90509 matches found
The vulnerability of the MP3 Stream Handler component in the Live555 multimedia streaming library allows a attacker to cause a service failure.
The vulnerability of the MP3 Stream Handler component in the Live555 multimedia streaming library lies in its ability to read data from buffers beyond acceptable limits. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the dcmnet component of the library for working with DICOM format allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service interruptions.
The vulnerability of the dcmnet component of the library for working with DICOM format in DCMTK is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and even cause...
The vulnerability of the Windows Common Log File System (CLFS) driver in Windows operating systems allows a hacker to elevate their privileges to a system-level level.
The vulnerability of the Windows Common Log File System CLFS driver in Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their system-level privileges...
The vulnerability of the library for working with the DICOM format in DCMT, related to the repeated memory release, allows a perpetrator to trigger a service failure.
The vulnerability of the library for working with the DICOM format in DCMT is related to the repeated memory release. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the application software interfaces of Session Smart Router and WAN Assurance, Session Smart Conductor, relates to bypassing the authentication process by using an alternative path or channel. This allows a perpetrator to gain full control over the device.
The vulnerability of the Application Programming Interface of routers like Session Smart Router and WAN Assurance, Session Smart Conductor, lies in the ability to bypass authentication procedures by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor,...
The vulnerability of the readDataVar() function in the hdf/dataobject.c component of the Libmysofa library for audio processing allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failure.
The vulnerability of the readDataVar function in the hdf/dataobject.c component of the Libmysofa library for audio processing is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to gain access to confidential data, compromise its integrity, an...
The vulnerability of the parse_module() function in the bfd/vms-alpha.c component of the GNU Binutils development environment allows a attacker to access confidential data and also trigger a service failure.
The vulnerability of the parsemodule function in the bfd/vms-alpha.c component of the GNU Binutils development environment is related to reading data from beyond the allowed buffer limits. Exploiting this vulnerability could allow an attacker to access confidential data and also cause service...
The vulnerability of the au_read_header function in the src/au.c component of the Libsndfile library for reading and writing audio files allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the aureadheader function in the src/au.c file of the Libsndfile library, which is used for reading and writing audio files, is related to a numerical overflow issue. Exploiting this vulnerability could allow an attacker to access confidential data, compromise its integrity,...
The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.
The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created link...
The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.
The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created link...
The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.
The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created link...
The vulnerability of the functions intel_iommu_init() (drivers/iommu/intel/iommu.c) and enable_drhd_fault_handling() (drivers/iommu/intel/dmar.c) in the Linux kernel allows a hacker to trigger a service failure.
The vulnerability of the functions inteliommuinit drivers/iommu/intel/iommu.c and enabledrhdfaulthandling drivers/iommu/intel/dmar.c in the Linux kernel is related to insufficient locking. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the modTMSM component in the Trend Micro Apex Central security monitoring and management tool allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the modTMSM component in the Trend Micro Apex Central security management and monitoring tool is related to insufficient checking of incoming requests. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...
The vulnerability of the BmpInput::read_native_scanline() function in the src/bmp.imageio/bmpinput.cpp module of the OpenImageIO library allows a hacker to cause a service failure.
The vulnerability of the BmpInput::readnativescanline function in the src/bmp.imageio/bmpinput.cpp module of the OpenImageIO library is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the genelinkbind() function (drivers/net/usb/gl620a.c) in the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the genelinkbind function drivers/net/usb/gl620a.c in the Linux kernel is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the Command Line Interface (CLI) of the Fortinet FortiClient security device allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Command Line Interface CLI of the Fortinet FortiClient security device is related to the storage of critical information in an open manner. Exploiting this vulnerability can allow an attacker to gain unauthorized access to the protected information...
The vulnerability of the simple_offsetdestroy() function in the Linux kernel file system allows a attacker to cause a service failure.
The vulnerability of the simpleoffsetdestroy function in the Linux kernel file system is related to the execution of a loop with an unreachable exit condition „Infinite loop“. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the pata_macio_do_resume() function in the Linux operating system’s SATA/PATA kernel support driver allows a hacker to cause a service failure.
The vulnerability of the patamaciodoresume function in the SATA/PATA driver of the Linux operating system is related to incorrect validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the psi/zbfont.c file in the software suite for processing, transforming, and generating Ghostscript documents allows a perpetrator to execute arbitrary code.
The vulnerability of the psi/zbfont.c file in the software for processing, converting, and generating Ghostscript documents is related to the copying of buffers without checking the size of the input data, as a result of incorrect conversion of glyphs to Unicode. Exploiting this vulnerability can...
The vulnerability of the transformMiddleware function in the @fs mechanism of the local development server for Vite allows a hacker to read arbitrary files.
The vulnerability of the transformMiddleware function in the @fs mechanism of the local development server for Vite applications is related to incorrect processing of special symbols in input data. Exploiting this vulnerability allows a malicious actor to read arbitrary files by sending a special...
The vulnerability of the `ovl_dentry_update_reval()` function in the `fs/overlayfs/copy_up.c` file of the Linux kernel file system allows a attacker to cause a service failure.
The vulnerability of the ovldentryupdatereval function in the fs/overlayfs/copyup.c file of the Linux kernel file system is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to cause a service failure...
Vulnerability of the dsps_probe() function in the drivers/usb/musb/musb_dsps.c module – The driver for supporting USB devices in Linux kernels allows a hacker to cause a service failure.
Vulnerability of the dspsprobe function in the drivers/usb/musb/musbdsps.c module – The Linux kernel’s USB device support driver is vulnerable due to a pointer issue related to NULL pointers. Exploiting this vulnerability could allow an attacker to cause a service failure...
Vulnerability of the start_io_acct() function in the drivers/md/dm.c module – The driver for supporting multiple devices (such as RAID and LVM) in the Linux kernel allows a hacker to trigger a service failure.
Vulnerability of the startioacct function in the drivers/md/dm.c module – The driver for supporting multiple devices such as RAID and LVM in the Linux operating system is vulnerable due to the use of a NULL pointer. Exploiting this vulnerability could allow an attacker to cause service failures...
Vulnerability of the mt7921_mcu_tx_rate_report() function in the drivers/net/wireless/mediatek/mt76/mt7921/mcu.c module – This driver is part of the Linux kernel’s wireless adapter support framework. It allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
Vulnerability of the mt7921mcutxratereport function in the drivers/net/wireless/mediatek/mt76/mt7921/mcu.c module – The driver for supporting wireless connection adapters in the Linux operating system is vulnerable due to buffer out-of-bounds reading. Exploiting this vulnerability could allow an...
The vulnerability of the xe_vm_userptr_pin() function in the drivers/gpu/drm/xe/xe_vm.c file of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the xevmuserptrpin function in the drivers/gpu/drm/xe/xevm.c file of the Linux kernel is related to improper release of resources. Exploiting this vulnerability could allow an attacker to cause service failures...
The vulnerability of the AddPortMapping method in Netgear WNR854T router software allows a hacker to execute arbitrary commands.
The vulnerability of the AddPortMapping method in Netgear WNR854T router microprogramming software lies in the lack of measures to neutralize special elements used in the operating system’s commands when processing the NewInternalClient parameter. Exploiting this vulnerability allows a remote...
Vulnerability of the xenvif_disconnect_queue() function in the drivers/net/xen-netback/interface.c module – the Linux kernel network adapter driver support mechanism, which allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.
Vulnerability of the xenvifdisconnectqueue function in the drivers/net/xen-netback/interface.c module – The Linux kernel network adapter driver relies on the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrit...
The vulnerability of the simple_inode_init_ts() function in the Linux file system allows a hacker to trigger a service failure.
The vulnerability of the simpleinodeinitts function in the Linux file system is related to the reutilization of previously freed memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Linux operating system’s Bluetooth kernel component, which allows a hacker to trigger a service failure
The vulnerability of the Linux operating system’s Bluetooth kernel component is related to improper error handling in the function isoinit in net/bluetooth/iso.c. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the hnae3_unregister_ae_algo_prepare() function in the drivers/net/ethernet/hisilicon/hns3/hnae3.c module of the Linux kernel allows a malicious actor to cause a service failure.
The vulnerability of the hnae3unregisteraealgoprepare function in the drivers/net/ethernet/hisilicon/hns3/hnae3.c module of the Linux kernel is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the kernel component of the Linux operating system, which allows a hacker to cause a service failure
The vulnerability of the kernel component of the Linux operating system is related to a memory leak in the vcapapiencoderuletest function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the ntfs3 component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the ntfs3 component in the Linux operating system’s kernel is related to incorrect blocking in the ntfsdhash function in fs/ntfs3/namei.c. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of Eclipse Jetty servlet containers, related to uncontrolled resource consumption, allows attackers to cause service failures.
The vulnerability of Eclipse Jetty servlet containers is related to uncontrolled resource consumption in the ThreadLimitHandler.getRemote function. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerability of the python-multipart streaming multi-component parser, related to uncontrolled resource consumption, allows a hacker to cause a service failure.
The vulnerability of the python-multipart streaming multi-component parser is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the Linux operating system’s kernel USB component, which allows a hacker to trigger a service failure
The vulnerability of the usbtmccreateurb function in the Linux kernel USB component is related to a memory leak. Exploiting this vulnerability could allow an attacker to cause a system failure...
The vulnerability of the octeon_ep component in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the octeonep component in the Linux operating system’s kernel is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the ntpd implementation of the Network Time Synchronization Protocol allows a perpetrator to cause a service failure.
The vulnerability of the ntpd implementation of the Network Time Synchronization Protocol is related to insufficient validation of the data entered by users during the processing of NTP packets. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability in the `include/net/ip_tunnels.h` header file of the IPv4 protocol implementation in Linux kernel allows a attacker to cause a service failure.
The vulnerability in the include/net/iptunnels.h header file of the IPv4 protocol implementation in Linux operating systems is related to incorrect resource blocking. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the Linux operating system’s kernel driver/perf components, which allows a hacker to trigger a service failure
The vulnerability of the alidrwpmuisr function in Linux kernel’s drivers/perf component is related to memory corruption. Exploiting this vulnerability can allow an attacker to cause a system failure...
The vulnerability of the mmc component in the Linux operating system’s kernel allows a hacker to gain elevated privileges within the system.
The vulnerability of the mmc component in the Linux operating system’s kernel is related to memory corruption. Exploiting this vulnerability can allow an attacker to gain elevated privileges within the system...
The vulnerability of the hb_cairo_glyphs_from_buffer() function in the Harfbuzz text transformation library allows a hacker to execute arbitrary code.
The vulnerability of the hbcairoglyphsfrombuffer function in the Harfbuzz text transformation library is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the mctp_i2c_header_create() function in the drivers/net/mctp/mctp-i2c.c module of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the mctpi2cheadercreate function in the drivers/net/mctp/mctp-i2c.c kernel module of the Linux operating system is related to insufficient input validation. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the stm32_spdifrxremove() function in the sound/soc/stm/stm32_spdifrx.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the stm32spdifrxremove function in the sound/soc/stm/stm32spdifrx.c module of the Linux kernel is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the blk-cgroup kernel component in the Linux operating system, which allows a hacker to cause a service failure
The vulnerability of the blk-cgroup component in the Linux operating system’s kernel is related to memory corruption. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the bpf component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the bpf component in the Linux operating system’s kernel is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the mlx5_lag_create_port_sel_table() function in the net/mlx5 components of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the mlx5lagcreateportseltable function in Linux kernel-based net/mlx5 components is related to improper input validation. Exploiting this vulnerability can allow an attacker to cause system failures...
The vulnerability of the ethnl_set_channels() function in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the ethnlsetchannels function in the Linux operating system’s kernel is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the cross-platform web service infrastructure platform Mono ServiceStack, related to improper verification of the cryptographic signature of data, allows attackers to bypass the signature verification and gain access to protected information.
The vulnerability of the cross-platform web service infrastructure of Mono ServiceStack is related to improper verification of the cryptographic signature of data. Exploiting this vulnerability allows a malicious actor to bypass signature checks and gain access to protected information...
The vulnerability of the Inventory module in the GLPI system, which handles requests, incidents, and inventory management of computer equipment, allows a perpetrator to execute arbitrary codes.
The vulnerability of the Inventory module in the GLPI system, which handles requests, incidents, and inventory management of computer equipment, involves unlimited loading of dangerous files. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Inventory module in the GLPI system, which handles requests, incidents, and inventory management of computer equipment, allows a hacker to execute arbitrary SQL commands.
The vulnerability of the Inventory module in the GLPI system for job requests, incidents, and computer equipment inventory relates to the improper elimination of special elements used in SQL queries. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...