Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2022/06/14 12:0 a.m.11 views

The vulnerability of the StreamingCoordinatorController.java component of the Kylin data processing platform allows attackers to perform SSRF attacks.

The vulnerability of the StreamingCoordinatorController.java component /kylin/api/streamingcoordinator/ in the Kylin data processing platform is related to insufficient validation of incoming requests. Exploiting this vulnerability allows a malicious actor to perform SSRF attacks using a speciall...

7.5CVSS7.2AI score0.02557EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/07 12:0 a.m.11 views

The vulnerability of D-Link DIR-878 wireless routers’ microprogramming software lies in the lack of measures to neutralize specific elements within it. This allows attackers to execute arbitrary commands or trigger service failures.

The vulnerability of D-Link DIR-878 wireless routers’ microprogramming software exists due to the lack of measures taken to neutralize the special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands or cause...

8.8CVSS7.9AI score0.01527EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/05/06 12:0 a.m.11 views

Vulnerability of the Cluster component: The general database management system of Oracle MySQL Cluster allows a hacker to gain full control over the application.

Vulnerability of the Cluster component: The general system for managing databases in Oracle MySQL Cluster is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to gain full control over the application through various network protocols...

6.5CVSS6.6AI score0.03079EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/27 12:0 a.m.11 views

The vulnerability of the executable file wpsupdater.exe of the WPS Office office software allows a hacker to execute arbitrary code.

The vulnerability of the WPS Office office software’s executable file, wpsupdater.exe, is related to improper input validation in wpsupdater.exe. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.4AI score0.2047EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/27 12:0 a.m.11 views

The vulnerability of the implementations of the QuerySet.annotate(), aggregate(), and extra() methods in the Django web application framework allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the implementation of the QuerySet.annotate, aggregate, and extra methods in the Django software platform is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality,...

10CVSS6.6AI score0.18516EPSS
Exploits3References10Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/04/21 12:0 a.m.11 views

The vulnerability of the NETCONF protocol implementation in Cisco SD-WAN vEdge software allows a attacker to cause service failure or trigger an emergency shutdown of the application.

The vulnerability of the NETCONF protocol implementation in Cisco SD-WAN vEdge software lies in the uncontrolled memory consumption. Exploiting this vulnerability could allow an attacker to cause service failures or trigger an emergency shutdown of the application...

5.5CVSS5.9AI score0.00194EPSS
Exploits0References2Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/04/21 12:0 a.m.11 views

The vulnerability in the web interface of the Cisco Common Services Platform Collector, a tool for collecting information about devices in the network, allows attackers to perform cross-site scripting (XSS) attacks.

The vulnerability in the web interface of the Cisco Common Services Platform Collector device for collecting information about devices in the network is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow attackers to perform cross-sit...

6.7CVSS5.7AI score0.00699EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/21 12:0 a.m.11 views

The vulnerability in the web interface of the Cisco Prime Service Catalog management tool allows a hacker to disclose protected information.

The vulnerability of the Cisco Prime Service Catalog management web interface is related to the lack of protection for operational data. Exploiting this vulnerability could allow a malicious actor to disclose the protected information remotely...

4.3CVSS6.5AI score0.01084EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/04/21 12:0 a.m.11 views

The vulnerability of the update module for microprogramming software of Cisco Small Business routers such as RV160, RV160W, RV260, RV260P, RV260W, RV340, RV340W, RV345, and RV345P arises from improper verification of the certificate authenticity. This allows a malicious actor to load arbitrary software images.

The vulnerability of the update module for microprogramming software of Cisco Small Business routers such as RV160, RV160W, RV260, RV260P, RV260W, RV340, RV340W, RV345, and RV345P is related to improper verification of the certificate authenticity. Exploiting this vulnerability allows a malicious...

5.4CVSS6.6AI score0.02297EPSS
Exploits0References3Affected Software9
BDU FSTEC
BDU FSTEC
added 2022/04/20 12:0 a.m.11 views

The vulnerability of the interactive graphical SCADA system, Interactive Graphical SCADA System (IGSS), arises from buffer overflows in the stack, allowing an intruder to execute arbitrary code.

The vulnerability of the interactive graphical SCADA system, Interactive Graphical SCADA System IGSS, arises due to overflow of the buffer on the stack. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created message...

10CVSS8.4AI score0.44559EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/12 12:0 a.m.11 views

The vulnerability of Adobe Premiere Elements’ video editing software, related to the manipulation of the null pointer, allows a hacker to trigger a service failure.

The vulnerability of Adobe Premiere Elements software-related video editing programs is related to the handling of the null pointer. Exploiting this vulnerability could allow a malicious actor to cause service failures...

5.5CVSS5.9AI score0.01104EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/04/07 12:0 a.m.11 views

The vulnerabilities of the Go programming language’s `net.ParseIP` and `net.ParseCIDR` components allow attackers to compromise data integrity.

The vulnerability of the net.ParseIP and net.ParseCIDR components in the Go programming language is related to incorrect handling of zeros at the beginning of an IP address octal number. Exploiting this vulnerability allows a remote attacker to compromise data integrity...

7.8CVSS6.9AI score0.03775EPSS
Exploits1References8Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/04/06 12:0 a.m.11 views

The vulnerability of the decoder for MPEG-4 multimedia platform GPAC allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the decoder for MPEG-4 multimedia platform GPAC is related to the lack of verification for the result of the addition arithmetic operation. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity, and cause service...

9.3CVSS7.6AI score0.01656EPSS
Exploits1References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/04/05 12:0 a.m.11 views

The vulnerability of the ilst_item_Read function in the box_code_apple.c component of the GPAC multimedia platform allows a hacker to trigger a service failure.

The vulnerability of the ilstitemRead function in the boxcodeapple.c component of the GPAC multimedia platform is related to pointer dereferencing errors. Exploiting this vulnerability allows an attacker to cause service failures...

7.1CVSS5.9AI score0.008EPSS
Exploits1References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/04/05 12:0 a.m.11 views

The vulnerability of the `doc` module in the Icinga Web 2 PHP framework allows a hacker to gain access to confidential data.

The vulnerability of the doc module in the Icinga Web 2 PHP framework is related to deficiencies in pathname restrictions for directories. Exploiting this vulnerability allows an attacker to gain access to confidential data...

6.3CVSS5.9AI score0.01306EPSS
Exploits1References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/04/05 12:0 a.m.11 views

The vulnerability of the gf_odf_desc_copy function in the MP4Box tool of the GPAC multimedia platform allows a perpetrator to cause a service failure.

The vulnerability of the gfodfdesccopy function in the MP4Box tool of the GPAC multimedia platform is related to pointer assignment errors. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a specially created file...

7.1CVSS6.6AI score0.00868EPSS
Exploits1References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/04/04 12:0 a.m.11 views

The vulnerability of the software for designing and configuring the Connected Components Workbench (CCW) from Rockwell Automation, related to the restoration of unreliable data in memory, allows a hacker to execute arbitrary code.

The vulnerability of the software used for designing and configuring the Connected Components Workbench CCW from Rockwell Automation lies in the ability to restore unreliable data in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

8.6CVSS7.9AI score0.0281EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/03/28 12:0 a.m.11 views

The vulnerability of the Microsoft App Installer, related to bypassing authentication through spoofing, allows attackers to carry out spoofing attacks.

The vulnerability of the Microsoft App Installer relates to the bypassing of authentication processes through spoofing. Exploiting this vulnerability allows a malicious actor to carry out spoofing attacks using a specially created malware package...

7.6CVSS7.8AI score0.10295EPSS
Exploits1References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/03/18 12:0 a.m.11 views

The vulnerability of the MediaStream component in Google Chrome and Microsoft Edge browsers allows attackers to gain unauthorized access to protected information.

The vulnerability of the MediaStream component in Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.3CVSS7.7AI score0.00664EPSS
Exploits0References10Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/03/11 12:0 a.m.11 views

The vulnerability of the PTC Axeda platform for creating and deploying corporate-level applications lies in its ability to send XML messages, allowing a hacker to gain full control over the operating system.

The vulnerability of the PTC Axeda platform for creating and deploying corporate-level applications is related to the use of strictly encrypted login credentials during the installation of UltraVNC. Exploiting this vulnerability can allow a malicious actor to gain full control over the operating...

10CVSS5.5AI score0.01737EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/03/09 12:0 a.m.11 views

The vulnerability of the Canvas component in Google Chrome and Microsoft Edge browsers allows attackers to disclose protected information.

The vulnerability of the Canvas component in Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to disclose sensitive information...

7.8CVSS7.1AI score0.00953EPSS
Exploits0References7Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/03/09 12:0 a.m.11 views

The vulnerability of the threat detection mechanism for Microsoft Defender for IoT, related to improper code generation, allows a malicious actor to execute arbitrary code.

The vulnerability of the Microsoft Defender for IoT threat detection mechanism is related to improper code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially crafted request...

8.3CVSS7.8AI score0.02209EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/03/09 12:0 a.m.11 views

The vulnerability of Google Chrome’s SwiftShader component allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of Google Chrome’s SwiftShader component relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information through a specially crafted HTML page...

9.3CVSS7.8AI score0.01208EPSS
Exploits0References11Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/03/09 12:0 a.m.11 views

The vulnerability of HEVC Video Extensions relates to improper code generation, allowing attackers to execute arbitrary code.

The vulnerability of HEVC Video Extensions is related to incorrect code generation management. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.8AI score0.02512EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/03/09 12:0 a.m.11 views

The vulnerability of the Local Security Authority Subsystem Service (LSASS) in the Microsoft Windows operating system allows a perpetrator to disclose protected information.

The vulnerability of the Local Security Authority Subsystem Service LSASS in the Microsoft Windows operating system relates to the disclosure of information in the erroneous data area. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

6.8CVSS6.9AI score0.03246EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/03/09 12:0 a.m.11 views

The vulnerability of NETGEAR’s integrated router software, including models R6400, R6400v2, R6700v3, R7000, R6900P, R7000P, and R8000, stems from the lack of measures to sanitize input data. This allows attackers to execute arbitrary commands.

The vulnerability of the embedded software of NETGEAR routers such as R6400, R6400v2, R6700v3, R7000, R6900P, R7000P, and R8000 lies in the lack of measures for cleaning incoming data. Exploiting this vulnerability can allow a remote attacker to execute arbitrary commands...

8.4CVSS7.1AI score0.00631EPSS
Exploits0References3Affected Software7
BDU FSTEC
BDU FSTEC
added 2022/03/09 12:0 a.m.11 views

The vulnerability of the built-in software of NETGEAR routers such as RAX200, RAX75, RAX80, RBK852, RBR850, and RBS850 lies in the lack of measures to sanitize input data. This allows attackers to execute arbitrary commands.

The vulnerability of the embedded software of NETGEAR’s RAX200, RAX75, RAX80, RBK852, RBR850, and RBS850 routers lies in the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

8.4CVSS7.1AI score0.00631EPSS
Exploits0References3Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/03/05 12:0 a.m.11 views

The vulnerability in the web interface for controlling Cisco Expressway Series and Cisco Telepresence VCS devices allows a hacker to execute arbitrary code as a root user.

The vulnerability of the Web interface for controlling Cisco Expressway Series and Cisco Telepresence VCS devices is related to insufficient checking of the command arguments entered by users. Exploiting this vulnerability allows a malicious actor to execute arbitrary code as a root user remotely...

9CVSS6AI score0.03177EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/03/05 12:0 a.m.11 views

The vulnerability of NETGEAR’s integrated routing software, including models like RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850, stems from the lack of measures to sanitize input data. This allows attackers to execute arbitrary commands.

The vulnerability of NETGEAR’s integrated routing software, including models like RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850, stems from the lack of measures to sanitize input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

8.4CVSS7.1AI score0.0058EPSS
Exploits0References3Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/03/04 12:0 a.m.11 views

The vulnerability of the `__proto__.write()` function in the Node.js interpreter, related to buffer overflow in the queue, allows a malicious actor to trigger a service failure.

The vulnerability of the proto.write function in the Node.js interpreter is related to buffer overflow in the queue. Exploiting this vulnerability could allow an attacker to cause a denial-of-service attack...

3.9CVSS5.9AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/03/04 12:0 a.m.11 views

The vulnerability in the embedded software of NETGEAR routers such as CBR40, EAX20, EAX80, EX6120, EX6130, EX7500, R7000, R7900, R8000, RAX200, RBS40V, RBW30, EX3700, MR60, R7000P, RAX20, RAX45, RAX80, EX3800, MS60, R6900P, RAX15, RAX50, RAX75, RBR750, RBR850, RBS750, RBS850, RBK752, and RBK852 exists due to the lack of protective measures for website structures. This vulnerability allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the embedded software of NETGEAR routers such as CBR40, EAX20, EAX80, EX6120, EX6130, EX7500, R7000, R7900, R8000, RAX200, RBS40V, RBW30, EX3700, MR60, R7000P, RAX20, RAX45, RAX80, EX3800, MS60, R6900P, RAX15, RAX50, RAX75, RBR750, RBR850, RBS750, RBS850, RBK752, and RBK852...

7.5CVSS5.6AI score0.00418EPSS
Exploits0References3Affected Software24
BDU FSTEC
BDU FSTEC
added 2022/03/04 12:0 a.m.11 views

The vulnerability of the built-in software of NETGEAR XR300, R7000P, and R6900P routers lies in the lack of measures to sanitize input data, allowing attackers to execute arbitrary commands.

The vulnerability of NETGEAR XR300, R7000P, and R6900P router’s built-in software lies in the lack of measures for cleaning input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

9.6CVSS8.1AI score0.01667EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/03/04 12:0 a.m.11 views

The vulnerability of the embedded software of NETGEAR’s RAX75, RAX80, RBK752, RBR750, RBS750, RBK852, BR850, and RBS850 routers lies in the lack of measures to sanitize input data. This allows attackers to execute arbitrary commands.

The vulnerability of the embedded software of NETGEAR’s RAX75, RAX80, RBK752, RBR750, RBS750, RBK852, BR850, and RBS850 routers lies in the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

8.4CVSS7.1AI score0.00748EPSS
Exploits0References3Affected Software8
BDU FSTEC
BDU FSTEC
added 2022/03/04 12:0 a.m.11 views

The vulnerability of the server application for managing food manufacturing enterprises AK-EM 800 is related to incorrect default access rights settings, allowing a perpetrator to execute arbitrary codes.

The vulnerability of the server application for managing food manufacturing enterprises AK-EM 800 is related to incorrect default access rights settings. Exploiting this vulnerability could allow an attacker to execute arbitrary code with privileges of SYSTEM...

7.8CVSS6AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/03/04 12:0 a.m.11 views

The vulnerability of the downloadLogFiles function in the industrial food industry management server application AK-EM 800 allows a hacker to execute arbitrary SQL queries.

The vulnerability of the downloadLogFiles function in the industrial food industry management server application AK-EM 800 relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary SQL queries through the...

9.4CVSS6AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/03/04 12:0 a.m.11 views

The vulnerability of NETGEAR’s integrated routing software, including models like RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850, stems from the lack of measures to sanitize input data. This allows attackers to execute arbitrary commands.

The vulnerability of NETGEAR’s integrated routing software, including models like RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850, stems from the lack of measures to sanitize input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

8.4CVSS7.1AI score0.00695EPSS
Exploits0References3Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/02/25 12:0 a.m.11 views

The vulnerability of Google Chrome’s GPU component allows a hacker to execute arbitrary code.

The vulnerability of Google Chrome’s GPU component is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code through a specially created web page...

10CVSS8.1AI score0.00833EPSS
Exploits0References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/02/25 12:0 a.m.11 views

The vulnerability of Microsoft Edge browser, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Edge is related to information representation errors in the user interface. Exploiting this vulnerability can allow a malicious actor to perform spear-phishing attacks remotely...

5.3CVSS6.6AI score0.01573EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/02/16 12:0 a.m.11 views

The vulnerability of the implementation of the twsystem() function in D-Link DIR-882 wireless router software allows a hacker to execute arbitrary commands.

The vulnerability of the twsystem function in D-Link DIR-882 wireless router microprogrammed software is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

10CVSS8.2AI score0.04635EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/02/16 12:0 a.m.11 views

The vulnerability of the msp_info.htm file implementation in D-Link DI-7200G V2.E1 microprogrammable router software allows a hacker to execute arbitrary commands.

The vulnerability of the mspinfo.htm file implementation of the D-Link DI-7200G V2.E1 router microprogramming system is related to insufficient cleaning of input data during the processing of the cmd parameter. Exploiting this vulnerability allows an attacker to execute arbitrary commands remotel...

10CVSS8.1AI score0.03746EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/02/10 12:0 a.m.11 views

The vulnerability of the Windows Event Tracing service, related to the discretionary list of access control (DACL) in the Windows operating system, allows a perpetrator to trigger a service failure.

The vulnerability of the Windows Event Tracing service related to the discretionary access control list DACL of the Windows operating system involves an uncontrolled consumption of resources. Exploiting this vulnerability could allow a perpetrator to cause a service failure...

6.1CVSS7.2AI score0.01506EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/02/07 12:0 a.m.11 views

The driver’s vulnerability related to the functionality of Storage Spaces controllers in Windows operating systems allows attackers to exploit it to increase their privileges. This vulnerability stems from errors in memory object handling.

The vulnerability of the driver for enabling Storage Spaces on Windows operating systems is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

7.8CVSS7.2AI score0.00865EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/02/01 12:0 a.m.11 views

The vulnerability in the web interface for managing Cisco Enterprise Chat and Email allows attackers to perform cross-site scripting attacks.

The vulnerability of the web interface for managing Cisco Enterprise Chat and Email is related to insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created website...

6.4CVSS5.2AI score0.00496EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/01/17 12:0 a.m.11 views

The vulnerability of the comparison library with regular expressions containing ANSI escape codes (Ansi-regex) leads to uncontrolled resource consumption, allowing attackers to cause service failures.

The vulnerability of the comparison library with regular expressions containing ANSI escape codes Ansi-regex is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS6.8AI score0.03304EPSS
Exploits1References8Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/12/22 12:0 a.m.11 views

The vulnerability of the WISE-4060 Ethernet module’s microprogramming software, related to the unencrypted storage of confidential information, allows a perpetrator to gain full access to the device’s configuration files.

The vulnerability of the WISE-4060 Ethernet module’s microprogramming software is related to the unencrypted storage of confidential information. Exploiting this vulnerability could allow an attacker to gain full access to the device’s configuration files...

8.4CVSS5.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/12/20 12:0 a.m.11 views

The vulnerability of the J-Web interface in Junos OS operating systems allows attackers to circumvent security restrictions.

The vulnerability of the J-Web interface in Junos OS operating systems is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass security restrictions from a remote location...

8.3CVSS7.8AI score0.01124EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/12/07 12:0 a.m.11 views

The vulnerability of the Adobe Photoshop Elements graphic editor lies in the ability to write beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Adobe Photoshop Elements relates to writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user, using a specially created file...

7.8CVSS7.8AI score0.01812EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/12/03 12:0 a.m.11 views

The vulnerability of the Windows operating system, related to insecure management of privileges, allows a perpetrator to elevate their privileges.

The vulnerability of the Active Directory Domain Services component in the Windows operating system is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remotely...

9CVSS7.1AI score0.03293EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/12/01 12:0 a.m.11 views

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to memory usage after it is freed. This allows attackers to execute arbitrary code.

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to the use of memory after it is freed. Exploiting these vulnerabilities can allow attackers to execute arbitrary co...

7.8CVSS7.7AI score0.64297EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/11/15 12:0 a.m.11 views

The vulnerability of the Link Layer Discovery Protocol (LLDP) implementation in Cisco IOS and Cisco IOS XE operating systems allows a attacker to cause a service failure.

The vulnerability of the Link Layer Discovery Protocol LLDP implementation in Cisco IOS and Cisco IOS XE operating systems is related to initialization errors. Exploiting this vulnerability allows a malicious actor to cause service failures through the command line interface or by sending special...

6.8CVSS6.5AI score0.01149EPSS
Exploits0References3Affected Software2
Total number of security vulnerabilities5000