90509 matches found
The vulnerability of the Apica Loadtest plugin for Jenkins’ automation server lies in the fact that registration data is stored in an open manner, allowing a malicious actor to gain unauthorized access to the protected information.
The vulnerability of the Apica Loadtest plugin for Jenkins-based automation servers lies in the way registration data is stored in an open manner within the config.xml file. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...
The vulnerability of the Windows GDI component in Microsoft Windows operating systems allows attackers to disclose protected information.
The vulnerability of the Windows GDI component in Microsoft Windows systems is related to a breach of data protection mechanisms. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose protected information...
The vulnerability of the client of the Remote Desktop Client for Microsoft Windows operating systems allows a perpetrator to carry out spoofing attacks.
The vulnerability of the Remote Desktop Client for Microsoft Windows operating systems relates to the absence of warnings about dangerous actions. Exploiting this vulnerability allows a malicious actor to carry out spoofing attacks remotely...
The vulnerability of the data collection tool for Azure Monitor Agents, which operates on virtual machines and physical servers, stems from improper code generation. This allows attackers to execute arbitrary code.
Vulnerability of the data collection tool for Azure Monitor Agent, which processes virtual machines and physical servers, due to improper code generation management. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the Windows Virtual Hard Disk component allows a hacker to execute arbitrary code.
The vulnerability of the Windows Virtual Hard Disk component in Windows operating systems is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the Graphics component of Windows operating systems, which allows a hacker to execute arbitrary code
The vulnerability of the Graphics component in Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the Kerberos protocol for Windows operating systems allows a perpetrator to cause a service failure.
The vulnerability of the Kerberos protocol for Windows operating systems lies in the fact that the operation occurs outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to cause service failures remotely...
The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in the lack of authentication mechanisms. This allows attackers to gain unauthorized access to protected information.
The vulnerability of software platforms for developing and managing online stores like Magento Open Source, Adobe Commerce, and Adobe Commerce B2B is related to the lack of authentication. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected informati...
The vulnerability of the tb_cfg_request_dequeue() function in the drivers/thunderbolt/ctl.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the tbcfgrequestdequeue function in the drivers/thunderbolt/ctl.c module of the Linux operating system is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Akamai CloudTest performance testing platform lies in the improper limitation of XML links to external objects, which allows attackers to compromise privacy.
The vulnerability of the Akamai CloudTest performance testing platform relates to incorrect restrictions on XML links to external objects. Exploiting this vulnerability could allow a malicious actor to compromise privacy...
The vulnerability of the CADImage plugin in the IrfanView software, which is used for viewing and playing graphic, video, and audio files, allows a hacker to execute arbitrary code.
The vulnerability of the CADImage plugin in IrfanView, a program for viewing and playing graphic, video, and audio files, is related to memory corruption. Exploiting this vulnerability could allow an attacker to execute arbitrary code using specially crafted DWG format files...
The vulnerability of the Modbus TCP Packet Handler component in the Ethernet module software for WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN allows a hacker to execute arbitrary commands.
The vulnerability of the Modbus TCP Packet Handler component in the Ethernet module software of WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the formAutoDetecWAN_wizard4() function (/goform/formAutoDetecWAN_wizard4) in the D-Link DIR-619L router software allows a attacker to cause a service failure.
The vulnerability of the formAutoDetecWANwizard4 function /goform/formAutoDetecWANwizard4 of the D-Link DIR-619L router’s microprogramming software is related to the copying of buffer contents without checking the size of input data during the processing of the curTime parameter. Exploiting this...
The vulnerability of the formSetLanguage() function (/goform/formSetLanguage) in the Belkin F9K1122 Wi-Fi range extender software allows a intruder to trigger a service failure.
The vulnerability of the formSetLanguage function /goform/formSetLanguage of the Belkin F9K1122 Wi-Fi range extender software is due to a buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to cause a service failure remotely...
The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software lies in the possibility of an operation going beyond the buffer in memory, allowing an attacker to execute arbitrary code.
The vulnerability of PDF-XChange Editor’s PDF document viewing and editing functionality lies in the issue of operations going beyond the buffer in memory during the processing of PRC files. Exploiting this vulnerability allows an attacker to execute arbitrary code...
The vulnerability of PDF document viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the possibility of an operation occurring outside the buffer in memory, allowing an attacker to execute arbitrary code.
The vulnerability of PDF viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the fact that the processing of JP2 files may lead to data being written beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute...
The vulnerability of the HarmonyOS operating system, related to buffer overflows in the stack, allows attackers to compromise the accessibility of protected information.
The vulnerability of the HarmonyOS operating system is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to compromise the accessibility of protected information...
The vulnerability of PDF document viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the ability to read data beyond the buffer in memory, allowing attackers to disclose protected information.
The vulnerability of PDF document viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the reading of data beyond the buffer boundaries during file processing for PRC formats. Exploiting this vulnerability can allow attackers to disclose protected...
The vulnerability of PDF document viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the ability to read data beyond the buffer in memory, allowing attackers to disclose protected information.
The vulnerability of PDF document viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the reading of data beyond the buffer boundaries in memory during file processing for U3D files. Exploiting this vulnerability can allow attackers to disclose protecte...
The vulnerability of the Adobe Experience Manager content and media data management system, related to the lack of measures taken to protect the website structure, allows a perpetrator to execute arbitrary code.
The vulnerability of the Adobe Experience Manager content and media data management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the CRM User Management Framework component of the Oracle Common Applications suite, a part of the Oracle E-Business Suite, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the CRM User Management Framework component in the Oracle Common Applications of the Oracle E-Business Suite relates to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
The vulnerability of the Adobe Experience Manager content and media data management system, related to the lack of measures taken to protect the website structure, allows a perpetrator to execute arbitrary code.
The vulnerability of the Adobe Experience Manager content and media data management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the XML Services component of the Oracle BI Publisher software allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the XML Services component of the Oracle BI Publisher software for creating reports is related to insufficient protection of operational data. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the RAS Security component of the Oracle Database Server system allows a perpetrator to gain access to read, modify, add, or delete data.
The vulnerability of the RAS Security component of the Oracle Database Server system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain read, modify, add, or delete access to data...
The vulnerability of the Redis database management system server allows a hacker to execute arbitrary code.
The vulnerability of the Redis database management system is related to a numerical overflow in the buffer when executing commands that use the HyperLogLog algorithm. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially crafted HLL command...
The vulnerability of the Java VM component of the Oracle Database Server management system allows a hacker to gain access to read, modify, or delete data.
The vulnerability of the Java VM component of the Oracle Database Server management system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain read, modify, or delete access to data remotely...
The vulnerability of the `static_key_fast_inc_not_disabled()` function in the `net/ipv4/tcp_ao.c` component of the Linux kernel allows a attacker to cause a service failure.
The vulnerability of the statickeyfastincnotdisabled function in the net/ipv4/tcpao.c component of the Linux kernel relates to the disclosure of information. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the net/mlx5 component in the Linux operating system, which allows a hacker to cause a service failure.
The vulnerability of the net/mlx5 component in the Linux operating system is related to deficiencies in handling exceptional states. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the library for working with the DICOM format in DCMT, related to the occurrence of operations outside the buffer memory boundary, allows a perpetrator to trigger a service failure.
The vulnerability of the library for working with the DICOM format in DCMT is related to the execution of operations outside the buffer memory boundaries. Exploiting this vulnerability can allow an attacker to trigger a service failure using a specially created DICOM file...
The vulnerability of the Connection Manager module (con_mgr) in microprogrammed network devices from ASR Microelectronics, such as ASR1803L, ASR1806, ASR1901, and ASR1903L, allows a perpetrator to gain unauthorized access to protected information or cause service failures.
The vulnerability of the Connection Manager conmgr module in microprogrammed network devices from ASR Microelectronics, such as ASR1803L, ASR1806, ASR1901, and ASR1903L, is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to gain unauthoriz...
The vulnerability in the driver/iio/adc/ad7124.c component of the Linux operating system allows a hacker to cause a service failure.
The vulnerability in the drivers/iio/adc/ad7124.c component of the Linux operating system is related to the lack of zero-division checking. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the fs/btrfs component in the Linux operating system, which allows a hacker to trigger a service failure
The vulnerability of the fs/btrfs component in the Linux operating system is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the drivers/scsi/lpfc component in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the drivers/scsi/lpfc component in Linux operating systems is related to the simultaneous execution using shared resources with incorrect synchronization. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the net/vmw_vsock/virtio_transport_common.c component in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the net/vmwvsock/virtiotransportcommon.c component in the Linux operating system is related to information disclosure. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the built-in web server boa (/boafrm/formFilter) of the TOTOLINK N300RH router’s microprogramming software allows a hacker to cause a service failure.
The vulnerability of the built-in web server boa /boafrm/formFilter of the TOTOLINK N300RH router software is related to improper cleaning or release of resources during the processing of the url parameter. Exploiting this vulnerability allows a malicious actor to cause service failures by sendin...
Vulnerabilities of functions rtk_usb2phy_probe() and devm_kzalloc() in the Linux operating system, allowing attackers to cause service failures
The vulnerabilities of the rtkusb2phyprobe and devmkzalloc functions in the Linux operating system are related to pointer arithmetic errors. Exploiting these vulnerabilities can allow an attacker to cause a service failure...
The vulnerability of the Adobe Experience Manager content and media data management system, related to the lack of measures taken to protect the website structure, allows a perpetrator to execute arbitrary code.
The vulnerability of the Adobe Experience Manager content and media data management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the Citrix ADC application delivery controller (formerly Citrix NetScaler Application Delivery Controller) and the Citrix Gateway virtual environment access control system (formerly Citrix NetScaler Gateway) relates to the occurrence of operations outside the buffer in memory. This vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Citrix ADC application delivery controller formerly Citrix NetScaler Application Delivery Controller and the Citrix Gateway virtual environment access control system formerly Citrix NetScaler Gateway is related to an operation that goes beyond the buffer in memory...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the FontFaceSet interface in Mozilla Firefox and Firefox ESR browsers allows a perpetrator to trigger a service failure.
The vulnerability of the FontFaceSet interface in Mozilla Firefox and Firefox ESR browsers is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the chacha20_poly1305_set_key() function in the libssh library, which allows a hacker to disclose sensitive information
The vulnerability of the chacha20poly1305setkey function in the libssh library is related to the lack of checking for the returned value. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, which allows attackers to execute XSS attacks.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks remotely...
The vulnerability of the qeth_clear_working_pool_list() function in the drivers/s390/net/qeth_core_main.c file of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the qethclearworkingpoollist function in the drivers/s390/net/qethcoremain.c file of the Linux operating system is related to the assignment of a NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
Vulnerability of the amdgpu_discovery_reg_base_init() function in the drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c file – This driver provides support for AMD GPU cores in Linux operating systems’ Direct Rendering Infrastructure (DRI) components. This vulnerability allows attackers to cause system failures.
Vulnerability of the amdgpudiscoveryregbaseinit function in the drivers/gpu/drm/amd/amdgpu/amdgpudiscovery.c file – The drivers for AMD GPU cores in Linux operating systems are vulnerable due to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to cause a system...
The vulnerability of the rt4801_enable() function in the drivers/regulator/rt4801-regulator.c file of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the rt4801enable function in the drivers/regulator/rt4801-regulator.c file of the Linux kernel is related to the dereferencing of the NULL pointer. Exploiting this vulnerability could allow an attacker to cause a system failure...
Vulnerability of the arm_smmu_iova_to_phys_hard() function in the driver/iommu/arm-smmu.c file – This is a Linux kernel IOMMU support driver that allows attackers to compromise the confidentiality and accessibility of protected information.
Vulnerability of the armsmmuiovatophyshard function in the driver/iommu/arm-smmu.c file – The Linux kernel’s IOMMU support driver is vulnerable to security-related errors. Exploiting this vulnerability could allow attackers to compromise the confidentiality and accessibility of protected...
The vulnerability of the software for configuring and setting up devices of the UR series from GE Vernova Enervista UR Setup lies in the use of rigidly encrypted credentials. This allows a malicious individual to influence the integrity of the protected information.
The vulnerability of the software for configuring and setting up devices of the Universal Relay UR series from GE Vernova Enervista UR Setup lies in the use of rigidly encrypted credentials. Exploiting this vulnerability could allow an attacker to influence the integrity of the protected...
The vulnerability of the macro definition rtw89_for_each_in_txpwr_conf in the Linux kernel’s drivers/net/wireless/realtek/rtw89/core.h module allows a attacker to compromise the confidentiality and accessibility of the protected information.
The vulnerability of the macro definition rtw89foreachintxpwrconf in the drivers/net/wireless/realtek/rtw89/core.h file of the Linux kernel is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility...