Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2025/02/24 12:0 a.m.10 views

The vulnerability in the open-source e-commerce web application PrestaShop relates to the lack of measures taken to protect the website structure, allowing attackers to perform cross-site scripting attacks.

The vulnerability in the open-source e-commerce web application PrestaShop relates to the lack of measures taken to protect the website’s structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks...

10CVSS7.5AI score0.5617EPSS
Exploits2References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/24 12:0 a.m.10 views

The vulnerability of the e_node() function in the htmldoc/html.cxx script of the HTMLDOC conversion tool allows a perpetrator to cause a service failure.

The vulnerability of the enode function in the htmldoc/html.cxx document, a tool for converting HTML DOC documents, is related to the escape character being output outside of the buffer in memory. Exploiting this vulnerability allows an attacker to cause service interruptions...

7.8CVSS7.4AI score0.01208EPSS
Exploits1References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/21 12:0 a.m.10 views

The vulnerability of the task and project management service WEEEK lies in the lack of measures taken to protect the website structure, allowing a perpetrator to execute arbitrary JavaScript code.

The vulnerability of the WEEEK task and project management service is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a remote attacker to execute arbitrary JavaScript code...

8.9CVSS5.9AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/19 12:0 a.m.10 views

The vulnerability of the setSSServer() function in the cstecgi.cgi script of the TOTOLINK X5000R router’s microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the setSSServer function in the cstecgi.cgi script of the TOTOLINK X5000R router’s microprogramming system is related to the lack of measures to sanitize input data when processing parameters such as password, port, and timeout. Exploiting this vulnerability allows a remote...

10CVSS5.9AI score0.02093EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/19 12:0 a.m.10 views

The vulnerability in the function PLT_FileMediaServerDelegate::ExtractResourcePath() of the file PltHttpServer.cpp in the software development library Platinum UPnP SDK allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the PLTFileMediaServerDelegate::ExtractResourcePath function in the pltHttpServer.cpp file of the software development library, Platinum UPnP SDK, is related to an incorrect limitation on the path name for directories with restricted access. Exploiting this vulnerability coul...

7.8CVSS6.2AI score0.01711EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/18 12:0 a.m.10 views

The vulnerability of the udf component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the udf component in the Linux operating system’s kernel is related to integer overflow. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.6AI score0.0024EPSS
Exploits0References43Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/02/18 12:0 a.m.10 views

The vulnerability of the Linux operating system’s USB kernel component, which allows a hacker to increase their privileges within the system

The vulnerability of the Linux operating system’s USB kernel component relates to the operation of data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain elevated privileges within the system...

7.8CVSS6.8AI score0.00271EPSS
Exploits0References26Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/02/18 12:0 a.m.10 views

The vulnerability of the Linux operating system’s Ethernet kernel component, which allows a hacker to gain unauthorized access to protected information

The vulnerability of the Linux operating system’s Ethernet kernel component is related to insufficient protection of service data in the grethinitrings function. Exploiting this vulnerability can allow unauthorized access to protected information...

5.5CVSS6.4AI score0.00234EPSS
Exploits0References23Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/02/18 12:0 a.m.10 views

The vulnerability of the dpaa2-switch component in the Linux operating system allows a hacker to gain unauthorized access to protected information.

The vulnerability of the dpaa2-switch component in the Linux operating system is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow unauthorized access to protected information...

5.5CVSS5.9AI score0.00233EPSS
Exploits0References11Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/02/18 12:0 a.m.10 views

The vulnerability of the software for updating Intel Driver & Support Assistant (DSA) stems from insufficient verification of data authenticity, allowing attackers to exploit their privileges.

The vulnerability of the Intel Driver & Support Assistant software for updating drivers is related to insufficient verification of data authenticity. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7.8CVSS5.5AI score0.00123EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/18 12:0 a.m.10 views

The vulnerability of the `netfs_pgpriv2_write_to_the_cache` function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the netfspgpriv2writetothecache function in the Linux operating system is related to incorrect input validation. Exploiting this vulnerability could allow an attacker to cause service failures...

5.5CVSS6.4AI score0.0017EPSS
Exploits0References10Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/02/17 12:0 a.m.10 views

The vulnerability of the generateNavigation() function in the PHP Spreadsheet library, which allows attackers to perform cross-site scripting attacks

The vulnerability of the generateNavigation function in the PhpSpreadsheet PHP library is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a remote attacker to perform cross-site scripting attacks...

5CVSS5.3AI score0.00371EPSS
Exploits4References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/17 12:0 a.m.10 views

The vulnerability of the pam_sm_authenticate() function in the PAM-PKCS#11 authentication module of Linux operating systems allows a hacker to bypass the authentication process and gain unauthorized access to protected information.

The vulnerability of the pamsmauthenticate function in the PAM-PKCS11 authentication module of Linux operating systems is related to authentication errors. Exploiting this vulnerability could allow a malicious actor to bypass the authentication process and gain unauthorized access to protected...

9.7CVSS6.9AI score0.00235EPSS
Exploits0References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/02/17 12:0 a.m.10 views

The vulnerability of Microsoft Edge browser, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Edge is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform spear-phishing attacks...

5.3CVSS7.8AI score0.01183EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/16 12:0 a.m.10 views

The vulnerability of the platform’s management interface for deploying and managing LoadMaster applications allows a perpetrator to execute arbitrary commands.

The vulnerability of the platform’s management interface for deploying and managing LoadMaster applications is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using a specially created HTTP request...

8.4CVSS8.2AI score0.00591EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/02/15 12:0 a.m.10 views

The vulnerability of the Navigation function in Google Chrome and Microsoft Edge browsers allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the Navigation function in Google Chrome and Microsoft Edge is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code or cause a service failure...

7.5CVSS8AI score0.00417EPSS
Exploits0References12Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/02/14 12:0 a.m.10 views

The vulnerability of the sub_422eb8 function in Linksys E8450 Wi-Fi routers allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the sub422eb8 function in Linksys E8450 Wi-Fi routers’ microprogramming software is related to the copying of buffers without checking the size of the input data during the processing of the strncpy parameter. Exploiting this vulnerability allows an attacker to execute...

6.3CVSS6AI score0.00422EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/13 12:0 a.m.10 views

The vulnerability of the Security component of the MacOS operating system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Security component of the MacOS operating system is related to the insecure storage of confidential information. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.5CVSS5.4AI score0.0063EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/13 12:0 a.m.10 views

The vulnerability of the proxy server of the Fortinet FortiManager device management software, as well as the FortiAnalyzer security event monitoring and analysis tools, allows a perpetrator to execute arbitrary codes or commands.

The vulnerability of the proxy server of the Fortinet FortiManager device management software, as well as the FortiAnalyzer event monitoring and analysis tools, relates to an escape from the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or...

9CVSS6.3AI score0.00639EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/02/13 12:0 a.m.10 views

The vulnerability of the Windows Microsoft PC Manager software for maintenance, cleaning, and security operations is related to incorrect handling of symbolic links before accessing files. This allows attackers to exploit their privileges.

The vulnerability of the Windows Microsoft PC Manager software for maintenance, cleaning, and security operations is related to incorrect handling of symbolic links before accessing files. Exploiting this vulnerability can allow attackers to increase their privileges...

7.8CVSS7.7AI score0.00637EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/02/13 12:0 a.m.10 views

The vulnerability of the SharedFileList component in MacOS operating systems allows a perpetrator to compromise the integrity of protected information.

The vulnerability of the SharedFileList component in MacOS operating systems is related to improper storage of permissions. Exploiting this vulnerability can allow an attacker to compromise the integrity of the protected information...

3.3CVSS7.1AI score0.00154EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/13 12:0 a.m.10 views

The vulnerability of the Accounts component in operating systems such as MacOs, iOS, and iPadOS allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Accounts component in MacOS, iOS, and iPadOS is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.3CVSS7.2AI score0.0049EPSS
Exploits0References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/02/13 12:0 a.m.10 views

The vulnerability in the form2WlanBasicSetup.cgi script of the D-Link DIR-816A router’s software allows a hacker to execute arbitrary code.

The vulnerability of the form2WlanBasicSetup.cgi microprogramming system of the D-Link DIR-816A2 router is related to access control deficiencies. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created HTTP POST request...

7.8CVSS8.2AI score0.00419EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/12 12:0 a.m.10 views

The vulnerability of the cifs component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the cifs component in the Linux operating system’s kernel is related to the pointer to NULL. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.0021EPSS
Exploits0References24Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/02/12 12:0 a.m.10 views

The vulnerability of the bpf_sk_select_reuse_port() function in the net/core/filter.c module of Linux kernel allows a hacker to cause a service failure.

The vulnerability of the bpfskselectreuseport function in the net/core/filter.c module of Linux kernel systems is related to the lack of memory release after the effective lifespan of the function has ended. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00214EPSS
Exploits0References23Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/02/11 12:0 a.m.10 views

The vulnerability of Zyxel network device software of the CPE series exists due to the lack of measures taken to neutralize special elements used in the operating system commands. This allows attackers to execute arbitrary commands.

The vulnerability of Zyxel network devices of the CPE series exists due to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands with privileges as “supervisor” or...

10CVSS8.4AI score0.20121EPSS
Exploits0References10
BDU FSTEC
BDU FSTEC
added 2025/02/03 12:0 a.m.10 views

The vulnerability of the EctEnhancedCT method in the DICOM DCMT format allows a intruder to gain unauthorized access to protected information.

The vulnerability of the EctEnhancedCT method in the DICOM DCMT library lies in the copying of buffers without checking the input data. Exploiting this vulnerability could allow an unauthorized actor to gain unauthorized access to protected information...

8.5CVSS6.8AI score0.00729EPSS
Exploits1References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/02/03 12:0 a.m.10 views

The vulnerability of the jffs2 component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the jffs2 component in the Linux operating system’s kernel is related to errors that occur after release. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.0025EPSS
Exploits0References14Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/02/03 12:0 a.m.10 views

The vulnerability of the mlxsw component in the Linux operating system’s kernel, which allows a hacker to trigger a service failure

The vulnerability of the mlxsw component in the Linux operating system’s kernel is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

7.8CVSS6.7AI score0.00234EPSS
Exploits0References10Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/01/29 12:0 a.m.10 views

The vulnerability in the driver/gpu/drm/amd/amdkfd/kfd InterruptInterrupt.c component of the Linux operating system allows a attacker to cause a service failure.

The vulnerability of the drivers/gpu/drm/amd/amdkfd/kfd InterruptInterrupt.c component in the Linux operating system is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

4.7CVSS6.4AI score0.00421EPSS
Exploits0References13Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/01/23 12:0 a.m.10 views

The vulnerability of the Microsoft AutoUpdate (MAU) application for Mac, which manages privileges in a non-safe manner, allows a malicious individual to escalate their privileges.

The vulnerability of the Microsoft AutoUpdate MAU for Mac application related to insecure management of privileges. Exploiting this vulnerability could allow an attacker to escalate their privileges...

7.8CVSS7.7AI score0.0044EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/01/20 12:0 a.m.10 views

The vulnerability of the Public Project Handler component of the git-based software platform for collaborative code development on GitLab allows a hacker to gain access to protected information.

The vulnerability of the Public Project Handler component in the git-based software platform for collaborative code development on GitLab is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to...

5.3CVSS5.6AI score0.00435EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/20 12:0 a.m.10 views

The vulnerability of the web interface of the IBM Sterling B2B Integrator software allows a perpetrator to execute arbitrary code and gain unauthorized access to protected information.

The vulnerability of the web interface of the IBM Sterling B2B Integrator software solution relates to the lack of protective measures for the website structure. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code and gain unauthorized access to protected...

5.5CVSS6AI score0.00213EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/20 12:0 a.m.10 views

The vulnerability of the CGI script form2PortriggerRule.cgi of the D-Link DIR-816A2 router’s microprogramming system allows a hacker to execute arbitrary code.

The vulnerability of the CGI script form2PortriggerRule.cgi of the D-Link DIR-816A2 router’s microprogramming system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted POST request...

10CVSS8.2AI score0.00492EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/20 12:0 a.m.10 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to the manipulation of inter-site requests, allows a perpetrator to carry out a CSRF attack.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to perform a CSRF attack remotely...

5.5CVSS5.4AI score0.00423EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/19 12:0 a.m.10 views

The vulnerability of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller lies in the lack of a mechanism for generating error reports. This allows attackers to gain unauthorized access to protected information.

The vulnerabilities of the software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller are related to deficiencies in the mechanism for generating error reports. Exploiting these vulnerabilities can allow unauthorized actors to...

4.3CVSS5.6AI score0.00771EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/01/17 12:0 a.m.10 views

The vulnerability of the Ivanti EPM endpoint management software lies in the improper restriction of path names in the catalog, which allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Ivanti EPM endpoint management software is related to incorrect restrictions on path names in the catalog. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

10CVSS8.1AI score0.89738EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2025/01/17 12:0 a.m.10 views

The vulnerability of the Ivanti EPM endpoint management software lies in the lack of protective measures for the SQL query structure, allowing a hacker to execute malicious code remotely.

The vulnerability of the Ivanti EPM endpoint management software relates to the lack of security measures for SQL query structures. Exploiting this vulnerability allows a remote attacker to execute malicious code remotely...

9CVSS7.8AI score0.64176EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/01/16 12:0 a.m.10 views

The vulnerability of the Microsoft Visual Studio software, related to reading data beyond the allowed range in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft Visual Studio software development tool is related to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code remotely...

10CVSS8.1AI score0.01523EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/01/16 12:0 a.m.10 views

The vulnerability of the Dell VxRail hyper-converged infrastructure, related to the unencrypted storage of critical information, allows a intruder to disclose protected data.

The vulnerability of the Dell VxRail hyper-converged infrastructure is related to the unencrypted storage of critical information. Exploiting this vulnerability could allow an attacker to disclose the protected data...

7.5CVSS5.5AI score0.00126EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/16 12:0 a.m.10 views

The vulnerability of the Coredns DNS server, related to information disclosure through caching, allows attackers to perform spoofing attacks.

The vulnerability of the coredns DNS server relates to the disclosure of information through caching. Exploiting this vulnerability allows a malicious actor to perform spoofing attacks remotely...

5.3CVSS6.1AI score0.0076EPSS
Exploits0References7Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/01/16 12:0 a.m.10 views

The vulnerability of the MapUrlToZone method in Windows operating systems allows attackers to disclose sensitive information that is protected by security measures.

The vulnerability of the MapUrlToZone method in Windows operating systems is related to improper handling of path equivalence. Exploiting this vulnerability can allow an attacker to disclose protected information remotely...

5CVSS7.7AI score0.02908EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/01/16 12:0 a.m.10 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab EE/CE arises from improper handling of user actions, allowing unauthorized access to protected information by attackers.

The vulnerability of the Git-based software platform for collaborative code development in GitLab EE/CE is related to improper management of user actions. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

4.2CVSS5.5AI score0.00272EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/15 12:0 a.m.10 views

The vulnerability of the Microsoft Message Queuing (MSMQ) queue service on Windows operating systems allows a perpetrator to disclose protected information.

The vulnerability of the Microsoft Message Queuing MSMQ queue service on Windows operating systems is related to the use of an uninitialized resource. Exploiting this vulnerability could allow a malicious actor to disclose protected information...

7.8CVSS7.7AI score0.02073EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/01/15 12:0 a.m.10 views

The vulnerability of the Node Access Rebuild component in Drupal CMS systems, related to deficiencies in access control, allows attackers to bypass security restrictions.

The vulnerability of the Node Access Rebuild component in Drupal CMS systems is related to deficiencies in access control. Exploiting this vulnerability allows an attacker to bypass security restrictions remotely...

5.5CVSS5.4AI score0.00207EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/15 12:0 a.m.10 views

The vulnerability of the VSP Elevation function in the hardware virtualization technology of Windows Hyper-V operating systems allows attackers to elevate their privileges to the SYSTEM level.

The vulnerability of the VSP Elevation function in the hardware virtualization layer of Windows Hyper-V operating systems involves the possibility of exploiting memory after it is freed. Exploiting this vulnerability can allow an attacker to elevate their privileges to the SYSTEM level...

7.8CVSS7.8AI score0.01363EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/01/14 12:0 a.m.10 views

The vulnerability of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller lies in the lack of a mechanism for generating error reports. This allows attackers to gain unauthorized access to protected information.

The vulnerabilities of the software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller are related to deficiencies in the mechanism for generating error reports. Exploiting these vulnerabilities can allow unauthorized actors to...

4.3CVSS5.6AI score0.00541EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/01/14 12:0 a.m.10 views

The vulnerability of the Drupal File Entity CMS system, related to the lack of measures taken to protect the website structure, allows attackers to bypass security restrictions and perform cross-site scripting attacks.

The vulnerability of the Drupal File Entity CMS system is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and perform cross-site scripting attacks...

5.5CVSS5.2AI score0.00228EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.10 views

The vulnerability of the switch network firewall for HPE CX 10000 corporate networks allows a intruder to disclose protected information.

The vulnerability of the switch network firewalls for HPE CX 10000 corporate networks is related to insufficient protection of operational data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

3.4CVSS5.5AI score0.00236EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.10 views

The vulnerability of the SSL VPN remote access technology for SonicOS operating systems allows a hacker to increase their privileges.

The vulnerability of the SSL VPN remote access technology implemented on SonicOS is related to the bypassing of authentication due to a fundamental error in the implementation. Exploiting this vulnerability allows a malicious actor to enhance their privileges remotely...

9.4CVSS6.6AI score0.00459EPSS
Exploits0References3Affected Software1
Total number of security vulnerabilities5000