90509 matches found
The vulnerability of the CADImage plugin in the IrfanView software, which is used for viewing and playing graphic, video, and audio files, allows a hacker to execute arbitrary code.
The vulnerability of the CADImage plugin for viewing and playing back graphic, video, and audio files in IrfanView arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially...
The vulnerability of the platform for creating, publishing, and reproducing digital advertising on Adobe Experience Manager (AEM) Screens lies in the lack of protective measures for the website structure, allowing attackers to execute arbitrary code.
The vulnerability of the platform for creating, publishing, and reproducing digital advertising within Adobe Experience Manager AEM Screens is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary...
The vulnerability of the Apica Loadtest plugin for Jenkins’ automation server lies in the fact that registration data is stored in an open manner, allowing a malicious actor to gain unauthorized access to the protected information.
The vulnerability of the Apica Loadtest plugin for Jenkins-based automation servers lies in the way registration data is stored in an open manner within the config.xml file. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...
The vulnerability of the data collection tool for Azure Monitor Agents, which operates on virtual machines and physical servers, stems from improper code generation. This allows attackers to execute arbitrary code.
Vulnerability of the data collection tool for Azure Monitor Agent, which processes virtual machines and physical servers, due to improper code generation management. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the Graphics component of Windows operating systems, which allows a hacker to execute arbitrary code
The vulnerability of the Graphics component in Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the Windows RRAS operating system’s routing and remote access service allows a hacker to execute arbitrary code.
The vulnerability of the Windows RRAS operating system’s routing and remote access service is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the Windows Virtual Hard Disk component allows a hacker to execute arbitrary code.
The vulnerability of the Windows Virtual Hard Disk component in Windows operating systems is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the web interface of the software for managing the infrastructure of the EcoStruxure IT Data Center Expert allows a perpetrator to execute arbitrary code.
The vulnerability of the web interface of the software for managing the infrastructure of the EcoStruxure IT Data Center Expert is related to the failure to take measures to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by creating ...
The vulnerability of the client of the Remote Desktop Client for Microsoft Windows operating systems allows a perpetrator to carry out spoofing attacks.
The vulnerability of the Remote Desktop Client for Microsoft Windows operating systems relates to the absence of warnings about dangerous actions. Exploiting this vulnerability allows a malicious actor to carry out spoofing attacks remotely...
The vulnerability of the Windows GDI component in Microsoft Windows operating systems allows attackers to disclose protected information.
The vulnerability of the Windows GDI component in Microsoft Windows systems is related to a breach of data protection mechanisms. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose protected information...
The vulnerability of Websoft HCM’s automation software for HR processes stems from the lack of measures taken to neutralize special elements used in the operating system’s commands. This allows attackers to execute arbitrary commands.
The vulnerability of Websoft HCM’s automation software for HR processes is related to the lack of measures taken to neutralize special elements used in the operating system’s commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by invoking methods from th...
The vulnerability of the Microsoft 365 Apps for Enterprise package, related to the use of cryptographic algorithms containing defects, allows a hacker to circumvent security restrictions.
The vulnerability of the Microsoft 365 Apps for Enterprise package is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow an attacker to circumvent security restrictions...
The vulnerability of the Kerberos protocol for Windows operating systems allows a perpetrator to cause a service failure.
The vulnerability of the Kerberos protocol for Windows operating systems lies in the fact that the operation occurs outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to cause service failures remotely...
The vulnerability of the tb_cfg_request_dequeue() function in the drivers/thunderbolt/ctl.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the tbcfgrequestdequeue function in the drivers/thunderbolt/ctl.c module of the Linux operating system is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the JTAG microprogramming software components in Ethernet modules WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN allows intruders to implant or modify the firmware.
The vulnerability of the JTAG microprogramming software components in Ethernet modules WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN is related to access control deficiencies. Exploiting this vulnerability can allow attackers to implant or modify the firmware...
The vulnerability of the Public Update Page component in microprogramming software for Ethernet modules WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN allows attackers to enhance their privileges.
The vulnerability of the Public Update Page component in microprogramming software for Ethernet modules WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN is related to the absence of authentication for a critical function. Exploiting this vulnerability can allow an attacker to increase their privilege...
The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in the lack of authentication mechanisms. This allows attackers to gain unauthorized access to protected information.
The vulnerability of software platforms for developing and managing online stores like Magento Open Source, Adobe Commerce, and Adobe Commerce B2B is related to the lack of authentication. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected informati...
The vulnerability of the CADImage plugin in the IrfanView software, which is used for viewing and playing graphic, video, and audio files, allows a hacker to execute arbitrary code.
The vulnerability of the CADImage plugin in IrfanView, a program for viewing and playing graphic, video, and audio files, is related to memory corruption. Exploiting this vulnerability could allow an attacker to execute arbitrary code using specially crafted DWG format files...
The vulnerability of the Akamai CloudTest performance testing platform lies in the improper limitation of XML links to external objects, which allows attackers to compromise privacy.
The vulnerability of the Akamai CloudTest performance testing platform relates to incorrect restrictions on XML links to external objects. Exploiting this vulnerability could allow a malicious actor to compromise privacy...
The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software lies in the possibility of an operation going beyond the buffer in memory, allowing an attacker to execute arbitrary code.
The vulnerability of PDF-XChange Editor’s PDF document viewing and editing functionality lies in the issue of operations going beyond the buffer in memory during the processing of PRC files. Exploiting this vulnerability allows an attacker to execute arbitrary code...
The vulnerability of PDF document viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the ability to read data beyond the buffer in memory, allowing attackers to disclose protected information.
The vulnerability of PDF document viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the reading of data beyond the buffer boundaries in memory during file processing for U3D files. Exploiting this vulnerability can allow attackers to disclose protecte...
The vulnerability of the HarmonyOS operating system, related to buffer overflows in the stack, allows attackers to compromise the accessibility of protected information.
The vulnerability of the HarmonyOS operating system is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to compromise the accessibility of protected information...
The vulnerability of the formAutoDetecWAN_wizard4() function (/goform/formAutoDetecWAN_wizard4) in the D-Link DIR-619L router software allows a attacker to cause a service failure.
The vulnerability of the formAutoDetecWANwizard4 function /goform/formAutoDetecWANwizard4 of the D-Link DIR-619L router’s microprogramming software is related to the copying of buffer contents without checking the size of input data during the processing of the curTime parameter. Exploiting this...
The vulnerability of PDF document viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the ability to read data beyond the buffer in memory, allowing attackers to disclose protected information.
The vulnerability of PDF document viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the reading of data beyond the buffer boundaries during file processing for PRC formats. Exploiting this vulnerability can allow attackers to disclose protected...
The vulnerability of the HarmonyOS operating system, related to buffer overflows in the stack, allows attackers to compromise the accessibility of protected information.
The vulnerability of the HarmonyOS operating system is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to compromise the accessibility of protected information...
The vulnerability of the HarmonyOS operating system, related to deficiencies in authentication procedures, allows a perpetrator to gain access to the camera without notifying the user.
The vulnerability of the HarmonyOS operating system is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to the camera without notifying the user...
The vulnerability of the microprogrammed software of Ruijie NBR2000G, NBR1300G, and Ruijie NBR1000 lies in the insufficient protection of operational data, allowing attackers to gain access to the administrator account.
The vulnerability of the microprogrammed software of Ruijie NBR2000G, NBR1300G, and Ruijie NBR1000 lies in the insufficient protection of operational data during the processing of the /WEBVMS/LEVEL15/ endpoint. Exploiting this vulnerability can allow a malicious actor to gain access to the...
The vulnerability of the Redis database management system server allows a hacker to execute arbitrary code.
The vulnerability of the Redis database management system is related to a numerical overflow in the buffer when executing commands that use the HyperLogLog algorithm. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially crafted HLL command...
The vulnerability of the Adobe Experience Manager content and media data management system, related to the lack of measures taken to protect the website structure, allows a perpetrator to execute arbitrary code.
The vulnerability of the Adobe Experience Manager content and media data management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the XML Services component of the Oracle BI Publisher software allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the XML Services component of the Oracle BI Publisher software for creating reports is related to insufficient protection of operational data. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the Adobe Experience Manager content and media data management system, related to the lack of measures taken to protect the website structure, allows a perpetrator to execute arbitrary code.
The vulnerability of the Adobe Experience Manager content and media data management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the RAS Security component of the Oracle Database Server system allows a perpetrator to gain access to read, modify, add, or delete data.
The vulnerability of the RAS Security component of the Oracle Database Server system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain read, modify, add, or delete access to data...
The vulnerability of the CRM User Management Framework component of the Oracle Common Applications suite, a part of the Oracle E-Business Suite, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the CRM User Management Framework component in the Oracle Common Applications of the Oracle E-Business Suite relates to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
The vulnerability of the Adobe Experience Manager content and media data management system, related to the lack of measures taken to protect the website structure, allows a perpetrator to execute arbitrary code.
The vulnerability of the Adobe Experience Manager content and media data management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the net/mlx5 component in the Linux operating system, which allows a hacker to cause a service failure.
The vulnerability of the net/mlx5 component in the Linux operating system is related to deficiencies in handling exceptional states. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the library for working with the DICOM format in DCMT, related to the occurrence of operations outside the buffer memory boundary, allows a perpetrator to trigger a service failure.
The vulnerability of the library for working with the DICOM format in DCMT is related to the execution of operations outside the buffer memory boundaries. Exploiting this vulnerability can allow an attacker to trigger a service failure using a specially created DICOM file...
The vulnerability of the `static_key_fast_inc_not_disabled()` function in the `net/ipv4/tcp_ao.c` component of the Linux kernel allows a attacker to cause a service failure.
The vulnerability of the statickeyfastincnotdisabled function in the net/ipv4/tcpao.c component of the Linux kernel relates to the disclosure of information. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the net/sched component in the Linux operating system’s kernel, which allows a hacker to trigger a service failure
The vulnerability of the net/sched component in the Linux operating system’s kernel is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability in the driver/iio/adc/ad7124.c component of the Linux operating system allows a hacker to cause a service failure.
The vulnerability in the drivers/iio/adc/ad7124.c component of the Linux operating system is related to the lack of zero-division checking. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the Connection Manager module (con_mgr) in microprogrammed network devices from ASR Microelectronics, such as ASR1803L, ASR1806, ASR1901, and ASR1903L, allows a perpetrator to gain unauthorized access to protected information or cause service failures.
The vulnerability of the Connection Manager conmgr module in microprogrammed network devices from ASR Microelectronics, such as ASR1803L, ASR1806, ASR1901, and ASR1903L, is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to gain unauthoriz...
The vulnerability of the net/vmw_vsock/virtio_transport_common.c component in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the net/vmwvsock/virtiotransportcommon.c component in the Linux operating system is related to information disclosure. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the built-in web server boa (/boafrm/formFilter) of the TOTOLINK N300RH router’s microprogramming software allows a hacker to cause a service failure.
The vulnerability of the built-in web server boa /boafrm/formFilter of the TOTOLINK N300RH router software is related to improper cleaning or release of resources during the processing of the url parameter. Exploiting this vulnerability allows a malicious actor to cause service failures by sendin...
Vulnerabilities of functions rtk_usb2phy_probe() and devm_kzalloc() in the Linux operating system, allowing attackers to cause service failures
The vulnerabilities of the rtkusb2phyprobe and devmkzalloc functions in the Linux operating system are related to pointer arithmetic errors. Exploiting these vulnerabilities can allow an attacker to cause a service failure...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the Citrix ADC application delivery controller (formerly Citrix NetScaler Application Delivery Controller) and the Citrix Gateway virtual environment access control system (formerly Citrix NetScaler Gateway) relates to the occurrence of operations outside the buffer in memory. This vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Citrix ADC application delivery controller formerly Citrix NetScaler Application Delivery Controller and the Citrix Gateway virtual environment access control system formerly Citrix NetScaler Gateway is related to an operation that goes beyond the buffer in memory...
The vulnerability in the LLVM Toolchain development tools relates to the execution of operations outside of the buffer in memory, allowing an attacker to trigger a service failure.
The vulnerability of the LLVM Toolchain development tools is related to the execution of operations outside of the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to trigger a service failure...
The vulnerability of the FontFaceSet interface in Mozilla Firefox and Firefox ESR browsers allows a perpetrator to trigger a service failure.
The vulnerability of the FontFaceSet interface in Mozilla Firefox and Firefox ESR browsers is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the net/smc component in Linux operating systems allows attackers to compromise data integrity.
The vulnerability of the net/smc component in Linux operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to compromise the integrity of data...
The vulnerability of the Adobe Experience Manager content and media data management system, related to the lack of measures taken to protect the website structure, allows a perpetrator to execute arbitrary code.
The vulnerability of the Adobe Experience Manager content and media data management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...