Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2022/11/23 12:0 a.m.11 views

The vulnerability of Websoft HCM’s automation software for HR processes lies in the incorrect expiration time of sessions. This allows attackers to reuse the session credentials to access user information.

The vulnerability of Websoft HCM’s automation software for HR processes is related to incorrect session duration settings. Exploiting this vulnerability allows a malicious actor to repeatedly use session credentials to access user information...

5.9CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/11/22 12:0 a.m.11 views

The vulnerability of the htx_add_header function in the include/haproxy/htx.h component of HAProxy’s server software allows a attacker to compromise data integrity.

The vulnerability of the htxaddheader function in the include/haproxy/htx.h component of HAProxy server software is related to integer overflow. Exploiting this vulnerability allows a remote attacker to compromise data integrity...

7.8CVSS7.6AI score0.57934EPSS
Exploits6References11Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/11/22 12:0 a.m.11 views

The vulnerability in the `create_unbound_ad_servers.sh` component relates to the Unbound DNS server, allowing a attacker to compromise data integrity.

The vulnerability of the createunboundadservers.sh script, executed by the Unbound DNS server, is related to insufficient elimination of certain elements in the request. Exploiting this vulnerability allows a remote attacker to compromise the integrity of data...

7.1CVSS6.8AI score0.01339EPSS
Exploits0References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/11/21 12:0 a.m.11 views

The vulnerability of Windows operating system DHCP clients, related to insecure management of privileges, allows attackers to elevate their own privileges.

The vulnerability of the Windows operating system’s DHCP client is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7.8CVSS7.2AI score0.00542EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/11/21 12:0 a.m.11 views

The vulnerability of the Cisco AsyncOS operating system in the Cisco Email Security Appliance (ESA) security system allows a perpetrator to trigger a service failure.

The vulnerability of the Cisco AsyncOS operating system in the Cisco Email Security Appliance ESA security system is related to errors in the certificate validation process. Exploiting this vulnerability could allow a malicious actor to cause service interruptions by establishing a large number o...

7.8CVSS7.2AI score0.00778EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/11/21 12:0 a.m.11 views

The vulnerability of the compatibility subsystem’s kernel allows for the execution of Linux applications. The Windows Subsystem for Linux (WSL2) and the Azure IoT Edge for Linux on Windows (EFLOW) environment enable attackers to enhance their privileges.

The vulnerability of the compatibility subsystem’s kernel for running Linux applications is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to gain increased privileges...

7CVSS7.2AI score0.00322EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/11/21 12:0 a.m.11 views

The vulnerability of the Home Network Administration Protocol (HNAP) implementation in D-Link DIR-1935 router microsoftware allows a attacker to execute arbitrary code.

The vulnerability of the Home Network Administration Protocol HNAP implementation in D-Link DIR-1935 router microprogramming software lies in the copying of a buffer without checking the size of the input data during the processing of the HNAPAUTH header. Exploiting this vulnerability allows an...

8.8CVSS8.2AI score0.01006EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/11/17 12:0 a.m.11 views

The vulnerability of the Microsoft ODBC driver for Microsoft Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft ODBC driver for Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.1AI score0.01436EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/11/16 12:0 a.m.11 views

The vulnerability of the RTSP-based microprogramming software for IP cameras such as VPort P16-1MP-M12, VPort P16-1MP-M12-IR, and VPort P06-1MP-M12 allows a intruder to cause service failure.

The vulnerability of the RTSP-based microprogramming software for IP cameras such as VPort P16-1MP-M12, VPort P16-1MP-M12-IR, and VPort P06-1MP-M12 lies in the handling of the zero pointer. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

7.8CVSS5.5AI score
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/11/15 12:0 a.m.11 views

The vulnerability of the WDAC OLE DB driver for SQL Server on the Windows operating system allows a hacker to execute arbitrary code or perform arbitrary actions.

The vulnerability of the WDAC OLE DB driver for SQL Server on the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or perform unauthorized actions remotely...

10CVSS8.1AI score0.01476EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/11/15 12:0 a.m.11 views

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to access to resources through incompatible types. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8AI score0.00617EPSS
Exploits0References8Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/10/04 12:0 a.m.11 views

The vulnerability of the OGNL expression transformation class implementation in the Apache Struts software platform allows a hacker to execute arbitrary code.

The vulnerability of the OGNL expression transformation class implementation in the Apache Struts software framework is related to improper code generation management. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially crafted request...

9.6CVSS8.2AI score0.70211EPSS
Exploits1References6Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/09/30 12:0 a.m.11 views

The vulnerability of the Video microprogramming system component in Qualcomm’s embedded chips allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the Video microprogramming software component in Qualcomm’s embedded chips lies in the copying of buffers without checking the size of the input data during the processing of .ps video files. Exploiting this vulnerability can allow an attacker to cause service failures or...

7.5CVSS8AI score0.00321EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/09/12 12:0 a.m.11 views

The vulnerability of the driver vmwgfx (drivers/gpu/vmxgfx/vmxgfx_kms.c) in the Linux operating system allows a hacker to increase their privileges or cause service failures.

The vulnerability of the vmwgfx driver drivers/gpu/vmxgfx/vmxgfxexecbuf.c in the Linux operating system is related to pointer swapping errors. Exploiting this vulnerability can allow an attacker to increase their privileges or cause service failures...

5.5CVSS6.4AI score0.0059EPSS
Exploits0References35Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/09/07 12:0 a.m.11 views

The vulnerability of extension XEP-0308: Last Message Correction for the Jabber/XMPP client Gajim, which allows a violator to trigger a service failure.

The vulnerability of extension XEP-0308, “Last Message Correction” for the Jabber/XMPP client Gajim, is related to insufficient validation of input data during the verification of message identifiers in a multi-user chat. Exploiting this vulnerability can allow a malicious actor, operating...

7.8CVSS7.2AI score0.01518EPSS
Exploits1References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/09/07 12:0 a.m.11 views

The vulnerability of the RPKI validator OctoRPKI, related to insufficient validation of input data, allows a violator to trigger a service failure.

The vulnerability of the RPKI validator OctoRPKI is related to the use of a zero value during the generation of Route Origin Authorisations. Exploiting this vulnerability could allow a malicious actor to cause a service failure...

5.4CVSS7.2AI score0.01255EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/09/07 12:0 a.m.11 views

The vulnerability of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 allows a hacker to induce a service failure.

The vulnerability of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 routers lies in the copying of buffers without checking the size of the input data during the processing of the telnetatemonitor file. Exploiting this vulnerability could allow an attacker to...

9.6CVSS7.7AI score0.01088EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2022/09/07 12:0 a.m.11 views

The vulnerability of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 allows a hacker to execute arbitrary code.

The vulnerability of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 lies in the copying of buffers without checking the size of the input data during the processing of the pann file. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

9.6CVSS8.1AI score0.01088EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2022/09/05 12:0 a.m.11 views

The vulnerability of the ActiveX control on the SCADA server of Measuresoft ScadaPro Server allows a intruder to execute arbitrary code.

The vulnerability of the ActiveX control in the SCADA server of Measuresoft ScadaPro Server relates to reading data outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

7.8CVSS7.8AI score0.00294EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/09/05 12:0 a.m.11 views

The vulnerability of the Microsoft Visual Studio software development tool and the Microsoft.NET Framework software platform lies in improper cleaning or release of resources, allowing a perpetrator to cause service failures.

The vulnerability of the Microsoft Visual Studio software development tool and the Microsoft.NET Framework software platform is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

7.8CVSS7.1AI score0.04763EPSS
Exploits0References3Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/09/05 12:0 a.m.11 views

The vulnerability of the ActiveX control on the SCADA server of Measuresoft ScadaPro Server allows a intruder to execute arbitrary code.

The vulnerability of the ActiveX control in the SCADA server of Measuresoft ScadaPro Server is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.8CVSS7.6AI score0.0031EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/09/05 12:0 a.m.11 views

The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business RV110W, RV130, RV130W, and RV215W allows a perpetrator to execute arbitrary commands or cause service failures.

The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business RV110W, RV130, RV130W, and RV215W arises from the copying of buffers without checking the size of the input data during the processing of user fields in incoming HTTP packets. Exploiting...

6.5CVSS7.6AI score0.00947EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/09/05 12:0 a.m.11 views

The vulnerability of the Microsoft Visual Studio software development tool and the Microsoft.NET Framework software platform lies in the fact that copying buffers without checking the size of the input data allows a perpetrator to execute arbitrary code.

The vulnerability of the Microsoft Visual Studio software development tool and the Microsoft.NET Framework software platform lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

7.5CVSS7.6AI score0.01555EPSS
Exploits0References3Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/09/02 12:0 a.m.11 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab arises from the lack of measures taken to protect the structure of web pages. This allows attackers to carry out XSS attacks.

The vulnerability of the Git-based software platform for collaborative code development on GitLab exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks by manipulating color tags...

7.3CVSS6.3AI score0.00662EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/08/31 12:0 a.m.11 views

The susceptibility of the microprogramming software of the iSTAR Ultra controller, related to the failure to take measures for data cleaning at the management level, allows the attacker to elevate their privileges to the root level.

The vulnerability of the iSTAR Ultra controller’s microprogramming software is related to the failure to take measures to clean data at the control level. Exploiting this vulnerability can allow an attacker, operating remotely, to elevate their privileges to the root level...

10CVSS7.7AI score0.01949EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/08/30 12:0 a.m.11 views

The vulnerability in the web interface for managing device information on the Cisco Common Services Platform Collector allows a attacker to carry out cross-site scripting attacks.

The vulnerability in the web interface for collecting device information on the Cisco Common Services Platform Collector exists due to the lack of measures taken to protect the web page structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

6.4CVSS6.2AI score0.00685EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/08/30 12:0 a.m.11 views

The vulnerability of the netback driver for Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the netback driver for Linux operating systems is related to resource release errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

6.5CVSS6.6AI score0.00332EPSS
Exploits0References16Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/08/29 12:0 a.m.11 views

The vulnerability of the PDF-XChange PDF document viewing and editing program lies in the fact that operations outside the buffer are allowed in memory when processing Collab objects, allowing an attacker to execute arbitrary code.

The vulnerability of the PDF document viewing and editing software PDF-XChange lies in the fact that operations may go beyond the buffer in memory when processing Collab objects. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created malware fil...

10CVSS7.9AI score0.0077EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/08/24 12:0 a.m.11 views

The vulnerability of the ReadGifHeader() function in the HDF5 library libhdf5 allows a hacker to execute arbitrary code on the target system.

The vulnerability of the ReadGifHeader function in the HDF5 library libhdf5 is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code on the target system by having the user open a specially created maliciou...

10CVSS6.4AI score0.00577EPSS
Exploits1References4Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/08/18 12:0 a.m.11 views

The vulnerability of the Windows Bluetooth Driver of the Windows operating system allows a hacker to gain increased privileges.

The vulnerability of the Windows Bluetooth Driver in the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS7.3AI score0.0053EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/08/15 12:0 a.m.11 views

The vulnerability of the File Server Cache service in the Teamcenter product lifecycle management system allows a hacker to trigger a service failure.

The vulnerability of the File Server Cache service in the Teamcenter product lifecycle management system is related to the execution of a cycle with an unavailable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS7.3AI score0.00635EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/08/12 12:0 a.m.11 views

Vulnerability of microprogramming software for Siemens STEP 7 programmable logic controllers, systems for manufacturing process control such as Opcenter Execution Discrete, Opcenter Execution Process, Opcenter Execution Foundation, Opcenter Intelligence, Opcenter Quality, SIMATIC IT Production Suite, the system diagnostic tool SIMOCODE ES, the software for parameterizing, diagnosing, and documenting the startup status of SIRIUS Soft Starter ES, technological process management systems like SIMATIC PCS neo, the Opcenter RD&L software platform, and the software for analyzing equipment efficiency and key indicators like SIMATIC IT LMS. These vulnerabilities allow attackers to trigger malfunctions during maintenance operations due to insufficient input data verification.

The vulnerabilities of the microprogramming software for Siemens STEP 7 programmable logic controllers, the systems for managing production processes such as Opcenter Execution Discrete, Opcenter Execution Process, Opcenter Execution Foundation, Opcenter Intelligence, Opcenter Quality, SIMATIC IT...

5.3CVSS6.7AI score0.02151EPSS
Exploits0References2Affected Software7
BDU FSTEC
BDU FSTEC
added 2022/08/12 12:0 a.m.11 views

The vulnerability of Siemens SIMATIC process control system’s API interface allows a hacker to obtain the password hash.

The vulnerability of Siemens SIMATIC process control system APIs is related to the disclosure of information. Exploiting this vulnerability can allow a remote attacker to obtain the password hash...

6.3CVSS7.7AI score0.00682EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/08/10 12:0 a.m.11 views

The vulnerability of the user interface of the WebUI on Google Chrome and Microsoft Edge browsers allows a hacker to disclose protected information.

The vulnerability of the WebUI user interface of Google Chrome and Microsoft Edge is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

6.5CVSS6.8AI score0.00562EPSS
Exploits0References5Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/08/10 12:0 a.m.11 views

The vulnerability of the Infrastructure sub-component of the Oracle FLEXCUBE Universal Banking banking analytics system, an imitation modeling solution for Oracle Financial Services Applications, relates to code errors that allow attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Infrastructure sub-component of the Oracle FLEXCUBE Universal Banking banking analytics system’s simulation model application relates to code errors. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of...

7.1CVSS7.3AI score0.0069EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/08/08 12:0 a.m.11 views

The vulnerability of the RESTful Services Programmable Interface (ERS) implementation of the Cisco Identity Services Engine platform allows a perpetrator to disclose protected information.

The vulnerability of the RESTful Services Programmable Interface ERS implementation of the Cisco Identity Services Engine platform is related to deficiencies in password masking during user login. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information...

6.8CVSS5.5AI score0.00803EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/08/08 12:0 a.m.11 views

The vulnerability in the web interface for managing microprogrammed wireless router software from Cisco’s Small Business series—RV110W, RV130, RV130W, and RV215W—allows a attacker to execute arbitrary code or cause a service failure.

The vulnerability in the web interface for managing microprogramming software on Cisco Small Business RV110W, RV130, RV130W, and RV215W routers stems from the copying of buffers without checking the size of the input data during the processing of user fields in incoming HTTP packets. Exploiting...

6.5CVSS7.6AI score0.00876EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/08/04 12:0 a.m.11 views

The vulnerability in the function of stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java of the Jenkins Automation Server component allows a hacker to execute arbitrary code.

The vulnerability in the stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java file of the Jenkins Automation Server’s Stapler component relates to the restoration of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.6AI score0.98326EPSS
Exploits5References7Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/08/04 12:0 a.m.11 views

The vulnerability of the implementation of the web-server configuration in the microprogramming software for programmable logic controllers from Siemens SIMATIC STEP 7 (TIA Portal) allows a perpetrator to increase their privileges.

The vulnerability of the implementation of the web-server configuration in the microprogramming software for programmable logic controllers from Siemens SIMATIC STEP 7 TIA Portal is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their...

7.8CVSS7.2AI score0.0023EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/08/04 12:0 a.m.11 views

The vulnerability of the user interface of the VMware Workspace One Access application management platform, the administration consoles of VMware Identity Manager (vIDM), and the virtual infrastructure management tools of VMware vRealize Automation relates to the possibility of bypassing authentication processes, allowing attackers to increase their privileges.

The vulnerability of the user interface of the VMware Workspace One Access application management platform, as well as the administration consoles of VMware Identity Manager vIDM, and the virtual infrastructure management tool VMware vRealize Automation, is related to the possibility of bypassing...

10CVSS8AI score0.18285EPSS
Exploits1References2Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/08/02 12:0 a.m.11 views

The vulnerability of the implementation of the finfo_buffer() function in the PHP programming language allows a hacker to execute arbitrary code.

The vulnerability of the finfobuffer function implementation in the PHP programming language is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.6AI score0.01659EPSS
Exploits1References11Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/07/22 12:0 a.m.11 views

The vulnerability of the BIOS microprogramming system of Intel processors allows attackers to enhance their privileges and execute arbitrary code.

The vulnerability of the BIOS microprogramming system of Intel processors is related to deficiencies in handling exceptional states. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...

7.8CVSS7.5AI score0.00268EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/07/20 12:0 a.m.11 views

The vulnerability of the Rest Phone Apps web interface for controlling IP telephony systems, FreePBX, allows a intruder to execute arbitrary code.

The vulnerability of the Rest Phone Apps web interface for controlling IP telephony systems like FreePBX lies in the ability to inject code into the URL addresses. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS8.5AI score0.21657EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/18 12:0 a.m.11 views

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to memory usage after it is freed. This allows attackers to execute arbitrary code.

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat and Document Cloud, are related to the use of memory after it is freed. Exploiting these vulnerabilities can allow an attacker to execute arbitrary code...

7.8CVSS7.6AI score0.03549EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/07/13 12:0 a.m.11 views

The vulnerability of the SEPCOS Single Package control and protection relay software allows a intruder to modify user credentials and permissions without authentication.

The vulnerability of the SEPCOS Single Package control and protection relay software is related to the improper implementation of the sequence of actions to be performed. Exploiting this vulnerability allows a malicious actor to modify user credentials and permissions without authentication...

9.7CVSS7.7AI score0.01004EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/13 12:0 a.m.11 views

The vulnerability of ASUS RT-AX88U Wi-Fi router’s microprogramming software, related to the use of uncontrolled format strings, allows a hacker to execute arbitrary code.

The vulnerability of ASUS RT-AX88U Wi-Fi router’s microprogramming software is related to the use of uncontrolled format strings. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS8.2AI score0.02597EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.11 views

The vulnerability of the custom-content-type-manager plugin in the WordPress content management system allows a hacker to execute arbitrary code.

The vulnerability of the custom-content-type-manager plugin in the WordPress content management system is related to improper handling of code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

8.8CVSS7.5AI score0.03214EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.11 views

The vulnerability of the `WebCore::TextureMapperLayer::setContentsLayer` function in WebKitGTK and WPE WebKit rendering modules allows a attacker to execute arbitrary code or cause a service denial.

The vulnerability of the WebCore::TextureMapperLayer::setContentsLayer function WebCore/platform/graphics/texmap/TextureMapperLayer.cpp in the rendering modules of WebKitGTK and WPE WebKit is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a...

7.6CVSS7.4AI score0.02158EPSS
Exploits1References7Affected Software15
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.11 views

The vulnerability in the web interfaces of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME), as well as Cisco Unified Communications Manager IM & Presence Service, allows a attacker to execute XSS attacks.

The vulnerability of the Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition SME web interfaces is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability can allow a malicious actor to carry out XSS attacks...

6.4CVSS6.2AI score0.00714EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.11 views

The vulnerability of the SEPCOS Single Package software for the Secheron SEPCOS control and protection relays allows a intruder to disclose protected information.

The vulnerability of the SEPCOS Single Package control and protection relay system in Secheron SEPCOS is related to insufficient protection for registration data. Exploiting this vulnerability could allow a malicious actor to disclose the protected information remotely...

6.8CVSS6.5AI score0.00723EPSS
Exploits0References5Affected Software1
Total number of security vulnerabilities5000