90509 matches found
The vulnerability of the FUN_00459fdc function in the Totolink A3002R router’s microprogramming software allows a intruder to execute arbitrary commands.
The vulnerability of FUN00459fdc in the Totolink A3002R router’s microprogramming software relates to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...
The vulnerability of the UEFI RCM loader on NVIDIA’s industrial-class artificial intelligence software platforms, IGX Orin and Jetson AGX Orin, allows a hacker to execute arbitrary code, cause system failures, disclose sensitive information, or gain increased privileges.
The vulnerability of the UEFI RCM software platform for industrial-class artificial intelligence systems, such as NVIDIA IGX Orin and Jetson AGX Orin, is related to the incorrect implementation of security functions for the user interface. Exploiting this vulnerability can allow attackers to...
The vulnerability of the /adv_arpspoofing.php file, a component of the ARP Spoofing Prevention software for wireless access points from D-Link, allows attackers to carry out cross-site scripting attacks.
The vulnerability of the /advarpspoofing.php file, a component of the ARP Spoofing Prevention page of the D-Link DAP-2695 wireless access points, is related to the lack of security measures for the website structure. Exploiting this vulnerability allows an attacker, operating remotely, to perform...
The vulnerability of the /adv_arpspoofing.php file, a component of the ARP Spoofing Prevention software for D-Link DAP-2695 wireless access points, allows attackers to execute cross-site scripting attacks.
The vulnerability of the /advarpspoofing.php file, a component of the ARP Spoofing Prevention software for D-Link DAP-2695 wireless access points, is related to the lack of security measures for the website structure. Exploiting this vulnerability allows a remote attacker to perform cross-site...
The vulnerability of the ICMP service of industrial switches SCALANCE W-700 IEEE 802.11ax allows a intruder to cause a service failure.
The vulnerability of the ICMP service of industrial switches SCALANCE W-700 IEEE 802.11ax is related to an uncontrolled consumption of resources. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...
The vulnerability of the SNMPv3 implementation of SCALANCE W-700 IEEE 802.11ax industrial switches allows a intruder to alter the data representation type.
The vulnerability of the SNMPv3 implementation of SCALANCE W-700 IEEE 802.11ax switches is related to access control errors. Exploiting this vulnerability allows a remote attacker to alter the data representation type...
The vulnerability of the HTTP POST Request Handler component of the /boafrm/formNtp file in the microprogramming software for routers A702R, A3002R, and A3002RU allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the HTTP POST Request Handler component of the /boafrm/formNtp file in the microprogramming software for routers A702R, A3002R, and A3002RU is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker ...
The vulnerability of the /cgi-bin/ExportSyslog.sh script, a microprogramming solution for TOTOLINK A3000RU routers, allows a hacker to circumvent existing security restrictions.
The vulnerability of the /cgi-bin/ExportSyslog.sh script, a microprogramming solution for TOTOLINK A3000RU routers, is related to the improper assignment of privileges. Exploiting this vulnerability could allow an attacker to bypass security restrictions remotely...
The vulnerability of D-Link DI-7003GV2 router microprogramming software, related to improper cleaning or release of resources, allows a intruder to trigger a service failure.
The vulnerability of D-Link DI-7003GV2 router microprogramming software is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor to cause service failure remotely...
The vulnerability of the create_lease_buf() function in the SMB subsystem of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the createleasebuf function in the SMB subsystem of Linux operating systems is related to pointer manipulation. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the btrfs_lookup_extent_info() function in the file system of the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the btrfslookupextentinfo function in the file system of the Linux operating system is related to unauthorized callers of the verification function. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the `alloc_tagging_slab_freehook()` function in the Linux kernel’s memory management subsystem allows a hacker to trigger a service failure.
The vulnerability of the alloctaggingslabfreehook function in the Linux kernel’s memory management subsystem is related to improper memory release before deleting the last reference. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from deficiencies in access control. These flaws allow attackers to circumvent security restrictions and gain unauthorized access to protected information.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain unauthorized access to protected information...
The vulnerability of the Adobe Photoshop graphic editor, related to integer overflow, allows a hacker to execute arbitrary code.
The vulnerability of the Adobe Photoshop graphic editor is related to a numerical overflow condition. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the CI/CD application integration and delivery system provided by JetBrains TeamCity lies in the lack of security measures for handling web page structures. This allows attackers to carry out XSS attacks.
The vulnerability of the Continuous Integration and Application Delivery system CI/CD of TeamCity by JetBrains is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks remotely...
The vulnerability of the PHP programming language interpreter, related to deficiencies in handling HTTP request headers, allows attackers to send hidden HTTP requests (HTTP Request Smuggling attack).
The vulnerability of the PHP programming language interpreter is related to deficiencies in the processing of HTTP request headers. Exploiting this vulnerability allows a malicious actor to send hidden HTTP requests a type of HTTP Request Smuggling attack...
The vulnerability in the web interface of the Prisma Cloud Compute security platform allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the web interface of the Prisma Cloud Compute security platform is related to an incorrect session duration. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...
The vulnerability of the Microsoft Azure File Sync data synchronization service, related to access control deficiencies, allows attackers to escalate their privileges.
The vulnerability of the Microsoft Azure File Sync data synchronization service is related to lack of access control. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the dce60_tg_funcs() function in the driver (drivers/gpu/drm/amd/display/dc/dce60/dce60_timing_generator.c) of the Linux operating system, which allows a hacker to trigger a service failure.
The vulnerability of the dce60tgfuncs function in the driver drivers/gpu/drm/amd/display/dc/dce60/dce60timinggenerator.c of the Linux kernel is related to the use of pointers. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the load_microcode_amd() function in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the loadmicrocodeamd function in the Linux operating system’s kernel is related to incorrect array indexing. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of CommVault’s backup and disaster recovery platform, related to incorrect restrictions on the path to the restricted-access catalog, allows a perpetrator to execute arbitrary code.
The vulnerability of CommVault’s backup and disaster recovery platform lies in the improper limitation of the path name to the restricted-access catalog. Exploiting this vulnerability could allow an attacker operating remotely to execute arbitrary code...
The vulnerability of the Enable API Endpoints configuration of the ThinServer component on the Rockwell Automation ThinManager centralized application management platform allows a malicious individual to read arbitrary files.
The vulnerability of the Enable API Endpoints configuration of the ThinServer component of Rockwell Automation’s ThinManager centralized application management platform is related to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow a...
The vulnerability of the libnetcore library in MacOS, tvOS, visionOS, iPadOS, and iOS systems allows attackers to gain increased privileges.
The vulnerability of the libnetcore library in MacOS, tvOS, visionOS, iPadOS, and iOS operating systems is related to errors in the use of standard permissions. Exploiting this vulnerability can allow a remote attacker to increase their privileges...
The vulnerability of the Windows RRAS operating system’s routing and remote access service allows a hacker to disclose protected information.
The vulnerability of the Windows RRAS operating system’s routing and remote access service is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...
The vulnerability of the Hyper-V hardware virtualization system for Windows operating systems allows a perpetrator to trigger a service failure.
The vulnerability of the Hyper-V hardware virtualization technology for Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the /goform/formSetPassword function in D-Link’s DIR-618 and DIR-605L router microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the /goform/formSetPassword function in D-Link DIR-618 and DIR-605L router microprogramming systems is related to access control errors. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the formSetWAN_Wizard534 function in D-Link DIR-605L router microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the formSetWANWizard534 function in the microprogramming software for D-Link DIR-605L routers is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code using the...
The vulnerability of D-Link DIR-816 A2’s microprogrammed software, related to the lack of measures taken to clean data at the management level, allows a hacker to execute arbitrary code.
The vulnerability of the D-Link DIR-816 A2 router’s microprogramming software is related to the lack of measures taken to clean data at the control level. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of Elber Communications Equipment’s software products lies in their ability to bypass the authentication process by using an alternative path or channel. This allows attackers to circumvent the authentication procedures.
The vulnerability of Elber Communications Equipment’ software products relates to bypassing the authentication process by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to circumvent the authentication process and re-register user credentials...
The vulnerability of the Adobe Lightroom graphic editor, related to writing beyond the buffer boundaries in memory, allows a hacker to execute arbitrary code.
The vulnerability of the Adobe Lightroom graphic editor is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of VMware NSX network virtualization platform, related to insecure management of privileges, allows attackers to escalate their privileges.
The vulnerability of VMware NSX network virtualization platform is related to insecure management of privileges. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...
The vulnerability of embedded software developed by Qualcomm, related to synchronization errors when using common resources (“Race Situation”), allows a violator to trigger a service failure.
The vulnerability of embedded Qualcomm software programs is related to synchronization errors when using a common resource “Race Situation”. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the AirDrop wireless data transmission component allows a perpetrator to gain unauthorized access to protected information on operating systems such as iPadOS, iOS, tvOS, and MacOS.
The vulnerability of the AirDrop wireless data transmission component in operating systems such as iPadOS, iOS, tvOS, and MacOS lies in the reading of data beyond the allowed range in memory. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...
The vulnerability of embedded software developed by Qualcomm, related to the swapping of a non-trustworthy pointer, allows a perpetrator to trigger a service failure.
The vulnerability of embedded software developed by Qualcomm relates to the use of an unreliable pointer. Exploiting this vulnerability can allow attackers to cause system failures...
The vulnerability of the libpq library in the PostgreSQL database management system allows a hacker to cause a service failure.
The vulnerability of the libpq library in the PostgreSQL database management system is related to buffer overflows during the processing of PostgreSQL’s GB18030 encoding. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...
The vulnerability of Adobe InDesign’s computer layout automation tool, related to pointer naming errors, allows attackers to trigger a service failure.
The vulnerability of Adobe InDesign’s computer layout automation tool is related to errors in pointer assignment. Exploiting this vulnerability can allow an attacker to trigger a service failure using a specially created malicious file...
The vulnerability of software for integrating old and new technologies from IBM EntireX, related to deficiencies in the error reporting mechanism, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the software for integrating old and new IBM EntireX technologies is related to deficiencies in the mechanism for generating error reports. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...
The vulnerability of TOTOLINK N150RT router microprogramming software arises from the lack of protective measures for website structures, allowing attackers to carry out cross-site scripting attacks.
The vulnerability of TOTOLINK N150RT router microprogramming software exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...
The vulnerability of the “org.xwiki.platform:xwiki-platform-wysiwyg-api” component of the XWiki Platform, a platform for creating collaborative web applications. This vulnerability allows an attacker to compromise the confidentiality and integrity of the protected information.
The vulnerability of the org.xwiki.platform:xwiki-platform-wysiwyg-api component of the XWiki Platform involves redirecting URLs to an unreliable website. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality and integrity of the protected information...
The vulnerability of the kzalloc() function in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the kzalloc function in the Linux operating system’s kernel is related to pointer arithmetic errors. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the IBM Business Automation Workflow software and the IBM Business Automation Workflow Enterprise Service Bus software platform lies in the lack of security measures for website structures. This allows attackers to execute cross-site scripting attacks.
The vulnerability of the IBM Business Automation Workflow software and the IBM Business Automation Workflow Enterprise Service Bus software platform relates to the lack of security measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to...
The vulnerability of the snmptrapd daemon in the universal monitoring system Zabbix allows a intruder to replace the user interface.
The vulnerability of the snmptrapd daemon in the Zabbix monitoring system is related to improper processing of output data for registration logs. Exploiting this vulnerability allows a remote attacker to replace the user interface...
The vulnerability of the CI/CD system’s registration data protection mechanism in TeamCity allows unauthorized access by attackers, enabling them to obtain unauthorized access to protected information.
The vulnerability of the CI/CD application integration and delivery system of JetBrains TeamCity is related to insufficient protection for registration data. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...
The vulnerability of the HTTP Header Handler component in the http_request_parse function of the D-Link DAP-1562 wireless access point software allows a attacker to compromise the confidentiality, accessibility, and integrity of the protected information.
The vulnerability of the HTTP Header Handler component in the httprequestparse function of the D-Link DAP-1562 wireless access point’s microprogramming system is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...
The vulnerability of the InnoDB component of the MySQL Database Server, which allows a hacker to cause a service failure
The vulnerability of the InnoDB component in the MySQL Database Management System is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...
The vulnerability of DRM/STI components in Linux kernel allows a perpetrator to trigger a service failure.
The vulnerability of DRM/STI components in Linux kernel relates to the assignment of the NULL pointer in the stihqvdpatomiccheck function. Exploiting this vulnerability can allow an attacker to trigger a service failure...
The vulnerability of the Apache SeaTunnel data processing software lies in its authentication procedures’ deficiencies, which allow attackers to gain unauthorized access to protected information.
The vulnerability of the Apache SeaTunnel data processing platform is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...
Vulnerability of the Server component: The MySQL Server database management system component, which allows a hacker to cause service interruptions.
Vulnerability of the MySQL Server component: The DDL system for database management of MySQL Server is vulnerable due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...
The vulnerability of the Linux operating system’s kernel quota component, which allows a hacker to trigger a service failure
The vulnerability of the Linux kernel’s quota component is related to improper blocking of resources in the dquotwritebackdquots function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the octeontx2-pf component in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the octeontx2-pf component in the Linux operating system’s kernel is related to resource management errors in the cn10kallocleafprofile function. Exploiting this vulnerability can allow an attacker to cause a service failure...