Lucene search
K
Bdu FstecMost viewed

90604 matches found

BDU FSTEC
BDU FSTEC
added 2025/07/28 12:0 a.m.10 views

The vulnerability of the MongoDB database management system server allows a hacker to cause a service failure.

The vulnerability of the MongoDB database management system server is related to errors in data type mixing. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

6.8CVSS5.4AI score0.00276EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/25 12:0 a.m.10 views

The vulnerability of MediaTek’s Bluetooth driver microprogramming software allows a hacker to trigger a service failure.

The vulnerability of the Bluetooth driver for Microprogramming Software MediaTek lies in reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.7AI score0.00149EPSS
Exploits0References2Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/07/24 12:0 a.m.10 views

The vulnerability of the Condeon CMS system, related to the storage of confidential information in open text, allows a hacker to intercept sessions and gain access to the user’s account.

The vulnerability of the Condeon CMS system relates to the storage of confidential information in open text within the memory dump file. Exploiting this vulnerability could allow a malicious actor to intercept sessions and gain access to the user account...

10CVSS5.5AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/24 12:0 a.m.10 views

The vulnerability of the centralized control system for network devices and ports of Advantech iView, related to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.

The vulnerability of the centralized control system for network devices and ports of Advantech iView is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks remotely...

6.4CVSS5.4AI score0.00194EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/07/23 12:0 a.m.10 views

The vulnerability of Trend Micro Apex One and Apex One as a Service anti-virus software lies in its uncontrolled search path. This allows attackers to escalate their privileges and execute arbitrary code within the SYSTEM context.

The vulnerability of the Data Loss Prevention module in Trend Micro’s anti-virus software programs Apex One and Apex One as a Service is related to an uncontrolled element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary co...

6.7CVSS7AI score0.00133EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/23 12:0 a.m.10 views

The vulnerability of the Import a Theme function in the MyBB forum creation software allows a hacker to gain unauthorized access to protected information.

The vulnerability of the “Import a Theme” function in the MyBB forum creation software is related to insufficient validation of requests on the server side. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

8CVSS5.5AI score0.00387EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/23 12:0 a.m.10 views

The vulnerability of the config.xml file in TP-Link Archer C50 Wi-Fi routers allows a hacker to gain unauthorized access to protected information.

The vulnerability of the config.xml file in TP-Link Archer C50 Wi-Fi routers lies in the use of strictly encrypted credentials. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to protected information from a remote location...

5.7CVSS5.8AI score0.00252EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/07/23 12:0 a.m.10 views

The vulnerability of the Suricata intrusion detection and prevention system, due to the unlimited distribution of resources, allows an intruder to trigger a service failure.

The vulnerability of the Suricata intrusion detection and prevention system is related to the unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service failures...

7.8CVSS5.5AI score0.00432EPSS
Exploits0References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/07/23 12:0 a.m.10 views

The vulnerability of the Mail function in the MyBB forum creation software allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Mail function in the MyBB forum creation software is related to insufficient testing of requests on the server side. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

8CVSS5.5AI score0.00387EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/22 12:0 a.m.10 views

The vulnerability of the Flash Cache component in single-Core Microcontrollers ESP32-S2, ESP32-S2F, allows a hacker to read the cached data again.

The vulnerability of the Flash Cache component in single-Core Microcontrollers ESP32-S2 and ESP32-S2F is related to improper protection against voltage spikes and clock speeds. Exploiting this vulnerability allows an attacker to reread cached data by triggering a reset pulse directly before...

4.2CVSS5.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/07/22 12:0 a.m.10 views

The vulnerability of Adobe Illustrator’s graphic editor, related to pointer naming errors, allows a hacker to trigger a service failure.

The vulnerability of Adobe Illustrator’s graphic editor is related to pointer assignment errors. Exploiting this vulnerability can allow attackers to trigger a service failure using a specially created malicious file...

5.5CVSS5.4AI score0.00187EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/07/22 12:0 a.m.10 views

The vulnerability of the graphical interface of the Fortinet FortiSOAR software for coordinating the operation of cybersecurity systems and for managing real-time incident responses allows attackers to gain unauthorized access to protected information.

The vulnerability of the graphical interface of the software platform for coordinating the operation of cybersecurity systems and for managing real-time incident responses in Fortinet FortiSOAR is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability can...

5.3CVSS5.5AI score0.00701EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/07/22 12:0 a.m.10 views

The vulnerability of the Behavioral DoS (BADoS) function of the BIG-IP Application Security Manager allows a attacker to cause a service failure.

The vulnerability of the Behavioral DoS BADoS function of the BIG-IP Application Security Manager protection tool is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

7.8CVSS6.6AI score0.00393EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/22 12:0 a.m.10 views

The vulnerability of the Booco business automation platform lies in the improper limitation of the path name to the restricted access catalog. This allows attackers to create or overwrite files in the file system’s directories and execute arbitrary code.

The vulnerability of the Booco business automation platform is related to an incorrect restriction on the path name for restricted access catalogs. Exploiting this vulnerability allows a malicious actor to create or re-record files in file system catalogs and execute arbitrary code...

9.1CVSS5.8AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/22 12:0 a.m.10 views

The vulnerability of the Vnet/IP SCADA system’s interface of Yokogawa CENTUM VP allows a intruder to trigger a service failure.

The vulnerability of the Vnet/IP SCADA system of Yokogawa CENTUM VP is related to an uncontrolled and unauthorized access. Exploiting this vulnerability could allow a malicious actor to cause service interruptions by sending specially crafted packets...

5.3CVSS5.5AI score0.00229EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/07/22 12:0 a.m.10 views

The vulnerability of the RemotePC software for providing remote access lies in its insecure management of privileges, allowing attackers to escalate their privileges.

The vulnerability of the RemotePC remote access software is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to elevate their privileges to the root level...

7.3CVSS5.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/07/22 12:0 a.m.10 views

The vulnerability of the GetScreen agent, a remote access platform, relates to insecure privilege management. This allows attackers to elevate their privileges to the root level.

The vulnerability of the remote access platform GetScreen Agent is related to insecure management of privileges. Exploiting this vulnerability can allow a hacker to elevate their privileges to the root level...

7.3CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/22 12:0 a.m.10 views

The vulnerability of the software for organizing and managing knowledge bases and documentation, KBPublisher, related to the manipulation of cross-site requests, allows a perpetrator to carry out CSRF attacks.

The vulnerability of the software for organizing and managing knowledge bases and documentation, KBPublisher, is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to perform a CSRF attack remotely...

5CVSS5.2AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/21 12:0 a.m.10 views

The vulnerability of the Universal Plug and Play (UPnP) service in Windows operating systems allows attackers to enhance their privileges.

The vulnerability of the Universal Plug and Play UPnP service in Windows operating systems is related to the use of insecure mechanisms for processing authentication data in the operating system’s memory. Exploiting this vulnerability can allow a remote attacker to increase their privileges...

7.1CVSS5.5AI score0.00325EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/07/21 12:0 a.m.10 views

The vulnerability of the application-level SIP ALG operating system Juniper Networks Junos OS allows a attacker to trigger a service failure.

The vulnerability of the SIP ALG layer application-level firewall on Juniper Networks Junos OS is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...

5.9CVSS5.5AI score0.00378EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/21 12:0 a.m.10 views

The vulnerability of the Endpoint Manager Mobile app for managing the lifecycle of mobile devices and applications (formerly known as MobileIron Core) arises from the lack of measures taken to neutralize specific elements. This allows a perpetrator to execute arbitrary code.

The vulnerability of the Ivanti Endpoint Manager Mobile EPMM application for managing the lifecycle of mobile devices and mobile applications formerly known as MobileIron Core is related to the lack of measures taken to neutralize special elements used in the operating system. Exploiting this...

9CVSS7.5AI score0.12306EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/21 12:0 a.m.10 views

The vulnerability of the IP Access Restriction function of the Cisco Identity Services Engine (ISE) management interface and the Cisco ISE Passive Identity Connector (ISE-PIC) virtual authentication data collection device allows a perpetrator to circumvent existing IP access restrictions.

The vulnerability of the IP Access Restriction function of the Cisco Identity Services Engine ISE and the Cisco ISE Passive Identity Connector ISE-PIC, a virtual device for collecting user authentication data, relates to bypassing authentication using data that is assumed to be unchangeable...

4.1CVSS7AI score0.0034EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/07/21 12:0 a.m.10 views

The vulnerability of Adobe InCopy, a text creation and editing software, relates to a countable loss of significance, allowing an attacker to execute arbitrary code.

The vulnerability of the Adobe InCopy text creation and editing software is related to a countable amount of data loss. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially created malicious file...

7.8CVSS6AI score0.00195EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/21 12:0 a.m.10 views

The vulnerability of the PIA Core Technology component of the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a hacker to gain unauthorized access to protected information.

The vulnerability of the PIA Core Technology component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

5CVSS7.2AI score0.00263EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/21 12:0 a.m.10 views

The vulnerability of the Demon Routing Protocol Daemon (RPD) in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause a service failure.

The vulnerability of the Daemon Routing Protocol rpd in Junos OS and Junos OS Evolved operating systems is related to improper handling of parameter length discrepancies. Exploiting this vulnerability can allow a malicious actor to cause service failures...

6.5CVSS7.2AI score0.0026EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/07/18 12:0 a.m.10 views

The vulnerability of the JDBC component of the Oracle Database Server database management system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the JDBC component of the Oracle Database Server management database system is related to access control errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.3CVSS7.2AI score0.00118EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/18 12:0 a.m.10 views

Vulnerability of the iblock module in the 1C-Bitrix website management system: Website management that allows attackers to gain unauthorized access to protected information

Vulnerability of the iblock module in the Content Management System CMS of 1C-Bitrix: Website management is associated with errors in processing the relative path to the catalog. Exploiting this vulnerability can allow unauthorized users to gain unauthorized access to protected information...

6.8CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/18 12:0 a.m.10 views

The vulnerability of the KVM switch display microprogramming system ATEN CL5708IM lies in the fact that the output operation goes beyond the buffer in memory, allowing a malicious actor to cause malfunctions in the service.

The vulnerability of the KVM switch display microprogramming system of ATEN CL5708IM is related to the output of operations beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure remotely...

7.8CVSS6AI score0.00954EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/17 12:0 a.m.10 views

The vulnerability of the Windows Microsoft PC Manager software for maintenance, cleaning, and security operations is related to access control errors, which allow attackers to escalate their privileges.

The vulnerability of the Windows Microsoft PC Manager software for maintenance, cleaning, and security operations is related to access control errors. Exploiting this vulnerability can allow attackers to increase their privileges...

7.8CVSS7.2AI score0.00331EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/07/17 12:0 a.m.10 views

The vulnerability in the drivers/acpi/platform_profile.c module of the Linux kernel allows a hacker to trigger a service failure.

The vulnerability in the drivers/acpi/platformprofile.c module of the Linux kernel is related to the use of an uninitialized resource. Exploiting this vulnerability can allow an attacker to cause a system failure...

5.5CVSS5.9AI score0.00127EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/17 12:0 a.m.10 views

The vulnerability of the Preferences component of the Oracle CRM system’s customer relationship management module. The Oracle E-Business Suite technical foundation for automating business processes, allowing attackers to gain access to read, modify, and delete information.

The vulnerability of the Preferences component of the Oracle CRM system’s customer relationship management module is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain read, modify, and delete access to information...

5.5CVSS7.2AI score0.0029EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/07/17 12:0 a.m.10 views

The vulnerability of the gf_ac4parser_bs function in the MP4Box multimedia platform of GPAC allows a hacker to cause a service failure or disclose protected information.

The vulnerability of the gfac4parserbs function in the MP4Box utility of the GPAC multimedia platform is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause system failures or disclose protected information...

6.1CVSS5.7AI score
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/07/17 12:0 a.m.10 views

The vulnerability of the em_compute_costs() function in the kernel/power/energy_model.c module of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the emcomputecosts function in the kernel/power/energymodel.c module of the Linux operating system is related to the lack of checks for division by zero. Exploiting this vulnerability could allow an attacker to cause a service failure...

7CVSS5.9AI score0.00144EPSS
Exploits0References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/07/17 12:0 a.m.10 views

The vulnerability of HashiCorp’s Vault Community Edition and Vault Enterprise storage platforms, related to resource management errors, allows attackers to trigger service interruptions.

The vulnerability of the HashiCorp Vault Community Edition and Vault Enterprise storage platforms relates to resource management errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

3.1CVSS5.7AI score0.00214EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/07/15 12:0 a.m.10 views

The vulnerability of the parse.ParseUnverified() function in the golang-jwt library for handling web tokens allows attackers to disclose sensitive information that should be protected.

The vulnerability of the parse.ParseUnverified function in the golang-jwt library for handling web tokens in the Go programming language is related to uncontrolled resource consumption. Exploiting this vulnerability allows an attacker to disclose protected information...

7.8CVSS6.6AI score0.00693EPSS
Exploits0References17Affected Software12
BDU FSTEC
BDU FSTEC
added 2025/07/15 12:0 a.m.10 views

The vulnerability of the IBM Storage Scale cluster file system, related to the lack of data cleaning measures at the management level, allows attackers to escalate their privileges and execute arbitrary commands.

The vulnerability of the IBM Storage Scale cluster file system is related to the lack of measures taken at the management level to clean up data. Exploiting this vulnerability can allow a malicious actor to enhance their privileges and execute arbitrary commands remotely...

7.5CVSS5.8AI score0.0034EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/15 12:0 a.m.10 views

Vulnerability of Windows operating systems, related to synchronization errors when using shared resources, allows attackers to escalate their privileges.

The vulnerability of Windows operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS5.4AI score0.00275EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/07/14 12:0 a.m.10 views

The vulnerability of the PHP Snappy library, related to insufficient validation of requests on the server side, allows a attacker to perform an SSRF attack.

The vulnerability of the PHP Snappy library is related to insufficient validation of requests on the server side. Exploiting this vulnerability allows a malicious actor to execute an SSRF attack by sending a specially crafted HTTP request remotely...

5.8CVSS5.6AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/14 12:0 a.m.10 views

The vulnerability of the Laravel Translation Manager PHP framework allows attackers to perform cross-site scripting attacks.

The vulnerability of the Laravel Translation Manager PHP framework is related to the lack of security measures for handling web page structures. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

4CVSS5.2AI score0.00352EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/14 12:0 a.m.10 views

The vulnerability of the Microsoft Office software package, related to errors in data type mixing, allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft Office package is related to type conversion errors. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS5.8AI score0.00512EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/07/14 12:0 a.m.10 views

The vulnerability of the sub_410DDC() function in the web interface of the D-Link DIR-825 router’s microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the sub410DDC function in the web interface of the D-Link DIR-825 router’s microprogramming software is related to the reading of data beyond the buffer boundaries in memory during the processing of the language parameter. Exploiting this vulnerability allows a remote attacke...

10CVSS8.7AI score0.1598EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/14 12:0 a.m.10 views

The vulnerability of the Windows SSDP service on Microsoft Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the Windows SSDP service on Microsoft Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS7.6AI score0.0038EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/07/14 12:0 a.m.10 views

The vulnerability of the Windows User-Mode Driver Framework (UMDF) in Microsoft Windows operating systems allows a hacker to disclose sensitive information that is protected by this framework.

The vulnerability of the Windows User-Mode Driver Framework UMDF in Microsoft Windows is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to disclose protected information...

5.5CVSS5.4AI score0.00528EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/07/13 12:0 a.m.10 views

The vulnerability of the platform for creating, publishing, and reproducing digital advertising on Adobe Experience Manager (AEM) Screens lies in the lack of protective measures for the website structure, allowing attackers to execute arbitrary code.

The vulnerability of the platform for creating, publishing, and reproducing digital advertising within Adobe Experience Manager AEM Screens is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary...

5.5CVSS5.9AI score0.0023EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/07/13 12:0 a.m.10 views

The vulnerability of the CADImage plugin in the IrfanView software, which is used for viewing and playing graphic, video, and audio files, allows a hacker to execute arbitrary code.

The vulnerability of the CADImage plugin for viewing and playing back graphic, video, and audio files in IrfanView arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially...

7.8CVSS8AI score0.0022EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/11 12:0 a.m.10 views

The vulnerability of the Apica Loadtest plugin for Jenkins’ automation server lies in the fact that registration data is stored in an open manner, allowing a malicious actor to gain unauthorized access to the protected information.

The vulnerability of the Apica Loadtest plugin for Jenkins-based automation servers lies in the way registration data is stored in an open manner within the config.xml file. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

6.8CVSS5.4AI score0.00314EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/11 12:0 a.m.10 views

The vulnerability of the Windows RRAS operating system’s routing and remote access service allows a hacker to execute arbitrary code.

The vulnerability of the Windows RRAS operating system’s routing and remote access service is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS6.4AI score0.00748EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/07/11 12:0 a.m.10 views

The vulnerability of the Windows Virtual Hard Disk component allows a hacker to execute arbitrary code.

The vulnerability of the Windows Virtual Hard Disk component in Windows operating systems is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS6.2AI score0.01916EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2025/07/11 12:0 a.m.10 views

The vulnerability of the Graphics component of Windows operating systems, which allows a hacker to execute arbitrary code

The vulnerability of the Graphics component in Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.9AI score0.00273EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/07/11 12:0 a.m.10 views

The vulnerability of the data collection tool for Azure Monitor Agents, which operates on virtual machines and physical servers, stems from improper code generation. This allows attackers to execute arbitrary code.

Vulnerability of the data collection tool for Azure Monitor Agent, which processes virtual machines and physical servers, due to improper code generation management. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

7.5CVSS5.9AI score0.00839EPSS
Exploits0References2Affected Software1
Total number of security vulnerabilities5000