Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2019/07/30 12:0 a.m.23 views

The vulnerability of the eDocLib platform for storing and processing corporate data arises from the lack of measures taken to protect the website structure. This vulnerability allows attackers to carry out cross-site scripting attacks.

The vulnerability of the eDocLib platform for storing and processing corporate data exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the user’s browser by placing it in a speciall...

6CVSS6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2019/07/08 12:0 a.m.23 views

The vulnerability of the information protection system against unauthorized access is caused by an operation that goes beyond the buffer boundaries in memory, allowing a intruder to trigger a service failure.

The vulnerability of the information protection system against unauthorized access is due to an operation going beyond the buffer in memory file handling is not performed; the full path length exceeds 260 characters. Exploiting this vulnerability can allow a local attacker to cause a service...

3.6CVSS5.7AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/06/14 12:0 a.m.23 views

The vulnerability of Microsoft SharePoint Foundation and the Microsoft SharePoint Server software suite relates to deficiencies in access control. This allows attackers to carry out cross-site scripting attacks and increase their privileges.

The vulnerability of Microsoft SharePoint Foundation and the Microsoft SharePoint Server software suite is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks and increase their privileges by using a specially...

9CVSS5.2AI score0.03316EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2019/05/06 12:0 a.m.23 views

The vulnerability of the Dr.Web Enterprise Security Suite antivirus protection, related to errors in the proprietary protocol’s operation, allows a hacker to replace the installation file.

The vulnerability of the Dr.Web Enterprise Security Suite antivirus protection lies in errors in the proprietary protocol used to connect the antivirus components to the server. Exploiting this vulnerability allows a malicious actor to create a fake “Dr.Web Enterprise Security Suite” server withi...

8.3CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/03/22 12:0 a.m.23 views

The vulnerability of the get_rgba_default function in the libcaca graphics library allows a hacker to gain unauthorized access to protected information.

The vulnerability of the getrgbadefault function in the libcaca graphics library is related to integer overflow. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

8.8CVSS6.8AI score0.01798EPSS
Exploits1References11Affected Software6
BDU FSTEC
BDU FSTEC
added 2017/09/28 12:0 a.m.23 views

The vulnerability of the “/com.sapportals.navigation.testComponent.NavigationRequestSniffer” component of the SAP NetWeaver software integration platform allows a hacker to inject any HTML tags into a page.

The vulnerability of the “/com.sapportals.navigation.testComponent.NavigationRequestSniffer” component of the SAP NetWeaver software integration platform exists due to the lack of measures taken to protect the structure of web pages. This vulnerability allows a malicious actor to inject arbitrary...

6.4CVSS5.6AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/07/28 12:0 a.m.23 views

The vulnerability of the Simple Network Management Protocol (SNMP) subsystem of the Cisco IOS operating system, which allows a hacker to inject code or trigger a system reboot.

Many vulnerabilities in the Simple Network Management Protocol SNMP subsystem of the Cisco IOS operating system are caused by buffer overflows. Exploitation of these vulnerabilities allows a malicious actor to inject code into the system or cause it to restart by sending specially created SNMP...

9CVSS7.9AI score0.1055EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.23 views

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the libsndfile1-dev package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

9.3CVSS5.4AI score0.03642EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/02/08 12:0 a.m.23 views

Vulnerabilities in the Google Chrome browser that allow a perpetrator to trigger a service failure or cause other effects

The multiple vulnerabilities of the Google Chrome browser are related to code errors. Exploiting these vulnerabilities can allow a malicious actor to cause service interruptions or potentially have other adverse effects...

10CVSS7.6AI score0.08115EPSS
Exploits2References16Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.23 views

The vulnerability of the Gentoo Linux operating system, which allows a malicious intruder to compromise the accessibility of protected information

The vulnerability of the openswan package up to version 2.6.39-r1 inclusive in the Gentoo Linux operating system can lead to a violation of the accessibility of protected information. This vulnerability can be exploited remotely...

5CVSS5.4AI score0.02664EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added yesterday22 views

The vulnerability of the Picomatch library lies in the uncontrolled modification of object prototype attributes, which allows attackers to compromise data integrity.

The vulnerability of the Picomatch library is related to uncontrolled changes to the attributes of the object’s prototype. Exploiting this vulnerability could allow a malicious actor to compromise the integrity of the data...

5.3CVSS5.9AI score0.0041EPSS
Exploits0References5Affected Software21
BDU FSTEC
BDU FSTEC
added 2025/08/11 12:0 a.m.22 views

The vulnerability of the um_rp_autochannel() function in the microprogramming software for Linksys RE6250, RE6300, RE6350, RE6500, RE7000, and RE9000 allows a hacker to execute arbitrary code.

The vulnerability of the umrpautochannel function in the microprogramming software for Linksys RE6250, RE6300, RE6350, RE6500, RE7000, and RE9000 lies in the fact that the operation’s output escapes the buffer and is stored in memory when processing the apcliAuthMode2G and apcliAuthMode5G...

9CVSS8.3AI score0.00871EPSS
Exploits1References2Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/08/04 12:0 a.m.22 views

The vulnerability of the m2tsdmx_send_packet() function in the MP4Box multimedia platform GPAC allows a hacker to execute arbitrary code.

The vulnerability of the m2tsdmxsendpacket function in the MP4Box utility of the GPAC multimedia platform is related to buffer overflows during the processing of TS files. Exploiting this vulnerability allows an attacker to execute arbitrary code upon opening a specially crafted file...

7.8CVSS6.3AI score
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/07/29 12:0 a.m.22 views

The vulnerability of the device management platform for systems involving heating, ventilation, and air conditioning, lighting, and energy consumption within the Niagara Framework, along with the Niagara Enterprise Security tools for access control and security, stems from insufficient calculation of password hashes. This allows attackers to gain access to the device.

The vulnerability of the device management platform for systems involving heating, ventilation, and air conditioning, lighting, and energy consumption, as well as the Niagara Framework and the access control and security measures, is related to insufficient calculation of password hashes...

10CVSS7.9AI score0.00316EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/07/24 12:0 a.m.22 views

The vulnerability of the TIA Administrator software development environment, related to access control deficiencies, allows attackers to escalate their privileges and execute arbitrary code.

The vulnerability of the TIA Administrator software development environment is related to lack of access control. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...

7.8CVSS5.8AI score0.00128EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/24 12:0 a.m.22 views

The vulnerability of the OneDrive file sharing service for the macOS operating system arises from the insecure management of privileges, allowing an attacker to elevate their privileges to root user level.

The vulnerability of the OneDrive file sharing service for the macOS operating system is related to insecure management of privileges. Exploiting this vulnerability could allow an attacker to elevate their privileges to the root user level...

7.8CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/23 12:0 a.m.22 views

The system’s vulnerability for analysis and monitoring of production in PROTECH, due to insufficient verification of input data, allows a perpetrator to execute arbitrary codes and increase their privileges.

The system’s vulnerability for analysis and monitoring of PROTECH production exists due to insufficient verification of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code and gain increased privileges...

9.9CVSS6AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/22 12:0 a.m.22 views

Yandex Music

...

5.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/07/21 12:0 a.m.22 views

Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the MySQL Server component involves an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions using the MySQL network protocol...

6.8CVSS7.1AI score0.00525EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/16 12:0 a.m.22 views

The vulnerability of the Sherpa Orchestrator component of the Sherpa RPA process automation platform allows a attacker to execute cross-site scripting attacks.

The vulnerability of the Sherpa Orchestrator component of the Sherpa RPA process automation platform is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform XSS scripting across sites by sending specially crafted...

9.4CVSS5.4AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/11 12:0 a.m.22 views

The vulnerability of the system administration program Sudo, related to deficiencies in authentication mechanisms, allows attackers to escalate their privileges.

The vulnerability of the system administration program Sudo is related to deficiencies in the authentication mechanism. Exploiting this vulnerability can allow attackers to increase their privileges...

2.8CVSS6.8AI score0.03239EPSS
Exploits77References20Affected Software11
BDU FSTEC
BDU FSTEC
added 2025/07/02 12:0 a.m.22 views

The vulnerability of the built-in boa server (/boafrm/formIpv6Setup) of the TOTOLINK EX1200T router’s microprogramming software allows a intruder to cause a service failure.

The vulnerability of the built-in boa server /boafrm/formIpv6Setup of the TOTOLINK EX1200T router’s microprogramming software is related to the issue of the operation exceeding the buffer boundaries in memory when processing the submit-url parameter. Exploiting this vulnerability allows a malicio...

9CVSS7.8AI score0.00789EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.22 views

Vulnerability of the enetc_clear_bdrs() function in the drivers/net/ethernet/freescale/enetc/enetc.c module – This driver for supporting Ethernet adapter devices in the Freescale Linux operating system allows a malicious actor to compromise the confidentiality and accessibility of protected information.

Vulnerability of the enetcclearbdrs function in the drivers/net/ethernet/freescale/enetc/enetc.c module – The driver for supporting Ethernet adapter devices in the Freescale Linux operating system has a vulnerability that leads to uncontrolled resource consumption. Exploiting this vulnerability...

8.5CVSS6.4AI score0.00936EPSS
Exploits0References12Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/29 12:0 a.m.22 views

The vulnerability of the CloudSrvUserdataVersionCheck() function in TOTOLINK CA300-PoE router’s software allows a hacker to execute arbitrary commands.

The vulnerability of the CloudSrvUserdataVersionCheck function in TOTOLINK CA300-PoE router’s software lies in the lack of measures taken at the control level during the processing of the url parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by sendin...

6.5CVSS6AI score0.00884EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/28 12:0 a.m.22 views

The vulnerability of the SimpleOne ITSM automation system lies in its ability to use strictly encrypted user data, which allows a malicious actor to compromise the domain name.

The vulnerability of the SimpleOne ITSM automation system relates to the possibility of using strictly encrypted user data. Exploiting this vulnerability could allow a malicious actor to compromise the domain name...

10CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/28 12:0 a.m.22 views

The vulnerability of the reNgine software tool for automated web application reconnaissance, related to insufficient protection of operational data, allows a perpetrator to disclose protected information.

The vulnerability of the reNgine software tool for automated web application reconnaissance is related to insufficient protection of operational data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected information...

6.8CVSS5.4AI score0.00517EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/21 12:0 a.m.22 views

The vulnerability in the Zabbix UI of the IT infrastructure monitoring system allows a perpetrator to increase their privileges within the system and execute arbitrary code.

The vulnerability in the Zabbix UI of the IT infrastructure monitoring system is related to insufficient protection of registration data. Exploiting this vulnerability can allow attackers to enhance their privileges within the system and execute arbitrary code...

4.6CVSS5.8AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/19 12:0 a.m.22 views

The vulnerability of the AngularJS JavaScript framework for developing single-page applications relates to incomplete filtering of special elements, allowing attackers to perform cross-site scripting attacks.

The vulnerability of the AngularJS JavaScript framework for developing single-page applications is related to incomplete filtering of special elements. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...

4.8CVSS6.2AI score0.00375EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/30 12:0 a.m.22 views

The vulnerability of the formOneSidCfgSet function in the microprogramming software for Tenda AC500 allows a hacker to cause a service failure.

The vulnerability of the formOneSidCfgSet function in the Tenda AC500 router’s microprogramming software relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

7.8CVSS7.4AI score0.11076EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2025/04/28 12:0 a.m.22 views

The vulnerability of the SSH protocol implementation on Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the SSH protocol implementation in OpenSSH servers for Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to increase their privileges...

7.8CVSS7.6AI score0.00554EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/04/21 12:0 a.m.22 views

The vulnerability of the soup_message_headers_get_content_disposition() function in the libsoup library for GNOME’s graphical interface allows a attacker to execute arbitrary code.

The vulnerability of the soupmessageheadersgetcontentdisposition function in the GNOME graphical interface library libsoup is related to the release of previously unallocated memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code by sending a specially craft...

9CVSS8.3AI score0.00847EPSS
Exploits0References11Affected Software7
BDU FSTEC
BDU FSTEC
added 2025/04/11 12:0 a.m.22 views

The vulnerability of the persistent framework MyBatis, a programming language for Java (Kotlin), relates to deficiencies in the deserialization mechanism, allowing attackers to execute arbitrary code.

The vulnerability of the persistent framework MyBatis, written in the Java Kotlin programming language, is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

8.1CVSS7.9AI score0.0182EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/10 12:0 a.m.22 views

The vulnerability of the Kerberos protocol for Windows operating systems allows attackers to circumvent existing security restrictions and expose sensitive information.

The vulnerability of the Kerberos protocol for Windows operating systems is related to the insecure storage of confidential information. Exploiting this vulnerability can allow attackers to circumvent existing security restrictions and expose the protected information...

7.1CVSS7.6AI score0.04004EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/04/09 12:0 a.m.22 views

The vulnerability of the `gf_opus_parse_packet_header` function in the `media_tools/av_parsers.c` file, implemented by the MP4Box packaging tool for the GPAC multimedia platform, allows a hacker to trigger a service failure.

The vulnerability of the gfopusparsepacketheader function in the mediatools/avparsers.c file, belonging to the MP4Box packaging tool of the GPAC multimedia platform, is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow a remote attacker to cause a service...

9.4CVSS5.9AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/07 12:0 a.m.22 views

The vulnerability of the SIEM system testing tool Kraken Stress Testing Toolkit lies in the incorrect restriction on the path name to the catalog, which allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the SIEM systems’ load testing tools, such as the Kraken Stress Testing Toolkit, is related to incorrect restrictions on the path name to the catalog. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected...

6.8CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/07 12:0 a.m.22 views

The vulnerability of Microsoft Edge browser on the iOS operating system, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Edge browser on the iOS operating system is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform spear-phishing attacks...

5CVSS7.7AI score0.00561EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/03 12:0 a.m.22 views

The vulnerability of the ImageInput::read_image() function in the src/libOpenImageIO/imageinput.cpp module of the OpenImageIO library allows a hacker to cause a service failure.

The vulnerability of the ImageInput::readimage function in the src/libOpenImageIO/imageinput.cpp module of the OpenImageIO library is related to the lack of checks for division by zero. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

7.5CVSS5.5AI score
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/26 12:0 a.m.22 views

The vulnerability of the Windows Hyper-V hardware virtualization system allows attackers to escalate their privileges.

The vulnerability of the Windows Hyper-V hardware virtualization system is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

7.8CVSS7.8AI score0.00497EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/03/24 12:0 a.m.22 views

The vulnerability of the VMmanager 6 virtualization tool, related to the lack of protective measures for the SQL query structure, allows attackers to execute arbitrary SQL queries against the database.

The vulnerability of VMmanager 6’s virtualization mechanism is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries against the database remotely...

9CVSS5.9AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/07 12:0 a.m.22 views

The vulnerability of the Mozilla Firefox browser, related to errors in information representation by the user interface, allows a hacker to replace the address bar.

The vulnerability of the Mozilla Firefox browser is related to errors in information representation by the user interface. Exploiting this vulnerability allows a malicious actor to substitute the address bar with a specially created link...

6.5CVSS5.9AI score0.00426EPSS
Exploits0References6Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/02/28 12:0 a.m.22 views

The vulnerability of the Intel QuickAssist Technology (QAT) driver package arises from insufficient validation of input data, allowing a hacker to trigger a service failure.

The vulnerability of the Intel QuickAssist Technology QAT driver package is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...

5CVSS5.5AI score0.00195EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/19 12:0 a.m.22 views

The vulnerability of the Breast software lies in the lack of measures taken to neutralize special elements in cookies used in the operating system’s command. This allows attackers to execute arbitrary code.

The vulnerability of the Breast software lies in the lack of measures taken to neutralize special elements in cookies used by the operating system. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending specially crafted POST requests...

9CVSS6AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/03 12:0 a.m.22 views

The vulnerability of the Eltex SMG-1016M router’s microprogramming software arises from the lack of measures to neutralize special elements, allowing a intruder to execute arbitrary codes.

The vulnerability of the Eltex SMG-1016M router’s microprogramming software exists due to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary codes...

10CVSS5.9AI score
Exploits0References3Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/01/20 12:0 a.m.22 views

The vulnerability of DHCP servers for real-time operating systems like Wind River VxWorks allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of DHCP servers for real-time operating systems from Wind River VxWorks relates to operations that go beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information...

10CVSS8AI score0.01789EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/17 12:0 a.m.22 views

The vulnerability of the Ivanti EPM endpoint management software, related to reading data beyond the buffer in memory, allows a hacker to trigger a service failure.

The vulnerability of the Ivanti EPM endpoint management software is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to cause service failures...

7.8CVSS7.5AI score0.01961EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.22 views

The vulnerability of the Mozilla Firefox browser and the Thunderbird email client, related to authentication procedures that allow attackers to carry out spear-phishing attacks

The vulnerability of Mozilla Firefox browser and Thunderbird email client is related to deficiencies in authentication procedures, resulting from incorrect display of the domain name in the address bar. Exploiting this vulnerability allows attackers to perform spear-phishing attacks remotely...

5CVSS5.5AI score0.00401EPSS
Exploits0References15Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/12/18 12:0 a.m.22 views

The vulnerability of the DefaultServlet server servlet in the Apache Tomcat application server allows a attacker to execute arbitrary code.

The vulnerability of the DefaultServlet server component in the Apache Tomcat application server is related to synchronization errors when using shared resources „Race Conditions“. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.2AI score0.43663EPSS
Exploits13References11Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/12/11 12:0 a.m.22 views

The vulnerability of the Drupal CMS system’s kernel lies in the insufficient control over the modification of dynamically defined object properties. This allows attackers to delete any file they desire.

The vulnerability of the Drupal CMS system’s kernel is related to insufficient control over the modification of dynamically defined object properties. Exploiting this vulnerability could allow a malicious actor to delete any file at will...

10CVSS5.4AI score0.00904EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/03 12:0 a.m.22 views

The vulnerability of the ABB VPNI function in the S+ Control API of the software for management and monitoring of ABB Symphony Plus S+ Operations, S+ Engineering, and S+ Analyst allows a perpetrator to trigger a service failure.

The vulnerability of the ABB VPNI function in the S+ Control API of the ABB Symphony Plus S+ Operations, S+ Engineering, and S+ Analyst software for management and monitoring systems is related to errors in processing relative paths. Exploiting this vulnerability can allow attackers to cause...

7.8CVSS5.5AI score0.00608EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.22 views

The vulnerability of the microprogrammed software of the SCALANCE M-800 industrial routers lies in the inability to clean file names before loading, allowing attackers to compromise the integrity of the system.

The vulnerability of the microprogrammed software in industrial routers SCALANCE M-800 relates to the inability to clean file names before loading. Exploiting this vulnerability can allow an intruder to compromise the integrity of the system...

5CVSS7.4AI score0.00275EPSS
Exploits0References3Affected Software4
Total number of security vulnerabilities5000