Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2022/07/20 12:0 a.m.11 views

The vulnerability of the Rest Phone Apps web interface for controlling IP telephony systems, FreePBX, allows a intruder to execute arbitrary code.

The vulnerability of the Rest Phone Apps web interface for controlling IP telephony systems like FreePBX lies in the ability to inject code into the URL addresses. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS8.5AI score0.21657EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/18 12:0 a.m.11 views

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to memory usage after it is freed. This allows attackers to execute arbitrary code.

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat and Document Cloud, are related to the use of memory after it is freed. Exploiting these vulnerabilities can allow an attacker to execute arbitrary code...

7.8CVSS7.6AI score0.03549EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/07/13 12:0 a.m.11 views

The vulnerability of the SEPCOS Single Package control and protection relay software allows a intruder to modify user credentials and permissions without authentication.

The vulnerability of the SEPCOS Single Package control and protection relay software is related to the improper implementation of the sequence of actions to be performed. Exploiting this vulnerability allows a malicious actor to modify user credentials and permissions without authentication...

9.7CVSS7.7AI score0.01004EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/13 12:0 a.m.11 views

The vulnerability of ASUS RT-AX88U Wi-Fi router’s microprogramming software, related to the use of uncontrolled format strings, allows a hacker to execute arbitrary code.

The vulnerability of ASUS RT-AX88U Wi-Fi router’s microprogramming software is related to the use of uncontrolled format strings. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS8.2AI score0.02597EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.11 views

The vulnerability of the web interfaces of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition SME web interfaces is related to errors in processing the relative path to the directory. Exploiting this vulnerability can allow an attacker operating remotely to gai...

4.3CVSS5.5AI score0.01373EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.11 views

The vulnerability of the `ecdsa_verify_[prepare_]legacy()` command-line tool for ECDSA elliptic curve cryptography, provided by `ecdsautils`, allows a perpetrator to compromise data integrity.

The vulnerability of the ecdsaverifypreparelegacy command-line tool for ECDSA elliptic curve cryptography, provided by ecdsautils, is related to incorrect verification of the cryptographic signature. Exploiting this vulnerability could allow a remote attacker to compromise the integrity of data...

10CVSS7.5AI score0.01038EPSS
Exploits0References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.11 views

The vulnerability of the custom-content-type-manager plugin in the WordPress content management system allows a hacker to execute arbitrary code.

The vulnerability of the custom-content-type-manager plugin in the WordPress content management system is related to improper handling of code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

8.8CVSS7.5AI score0.03214EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.11 views

The vulnerability in the web interfaces of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME), as well as Cisco Unified Communications Manager IM & Presence Service, allows a attacker to execute XSS attacks.

The vulnerability of the Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition SME web interfaces is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability can allow a malicious actor to carry out XSS attacks...

6.4CVSS6.2AI score0.00714EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.11 views

The vulnerability of the Dovecot mail server’s passdb account database allows a hacker to escalate their privileges.

The vulnerability of the Dovecot mail server’s passdb database account database is related to configuration errors. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

6.8CVSS5.5AI score0.01748EPSS
Exploits1References12Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.11 views

The vulnerability of the Elementor Website Builder plugin of the WordPress content management system allows attackers to execute cross-site scripting attacks.

The vulnerability of the Elementor Website Builder plugin of the WordPress content management system is related to insufficient protection of the website’s structure. Exploiting this vulnerability allows a malicious actor to execute cross-site scripting attacks...

6.4CVSS6.2AI score0.2318EPSS
Exploits7References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.11 views

The vulnerability of the `WebCore::TextureMapperLayer::setContentsLayer` function in WebKitGTK and WPE WebKit rendering modules allows a attacker to execute arbitrary code or cause a service denial.

The vulnerability of the WebCore::TextureMapperLayer::setContentsLayer function WebCore/platform/graphics/texmap/TextureMapperLayer.cpp in the rendering modules of WebKitGTK and WPE WebKit is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a...

7.6CVSS7.4AI score0.02158EPSS
Exploits1References7Affected Software15
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.11 views

The vulnerability of the software platform for industrial automation and IoT solutions, Elcomplus SmartICS, is related to errors in processing the relative path to the catalog. This vulnerability allows a perpetrator to disclose protected information and replace arbitrary files.

The vulnerability of the software platform for industrial automation and IoT solutions, Elcomplus SmartICS, is related to errors in processing the relative path to the catalog. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information and replace arbitrary files...

5.5CVSS5.5AI score0.00587EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/08 12:0 a.m.11 views

The vulnerability of InHand Networks InRouter302’s microprogramming software, related to the use of pre-installed credentials, allows a hacker to perform arbitrary actions.

The vulnerability of InHand Networks InRouter302 microprogramming software lies in the use of pre-set credentials. Exploiting this vulnerability allows a remote attacker to perform arbitrary actions...

9CVSS6AI score0.0107EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/08 12:0 a.m.11 views

The vulnerability of the skipwhite() function in the Vim text editor allows a hacker to execute arbitrary code.

The vulnerability of the skipwhite function rc/spell.c in the Vim text editor is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

7.6CVSS7.6AI score0.01411EPSS
Exploits1References10Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/07/08 12:0 a.m.11 views

The vulnerability of the statussupport_diagnostic_tracing.json component of the SerComm h500s router software allows a hacker to execute arbitrary commands.

The vulnerability of the statussupportdiagnostictracing.json component of the SerComm h500s router software exists due to the lack of measures taken to neutralize special elements used in the operating system command. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

10CVSS7.5AI score0.23666EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/04 12:0 a.m.11 views

The vulnerability of the “TabStrip” control implementation in the MSCOMCTL.OCX component of the Microsoft Office software suite, Microsoft SQL Server relational database management system, Microsoft Commerce Server e-commerce software, and Microsoft Visual FoxPro database development environment allows a perpetrator to execute arbitrary code.

The vulnerability of the “TabStrip” control implementation in the MSCOMCTL.OCX component of the Microsoft Office software, the Microsoft SQL Server relational database management system, the Microsoft Commerce Server e-commerce software, and the Microsoft Visual FoxPro database development...

9.6CVSS6.5AI score0.72119EPSS
Exploits1References10Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/07/01 12:0 a.m.11 views

Vulnerability of the `bn_reduce_once_in_place` function in the OpenSSL library, allowing a hacker to execute arbitrary code

The vulnerability of the bnreduceonceinplace function in the OpenSSL library is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.5AI score0.44881EPSS
Exploits3References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/27 12:0 a.m.11 views

The vulnerability of the Tools and Frameworks component of the Oracle Commerce Guided Search system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Tools and Frameworks component of the Oracle Commerce Guided Search system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information through HTTP...

7.8CVSS7.2AI score0.01785EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/27 12:0 a.m.11 views

The vulnerability of the Core component in Oracle VM VirtualBox allows a hacker to modify data or gain privileged access to the infrastructure.

The vulnerability of the Core component in Oracle VM VirtualBox exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to modify, add, or delete data, or gain privileged access to the infrastructure...

3.8CVSS6.3AI score0.00354EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/27 12:0 a.m.11 views

The vulnerability of the Navigation Pages, Portal, and Query components of the Oracle PeopleSoft Enterprise PeopleTools business application allows a perpetrator to gain access to read data or modify data.

The vulnerability of the Navigation Pages, Portal, and Query components in Oracle PeopleSoft Enterprise PeopleTools exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to data or modify data using HTTP reques...

6.1CVSS6.8AI score0.00771EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/27 12:0 a.m.11 views

The vulnerability of Microsoft’s Windows Remote Credential Guard system allows attackers to circumvent security restrictions and enhance their privileges.

The vulnerability of Microsoft’s Windows Remote Credential Guard security feature is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain increased privileges...

7.5CVSS7.3AI score0.03259EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/06/27 12:0 a.m.11 views

The vulnerability of the communication modules of H0-ECOM and H0-ECOM100 Ethernet-controllers from DirectLOGIC, related to the transmission of data in an open manner, allows a intruder to gain unauthorized access to the device.

The vulnerability of the communication modules of H0-ECOM and H0-ECOM100 Ethernet controllers from DirectLOGIC lies in the transmission of data in an open manner. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to the device by receiving a password packet in ...

7.8CVSS8AI score0.00621EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/06/21 12:0 a.m.11 views

The vulnerability of the Microsoft .NET Framework software platform, related to improper cleaning or release of resources, allows a perpetrator to cause a service failure.

The vulnerability of the Microsoft .NET Framework software platform is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

7.8CVSS7.3AI score0.0328EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/06/21 12:0 a.m.11 views

The vulnerability of the NCIE Scanner module in Trend Micro Security’s antivirus protection allows a hacker to exploit it to disclose protected information.

The vulnerability of the NCIE Scanner module in Trend Micro Security antivirus tools is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow attackers to disclose protected information...

7.3CVSS6.8AI score0.00333EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/06/15 12:0 a.m.11 views

The vulnerability of the print spooler daemon on Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the Windows Print Spooler in operating systems related to Windows printing is related to insecure management of privileges. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.3AI score0.0078EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/06/14 12:0 a.m.11 views

The vulnerability of the StreamingCoordinatorController.java component of the Kylin data processing platform allows attackers to perform SSRF attacks.

The vulnerability of the StreamingCoordinatorController.java component /kylin/api/streamingcoordinator/ in the Kylin data processing platform is related to insufficient validation of incoming requests. Exploiting this vulnerability allows a malicious actor to perform SSRF attacks using a speciall...

7.5CVSS7.2AI score0.02557EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/14 12:0 a.m.11 views

The vulnerability of the Win32 Stream Enumeration component in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Win32 Stream Enumeration component in Windows operating systems is related to improper code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.6CVSS7.8AI score0.01604EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/06/07 12:0 a.m.11 views

The vulnerability of D-Link DIR-878 wireless routers’ microprogramming software lies in the lack of measures to neutralize specific elements within it. This allows attackers to execute arbitrary commands or trigger service failures.

The vulnerability of D-Link DIR-878 wireless routers’ microprogramming software exists due to the lack of measures taken to neutralize the special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands or cause...

8.8CVSS7.9AI score0.01527EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/05/06 12:0 a.m.11 views

Vulnerability of the Cluster component: The general database management system of Oracle MySQL Cluster allows a hacker to gain full control over the application.

Vulnerability of the Cluster component: The general system for managing databases in Oracle MySQL Cluster is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to gain full control over the application through various network protocols...

6.5CVSS6.6AI score0.03079EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/27 12:0 a.m.11 views

The vulnerability of the executable file wpsupdater.exe of the WPS Office office software allows a hacker to execute arbitrary code.

The vulnerability of the WPS Office office software’s executable file, wpsupdater.exe, is related to improper input validation in wpsupdater.exe. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.4AI score0.2047EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/27 12:0 a.m.11 views

The vulnerability of the implementations of the QuerySet.annotate(), aggregate(), and extra() methods in the Django web application framework allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the implementation of the QuerySet.annotate, aggregate, and extra methods in the Django software platform is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality,...

10CVSS6.6AI score0.18516EPSS
Exploits3References10Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/04/21 12:0 a.m.11 views

The vulnerability in the web interface of the Cisco Common Services Platform Collector, a tool for collecting information about devices in the network, allows attackers to perform cross-site scripting (XSS) attacks.

The vulnerability in the web interface of the Cisco Common Services Platform Collector device for collecting information about devices in the network is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow attackers to perform cross-sit...

6.7CVSS5.7AI score0.00699EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/21 12:0 a.m.11 views

The vulnerability of the update module for microprogramming software of Cisco Small Business routers such as RV160, RV160W, RV260, RV260P, RV260W, RV340, RV340W, RV345, and RV345P arises from improper verification of the certificate authenticity. This allows a malicious actor to load arbitrary software images.

The vulnerability of the update module for microprogramming software of Cisco Small Business routers such as RV160, RV160W, RV260, RV260P, RV260W, RV340, RV340W, RV345, and RV345P is related to improper verification of the certificate authenticity. Exploiting this vulnerability allows a malicious...

5.4CVSS6.6AI score0.02297EPSS
Exploits0References3Affected Software9
BDU FSTEC
BDU FSTEC
added 2022/04/21 12:0 a.m.11 views

The vulnerability in the web interface of the Cisco Prime Service Catalog management tool allows a hacker to disclose protected information.

The vulnerability of the Cisco Prime Service Catalog management web interface is related to the lack of protection for operational data. Exploiting this vulnerability could allow a malicious actor to disclose the protected information remotely...

4.3CVSS6.5AI score0.01084EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/04/21 12:0 a.m.11 views

The vulnerability of the NETCONF protocol implementation in Cisco SD-WAN vEdge software allows a attacker to cause service failure or trigger an emergency shutdown of the application.

The vulnerability of the NETCONF protocol implementation in Cisco SD-WAN vEdge software lies in the uncontrolled memory consumption. Exploiting this vulnerability could allow an attacker to cause service failures or trigger an emergency shutdown of the application...

5.5CVSS5.9AI score0.00194EPSS
Exploits0References2Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/04/20 12:0 a.m.11 views

The vulnerability of the interactive graphical SCADA system, Interactive Graphical SCADA System (IGSS), arises from buffer overflows in the stack, allowing an intruder to execute arbitrary code.

The vulnerability of the interactive graphical SCADA system, Interactive Graphical SCADA System IGSS, arises due to overflow of the buffer on the stack. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created message...

10CVSS8.4AI score0.44559EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/12 12:0 a.m.11 views

The vulnerability of Adobe Premiere Elements’ video editing software, related to the manipulation of the null pointer, allows a hacker to trigger a service failure.

The vulnerability of Adobe Premiere Elements software-related video editing programs is related to the handling of the null pointer. Exploiting this vulnerability could allow a malicious actor to cause service failures...

5.5CVSS5.9AI score0.01104EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/04/06 12:0 a.m.11 views

The vulnerability of the decoder for MPEG-4 multimedia platform GPAC allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the decoder for MPEG-4 multimedia platform GPAC is related to the lack of verification for the result of the addition arithmetic operation. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity, and cause service...

9.3CVSS7.6AI score0.01656EPSS
Exploits1References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/04/05 12:0 a.m.11 views

The vulnerability of the `doc` module in the Icinga Web 2 PHP framework allows a hacker to gain access to confidential data.

The vulnerability of the doc module in the Icinga Web 2 PHP framework is related to deficiencies in pathname restrictions for directories. Exploiting this vulnerability allows an attacker to gain access to confidential data...

6.3CVSS5.9AI score0.01306EPSS
Exploits1References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/04/05 12:0 a.m.11 views

The vulnerability of the ilst_item_Read function in the box_code_apple.c component of the GPAC multimedia platform allows a hacker to trigger a service failure.

The vulnerability of the ilstitemRead function in the boxcodeapple.c component of the GPAC multimedia platform is related to pointer dereferencing errors. Exploiting this vulnerability allows an attacker to cause service failures...

7.1CVSS5.9AI score0.008EPSS
Exploits1References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/04/05 12:0 a.m.11 views

The vulnerability of the gf_odf_desc_copy function in the MP4Box tool of the GPAC multimedia platform allows a perpetrator to cause a service failure.

The vulnerability of the gfodfdesccopy function in the MP4Box tool of the GPAC multimedia platform is related to pointer assignment errors. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a specially created file...

7.1CVSS6.6AI score0.00868EPSS
Exploits1References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/04/04 12:0 a.m.11 views

The vulnerability of the software for designing and configuring the Connected Components Workbench (CCW) from Rockwell Automation, related to the restoration of unreliable data in memory, allows a hacker to execute arbitrary code.

The vulnerability of the software used for designing and configuring the Connected Components Workbench CCW from Rockwell Automation lies in the ability to restore unreliable data in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

8.6CVSS7.9AI score0.0281EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/03/28 12:0 a.m.11 views

The vulnerability of the Microsoft App Installer, related to bypassing authentication through spoofing, allows attackers to carry out spoofing attacks.

The vulnerability of the Microsoft App Installer relates to the bypassing of authentication processes through spoofing. Exploiting this vulnerability allows a malicious actor to carry out spoofing attacks using a specially created malware package...

7.6CVSS7.8AI score0.10295EPSS
Exploits1References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/03/18 12:0 a.m.11 views

The vulnerability of the MediaStream component in Google Chrome and Microsoft Edge browsers allows attackers to gain unauthorized access to protected information.

The vulnerability of the MediaStream component in Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.3CVSS7.7AI score0.00664EPSS
Exploits0References10Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/03/11 12:0 a.m.11 views

The vulnerability of the PTC Axeda platform for creating and deploying corporate-level applications lies in its ability to send XML messages, allowing a hacker to gain full control over the operating system.

The vulnerability of the PTC Axeda platform for creating and deploying corporate-level applications is related to the use of strictly encrypted login credentials during the installation of UltraVNC. Exploiting this vulnerability can allow a malicious actor to gain full control over the operating...

10CVSS5.5AI score0.01737EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/03/09 12:0 a.m.11 views

The vulnerability of the Local Security Authority Subsystem Service (LSASS) in the Microsoft Windows operating system allows a perpetrator to disclose protected information.

The vulnerability of the Local Security Authority Subsystem Service LSASS in the Microsoft Windows operating system relates to the disclosure of information in the erroneous data area. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

6.8CVSS6.9AI score0.03246EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/03/09 12:0 a.m.11 views

The vulnerability of Google Chrome’s SwiftShader component allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of Google Chrome’s SwiftShader component relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information through a specially crafted HTML page...

9.3CVSS7.8AI score0.01208EPSS
Exploits0References11Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/03/09 12:0 a.m.11 views

The vulnerability of NETGEAR’s integrated router software, including models R6400, R6400v2, R6700v3, R7000, R6900P, R7000P, and R8000, stems from the lack of measures to sanitize input data. This allows attackers to execute arbitrary commands.

The vulnerability of the embedded software of NETGEAR routers such as R6400, R6400v2, R6700v3, R7000, R6900P, R7000P, and R8000 lies in the lack of measures for cleaning incoming data. Exploiting this vulnerability can allow a remote attacker to execute arbitrary commands...

8.4CVSS7.1AI score0.00631EPSS
Exploits0References3Affected Software7
BDU FSTEC
BDU FSTEC
added 2022/03/09 12:0 a.m.11 views

The vulnerability of the Canvas component in Google Chrome and Microsoft Edge browsers allows attackers to disclose protected information.

The vulnerability of the Canvas component in Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to disclose sensitive information...

7.8CVSS7.1AI score0.00953EPSS
Exploits0References7Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/03/05 12:0 a.m.11 views

The vulnerability of NETGEAR’s integrated routing software, including models like RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850, stems from the lack of measures to sanitize input data. This allows attackers to execute arbitrary commands.

The vulnerability of NETGEAR’s integrated routing software, including models like RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850, stems from the lack of measures to sanitize input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

8.4CVSS7.1AI score0.0058EPSS
Exploits0References3Affected Software6
Total number of security vulnerabilities5000