Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.11 views

The vulnerability of the yargs-parser library in application software of Aurora Center involves uncontrolled changes to object prototypes’ attributes, allowing attackers to execute “prototype pollution” attacks.

The vulnerability of the yargs-parser library in application software developed by Avora Center relates to uncontrolled changes to object prototypes’ attributes. Exploiting this vulnerability could allow a malicious actor to execute a “prototype compromise” attack...

5.3CVSS6.8AI score0.00514EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.11 views

The vulnerability of the Lodash application library of Aurora Center lies in the failure to take measures to neutralize special elements used in the operating system’s command set, allowing attackers to execute arbitrary commands.

The vulnerability of the Lodash application library in Aurora Software Solutions relates to the failure to take measures to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

7.2CVSS7.3AI score0.2241EPSS
Exploits3References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/06/04 12:0 a.m.11 views

The vulnerability of the application development module for HMI Window Maker in Wonderware InTouch systems arises from copying buffers without checking the size of the input data. This allows a malicious actor to trigger an emergency shutdown of the system.

The vulnerability of the application development module for HMI Window Maker in Wonderware InTouch SCADA systems relates to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to cause damage to multiple stack frames and re-write...

2.9CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/02 12:0 a.m.11 views

The vulnerability of the Exim message transfer agent, related to privilege management errors, allows a hacker to elevate their privileges within the system.

The vulnerability of the Exim message transfer agent is related to privilege management errors. Exploiting this vulnerability can allow an attacker to elevate privileges within the system by sending the file’s PID...

6.1CVSS7.3AI score0.00948EPSS
Exploits1References16Affected Software6
BDU FSTEC
BDU FSTEC
added 2021/05/19 12:0 a.m.11 views

The vulnerability of Linux operating system’s kernel-based PI futex components, which allows a hacker to execute arbitrary code at the kernel level

The vulnerability of Linux operating system’s kernel PI futexes relates to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to execute arbitrary code at the kernel level...

7.8CVSS7AI score0.01377EPSS
Exploits1References28Affected Software6
BDU FSTEC
BDU FSTEC
added 2021/05/12 12:0 a.m.11 views

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Core component of the Oracle VM VirtualBox software is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

6CVSS6.7AI score0.00351EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/05/12 12:0 a.m.11 views

The vulnerability of the Apache OFBiz resource planning software lies in its ability to restore unreliable data in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Apache OFBiz’s resource planning software lies in its ability to restore unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted request...

9CVSS8.2AI score0.81079EPSS
Exploits2References10Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/05/12 12:0 a.m.11 views

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Core component of the Oracle VM VirtualBox software relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

7.1CVSS6.8AI score0.00373EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/05/05 12:0 a.m.11 views

The vulnerability of Qualcomm’s software, related to deficiencies in access control, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of Qualcomm’s software is related to deficiencies in access control. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

10CVSS7.4AI score0.00958EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2021/05/05 12:0 a.m.11 views

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Core component of the Oracle VM VirtualBox software lies in insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.3CVSS6.5AI score0.00687EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/05/05 12:0 a.m.11 views

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Core component of the Oracle VM VirtualBox software lies in insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.3CVSS6.5AI score0.00687EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/04/06 12:0 a.m.11 views

The vulnerability of the Node.js software platform, related to a bug in the resource consumption monitoring mechanism, allows a hacker to trigger a service failure.

The vulnerability of the Node.js software platform is related to the improper handling of a large number of requests sent to the unknownProtocol. Exploiting this vulnerability allows an attacker who operates remotely to cause service failures...

7.8CVSS6.9AI score0.77385EPSS
Exploits0References7Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/04/06 12:0 a.m.11 views

The vulnerability of Containerd’s execution environment, related to the lack of a mechanism for storing registration data, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of Containerd’s execution environment is related to improper processing of the image manifest file. Exploiting this vulnerability allows a remote attacker to gain unauthorized access to protected information...

6.1CVSS6.6AI score0.02209EPSS
Exploits1References11Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/03/30 12:0 a.m.11 views

The vulnerability of the GPU Display Driver’s graphical driver API involves unsafe management of privileges, allowing attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the GPU Display Driver’s graphics driver API is related to insecure management of privileges. Exploiting this vulnerability can allow attackers to access confidential data, compromise its integrity, and cause service failures...

7.8CVSS7.2AI score0.00471EPSS
Exploits0References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2021/03/30 12:0 a.m.11 views

The vulnerability of the Google Chrome browser’s presentation API involves the use of a memory area after it is freed. This allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Google Chrome browser’s presentation API relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service interruptions...

9.3CVSS7.7AI score0.02296EPSS
Exploits0References11Affected Software6
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.11 views

The vulnerability of the PIM protocol implementation in the NX-OS operating system allows a attacker to trigger a service failure.

The vulnerability of the Protocol Independent Multicast PIM implementation in the NX-OS operating system is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

4.3CVSS6.3AI score0.00391EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.11 views

The vulnerability of the CheckList component of the Joomla! content management system allows a hacker to execute arbitrary SQL commands.

The vulnerability of the CheckList component in the Joomla! content management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...

10CVSS8.2AI score0.08708EPSS
Exploits5References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.11 views

The vulnerability of the Windows Console Driver component of the Windows operating system, which allows a hacker to trigger a service failure

The vulnerability of the Windows Console Driver component of the operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

6.8CVSS5.9AI score0.01516EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.11 views

The vulnerability of the Magento Commerce software development and management platform lies in its lack of measures to neutralize special elements used in the operating system, allowing attackers to execute arbitrary code.

The vulnerability of the Magento Commerce software development and management platform is related to the lack of measures taken to neutralize special elements used in the operating system. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8CVSS7.8AI score0.02863EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.11 views

The vulnerability of Adobe Illustrator 2021, related to writing beyond the buffer in memory, allows a hacker to execute arbitrary code.

The vulnerability of Adobe Illustrator 2021 graphic editor is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

10CVSS7.8AI score0.02249EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.11 views

The vulnerability of Cisco Webex Meetings’ software web interface allows attackers to carry out cross-site scripting attacks.

The vulnerability of Cisco Webex Meetings’ software web interface is related to deficiencies in neutralizing special characters. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

6.1CVSS6AI score0.00784EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.11 views

The vulnerability of the SetImageExtent() function in the ImageMagick console graphics editor allows a hacker to cause a service failure.

The vulnerability of the SetImageExtent function /MagickCore/image.c in the console-based graphic editor ImageMagick is related to memory release errors. Exploiting this vulnerability could allow a remote attacker to trigger a service failure by using a specially created file...

4.3CVSS6.6AI score0.00852EPSS
Exploits1References6Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.11 views

The vulnerability of the Jackson-databind library in the FasterXML project, related to the restoration of unreliable data in memory, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Jackson-databind library in the FasterXML project relates to the restoration of unreliable data in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to compromise the confidentiality, integrity, and accessibility of the protected...

9.3CVSS7.4AI score0.12504EPSS
Exploits0References7Affected Software6
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.11 views

The vulnerabilities of the 3D model rendering software programs Luxion KeyShot, Luxion KeyShot Viewer, Luxion KeyShot Network Rendering, and Luxion KeyVR allow attackers to execute arbitrary code.

The vulnerabilities of the 3D model rendering software programs Luxion KeyShot, Luxion KeyShot Viewer, Luxion KeyShot Network Rendering, and Luxion KeyVR are related to pointer assignment errors. Exploiting these vulnerabilities can allow attackers to execute arbitrary code...

7.8CVSS7.6AI score0.02164EPSS
Exploits0References3Affected Software4
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.11 views

The vulnerability of the executable file FortiClientOnlineInstaller.exe, a security tool from Fortinet’s FortiClient for Windows, allows a perpetrator to execute arbitrary code.

The vulnerability of the installation file FortiClientOnlineInstaller.exe, a security tool from Fortinet’s FortiClient for Windows, is related to errors in the path validation mechanism. Exploiting this vulnerability could allow an attacker to execute arbitrary code using specially uploaded DLL...

7.8CVSS7.1AI score0.00604EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/08 12:0 a.m.11 views

The vulnerability of the Windows operating system’s kernel, related to insecure management of privileges, allows attackers to elevate their own privileges.

The vulnerability of the Windows operating system’s kernel is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7.8CVSS7.1AI score0.00647EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/02/08 12:0 a.m.11 views

The vulnerability of the components of the Cisco Email Security Appliance, a system for email security management, and the Cisco Content Security Management Appliance, a system for content security management, as well as the Cisco Web Security Appliance, an internet gateway, allows attackers to gain unauthorized access to protected information.

The vulnerability of the components of the Cisco Email Security Appliance, the Cisco Content Security Management Appliance, and the Cisco Web Security Appliance involves a lack of authentication token requirements. Exploiting this vulnerability can allow an attacker to gain unauthorized access to...

5.3CVSS5.9AI score0.01142EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2021/02/08 12:0 a.m.11 views

The vulnerability in the vManage web interface of the software-defined Cisco SD-WAN network allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the vManage web interface of the Cisco SD-WAN program-defined network is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...

6.8CVSS6.5AI score0.0141EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/08 12:0 a.m.11 views

The vulnerability of the archiving function of the Cisco DNA Center allows a intruder to gain unauthorized access to protected information.

The vulnerability of the archiving function of the Cisco DNA Center relates to the unencrypted storage of confidential information. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to the protected information...

7.7CVSS6.8AI score0.00918EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/01/26 12:0 a.m.11 views

The vulnerability of the Windows file system filter driver allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Windows file system filter driver is related to the disclosure of information. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

5.5CVSS5.9AI score0.01201EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2020/12/03 12:0 a.m.11 views

The vulnerability of the show_numa_stats() function in the NUMA-enabled kernel of Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the shownumastats function in Linux NUMA cores relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.3CVSS6.4AI score0.00313EPSS
Exploits0References13Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/12/03 12:0 a.m.11 views

The vulnerability of the expand_downwards and expand_upwards functions (mm/mmap.c) in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the expanddownwards and expandupwards functions in Linux kernel systems is related to errors during multi-threaded tasks race conditions. Exploiting this vulnerability can allow an attacker to cause service failures...

7CVSS6.4AI score0.0045EPSS
Exploits1References17Affected Software2
BDU FSTEC
BDU FSTEC
added 2020/11/24 12:0 a.m.11 views

The vulnerability of Intel Quartus Prime’s automated design system for Intel(R) 50GbE IP Core lies in an unprocessed exception that allows a hacker to trigger a service failure.

The vulnerability of Intel Quartus Prime’s automated design system for IntelR 50GbE IP Core relates to an unprocessed exception. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

4.4CVSS5.9AI score0.00271EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/10/29 12:0 a.m.11 views

The vulnerability of the Samba file system arises from an incorrect limitation on the path to the restricted access directory. This allows a malicious user to gain access to files and directories beyond the SMB network paths.

The vulnerability of the Samba file system exists due to an incorrect limitation on the path name for the restricted access directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to files and directories beyond the boundaries of the SMB network...

7.1CVSS6.2AI score0.03515EPSS
Exploits0References7Affected Software6
BDU FSTEC
BDU FSTEC
added 2020/10/29 12:0 a.m.11 views

The vulnerability of the Camera Codec Pack component of the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the Camera Codec Pack component of the Windows operating system is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created file...

7.8CVSS8AI score0.03871EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/10/27 12:0 a.m.11 views

The vulnerability of the `register_queue_kobjects()` function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the registerqueuekobjects function in the Linux operating system’s kernel net/core/net-sysfs.c is related to a memory leak issue. Exploiting this vulnerability could allow an attacker to cause service interruptions remotely...

7.8CVSS6.5AI score0.03784EPSS
Exploits0References22Affected Software10
BDU FSTEC
BDU FSTEC
added 2020/09/02 12:0 a.m.11 views

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to memory usage after it is freed. This allows attackers to execute arbitrary code.

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to the use of memory after it is freed. Exploiting these vulnerabilities can allow an attacker to execute arbitrary...

10CVSS7.9AI score0.48441EPSS
Exploits2References3
BDU FSTEC
BDU FSTEC
added 2020/08/28 12:0 a.m.11 views

The vulnerability of the Windows Media Foundation component in Windows operating systems allows attackers to gain privileges to install programs, view, modify, or delete data, as well as create new user accounts with full user rights.

The vulnerability of the Windows Media Foundation component in Windows operating systems arises from operations that occur outside the buffer in memory. Exploiting this vulnerability can allow attackers to gain control over programs, access data, modify or delete data, and create new user account...

7.8CVSS7.4AI score0.02678EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2020/08/12 12:0 a.m.11 views

The vulnerability of the Linux operating system’s kernel, related to the use of memory after it is freed, allows a hacker to cause a service failure.

The vulnerability in the drivers/net/slip/slip.c and drivers/net/can/slcan.c files of the Linux operating system relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...

4.7CVSS6.5AI score0.00321EPSS
Exploits0References16Affected Software3
BDU FSTEC
BDU FSTEC
added 2020/07/31 12:0 a.m.11 views

The vulnerability of the br.com.anteros.dbcp.AnterosDBCPConfig Java library for JSON file parsing with Jackson-Databind, which allows attackers to cause a service failure.

The vulnerability of the br.com.anteros.dbcp.AnterosDBCPConfig Java library for JSON file parsing involving Jackson-Databind is related to the restoration of unreliable data in memory. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

9.8CVSS7.4AI score0.18345EPSS
Exploits0References16Affected Software37
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.11 views

The vulnerability of the JVMCI Interpreter component in the Oracle GraalVM Enterprise Edition virtual machine allows a perpetrator to compromise the confidentiality, integrity, or accessibility of protected information.

The vulnerability of the JVMCI Interpreter component in the Oracle GraalVM Enterprise Edition virtual machine is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, or accessibility of protected...

9CVSS7.3AI score0.01485EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.11 views

The vulnerability of the Web Services component of the Oracle WebLogic Server application server allows a perpetrator to gain access to confidential information.

The vulnerability of the Web Services component of Oracle WebLogic Server servers exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to access confidential information using IIOP and T3 protocols...

7.8CVSS7.2AI score0.02249EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.11 views

The vulnerability of the Investor Module component of the Primavera Portfolio Management software, a software solution for automating management processes in production operations, allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Investor Module component of Primavera Portfolio Management software exists due to insufficient verification of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or gain unauthorized access to protected...

6.4CVSS6.9AI score0.00962EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.11 views

The vulnerability of the Discovery and collection script component of the Oracle Configuration Manager software, which is used for collecting configuration information about client configurations. This vulnerability allows an attacker to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Discovery and collection script component of the Oracle Configuration Manager software lies in insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to modify, add, or delete data, or gain unauthorized access to...

7.5CVSS7.2AI score0.01112EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.11 views

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015/Reader 2015 involve reading beyond the buffer in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 are related to reading data beyond the buffer in memory. Exploiting these vulnerabilities can...

7.8CVSS7.7AI score0.03EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.11 views

The vulnerability of the Oracle Application Express component of the Oracle Database Server database management system allows attackers to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Oracle Application Express component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized acces...

5.5CVSS6.9AI score0.00661EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.11 views

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, Adobe Acrobat 2015, Adobe Acrobat Reader 2015 are related to security exploits that allow attackers to escalate their privileges within the context of the current user.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 are related to bypassing security features. Exploiting these vulnerabilities can allow attackers...

9.3CVSS6.8AI score0.02795EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.11 views

The vulnerability of the Windows Runtime component of the Windows operating system allows attackers to elevate their privileges and execute arbitrary code.

The vulnerability of the Windows Runtime component of the Windows operating system is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute malicious code through a specially created application...

7.8CVSS7.4AI score0.00762EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/07/24 12:0 a.m.11 views

The vulnerability of AppX Deployment Extensions in Windows operating systems allows attackers to enhance their privileges.

The vulnerability of AppX Deployment Extensions in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created application...

7.8CVSS7.2AI score0.00739EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/07/24 12:0 a.m.11 views

The vulnerabilities of the spring-webmvc and spring-webflux modules of the Spring Framework allow attackers to perform cross-site request forgery attacks.

The vulnerability of the spring-webmvc and spring-webflux modules of the Spring Framework is related to the lack of protection against Cross-Site Request Forgery CSRF attacks. Exploiting this vulnerability allows a malicious actor to perform CSRF attacks remotely...

5.3CVSS6.2AI score0.02382EPSS
Exploits1References4Affected Software16
Total number of security vulnerabilities5000