90509 matches found
The vulnerability of the Linux operating system’s kernel driver components, which allows a hacker to trigger a service failure
The vulnerability of the Linux operating system’s kernel driver components is related to the use of memory after it has been freed. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the nvmet component in the nvmet_root_discovery_nqn_store() function of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the nvmet component, specifically the nvmetrootdiscoverynqnstore function in the Linux operating system’s kernel, is related to the use of incorrect authentication tokens due to unlimited resource allocation. Exploiting this vulnerability could allow a remote attacker to caus...
The vulnerability of the snd_soc_put_volsw_sx() function in the sound/soc/soc-ops.c module of the Linux operating system’s audio support for SoC cores allows a hacker to cause a service failure.
The vulnerability of the sndsocputvolswsx function in the sound/soc/soc-ops.c module, which is part of the Linux operating system’s audio support for SoC cores, involves unvalidated array indexing. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of Microsoft 365 Apps for Enterprise and Office, related to the use of memory after it is freed, allows attackers to increase their privileges.
The vulnerability of Microsoft 365 Apps for Enterprise and Office relates to the use of memory after it is released. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the Kerberos Key Distribution Proxy Service in Windows operating systems allows a perpetrator to cause a service failure.
The vulnerability of the Kerberos Key Distribution Proxy Service in Windows operating systems is related to insufficient resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of the Microsoft Windows operating system’s Telephony Service allows a perpetrator to execute arbitrary code.
The vulnerability of the Microsoft Windows operating system’s Telephony Service is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the fscache_volume.c component in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the fscachevolume.c component in the Linux operating system is related to improper memory release before deleting the last reference. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Local Security Authority (LSA) service in the Windows operating system allows a perpetrator to elevate their privileges.
The vulnerability of the Local Security Authority LSA service in the Windows operating system is related to synchronization errors when using a common resource. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the Linux operating system’s kernel, related to the use of memory after it is freed, allows a hacker to trigger a service failure.
The vulnerability of the Linux operating system’s kernel is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the .NET Remoting technology in systems for visualization and analysis of clinical data based on artificial intelligence, IntelliSpace Portal. This allows a intruder to execute arbitrary code.
The vulnerability of the .NET Remoting technology in systems for visualization and analysis of clinical data based on artificial intelligence, IntelliSpace Portal, is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability could allow an attacker to execute arbitra...
The vulnerability of the gzip_do_write() function in the zlib compression library allows a attacker to bypass ASLR protection, execute arbitrary code, or cause a denial-of-service attack.
The vulnerability of the gzipdowrite function in the zlib compression library, a command-line utility of CURL, is related to integer overflow. Exploiting this vulnerability allows an attacker to bypass ASLR protection, execute arbitrary code, or cause a denial-of-service attack...
The vulnerability of the Windows Hyper-V hardware virtualization system allows a perpetrator to execute arbitrary code.
The vulnerability of the Windows Hyper-V hardware virtualization system is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Windows Common Log File System (CLFS) driver in Windows operating systems allows a hacker to elevate their privileges to a system-level level.
The vulnerability of the Windows Common Log File System CLFS driver in Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their system-level privileges...
The vulnerability of the parse_module() function in the bfd/vms-alpha.c component of the GNU Binutils development environment allows a attacker to access confidential data and also trigger a service failure.
The vulnerability of the parsemodule function in the bfd/vms-alpha.c component of the GNU Binutils development environment is related to reading data from beyond the allowed buffer limits. Exploiting this vulnerability could allow an attacker to access confidential data and also cause service...
The vulnerability of the application software interfaces of Session Smart Router and WAN Assurance, Session Smart Conductor, relates to bypassing the authentication process by using an alternative path or channel. This allows a perpetrator to gain full control over the device.
The vulnerability of the Application Programming Interface of routers like Session Smart Router and WAN Assurance, Session Smart Conductor, lies in the ability to bypass authentication procedures by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor,...
The vulnerability of the au_read_header function in the src/au.c component of the Libsndfile library for reading and writing audio files allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the aureadheader function in the src/au.c file of the Libsndfile library, which is used for reading and writing audio files, is related to a numerical overflow issue. Exploiting this vulnerability could allow an attacker to access confidential data, compromise its integrity,...
The vulnerability of the readDataVar() function in the hdf/dataobject.c component of the Libmysofa library for audio processing allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failure.
The vulnerability of the readDataVar function in the hdf/dataobject.c component of the Libmysofa library for audio processing is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to gain access to confidential data, compromise its integrity, an...
The vulnerability of the dcmnet component of the library for working with DICOM format allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service interruptions.
The vulnerability of the dcmnet component of the library for working with DICOM format in DCMTK is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and even cause...
The vulnerability of the library for working with the DICOM format in DCMT, related to the repeated memory release, allows a perpetrator to trigger a service failure.
The vulnerability of the library for working with the DICOM format in DCMT is related to the repeated memory release. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the iommu/vt-d component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the iommu/vt-d component in the Linux operating system’s kernel is related to excessive resource consumption during the loop. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the MP3 Stream Handler component in the Live555 multimedia streaming library allows a attacker to cause a service failure.
The vulnerability of the MP3 Stream Handler component in the Live555 multimedia streaming library lies in its ability to read data from buffers beyond acceptable limits. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.
The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created link...
The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.
The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created link...
The vulnerability of the functions intel_iommu_init() (drivers/iommu/intel/iommu.c) and enable_drhd_fault_handling() (drivers/iommu/intel/dmar.c) in the Linux kernel allows a hacker to trigger a service failure.
The vulnerability of the functions inteliommuinit drivers/iommu/intel/iommu.c and enabledrhdfaulthandling drivers/iommu/intel/dmar.c in the Linux kernel is related to insufficient locking. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.
The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created link...
The vulnerability of the modTMSM component in the Trend Micro Apex Central security monitoring and management tool allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the modTMSM component in the Trend Micro Apex Central security management and monitoring tool is related to insufficient checking of incoming requests. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...
The vulnerability of the BmpInput::read_native_scanline() function in the src/bmp.imageio/bmpinput.cpp module of the OpenImageIO library allows a hacker to cause a service failure.
The vulnerability of the BmpInput::readnativescanline function in the src/bmp.imageio/bmpinput.cpp module of the OpenImageIO library is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the genelinkbind() function (drivers/net/usb/gl620a.c) in the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the genelinkbind function drivers/net/usb/gl620a.c in the Linux kernel is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the pata_macio_do_resume() function in the Linux operating system’s SATA/PATA kernel support driver allows a hacker to cause a service failure.
The vulnerability of the patamaciodoresume function in the SATA/PATA driver of the Linux operating system is related to incorrect validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the simple_offsetdestroy() function in the Linux kernel file system allows a attacker to cause a service failure.
The vulnerability of the simpleoffsetdestroy function in the Linux kernel file system is related to the execution of a loop with an unreachable exit condition „Infinite loop“. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Command Line Interface (CLI) of the Fortinet FortiClient security device allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Command Line Interface CLI of the Fortinet FortiClient security device is related to the storage of critical information in an open manner. Exploiting this vulnerability can allow an attacker to gain unauthorized access to the protected information...
The vulnerability of the `ovl_dentry_update_reval()` function in the `fs/overlayfs/copy_up.c` file of the Linux kernel file system allows a attacker to cause a service failure.
The vulnerability of the ovldentryupdatereval function in the fs/overlayfs/copyup.c file of the Linux kernel file system is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the psi/zbfont.c file in the software suite for processing, transforming, and generating Ghostscript documents allows a perpetrator to execute arbitrary code.
The vulnerability of the psi/zbfont.c file in the software for processing, converting, and generating Ghostscript documents is related to the copying of buffers without checking the size of the input data, as a result of incorrect conversion of glyphs to Unicode. Exploiting this vulnerability can...
The vulnerability of the transformMiddleware function in the @fs mechanism of the local development server for Vite allows a hacker to read arbitrary files.
The vulnerability of the transformMiddleware function in the @fs mechanism of the local development server for Vite applications is related to incorrect processing of special symbols in input data. Exploiting this vulnerability allows a malicious actor to read arbitrary files by sending a special...
The vulnerability of the simple_inode_init_ts() function in the Linux file system allows a hacker to trigger a service failure.
The vulnerability of the simpleinodeinitts function in the Linux file system is related to the reutilization of previously freed memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the inet_create() function in the net/ipv4/af_inet.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the inetcreate function in the net/ipv4/afinet.c module of the Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...
Vulnerability of the xenvif_disconnect_queue() function in the drivers/net/xen-netback/interface.c module – the Linux kernel network adapter driver support mechanism, which allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.
Vulnerability of the xenvifdisconnectqueue function in the drivers/net/xen-netback/interface.c module – The Linux kernel network adapter driver relies on the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrit...
Vulnerability of the mt7921_mcu_tx_rate_report() function in the drivers/net/wireless/mediatek/mt76/mt7921/mcu.c module – This driver is part of the Linux kernel’s wireless adapter support framework. It allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
Vulnerability of the mt7921mcutxratereport function in the drivers/net/wireless/mediatek/mt76/mt7921/mcu.c module – The driver for supporting wireless connection adapters in the Linux operating system is vulnerable due to buffer out-of-bounds reading. Exploiting this vulnerability could allow an...
Vulnerability of the dsps_probe() function in the drivers/usb/musb/musb_dsps.c module – The driver for supporting USB devices in Linux kernels allows a hacker to cause a service failure.
Vulnerability of the dspsprobe function in the drivers/usb/musb/musbdsps.c module – The Linux kernel’s USB device support driver is vulnerable due to a pointer issue related to NULL pointers. Exploiting this vulnerability could allow an attacker to cause a service failure...
Vulnerability of the start_io_acct() function in the drivers/md/dm.c module – The driver for supporting multiple devices (such as RAID and LVM) in the Linux kernel allows a hacker to trigger a service failure.
Vulnerability of the startioacct function in the drivers/md/dm.c module – The driver for supporting multiple devices such as RAID and LVM in the Linux operating system is vulnerable due to the use of a NULL pointer. Exploiting this vulnerability could allow an attacker to cause service failures...
The vulnerability of the AddPortMapping method in Netgear WNR854T router software allows a hacker to execute arbitrary commands.
The vulnerability of the AddPortMapping method in Netgear WNR854T router microprogramming software lies in the lack of measures to neutralize special elements used in the operating system’s commands when processing the NewInternalClient parameter. Exploiting this vulnerability allows a remote...
The vulnerability of the xe_vm_userptr_pin() function in the drivers/gpu/drm/xe/xe_vm.c file of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the xevmuserptrpin function in the drivers/gpu/drm/xe/xevm.c file of the Linux kernel is related to improper release of resources. Exploiting this vulnerability could allow an attacker to cause service failures...
The vulnerability of the dbAdjTree() function in the fs/jfs/jfs_dmap.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the dbAdjTree function in the fs/jfs/jfsdmap.c module of the Linux operating system is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the ntpd implementation of the Network Time Synchronization Protocol allows a perpetrator to cause a service failure.
The vulnerability of the ntpd implementation of the Network Time Synchronization Protocol is related to insufficient validation of the data entered by users during the processing of NTP packets. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of the Linux operating system’s kernel driver/perf components, which allows a hacker to trigger a service failure
The vulnerability of the alidrwpmuisr function in Linux kernel’s drivers/perf component is related to memory corruption. Exploiting this vulnerability can allow an attacker to cause a system failure...
The vulnerability of the octeon_ep component in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the octeonep component in the Linux operating system’s kernel is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of Eclipse Jetty servlet containers, related to uncontrolled resource consumption, allows attackers to cause service failures.
The vulnerability of Eclipse Jetty servlet containers is related to uncontrolled resource consumption in the ThreadLimitHandler.getRemote function. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerability of the python-multipart streaming multi-component parser, related to uncontrolled resource consumption, allows a hacker to cause a service failure.
The vulnerability of the python-multipart streaming multi-component parser is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the Linux operating system’s kernel USB component, which allows a hacker to trigger a service failure
The vulnerability of the usbtmccreateurb function in the Linux kernel USB component is related to a memory leak. Exploiting this vulnerability could allow an attacker to cause a system failure...
The vulnerability of the mctp_i2c_header_create() function in the drivers/net/mctp/mctp-i2c.c module of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the mctpi2cheadercreate function in the drivers/net/mctp/mctp-i2c.c kernel module of the Linux operating system is related to insufficient input validation. Exploiting this vulnerability could allow an attacker to cause a service failure...