90509 matches found
The vulnerability of the GeoWebCache component of the software for managing and publishing geospatial data on the OSGeo GeoServer server allows a perpetrator to execute arbitrary code.
The vulnerability of the GeoWebCache component of the software for managing and publishing geospatial data on the OSGeo GeoServer server is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the UpdateConnectionVariablesWithImport method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, allowing a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the UpdateConnectionVariablesWithImport method in software for managing and monitoring deleted objects in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to...
The vulnerability of the torch.load() function in the PyTorch machine learning framework allows a hacker to execute arbitrary code.
The vulnerability of the torch.load function in the PyTorch machine learning framework is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the NCompress::NRar3::CDecoder::Code method in p7zip and 7-Zip archivers allows a hacker to trigger a service failure or execute arbitrary code.
The vulnerability of the NCompress::NRar3::CDecoder::Code method in p7zip and 7-Zip archivers is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure or execute arbitrary code through the...
The vulnerability of TP-Link Tapo H200 smart home control software, related to the storage of information in an open manner, allows a intruder to obtain Wi-Fi credentials.
The vulnerability of TP-Link Tapo H200 smart home control software relates to the storage of information in an open manner. Exploiting this vulnerability could allow a intruder to obtain Wi-Fi credentials...
The vulnerability of the Demon Routing Protocol Daemon (RPD) in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause a service failure.
The vulnerability of the Demon Routing Protocol Daemon RPD in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to insufficient handling of exceptional states. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of the OData protocol implementation in SAP S4CORE Entity software allows unauthorized access to protected information.
The vulnerability of the OData protocol implementation in SAP S4CORE Entity software is related to deficiencies in displaying hidden user fields. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the setNetworkDiag function in TOTOLINK CA300-PoE router microprogramming software allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the setNetworkDiag function in TOTOLINK CA300-PoE router microprogramming software is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibili...
The vulnerability of the SAP Commerce Cloud platform, related to the transmission of critical information in open text, allows attackers to disclose protected information.
The vulnerability of the SAP Commerce Cloud e-commerce platform lies in the transmission of critical information in plaintext. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...
The vulnerability of HP LaserJet Pro printer’s microprogramming software, related to improper handling of unexpected data types, allows attackers to trigger malfunctions during maintenance.
The vulnerability of HP LaserJet Pro printer’s microprogramming software is related to improper handling of unexpected types of data. Exploiting this vulnerability can allow an attacker to cause a service failure by sending a JPEG-file via IPP Internet Printing Protocol...
The vulnerability in the virtual learning environment Moodle, related to the manipulation of cross-site requests, allows a hacker to perform a CSRF attack.
The vulnerability in the virtual learning environment Moodle is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to perform a CSRF attack remotely...
The vulnerability of the pgAdmin 4 database management tool, related to the lack of authentication, allows a hacker to bypass the authentication checks and execute arbitrary code.
The vulnerability of the pgAdmin 4 database management tool is related to the absence of authentication. Exploiting this vulnerability allows a malicious actor to bypass authentication checks and execute arbitrary code...
The vulnerability of the IP address verification mechanism in the Brocade Fabric OS operating system allows a hacker to execute arbitrary code with root privileges.
The vulnerability of the IP address verification mechanism in the Brocade Fabric OS operating system is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code with root privileges...
The vulnerability of the `rfcomm_sock_alloc()` function in the `net/bluetooth/rfcomm/sock.c` module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the rfcommsockalloc function in the net/bluetooth/rfcomm/sock.c module of the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibili...
The vulnerability of the snd_seq_timer_open() function in the sound/core/seq/seq_timer.c module allows a hacker to cause a service failure in the Linux operating system’s kernel sequencer.
The vulnerability of the sndseqtimeropen function in the sound/core/seq/seqtimer.c module relates to the repeated use of previously freed memory. Exploiting this vulnerability could allow a attacker to cause a service failure...
The vulnerability of the skb_tunnel_info() function in the include/net/dstmetadata.h module of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the skbtunnelinfo function in the include/net/dstmetadata.h module of the Linux kernel involves reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Custom Tabs component in Google Chrome and Microsoft Edge browsers allows a hacker to replace the user interface.
The vulnerability of the Custom Tabs component in Google Chrome and Microsoft Edge is related to information representation errors in the user interface. Exploiting this vulnerability can allow an attacker to replace the user interface with a specially created HTML page...
The vulnerability of the E-Staff recruitment automation system, related to errors in data filtering during file conversion, allows a perpetrator to gain unauthorized access to protected information and enhance their privileges.
The vulnerability of the E-Staff recruitment process automation system is related to errors in data filtering during file conversion. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information and enhance their privileges...
The vulnerability of the E-Staff automated recruitment process system, related to errors in data filtering during file recording, allows a perpetrator to execute arbitrary commands.
The vulnerability of the E-Staff recruitment process automation system is related to errors in data filtering during the writing of information into files. Exploiting this vulnerability can allow a malicious actor to reset the administrator’s credentials and execute arbitrary commands...
The vulnerability of the iSurvey Module component of the software for creating and processing scenarios in Oracle Scripting of the Oracle E-Business Suite allows a perpetrator to gain unauthorized access to the system.
The vulnerability of the iSurvey Module component of the software for creating and processing scenarios in Oracle Scripting, a system for automating business activities within the Oracle E-Business Suite, is related to insufficient validation of input data. Exploiting this vulnerability could all...
The vulnerability of the mgmt_alloc_skb() function in the net/bluetooth/mgmt.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the mgmtallocskb function in the net/bluetooth/mgmt.c module of the Linux kernel is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the virtual server “1C-Bitrix: Virtual Machine” involves deficiencies in access control, allowing attackers to elevate their privileges to the root level.
The vulnerability of the virtual server “1C-Bitrix: Virtual Machine” is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to elevate their privileges to the root level...
The vulnerability of the input_event() function in the drivers/hid/hid-appleir.c module of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the inputevent function in the drivers/hid/hid-appleir.c module of the Linux kernel is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a system failure...
The vulnerability of the dmub_dcn35_get_current_time() function in the Direct Rendering Infrastructure (DRI) driver for AMD kernel-based Linux operating systems allows a malicious actor to cause a system failure.
The vulnerability of the dmubdcn35getcurrenttime function in the Direct Rendering Infrastructure DRI driver for AMD kernel-based Linux operating systems is related to the reutilization of previously freed memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the ipc_msg_send_request() function in the fs/smb/server/transport_ipc.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the ipcmsgsendrequest function in the fs/smb/server/transportipc.c module of the Linux operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the parse_sec_desc() function in the fs/smb/server/smbacl.c module of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the parsesecdesc function in the fs/smb/server/smbacl.c module of the Linux operating system is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the graphical interface of the Fortinet FortiDeceptor tool for detecting and responding to external and internal security threats allows a perpetrator to execute arbitrary code.
The vulnerability of the graphical interface of the Fortinet FortiDeceptor tool for detecting and responding to external and internal security threats is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a remote attacker to execute...
Microsoft Edge browser’s vulnerability, related to insufficient validation of input data, allows attackers to execute arbitrary code.
The vulnerability of Microsoft Edge is related to insufficient validation of input data during the processing of the ms-its URI scheme. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by opening a specially created malicious file or web page...
The vulnerability of the software for centralized device management in Fortinet’s FortiManager and security event monitoring and analysis tools, FortiAnalyzer, arises from the ability to disclose information through registration files, allowing an intruder to gain unauthorized access to protected information.
The vulnerability of the software for centralized device management in Fortinet’s FortiManager and security event monitoring and analysis tools, FortiAnalyzer, relates to the disclosure of information through registration files. Exploiting this vulnerability can allow an attacker, operating...
The vulnerability of the tdhttpd service in the microprogramming software for Tenda AX1806 allows a hacker to cause a service failure.
The vulnerability of the tdhttpd service in the microprogramming-based router software of Tenda AX1806 relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause a service failure...
The vulnerability of the WPE WebKit and WebKitGTK page rendering modules, related to resource release errors, allows attackers to trigger a service failure.
The vulnerability of the WPE WebKit and WebKitGTK page rendering modules is related to errors during resource release. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the GLPI system’s request, incident, and asset inventory management processes, related to the lack of measures taken to protect the website structure, allows attackers to carry out attacks using cross-site scripting (XSS).
The vulnerability of the GLPI system’s request, incident, and asset inventory management functions is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows attackers who operate remotely to carry out attacks using cross-site scripting XSS...
The vulnerability of the BIOS microprogramming system in Dell laptops allows a hacker to execute arbitrary code.
The vulnerability of the BIOS microprogramming system in Dell laptops is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the kernel-level driver nvlddmkm.sys from NVIDIA’s graphics processing units, including GeForce, Quadro, NVS, and Tesla, allows attackers to cause system failures or gain unauthorized access to protected information.
The vulnerability of the kernel mode driver nvlddmkm.sys of NVIDIA’s graphics processing units, including GeForce, Quadro, NVS, and Tesla, relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to cause system failures, gain unauthorized...
The vulnerability of the EMACS text editor arises from the lack of measures taken to eliminate special elements, allowing attackers to execute arbitrary commands.
The vulnerability of the EMACS text editor exists because measures to neutralize special elements have not been taken. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...
Vulnerability of the mlx5_cmd_init() function in the drivers/net/ethernet/mellanox/mlx5/core/cmd.c file – This is a driver for supporting Mellanox Ethernet network adapters in Linux operating systems. It allows a hacker to cause a service failure.
Vulnerability of the mlx5cmdinit function in the drivers/net/ethernet/mellanox/mlx5/core/cmd.c file – The Mellanox Ethernet network adapter driver for Linux operating systems is vulnerable due to a reliance on the NULL pointer dereferencing mechanism. Exploiting this vulnerability could allow an...
Vulnerability of the iwl_mvm_mld_rm_sta() function in the drivers/net/wireless/intel/iwlwifi/mvm/mld-sta.c module – The Linux kernel wireless adapter driver allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the iwlmvmmldrmsta function in the drivers/net/wireless/intel/iwlwifi/mvm/mld-sta.c file is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...
The vulnerability of the rt5645_i2cremove() function in the sound module/soc/codecs/rt5645.c file, which is part of the Linux operating system’s SoC audio kernel, allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the rt5645i2cremove function in the sound module/soc/codecs/rt5645.c file, which is part of the Linux operating system’s sound support for SoC cores, relates to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise t...
The vulnerability of the show_cpuinfo() function in the arch/sh/kernel/cpu/proc.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the showcpuinfo function in the arch/sh/kernel/cpu/proc.c module of the Linux operating system is related to the use of a name with incorrect references. Exploiting this vulnerability could allow an attacker to cause a service failure...
Vulnerability of the cxl_regionDecodeReset() function in the drivers/cxl/core/region.c module – This driver for supporting CXL device controllers in the Linux operating system allows a hacker to trigger a service failure.
Vulnerability of the cxlregionDecodeReset function in the drivers/cxl/core/region.c module – The CXL Device Support Driver for Linux operating systems is related to the dereferencing of the NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the virtual server “1C-Bitrix: Virtual Machine” involves deficiencies in access control, allowing attackers to elevate their privileges to the root level.
The vulnerability of the virtual server “1C-Bitrix: Virtual Machine” is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to elevate their privileges to the root level...
The vulnerability of the ndisc_alloc_skb() function in the net/ipv6/ndisc.c module of the Linux operating system’s IPv6 kernel implementation allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the ndiscallocskb function in the net/ipv6/ndisc.c module of the Linux operating system’s IPv6 kernel implementation is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity,...
The vulnerability of the __do_sys_perf_event_open() function in the kernel/events/core.c module of the Linux operating system allows a attacker to compromise the integrity of protected information.
The vulnerability of the dosysperfeventopen function in the kernel/events/core.c module of the Linux operating system is related to improper locking of resources. Exploiting this vulnerability could allow an attacker to compromise the integrity of protected information...
The vulnerability of the tagged_addr_ctrl_get() function in the arch/arm64/kernel/ptrace.c module, which is part of the ARM 64-bit kernel support for the Linux operating system, allows a hacker to gain access to protected information or cause a service failure.
The vulnerability of the taggedaddrctrlget function in the arch/arm64/kernel/ptrace.c module, which is part of the ARM 64-bit kernel support for the Linux operating system, relates to access to an uninitialized pointer. Exploiting this vulnerability could allow an attacker to gain access to...
The vulnerability of the Factory Default configuration of the Microprogramming Software for Digital Radio Data Transmission Devices Trio Q Data Radio, which allows a intruder to gain unauthorized access to protected information.
The vulnerability of the Factory Default configuration of the Microprogramming Software for Digital Radio Data Transmission Devices from Trio Q Data Radio is related to the insecure storage of confidential information. Exploiting this vulnerability could allow an intruder to gain unauthorized...
Vulnerability of the amdgpu_get_xgmi_hive() function in the drivers/gpu/drm/amd/amdgpu/amdgpu_xgmi.c module – A driver for supporting AMD GPU cores in Linux operating systems, which allows a hacker to cause a service failure
Vulnerability of the amdgpugetxgmihive function in the drivers/gpu/drm/amd/amdgpu/amdgpuxgmi.c module – The Linux kernel driver for AMD GPU Direct Rendering Infrastructure supports is related to improper disabling or release of resources. Exploiting this vulnerability can allow an attacker to cau...
Vulnerability of the intel_iommu_probe_device() function in the drivers/iommu/intel/iommu.c module – This is a Linux kernel IOMMU driver that allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
Vulnerability of the inteliommuprobedevice function in the drivers/iommu/intel/iommu.c module – The Linux kernel’s IOMMU support driver contains errors in its code. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected...
The vulnerability of the Xen kernel component in the Linux operating system, which allows a hacker to trigger a service failure
The vulnerability of the xen component in the Linux operating system’s kernel is related to a memory leak in the xenbusdevprobe function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the sk_setsockopt() function in the net/core/sock.c module exposes the support for kernel network functions in the Linux operating system, allowing an attacker to cause a service failure.
The vulnerability of the sksetsockopt function in the net/core/sock.c module related to Linux kernel network functions is associated with synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the `timerlat_fd_open()` function in the kernel/trace/trace_osnoise.c module, which supports Linux operating system tracing, allows a hacker to cause a service failure.
The vulnerability of the timerlatfdopen function in the kernel/trace/traceosnoise.c module, which supports Linux operating system tracing, is related to the assignment of the NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...