90509 matches found
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the Connection Manager module (con_mgr) in microprogrammed network devices from ASR Microelectronics, such as ASR1803L, ASR1806, ASR1901, and ASR1903L, allows a perpetrator to gain unauthorized access to protected information or cause service failures.
The vulnerability of the Connection Manager conmgr module in microprogrammed network devices from ASR Microelectronics, such as ASR1803L, ASR1806, ASR1901, and ASR1903L, is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to gain unauthoriz...
The vulnerability of the net/vmw_vsock/virtio_transport_common.c component in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the net/vmwvsock/virtiotransportcommon.c component in the Linux operating system is related to information disclosure. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the built-in web server boa (/boafrm/formFilter) of the TOTOLINK N300RH router’s microprogramming software allows a hacker to cause a service failure.
The vulnerability of the built-in web server boa /boafrm/formFilter of the TOTOLINK N300RH router software is related to improper cleaning or release of resources during the processing of the url parameter. Exploiting this vulnerability allows a malicious actor to cause service failures by sendin...
Vulnerabilities of functions rtk_usb2phy_probe() and devm_kzalloc() in the Linux operating system, allowing attackers to cause service failures
The vulnerabilities of the rtkusb2phyprobe and devmkzalloc functions in the Linux operating system are related to pointer arithmetic errors. Exploiting these vulnerabilities can allow an attacker to cause a service failure...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the Citrix ADC application delivery controller (formerly Citrix NetScaler Application Delivery Controller) and the Citrix Gateway virtual environment access control system (formerly Citrix NetScaler Gateway) relates to the occurrence of operations outside the buffer in memory. This vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Citrix ADC application delivery controller formerly Citrix NetScaler Application Delivery Controller and the Citrix Gateway virtual environment access control system formerly Citrix NetScaler Gateway is related to an operation that goes beyond the buffer in memory...
The vulnerability in the LLVM Toolchain development tools relates to the execution of operations outside of the buffer in memory, allowing an attacker to trigger a service failure.
The vulnerability of the LLVM Toolchain development tools is related to the execution of operations outside of the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to trigger a service failure...
The vulnerability of the net/smc component in Linux operating systems allows attackers to compromise data integrity.
The vulnerability of the net/smc component in Linux operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to compromise the integrity of data...
The vulnerability of the Adobe Experience Manager content and media data management system, related to the lack of measures taken to protect the website structure, allows a perpetrator to execute arbitrary code.
The vulnerability of the Adobe Experience Manager content and media data management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the FontFaceSet interface in Mozilla Firefox and Firefox ESR browsers allows a perpetrator to trigger a service failure.
The vulnerability of the FontFaceSet interface in Mozilla Firefox and Firefox ESR browsers is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the chacha20_poly1305_set_key() function in the libssh library, which allows a hacker to disclose sensitive information
The vulnerability of the chacha20poly1305setkey function in the libssh library is related to the lack of checking for the returned value. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, which allows attackers to execute XSS attacks.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks remotely...
The vulnerability of the qeth_clear_working_pool_list() function in the drivers/s390/net/qeth_core_main.c file of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the qethclearworkingpoollist function in the drivers/s390/net/qethcoremain.c file of the Linux operating system is related to the assignment of a NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the function ieee80211_get_rate_duration() in the net/mac80211/airtime.c module of the mac80211 stack in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the ieee80211getrateduration function in the net/mac80211/airtime.c module of the mac80211 stack in the Linux operating system is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
Vulnerability of the arm_smmu_iova_to_phys_hard() function in the driver/iommu/arm-smmu.c file – This is a Linux kernel IOMMU support driver that allows attackers to compromise the confidentiality and accessibility of protected information.
Vulnerability of the armsmmuiovatophyshard function in the driver/iommu/arm-smmu.c file – The Linux kernel’s IOMMU support driver is vulnerable to security-related errors. Exploiting this vulnerability could allow attackers to compromise the confidentiality and accessibility of protected...
The vulnerability of the software for configuring and setting up devices of the UR series from GE Vernova Enervista UR Setup lies in the use of rigidly encrypted credentials. This allows a malicious individual to influence the integrity of the protected information.
The vulnerability of the software for configuring and setting up devices of the Universal Relay UR series from GE Vernova Enervista UR Setup lies in the use of rigidly encrypted credentials. Exploiting this vulnerability could allow an attacker to influence the integrity of the protected...
The vulnerability of the amdgpu_device_fini_sw() function in the drivers/gpu/drm/amd/amdgpu/amdgpu_device.c kernel of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the amdgpudevicefinisw function in the drivers/gpu/drm/amd/amdgpu/amdgpudevice.c kernel of the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity...
The vulnerability of the macro definition rtw89_for_each_in_txpwr_conf in the Linux kernel’s drivers/net/wireless/realtek/rtw89/core.h module allows a attacker to compromise the confidentiality and accessibility of the protected information.
The vulnerability of the macro definition rtw89foreachintxpwrconf in the drivers/net/wireless/realtek/rtw89/core.h file of the Linux kernel is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility...
Vulnerability of the uss720_probe() function in the drivers/usb/misc/uss720.c module – The driver for supporting USB devices in Linux kernel allows a hacker to gain access to protected information.
Vulnerability of the uss720probe function in the drivers/usb/misc/uss720.c module – The Linux kernel’s USB device support driver is vulnerable to security-related errors. Exploiting this vulnerability could allow an attacker to gain access to protected information...
The vulnerability of the rt4801_enable() function in the drivers/regulator/rt4801-regulator.c file of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the rt4801enable function in the drivers/regulator/rt4801-regulator.c file of the Linux kernel is related to the dereferencing of the NULL pointer. Exploiting this vulnerability could allow an attacker to cause a system failure...
The vulnerability of the check_max_stack_depth() function in the kernel/bpf/verifier.c module, which is part of the BPF interpreter support in the Linux operating system’s kernel, allows a hacker to access protected information or trigger a service failure.
The vulnerability of the checkmaxstackdepth function in the kernel/bpf/verifier.c module, which is part of the BPF interpreter support in the Linux operating system, involves reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to access protected informatio...
The vulnerability of the securebio_identify() function in the Dell ControlVault3 security management driver allows a attacker to execute arbitrary code.
The vulnerability of the securebioidentify function in the Dell ControlVault3 security driver suite is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability of the ath12k_dp_free() function in the driver drivers/net/wireless/ath/ath12k/dp.c, which is part of the Atheros/Qualcomm wireless adapter support in the Linux operating system, allows a hacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the ath12kdpfree function in the drivers/net/wireless/ath/ath12k/dp.c file, which is part of the Atheros/Qualcomm wireless adapter support in the Linux operating system, involves re-liberating memory that has already been freed. Exploiting this vulnerability could allow an...
The vulnerability of the Yealink Meeting Server, related to the disclosure of information, allows a perpetrator to gain unauthorized access to confidential data.
The vulnerability of the Yealink Meeting Server relates to the disclosure of information. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to confidential information...
The vulnerability of the Local Security Authority (LSA) service on Windows operating systems allows a perpetrator to trigger a service failure.
The vulnerability of the Local Security Authority LSA service on Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to cause a service failure...
The vulnerability of the “Termide Virtual Desktops Connection Monitor” software agent arises from the lack of protective measures for the request structure, allowing attackers to enhance their privileges.
The vulnerability of the “Termide Virtual Desktops Connection Monitor” software agent is related to the lack of protective measures for the request structure. Exploiting this vulnerability allows a malicious actor to enhance their privileges by using specially crafted authorized HTTP requests...
The vulnerability of the Autodesk On-Demand Install Services (AdODIS) software update service allows a hacker to elevate their privileges to the level of NT AUTHORITY/SYSTEM.
The vulnerability of the Autodesk On-Demand Install Services AdODIS software update service is related to the use of an unreliable search path. Exploiting this vulnerability can allow an attacker to elevate their privileges to the NT AUTHORITY/SYSTEM level by loading a specially crafted binary fi...
The vulnerability of the SSLVPN microprogramming system for network interfaces from SonicWall SMA 100 allows a hacker to bypass security restrictions.
The vulnerability of the SSLVPN microprogramming system for network interfaces from SonicWall SMA 100 relates to an incorrect restriction on the path name to the restricted access directory. Exploiting this vulnerability could allow a malicious actor to bypass security restrictions remotely...
The vulnerability of the AT+MFRULE command in the microprogramming software for Industrial Routers Microhard IPn4Gii-NA2 and BulletLTE-NA2 allows a hacker to increase their privileges.
The vulnerability of the AT+MFRULE command in the microprogramming software for Industrial Routers Microhard IPn4Gii-NA2 and BulletLTE-NA2 is related to the implementation or modification of certain arguments. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the “Sotbit: Origami” plugin, which stems from insufficient validation of input data, allows a hacker to execute arbitrary code.
The vulnerability of the “Sotbit: Origami” plugin is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the SIMATIC PCS neo technology process management web system, related to incorrect session duration, allows a intruder to intercept the user’s session.
The vulnerability of the SIMATIC PCS neo technology process management web system is related to incorrect session duration. Exploiting this vulnerability could allow an attacker to intercept the user’s session...
Vulnerability of the mt7615_unregister_device() function in the driver/net/wireless/mediatek/mt76/mt7615/pci_init.c file – This is a driver for supporting wireless connection adapters in the Linux operating system. It allows an attacker to gain access to protected information.
Vulnerability of the mt7615unregisterdevice function in the driver/net/wireless/mediatek/mt76/mt7615/pciinit.c file – The Linux kernel’s wireless adapter support driver is vulnerable to a memory leak before the last reference is freed. Exploiting this vulnerability could allow an attacker to acce...
Vulnerability of the mt7915_unregister_device() function in the drivers/net/wireless/mediatek/mt76/mt7915/init.c file – This driver is part of the Linux kernel’s wireless adapter support mechanism; it allows a hacker to cause a service failure.
Vulnerability of the mt7915unregisterdevice function in the drivers/net/wireless/mediatek/mt76/mt7915/init.c module – The Linux kernel’s wireless adapter support driver has vulnerabilities related to security configuration errors. Exploiting this vulnerability could allow an attacker to cause...
The vulnerability of the built-in server boa (/boafrm/formWsc) of the TOTOLINK X2000R router’s microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the built-in server boa /boafrm/formWsc of the TOTOLINK X2000R router microprogramming system is related to the lack of measures to sanitize input data during the processing of the peerRptPin parameter. Exploiting this vulnerability allows a remote attacker to execute arbitra...
The vulnerability of the Device Configuration component in the APIX application programming interface of the AXIS OS operating system allows a perpetrator to increase their privileges.
The vulnerability of the Device Configuration component in the APIX application programming interface of the AXIS OS operating system is related to insecure management of privileges. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the getServerPayload method in the HPE StoreOnce VSA storage virtualized system allows a attacker to disclose protected information.
The vulnerability of the getServerPayload method in the HPE StoreOnce VSA storage virtualized environment is related to an incorrect restriction on the path name to the restricted-access directory. Exploiting this vulnerability could allow a malicious actor to disclose protected information from ...
The vulnerability in the x509_main function of the apps/x509.c module in the OpenSSL library allows a attacker to replace the trusted certificate.
The vulnerability of the x509main function in the apps/x509.c module of the OpenSSL library is related to errors in the certificate validation process. Exploiting this vulnerability could allow an attacker to replace the trusted certificate...
The vulnerability of the JetBrains YouTrack project and task management software, related to the lack of authentication for a critical function, allows attackers to gain unauthorized access to protected information.
The vulnerability of the JetBrains YouTrack project and task management software lies in the lack of authentication for a critical function. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
The vulnerability of the Attachments component in the iSupplier Portal application of the Oracle E-Business Suite allows a perpetrator to disclose protected information.
The vulnerability of the Attachments component in the iSupplier Portal application of the Oracle E-Business Suite is related to access control errors. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information using the HTTP protocol...
The vulnerability of the deletePackages method in the HPE StoreOnce VSA virtual storage system allows a attacker to gain access to read and delete any files they desire.
The vulnerability of the deletePackages method in the HPE StoreOnce VSA virtual storage system is related to an incorrect restriction on the path name to the restricted-access directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to read and...
The vulnerability of embedded software developed by Qualcomm, related to the execution of operations outside the buffer in memory, allows attackers to disclose protected information.
The vulnerability of embedded Qualcomm software is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to disclose protected information during the processing of RTP packets...
The vulnerability of the “Print” and “Export Word” functions of the Atlassian Jira Service Management Data Center and Server software allows attackers to enhance their privileges.
The vulnerability of the “Print” and “Export Word” functions in the Atlassian Jira Service Management Data Center and Server software products is related to deficiencies in access control. Exploiting this vulnerability could allow attackers to enhance their privileges remotely...
The vulnerability of the Git Utilities module for Drupal CMS systems lies in the insufficient protection of operational data, allowing attackers to gain access to read, modify, or delete data, or execute arbitrary code.
The vulnerability of the Git Utilities module for Drupal CMS systems is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to read, modify, or delete data, or execute arbitrary code...
The vulnerability of the tar.vim plugin for the Vim text editor allows a hacker to execute arbitrary code.
The vulnerability of the tar.vim plugin for the Vim text editor is related to the lack of measures taken at the control level to clean up data. Exploiting this vulnerability allows an attacker to execute arbitrary code using specially created tar files...
The vulnerability of the File Abstraction Layer (FAL) of the TYPO3 content management system allows a hacker to upload arbitrary files.
The vulnerability of the File Abstraction Layer FAL used for processing media files in the TYPO3 content management system is related to the ability to download unlimited number of dangerous types of files. Exploiting this vulnerability allows a remote attacker to download arbitrary files...
The vulnerability of the VS6EditData!Conv_Macro_Data() function of the HMI configuration software for Monitouch V-SFT allows a malicious individual to gain unauthorized access to protected information, execute arbitrary code, or cause service failure.
The vulnerability of the VS6EditData!ConvMacroData function of the HMI configuration software for Monitouch V-SFT is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information, execu...
The vulnerability of the PCMan FTP Server relates to the occurrence of operations beyond the buffer boundaries in memory. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the FTP server PMan FTP Server relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
Vulnerability of the VS6EditData.dll function!CWinFontInf::WinFontMsgCheck() of the HMI configuration software for Monitouch V-SFT interfaces. This vulnerability allows an attacker to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.
The vulnerability of the VS6EditData.dll function!CWinFontInf::WinFontMsgCheck in the HMI configuration software for Monitouch V-SFT is related to the release of an incorrect pointer. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information, execu...