online test control software lies in the lack of control data for verifying integrity. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to personal data and account information on shared computers...

10CVSS7.7AI score0.00414EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/01 12:0 a.m.11 views

The vulnerability of the function com.imc.iview.utils.CUtils.checkSQLInjection() in the system for centralized control of network devices and ports of Advantech iView allows a attacker to execute arbitrary SQL commands.

The vulnerability of the com.imc.iview.utils.CUtils.checkSQLInjection function in the system for managing network devices and ports of Advantech iView is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute...

10CVSS8AI score0.15135EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2023/07/25 12:0 a.m.11 views

The vulnerability of Google Chrome’s Autofill function allows attackers to gain access to confidential information.

The vulnerability of Google Chrome’s Autofill function is related to improperly implemented security checks for standard elements. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to confidential information...

7.8CVSS5.4AI score0.00527EPSS
Exploits0References5Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/07/24 12:0 a.m.11 views

The vulnerabilities of components such as Device Manager Server, Hitachi Tuning Manager server, Hitachi Tuning Manager – Agent for RAID, Hitachi Tuning Manager – Agent for NAS, Hitachi Device Manager, Hitachi Tiered Storage Manager, and Hitachi Tuning Manager (HTnM) allow attackers to gain access to read, modify, or delete data.

The vulnerabilities of Device Manager Server, Hitachi Tuning Manager server, Hitachi Tuning Manager – Agent for RAID, Hitachi Tuning Manager – Agent for NAS, Hitachi Device Manager, Hitachi Tiered Storage Manager, and Hitachi Tuning Manager HTnM are related to errors in the use of standard...

6.6CVSS6.9AI score0.00148EPSS
Exploits0References3Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/07/20 12:0 a.m.11 views

The vulnerability of the Jenkins server plugin “Dimensions” in automation tools stems from insufficient protection of service data, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the Jenkins server plugin “Dimensions” relates to insufficient protection of service data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

4.3CVSS6.1AI score0.0083EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/07/18 12:0 a.m.11 views

The vulnerability of the Extensions API of Google Chrome and Microsoft Edge browsers allows a malicious actor to install any extension they desire.

The vulnerability of the Extensions API for Google Chrome and Microsoft Edge is related to insufficient data validation. Exploiting this vulnerability could allow an attacker to install any desired extension by using a specially created HTML page...

5CVSS5.8AI score0.00621EPSS
Exploits0References9Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/07/17 12:0 a.m.11 views

The vulnerability of the Remote Procedure Call (RPC) technology in Windows operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the Remote Procedure Call RPC technology in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

6.8CVSS6.9AI score0.0142EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/07/17 12:0 a.m.11 views

The vulnerability of the Good plugin (gst-plugins-good) in the Gstreamer multimedia framework allows a perpetrator to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.

The vulnerability of the Good gst-plugins-good plugin of the Gstreamer multimedia framework is related to insufficient protection of sensitive data due to the absence of security updates on the remote host. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protect...

7.8CVSS5.9AI score
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/07/11 12:0 a.m.11 views

The vulnerability of the monitoring system for critical equipment, StruxureWare Data Center Expert, relates to the possibility of embedding commands that allow a intruder to execute arbitrary code.

The vulnerability of the StruxureWare Data Center Expert monitoring system relates to the possibility of executing commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

9CVSS8AI score0.00496EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/25 12:0 a.m.11 views

The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation allows a perpetrator to execute arbitrary code.

The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation lies in the writing beyond buffer boundaries. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created SPP file...

7.8CVSS7.8AI score0.00226EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/23 12:0 a.m.11 views

The vulnerability in the set of Sysinternals system utilities for Windows operating systems allows a hacker to trigger a service failure.

The vulnerability in the Sysinternals system utilities for Windows operating systems is related to the improper release of resources. Exploiting this vulnerability can allow an attacker to cause service failures...

5.5CVSS6.6AI score0.00771EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/22 12:0 a.m.11 views

The vulnerability of the Snowflake NodeJS driver for working with cloud-based data processing platforms and Snowflake’s data processing capabilities on the NodeJS platform allows attackers to execute arbitrary code.

The vulnerability of the Snowflake NodeJS driver for working with cloud-based data processing platforms and Snowflake data on the NodeJS platform is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.5CVSS8AI score0.01897EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/19 12:0 a.m.11 views

The vulnerability of the Windows GDI component in Microsoft Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the Windows GDI component in Microsoft Windows systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.4AI score0.00549EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.11 views

The vulnerability of HMI/SCADA CONPROSYS HMI, which stems from insufficient verification of incoming requests, allows a hacker to perform an SSRF attack.

The vulnerability of HMI/SCADA CONPROSYS HMI is related to insufficient checking of incoming requests. Exploiting this vulnerability can allow a malicious actor to perform an SSRF attack remotely...

4.3CVSS6.3AI score0.00641EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.11 views

The vulnerability of D-Link DIR-601 router’s microprogramming software allows a hacker to circumvent existing security restrictions.

The vulnerability of D-Link DIR-601 router’s microprogramming software is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor to circumvent existing security restrictions remotely...

9.3CVSS7.5AI score0.01785EPSS
Exploits2References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.11 views

Vulnerability of the Server component: Security: Privileges of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Server component, specifically the Security: Privileges section of the Oracle MySQL Server database management system, is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using the MySQL...

6.8CVSS6.3AI score0.02EPSS
Exploits0References5Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.11 views

The vulnerability of the /userfs/bin/tcapi file of the Diagnostics microprogramming system for the D-Link DSL-3782 router allows a hacker to execute arbitrary code.

The vulnerability of the /userfs/bin/tcapi file of the Diagnostics microprogramming system for the D-Link DSL-3782 router lies in the fact that the output of the operation goes beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS8.3AI score0.02653EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.11 views

The vulnerability of the ABB eSOMS software for managing production processes allows a hacker to execute arbitrary code.

The vulnerability of the ABB eSOMS software for managing production processes is related to the absence of the X-Content-Type-Options Header in the HTTP response. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

6.1CVSS6.7AI score0.01047EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.11 views

The vulnerability of the D-Link DIR-615 T1 network device’s microprogramming software arises from the lack of protective measures for the website structure. This allows attackers to carry out XSS attacks.

The vulnerability of the D-Link DIR-615 T1 network device’s microprogramming software exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

4.9CVSS5.5AI score0.03503EPSS
Exploits5References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.11 views

The vulnerability of the /userfs/bin/tcapi file of the Diagnostics microprogramming system for the D-Link DSL-3782 router, related to the issue of writing operations outside the buffer in memory, allows a hacker to execute arbitrary code.

The vulnerability of the /userfs/bin/tcapi file of the Diagnostics microprogramming system for the D-Link DSL-3782 router lies in the fact that the output of the operation goes beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS8.3AI score0.02727EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.11 views

The vulnerability of the microprogramming software for Rockwell Automation’s ArmorStart ST distributed controllers allows attackers to execute cross-site scripting (XSS) attacks.

The vulnerability of the microprogramming software for Rockwell Automation’s ArmorStart ST distributed controllers is related to deficiencies in the validation of user-input data. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting XSS attacks remotely...

5.9CVSS5.9AI score0.0062EPSS
Exploits0References3
Total number of security vulnerabilities5000