Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2020/01/08 12:0 a.m.11 views

The vulnerability of the microprogrammed Ethernet switch software from Moxa series EDS-405A lies in insufficient validation of input data, allowing a intruder to trigger a service failure.

The vulnerability of the microprogrammed Ethernet switch software from Moxa EDS-405A series exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures by sending HTTP GET requests to the vulnerable device...

8.6CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/12/13 12:0 a.m.11 views

The vulnerability of the i40e controller drivers for Intel Ethernet Series 700 models allows a hacker to cause a service failure.

The vulnerability of the i40e controller drivers for Intel Ethernet Series 700 models is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a perpetrator to cause service failures...

5.5CVSS6.1AI score0.00294EPSS
Exploits0References13Affected Software8
BDU FSTEC
BDU FSTEC
added 2019/11/11 12:0 a.m.11 views

The vulnerability of the MP4 demultiplexer in the VideoLAN VLC media player software allows a hacker to execute arbitrary code or trigger a service denial.

The vulnerability of the MP4 demultiplexer in the VideoLAN VLC media player software is related to errors in checking the length of string containers. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or trigger a service denial-of-service attack using a specially...

10CVSS7.1AI score0.02162EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/11/06 12:0 a.m.11 views

The vulnerability of the BARS.Web-Swods platform arises from insufficient validation of input data, allowing attackers to execute unauthorized SQL queries against the database of the information system.

The vulnerability of the BARS.Web-Swods platform arises from insufficient validation of input data when accessing the form located at the address /Forms/Open?metaName=. Exploitation of this vulnerability allows a malicious actor to execute unauthorized SQL queries against the database of the...

9CVSS5.8AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/10/09 12:0 a.m.11 views

Vulnerability of the Server: Optimizer component of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Server: Optimizer component of the Oracle MySQL Server database management system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using the MySQL protocol...

6.8CVSS5.4AI score0.03294EPSS
Exploits0References11Affected Software14
BDU FSTEC
BDU FSTEC
added 2019/08/16 12:0 a.m.11 views

Vulnerability of Microsoft SharePoint, Microsoft Office, Office 365, and Microsoft Word software packages, allowing a hacker to execute arbitrary code.

The vulnerability of Microsoft SharePoint, Microsoft Office, Office 365, and the Microsoft Word text editor relates to the execution of operations outside the buffer in memory. Exploitation of this vulnerability can allow a malicious actor to execute arbitrary code on the target system with...

10CVSS6.5AI score0.0486EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2019/08/08 12:0 a.m.11 views

The vulnerability of the WritePNMImage function in the console-based image editing tool ImageMagick allows a hacker to cause a service failure or execute arbitrary code.

The vulnerability of the WritePNMImage function in the console-based image editing tool ImageMagick is related to the execution of operations beyond the buffer’s boundaries. Exploiting this vulnerability could allow a remote attacker to cause service interruptions or execute arbitrary code using ...

6.8CVSS8.4AI score0.02082EPSS
Exploits1References12Affected Software3
BDU FSTEC
BDU FSTEC
added 2019/08/08 12:0 a.m.11 views

The vulnerability of the SetPixelViaPixelInfo function in the console-based image editing tool ImageMagick allows a hacker to cause a service failure or execute arbitrary code.

The vulnerability of the SetPixelViaPixelInfo function in the ImageMagick console-based graphics editor is related to reading data beyond the buffer boundary in dynamic memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure or execute arbitrary code using a...

10CVSS8.4AI score0.0237EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2019/08/08 12:0 a.m.11 views

The vulnerability of the HP Support Assistant software, a centralized device management tool, stems from deficiencies in access control. This allows attackers to obtain system privileges and perform unauthorized changes to catalogs or files.

The vulnerability of the HP Support Assistant software for centralized device management is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to gain system privileges and perform unauthorized changes to catalogs or files...

7.2CVSS5.5AI score0.0163EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/08/06 12:0 a.m.11 views

The vulnerability of the Cisco Unified Communications Manager web framework allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Cisco Unified Communications Manager web framework is related to the lack of protection for operational data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information through a specially created...

6.5CVSS5.5AI score0.01739EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2019/08/06 12:0 a.m.11 views

The vulnerability of the Security component of the Oracle Hyperion Planning application, which automates budget management processes, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Security component of the Oracle Hyperion Planning application, which is used for automating budget management processes, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access t...

4.9CVSS7.8AI score0.04314EPSS
Exploits4References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/08/06 12:0 a.m.11 views

The vulnerability of the Advanced Console controller’s sub-component of Oracle Identity Manager, a software platform of Oracle Fusion Middleware, allows an intruder to gain unauthorized access to protected data.

The vulnerability of the Advanced Console controller’s sub-component in Oracle Identity Manager, a software platform of Oracle Fusion Middleware, is related to access control deficiencies. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to...

4.3CVSS7.8AI score0.00859EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/07/30 12:0 a.m.11 views

The vulnerability of the eDocLib platform for storing and processing corporate data arises from the lack of measures taken to protect the website structure. This vulnerability allows attackers to carry out cross-site scripting attacks.

The vulnerability of the eDocLib platform for storing and processing corporate data exists due to the lack of measures taken to protect the structure of its web page. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the user’s browser by placing it in a speciall...

6CVSS6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2019/06/27 12:0 a.m.11 views

The vulnerability in the implementation of the lmc_init_one handler in Linux kernel allows a hacker to trigger a service failure.

The vulnerability in the implementation of the lmcinitone handler of the loaded module drivers/net/wan/lmc/lmc.ko in the Linux operating system arises due to the assignment of a null pointer. Exploiting this vulnerability can allow an attacker to cause a system failure by connecting a LanMedia...

6.2CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/06/14 12:0 a.m.11 views

The vulnerability of the Win32k component of the Windows operating system, which allows a hacker to execute arbitrary code in kernel mode

The vulnerability of the Win32k component of the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability allows an attacker to execute arbitrary code in kernel mode using a specially created application...

7.8CVSS6AI score0.01084EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2019/04/25 12:0 a.m.11 views

The vulnerability in the Phusion Passenger web server relates to the possibility of creating a symbolic link between a REVISION file and an arbitrary file in the system. This allows a malicious actor to gain access to confidential data.

The vulnerability in the Phusion Passenger web server relates to the ability to create symbolic links between a REVISION field and any arbitrary file in the system. Exploiting this vulnerability could allow an attacker to gain access to confidential data...

5.3CVSS6.2AI score0.00358EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/04/25 12:0 a.m.11 views

The vulnerability of the fetch module in the Ansible configuration management system arises from incorrect restrictions on the path to the restricted-access directory. This allows attackers to gain unauthorized access to information and compromise its integrity.

The vulnerability of the fetch module in the Ansible configuration system is related to an incorrect path limitation for the restricted access directory. Exploiting this vulnerability could allow a local attacker to gain unauthorized access to information and compromise its integrity by copying a...

4.2CVSS5.8AI score0.00522EPSS
Exploits0References10Affected Software6
BDU FSTEC
BDU FSTEC
added 2019/04/25 12:0 a.m.11 views

The vulnerability in the 6LoWPAN dissector of the Wireshark network traffic analysis tool is related to insufficient validation of input data. This allows a hacker to trigger a service failure.

The vulnerability in the 6LoWPAN dissector of the Wireshark network traffic analyzer program is related to the failure to use a virtual buffer for testing before calling the dissector. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

5.5CVSS6.5AI score0.01424EPSS
Exploits1References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/04/25 12:0 a.m.11 views

The vulnerability of the ui_clip_handle_data function in the RDP client rdesktop software, related to reading data beyond the buffer boundary, allows attackers to access confidential data.

The vulnerability of the uicliphandledata function in the RDP client rdesktop is related to reading data beyond the buffer boundary. Exploiting this vulnerability could allow an attacker to gain access to confidential data remotely...

5.3CVSS7.6AI score0.03512EPSS
Exploits1References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/04/25 12:0 a.m.11 views

The vulnerability of the ca_file_read function in the libcaca graphics library, related to integer overflow, allows an attacker to gain unauthorized access to sensitive information.

The vulnerability of the cafileread function in the libcaca graphics library is related to integer overflow. Exploiting this vulnerability allows an attacker who operates remotely to gain unauthorized access to sensitive information...

9.3CVSS6.5AI score0.01827EPSS
Exploits1References11Affected Software6
BDU FSTEC
BDU FSTEC
added 2019/04/23 12:0 a.m.11 views

The vulnerability of the Core component of the Oracle VM VirtualBox virtualization tool, which allows a hacker to gain full control over the application

The vulnerability of the Core component of Oracle VM VirtualBox is related to lack of access control. Exploiting this vulnerability can allow an attacker to gain full control over the application...

8.8CVSS7.6AI score0.00534EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/04/23 12:0 a.m.11 views

The vulnerability of the Core component of the Oracle VM VirtualBox virtualization tool, which allows a hacker to gain unauthorized access to protected information

The vulnerability of the Core component of Oracle VM VirtualBox is related to deficiencies in access control. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

6.5CVSS7AI score0.00533EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/03/22 12:0 a.m.11 views

The vulnerability in the configuration of file system permissions in the Cisco NX-OSS device’s networking operating system allows a hacker to gain access to read and write file permissions.

The vulnerability of the file system configuration permissions in the Cisco NX-OSS device operating system is related to lack of access control mechanisms. Exploiting this vulnerability can allow an attacker to gain read and write access to files...

7.8CVSS7.2AI score0.00392EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2019/02/19 12:0 a.m.11 views

The vulnerability of the LibVNC library, related to the use of memory after it is freed, allows a hacker to execute arbitrary code.

The vulnerability of the LibVNC library lies in the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.1CVSS8.1AI score0.26543EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/02/19 12:0 a.m.11 views

The vulnerability of the LibVNC library, related to initialization errors in client code, allows attackers to disclose protected information.

The vulnerability of the LibVNC library is related to initialization errors in the client code. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

8.6CVSS6.8AI score0.02937EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/01/28 12:0 a.m.11 views

The vulnerability of the sub-component “Attachments/File Upload” of the Oracle Application Object Library in the Oracle E-Business Suite system allows a perpetrator to access, modify, add, or delete data.

The vulnerability of the Attachments/File Upload sub-component of the Oracle Application Object Library in the Oracle E-Business Suite system related to access control deficiencies. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify, add, or delete...

8.2CVSS7.5AI score0.02009EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/23 12:0 a.m.11 views

The vulnerability of the Libvirt virtualization management library, related to a bug that leads to excessive memory consumption, allows a hacker to trigger a service failure.

The vulnerability of the Libvirt virtualization management library is related to an error that causes excessive memory consumption when processing large data streams by QEMU. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

5.3CVSS6.5AI score0.02955EPSS
Exploits0References7Affected Software6
BDU FSTEC
BDU FSTEC
added 2019/01/23 12:0 a.m.11 views

The vulnerability of the Core component in Oracle VM VirtualBox allows a hacker to gain full control over the application.

The vulnerability of the Core component in Oracle VM VirtualBox is related to access control deficiencies. Exploiting this vulnerability can allow an attacker to gain full control over the application...

8.6CVSS6.7AI score0.00722EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/23 12:0 a.m.11 views

The vulnerability of the Security component of the Oracle Retail Xstore Payment software allows a perpetrator to modify protected information or cause service failures.

The vulnerability of the Security component of the Oracle Retail Xstore Payment software lies in deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to modify protected information or cause service failures using the HTTP protocol...

9CVSS7.6AI score0.01698EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/23 12:0 a.m.11 views

The vulnerability of the Oracle One-to-One Fulfillment component (OCM Query) within the Oracle E-Business Suite automation system, which allows a perpetrator to modify protected information.

The vulnerability of the Oracle One-to-One Fulfillment OCM Query component of the Oracle E-Business Suite automation system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to modify protected information using the HTTP protocol...

9.4CVSS7.8AI score0.02114EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/17 12:0 a.m.11 views

The vulnerability of the TUNER web service on the TeNIX programmable logic controllers M1500 and M3000 allows a hacker to execute arbitrary code.

The vulnerability of the TUNER web service on the TeNIX programmable logic controllers M1500 and M3000 is related to the absence of name filtering when generating a 404 HTTP error page. As a result, the name of the non-existent webpage is passed unchanged to the generated error page. Exploiting...

6.8CVSS6AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/12/28 12:0 a.m.11 views

The vulnerability of the Windows operating system arises from an operation that goes beyond the buffer boundaries in memory, allowing a malicious actor to execute arbitrary code in kernel mode.

The vulnerability of the Win32k component of the Windows operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in kernel mode using a specially created application...

7CVSS8.3AI score0.22349EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2018/12/10 12:0 a.m.11 views

The vulnerability of the FreeRDP remote desktop protocol lies in errors in processing specially crafted request packets, which allows attackers to trigger service failures or perform “man-in-the-middle” attacks.

The vulnerability of the FreeRDP remote desktop protocol is related to errors in processing specially crafted request packets. Exploiting this vulnerability allows a malicious actor to cause an application to terminate abnormally or carry out “man-in-the-middle” attacks...

7.5CVSS7AI score0.01722EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/12/10 12:0 a.m.11 views

The vulnerability of the `free` function in the beep utility allows a hacker to gain access to confidential information or block the execution of arbitrary applications.

The vulnerability of the free function in the beep utility is related to the occurrence of a “race condition” when signal handlers that send signals SIGINT and SIGTERM to the free function are used. Exploiting this vulnerability can allow an attacker to gain access to confidential information or ...

7CVSS7.4AI score0.01651EPSS
Exploits3References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/12/07 12:0 a.m.11 views

The vulnerability of the Windows operating system, related to errors in the driver authenticity verification mechanism, allows a hacker to load improperly signed drivers into the kernel.

The vulnerability of the Windows operating system is related to errors in the mechanism for verifying the authenticity of kernel drivers. Exploiting this vulnerability allows an attacker to load improperly signed drivers into the kernel...

6.2CVSS7.7AI score0.01184EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2018/12/07 12:0 a.m.11 views

The vulnerability of the Windows operating system’s kernel, which allows a hacker to disclose protected information

The vulnerability of the Windows operating system’s kernel is caused by errors during the initialization of objects in memory. Exploiting this vulnerability can allow an attacker to disclose sensitive information through a specially crafted application...

7.8CVSS7.7AI score0.01655EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2018/12/07 12:0 a.m.11 views

The vulnerability of Microsoft Word’s text editor lies in memory object processing errors, which allow attackers to execute arbitrary code.

The vulnerability of Microsoft Word relates to errors in memory object handling. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code with user privileges using a specially crafted file...

10CVSS8.2AI score0.19059EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2018/11/15 12:0 a.m.11 views

The vulnerability in the implementation of the Precision Time Protocol (PTP) in the network operating system of Cisco NX-OS on Cisco Nexus switches of the 5500, 5600, and 6000 series allows a attacker to cause a service failure.

The vulnerability of the Precision Time Protocol PTP implementation in the network operating system of Cisco NX-OS on Cisco Nexus series 5500, 5600, and 6000 switches is caused by errors in processing input data. Exploiting this vulnerability can allow a malicious actor to cause service...

8.6CVSS5.5AI score0.04483EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/08/23 12:0 a.m.11 views

The vulnerability of the PDF library in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of PDF libraries in Windows operating systems is related to improper handling of objects in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted web page or PDF file...

7.6CVSS5.9AI score0.18594EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2018/08/14 12:0 a.m.11 views

The vulnerability of Medtronic MyCareLink Patient Monitor lies in the insufficient verification of data authenticity, allowing attackers to inject arbitrary information into the Medtronic CareLink network.

The vulnerability of Medtronic MyCareLink Patient Monitor relates to insufficient verification of data authenticity. Exploiting this vulnerability could allow an attacker, operating remotely, to inject arbitrary information into the Medtronic CareLink network...

6.8CVSS5.6AI score0.00361EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2018/08/10 12:0 a.m.11 views

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain full control over the application.

The vulnerability of the Core component of the Oracle VM VirtualBox software is related to lack of access control. Exploiting this vulnerability can allow an attacker to gain full control over the application...

8.6CVSS7.6AI score0.00584EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/08/10 12:0 a.m.11 views

The vulnerability of the Outside In Filters component of the software development kit (SDK) provided by Outside In Technology allows a perpetrator to gain unauthorized access to protected data or cause service failures.

The vulnerability of the Outside In Filters component within the software development kit SDK of Outside In Technology is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected data or...

7.1CVSS7.8AI score0.02336EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/08/10 12:0 a.m.11 views

The vulnerability of the Product Diagnostic Tools component of the Order Management system allows a perpetrator to gain full control over the application.

The vulnerability of the Product Diagnostic Tools component in the Order Management system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain full control over the application...

7CVSS7.8AI score0.00408EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/08/03 12:0 a.m.11 views

The vulnerability of the User Interface component of the Trade Management business platform allows a perpetrator to gain unauthorized access to protected data.

The vulnerability of the User Interface component of the Trade Management business platform is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected data using the HTTP protocol...

8.2CVSS7.8AI score0.02024EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/08/03 12:0 a.m.11 views

The vulnerability of Oracle Marketing’s User Interface component allows a hacker to gain unauthorized access to protected data.

The vulnerability of Oracle Marketing’s User Interface component is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected data using the HTTP protocol...

8.2CVSS7.8AI score0.02024EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/07/27 12:0 a.m.11 views

The vulnerability of the Nikto web application security scanner lies in the lack of mechanisms to neutralize special elements in the input commands of the operating system. This allows attackers to execute arbitrary commands on the operating system.

The vulnerability of the Nikto web scanner is related to the lack of neutralization of special elements in the input data of the operating system during the generation of CSV files containing the results of scanning. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS6AI score0.24727EPSS
Exploits5References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/07/27 12:0 a.m.11 views

The vulnerability of the Qualcomm WLAN operating system driver for Android from the CAF repository allows a hacker to increase their privileges.

The vulnerability of the Qualcomm WLAN operating system driver for Android, found in the CAF repository, is due to an overflow in the buffer in the “stack”. Exploiting this vulnerability can allow a remote attacker to gain increased privileges...

9.3CVSS7.5AI score0.00455EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/04/12 12:0 a.m.11 views

The vulnerability of the libavc library in the Media Framework component of the Android operating system allows a hacker to trigger a service failure.

The vulnerability of the libavc library used in the Media Framework of the Android operating system is related to insufficient state checking. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

9.1CVSS7.7AI score0.0067EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/04/12 12:0 a.m.11 views

The vulnerability of the libavc library in the Media Framework component of the Android operating system allows a hacker to disclose protected information or cause system failures.

The vulnerability of the libavc library in the Media Framework of the Android operating system is related to insufficient state checking. Exploiting this vulnerability can allow a malicious actor to disclose protected information or cause service failures...

9.1CVSS7.7AI score0.00684EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/03/21 12:0 a.m.11 views

The vulnerability of the Bootloader component of Android operating systems from the CAF repository allows a hacker to trigger buffer overflows.

The vulnerability of the bootloader component of Android operating systems from the CAF repository arises from an operation that occurs outside the buffer in memory. Exploiting this vulnerability allows a malicious actor, operating remotely, to trigger buffer overflows by manipulating data relate...

9.3CVSS5.7AI score0.00617EPSS
Exploits0References4
Total number of security vulnerabilities5000