Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2021/07/06 12:0 a.m.11 views

The vulnerability of the `inotify_update_existing_watch()` function in the Linux kernel’s `fs/notify/inotify/inotify_user.c` file, related to a lack of memory release mechanism, allows a malicious actor to trigger a service failure.

The vulnerability of the inotifyupdateexistingwatch function in the fs/notify/inotify/inotifyuser.c file of the Linux operating system’s kernel is related to a lack of memory release mechanism. Exploiting this vulnerability allows an attacker to trigger a service failure...

5.5CVSS6.5AI score0.00417EPSS
Exploits0References17Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.11 views

The vulnerability of the Lodash application library of Aurora Center lies in the failure to take measures to neutralize special elements used in the operating system’s command set, allowing attackers to execute arbitrary commands.

The vulnerability of the Lodash application library in Aurora Software Solutions relates to the failure to take measures to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

7.2CVSS7.3AI score0.2241EPSS
Exploits2References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.11 views

The vulnerability of the yargs-parser library in application software of Aurora Center involves uncontrolled changes to object prototypes’ attributes, allowing attackers to execute “prototype pollution” attacks.

The vulnerability of the yargs-parser library in application software developed by Avora Center relates to uncontrolled changes to object prototypes’ attributes. Exploiting this vulnerability could allow a malicious actor to execute a “prototype compromise” attack...

5.3CVSS6.8AI score0.00514EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/04 12:0 a.m.11 views

The vulnerability of the application development module for HMI Window Maker in Wonderware InTouch systems arises from copying buffers without checking the size of the input data. This allows a malicious actor to trigger an emergency shutdown of the system.

The vulnerability of the application development module for HMI Window Maker in Wonderware InTouch SCADA systems relates to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to cause damage to multiple stack frames and re-write...

2.9CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/02 12:0 a.m.11 views

The vulnerability of the Exim message transfer agent, related to privilege management errors, allows a hacker to elevate their privileges within the system.

The vulnerability of the Exim message transfer agent is related to privilege management errors. Exploiting this vulnerability can allow an attacker to elevate privileges within the system by sending the file’s PID...

6.1CVSS7.3AI score0.00948EPSS
Exploits1References16Affected Software6
BDU FSTEC
BDU FSTEC
added 2021/05/19 12:0 a.m.11 views

The vulnerability of Linux operating system’s kernel-based PI futex components, which allows a hacker to execute arbitrary code at the kernel level

The vulnerability of Linux operating system’s kernel PI futexes relates to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to execute arbitrary code at the kernel level...

7.8CVSS7AI score0.01377EPSS
Exploits1References28Affected Software6
BDU FSTEC
BDU FSTEC
added 2021/05/12 12:0 a.m.11 views

The vulnerability of the Apache OFBiz resource planning software lies in its ability to restore unreliable data in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Apache OFBiz’s resource planning software lies in its ability to restore unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted request...

9CVSS8.2AI score0.81079EPSS
Exploits2References10Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/05/12 12:0 a.m.11 views

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Core component of the Oracle VM VirtualBox software is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

6CVSS6.7AI score0.00351EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/05/05 12:0 a.m.11 views

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Core component of the Oracle VM VirtualBox software lies in insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

7.1CVSS6.8AI score0.00373EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/05/05 12:0 a.m.11 views

The vulnerability of Microprogramming Software for Cisco Adaptive Security Appliance Software (ASA) and Cisco Firepower Threat Defense (FTD) relates to writing beyond the buffer boundaries, allowing attackers to trigger a system reboot or cause service failure.

The vulnerability of Microprogrammed Network Interface Software of Cisco Adaptive Security Appliance Software ASA and Cisco Firepower Threat Defense FTD is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow a malicious actor to trigger a system reboot or caus...

8.6CVSS7.4AI score0.01656EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/04/06 12:0 a.m.11 views

The vulnerability of Containerd’s execution environment, related to the lack of a mechanism for storing registration data, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of Containerd’s execution environment is related to improper processing of the image manifest file. Exploiting this vulnerability allows a remote attacker to gain unauthorized access to protected information...

6.1CVSS6.6AI score0.02209EPSS
Exploits1References11Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/04/06 12:0 a.m.11 views

The vulnerability of the Node.js software platform, related to a bug in the resource consumption monitoring mechanism, allows a hacker to trigger a service failure.

The vulnerability of the Node.js software platform is related to the improper handling of a large number of requests sent to the unknownProtocol. Exploiting this vulnerability allows an attacker who operates remotely to cause service failures...

7.8CVSS6.9AI score0.77385EPSS
Exploits0References7Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/04/06 12:0 a.m.11 views

The vulnerability of the Node.js software platform, related to the presence of localhost6 in the white list, allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Node.js software platform is related to the presence of localhost6 in the white list. Exploiting this vulnerability allows a remote attacker to access confidential data, compromise its integrity, and cause service failures...

7.5CVSS6.9AI score0.32362EPSS
Exploits1References12Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/03/30 12:0 a.m.11 views

The vulnerability of the Google Chrome browser’s presentation API involves the use of a memory area after it is freed. This allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Google Chrome browser’s presentation API relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service interruptions...

9.3CVSS7.7AI score0.02296EPSS
Exploits0References11Affected Software6
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.11 views

The vulnerability of the Magento Commerce software development and management platform lies in its lack of measures to neutralize special elements used in the operating system, allowing attackers to execute arbitrary code.

The vulnerability of the Magento Commerce software development and management platform is related to the lack of measures taken to neutralize special elements used in the operating system. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8CVSS7.8AI score0.02863EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.11 views

The vulnerability of the Windows Console Driver component of the Windows operating system, which allows a hacker to trigger a service failure

The vulnerability of the Windows Console Driver component of the operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

6.8CVSS5.9AI score0.01516EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.11 views

The vulnerability of the CheckList component of the Joomla! content management system allows a hacker to execute arbitrary SQL commands.

The vulnerability of the CheckList component in the Joomla! content management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...

10CVSS8.2AI score0.08708EPSS
Exploits5References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.11 views

The vulnerability of the executable file FortiClientOnlineInstaller.exe, a security tool from Fortinet’s FortiClient for Windows, allows a perpetrator to execute arbitrary code.

The vulnerability of the installation file FortiClientOnlineInstaller.exe, a security tool from Fortinet’s FortiClient for Windows, is related to errors in the path validation mechanism. Exploiting this vulnerability could allow an attacker to execute arbitrary code using specially uploaded DLL...

7.8CVSS7.1AI score0.00604EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.11 views

The vulnerabilities of the 3D model rendering software programs Luxion KeyShot, Luxion KeyShot Viewer, Luxion KeyShot Network Rendering, and Luxion KeyVR allow attackers to execute arbitrary code.

The vulnerabilities of the 3D model rendering software programs Luxion KeyShot, Luxion KeyShot Viewer, Luxion KeyShot Network Rendering, and Luxion KeyVR are related to pointer assignment errors. Exploiting these vulnerabilities can allow attackers to execute arbitrary code...

7.8CVSS7.6AI score0.02164EPSS
Exploits0References3Affected Software4
BDU FSTEC
BDU FSTEC
added 2021/02/08 12:0 a.m.11 views

The vulnerability of the Windows operating system’s kernel, related to insecure management of privileges, allows attackers to elevate their own privileges.

The vulnerability of the Windows operating system’s kernel is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7.8CVSS7.1AI score0.00647EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/02/08 12:0 a.m.11 views

The vulnerability in the vManage web interface of the software-defined Cisco SD-WAN network allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the vManage web interface of the Cisco SD-WAN program-defined network is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...

6.8CVSS6.5AI score0.0141EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/08 12:0 a.m.11 views

The vulnerability of the components of the Cisco Email Security Appliance, a system for email security management, and the Cisco Content Security Management Appliance, a system for content security management, as well as the Cisco Web Security Appliance, an internet gateway, allows attackers to gain unauthorized access to protected information.

The vulnerability of the components of the Cisco Email Security Appliance, the Cisco Content Security Management Appliance, and the Cisco Web Security Appliance involves a lack of authentication token requirements. Exploiting this vulnerability can allow an attacker to gain unauthorized access to...

5.3CVSS5.9AI score0.01142EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2021/01/26 12:0 a.m.11 views

The vulnerability of the Windows file system filter driver allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Windows file system filter driver is related to the disclosure of information. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

5.5CVSS5.9AI score0.01201EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2020/12/03 12:0 a.m.11 views

The vulnerability of the expand_downwards and expand_upwards functions (mm/mmap.c) in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the expanddownwards and expandupwards functions in Linux kernel systems is related to errors during multi-threaded tasks race conditions. Exploiting this vulnerability can allow an attacker to cause service failures...

7CVSS6.4AI score0.0045EPSS
Exploits1References17Affected Software2
BDU FSTEC
BDU FSTEC
added 2020/12/03 12:0 a.m.11 views

The vulnerability of the show_numa_stats() function in the NUMA-enabled kernel of Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the shownumastats function in Linux NUMA cores relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.3CVSS6.4AI score0.00313EPSS
Exploits0References13Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/12/01 12:0 a.m.11 views

The vulnerability of the SSL/TLS module of Cisco Adaptive Security Appliance’s network firewall allows a attacker to cause a service failure.

The vulnerability of the SSL/TLS module of the Cisco Adaptive Security Appliance software lies in errors during initialization of pointers. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

8.6CVSS5.5AI score0.00883EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/11/24 12:0 a.m.11 views

The vulnerability of Intel Quartus Prime’s automated design system for Intel(R) 50GbE IP Core lies in an unprocessed exception that allows a hacker to trigger a service failure.

The vulnerability of Intel Quartus Prime’s automated design system for IntelR 50GbE IP Core relates to an unprocessed exception. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

4.4CVSS5.9AI score0.00271EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/10/29 12:0 a.m.11 views

The vulnerability of the Samba file system arises from an incorrect limitation on the path to the restricted access directory. This allows a malicious user to gain access to files and directories beyond the SMB network paths.

The vulnerability of the Samba file system exists due to an incorrect limitation on the path name for the restricted access directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to files and directories beyond the boundaries of the SMB network...

7.1CVSS6.2AI score0.03515EPSS
Exploits0References7Affected Software6
BDU FSTEC
BDU FSTEC
added 2020/10/29 12:0 a.m.11 views

The vulnerability of the Windows Codecs Library component in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Windows Codecs Library component in Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.9AI score0.03593EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/10/29 12:0 a.m.11 views

The vulnerability of the Camera Codec Pack component of the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the Camera Codec Pack component of the Windows operating system is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created file...

7.8CVSS8AI score0.03871EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/09/02 12:0 a.m.11 views

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to memory usage after it is freed. This allows attackers to execute arbitrary code.

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to the use of memory after it is freed. Exploiting these vulnerabilities can allow an attacker to execute arbitrary...

10CVSS7.9AI score0.48441EPSS
Exploits2References3
BDU FSTEC
BDU FSTEC
added 2020/08/28 12:0 a.m.11 views

The vulnerability of the Windows Media Foundation component in Windows operating systems allows attackers to gain privileges to install programs, view, modify, or delete data, as well as create new user accounts with full user rights.

The vulnerability of the Windows Media Foundation component in Windows operating systems arises from operations that occur outside the buffer in memory. Exploiting this vulnerability can allow attackers to gain control over programs, access data, modify or delete data, and create new user account...

7.8CVSS7.4AI score0.02678EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2020/08/12 12:0 a.m.11 views

The vulnerability of the Linux operating system’s kernel, related to the use of memory after it is freed, allows a hacker to cause a service failure.

The vulnerability in the drivers/net/slip/slip.c and drivers/net/can/slcan.c files of the Linux operating system relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...

4.7CVSS6.5AI score0.00321EPSS
Exploits0References16Affected Software3
BDU FSTEC
BDU FSTEC
added 2020/07/31 12:0 a.m.11 views

The vulnerability of the br.com.anteros.dbcp.AnterosDBCPConfig Java library for JSON file parsing with Jackson-Databind, which allows attackers to cause a service failure.

The vulnerability of the br.com.anteros.dbcp.AnterosDBCPConfig Java library for JSON file parsing involving Jackson-Databind is related to the restoration of unreliable data in memory. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

9.8CVSS7.4AI score0.18345EPSS
Exploits0References16Affected Software37
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.11 views

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015/Reader 2015 involve reading beyond the buffer in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 are related to reading data beyond the buffer in memory. Exploiting these vulnerabilities can...

7.1CVSS7.7AI score0.03181EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.11 views

The vulnerability of the Segment component in the Oracle Retail Customer Management and Segmentation software application allows a hacker to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Segment component in Oracle Retail Customer Management and Segmentation Foundation software relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker operating remotely to modify, add, or delete data, or gain unauthorized access...

5.5CVSS6.6AI score0.00799EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.11 views

The vulnerability of the Discovery and collection script component of the Oracle Configuration Manager software, which is used for collecting configuration information about client configurations. This vulnerability allows an attacker to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Discovery and collection script component of the Oracle Configuration Manager software lies in insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to modify, add, or delete data, or gain unauthorized access to...

7.5CVSS7.2AI score0.01112EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.11 views

The vulnerability of the Investor Module component of the Primavera Portfolio Management software, a software solution for automating management processes in production operations, allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Investor Module component of Primavera Portfolio Management software exists due to insufficient verification of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or gain unauthorized access to protected...

6.4CVSS6.9AI score0.00962EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.11 views

The vulnerability of the JVMCI Interpreter component in the Oracle GraalVM Enterprise Edition virtual machine allows a perpetrator to compromise the confidentiality, integrity, or accessibility of protected information.

The vulnerability of the JVMCI Interpreter component in the Oracle GraalVM Enterprise Edition virtual machine is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, or accessibility of protected...

9CVSS7.3AI score0.01485EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.11 views

The vulnerability of the Oracle Application Express component of the Oracle Database Server database management system allows attackers to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Oracle Application Express component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to modify, add, or delete data, or gain unauthorized access t...

5.5CVSS6.9AI score0.00688EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.11 views

The vulnerability of the Oracle Application Express component of the Oracle Database Server database management system allows attackers to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Oracle Application Express component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized acces...

5.5CVSS6.9AI score0.00661EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.11 views

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015/Reader 2015 involve reading beyond the buffer in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 are related to reading data beyond the buffer in memory. Exploiting these vulnerabilities can...

7.8CVSS7.7AI score0.03EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2020/07/24 12:0 a.m.11 views

The vulnerability of AppX Deployment Extensions in Windows operating systems allows attackers to enhance their privileges.

The vulnerability of AppX Deployment Extensions in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created application...

7.8CVSS7.2AI score0.00739EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/07/21 12:0 a.m.11 views

The vulnerability of the Cisco Webex Meetings Server and Cisco Webex Meetings software lies in the lack of proper validation of input data, allowing attackers to alter the content of web pages.

The vulnerability of Cisco Webex Meetings Server and Cisco Webex Meetings software exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to alter the content of web pages from a remote location...

5CVSS5.5AI score0.01212EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2020/07/17 12:0 a.m.11 views

The vulnerability in the Microsoft Edge browser extension allows a hacker to enhance their privileges.

The vulnerability of the Microsoft Edge browser’s “Feedback” extension is related to insecure handling of privileges. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

7.1CVSS5.8AI score0.02545EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/17 12:0 a.m.11 views

The vulnerability of the Agent Activation Runtime service in the Windows operating system allows a perpetrator to disclose protected information.

The vulnerability of the Agent Activation Runtime service in the Windows operating system exists due to object handling errors in memory. Exploiting this vulnerability can allow an attacker to disclose sensitive information through a specially created application...

5.5CVSS6.2AI score0.01224EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2020/07/09 12:0 a.m.11 views

The vulnerability of the gf_text_get_utf8_line function in the multimedia platform GPAC, related to writing beyond buffer boundaries, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the gftextgetutf8line function on the multimedia platform GPAC is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS7.5AI score0.01411EPSS
Exploits1References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2020/07/03 12:0 a.m.11 views

The vulnerability of the software update service for Cisco Webex Meetings Desktop App allows a perpetrator to execute arbitrary code.

The vulnerability of the software update service for the Cisco Webex Meetings Desktop App is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

7.6CVSS7.6AI score0.04117EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/06/26 12:0 a.m.11 views

The vulnerability of the PDF Reader component of the Microsoft Edge browser, which allows a hacker to execute arbitrary code.

The vulnerability of the Windows operating system’s PDF library, specifically Microsoft Edge browsers, arises due to an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created Microsoft...

7.6CVSS7.2AI score0.07082EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/06/19 12:0 a.m.11 views

The vulnerability of the ntp_sync.cgi component of the D-Link DIR-825 router’s microprogramming system allows a hacker to execute arbitrary commands.

The vulnerability of the ntpsync.cgi component of the D-Link DIR-825 router’s microprogramming system is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary commands...

9CVSS8.3AI score0.18327EPSS
Exploits1References3Affected Software1
Total number of security vulnerabilities5000