90509 matches found
The vulnerability of the TIFFClose() function in the LibTIFF library, which allows a hacker to cause a service failure
The vulnerability of the TIFFClose function in the LibTIFF library is related to pointer dereferencing errors. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Softing edgeAggregator data integration tool lies in its lack of protection for website structures, allowing attackers to execute arbitrary code with root privileges.
The vulnerability of the Softing edgeAggregator data integration tool is related to the lack of security measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with root privileges...
The vulnerability of the GRand Unified Bootloader (GRUB) of the Cisco IOS XR router operating system from Network Convergence System’s 540 Series and Cisco 9000 Series routers allows a hacker to execute arbitrary code.
The vulnerability of the GRand Unified Bootloader GRUB in Cisco IOS XR routers from the Network Convergence System 540 Series and Cisco 9000 Series is related to deficiencies in the authentication process. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerabilities of the software products for developing HMI/SCADA systems such as EcoStruxure Machine SCADA Expert and Pro-face BLUE Open Studio allow attackers to execute arbitrary code.
The vulnerability of the software products for developing HMI/SCADA systems such as EcoStruxure Machine SCADA Expert and Pro-face BLUE Open Studio is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability of the WordPress Metaslider plugin stems from the lack of measures taken to protect the structure of the web page. This allows attackers to gain unauthorized access to the protected information.
The vulnerability of the WordPress Metaslider plugin exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...
The vulnerability of the microprogrammed software of Moxa routers series TN-5916, TN-4900, EDR-G903, EDR-G902, and EDR-810 is related to errors in processing input data, which can allow a perpetrator to cause service failures.
The vulnerability of the microprogrammed routing software from Moxa, models TN-5916, TN-4900, EDR-G903, EDR-G902, and EDR-810, is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to cause service failures by sending specially crafted HTTP/HTTPS...
The vulnerability of the executable file IGSSdataServer.exe of the Data Server module in the Interactive Graphical SCADA System (IGSS) allows a perpetrator to execute arbitrary code.
The vulnerability of the IGSSdataServer.exe executable file of the Data Server module in the Interactive Graphical SCADA System IGSS is related to a numerical overflow vulnerability. Exploiting this vulnerability could allow an attacker to execute arbitrary code by sending a specially crafted...
The vulnerability of the SCADA system “SKADA-NEV”, related to uncontrolled resource consumption, allows a intruder to trigger a service failure.
The vulnerability of the SCADA system “SKADA-NEV” is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...
The vulnerability of the microprogramming software used in Diebold-Nixdorf CMDv5 dispensers allows a perpetrator to install an outdated or modified version of the microprogramming software in order to bypass encryption and dispense cash.
The vulnerability of the microprogramming software used in Diebold-Nixdorf CMDv5 dispensers relates to the possibility of bypassing security mechanisms. Exploiting this vulnerability allows an intruder to install an outdated or modified version of the microprogramming software, thereby...
The vulnerability of the microprogramming software used in Diebold-Nixdorf RM3/CRS cash dispensers allows a perpetrator to install an outdated or modified version of the microprogramming software in order to bypass encryption and dispense cash.
The vulnerability of the microprogramming software of Diebold-Nixdorf RM3/CRS dispensers relates to the possibility of bypassing security mechanisms. Exploiting this vulnerability could allow an intruder to install a outdated or modified version of the microprogramming software, thereby...
The vulnerability of the SAP NetWeaver integration platform, related to the lack of measures taken to protect the structure of the web page, allows a hacker to intercept the session of administrators or users of web resources.
The vulnerability of the MDT software integration platform for SAP NetWeaver is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor, operating remotely, to intercept the session of an administrator or user of the w...
The vulnerability of the SAP NetWeaver integration platform, related to the lack of measures taken to protect the structure of web pages, allows attackers to intercept administrator or user sessions of web resources.
The vulnerability of the Pmitest server of the SAP NetWeaver software integration platform is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor, operating remotely, to intercept the session of administrators or...
The vulnerability of the `png_convert_from_time_t` function in the libpng library, related to the pointer manipulation involving NULL, allows an attacker to cause a service failure.
The vulnerability of the pngconvertfromtimet function in the libpng library is related to the assignment of a NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the k2ddoc.dll library in the KOMPAS-3D three-dimensional modeling system, related to the execution of operations outside the buffer in memory, allows a hacker to cause a service failure.
The vulnerability of the k2ddoc.dll library in the KOMPAS-3D three-dimensional modeling system is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure using a specially crafted CDW format file...
The vulnerability of the programmatically defined Cisco SD-WAN network component allows a attacker to trigger a service failure.
The vulnerability of the programmatically defined Cisco SD-WAN API component is related to resource management errors. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the Win32k.sys component of the Windows operating system, which allows a hacker to increase their privileges
The vulnerability of the Win32k.sys component of the Windows operating system is related to errors in call handling. Exploiting this vulnerability can allow an attacker to enhance their privileges by running a specially created application...
The vulnerability of the Apache OpenOffice office software component relates to the occurrence of operations beyond buffer boundaries in memory. This allows attackers to gain unauthorized access to confidential data, cause service failures, or compromise data integrity.
The vulnerability of the Apache OpenOffice office software component relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to confidential data, cause service failures, or compromise data...
The vulnerability of the Information Manager Console component of the Oracle Knowledge business application, which allows a perpetrator to compromise the integrity, confidentiality, and accessibility of protected information.
The vulnerability of the Information Manager Console component of the Oracle Knowledge business application relates to insufficient validation of input data. Exploiting this vulnerability allows an attacker to compromise the integrity, confidentiality, and accessibility of protected information...
The vulnerability of the logback-core class in the QOS.ch file of the Jackson-databind library allows a hacker to execute arbitrary code.
The vulnerability of the logback-core class in the QOS.ch file of the Jackson-databind library is related to the recovery of unreliable data in memory. Exploiting this vulnerability may allow a remote attacker to execute arbitrary code...
The vulnerability of the SiTex distributed application development platform, related to insufficient verification of access rights, allows a perpetrator to disclose protected information.
The vulnerability of the SiTex distributed application development platform is related to insufficient verification of user access rights to data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose protected information...
The vulnerability of the Apache Tika content detection and analysis environment, due to uncontrolled resource consumption, allows attackers to cause service failures.
The vulnerability of the Apache Tika content detection and analysis engine is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the Advantech WebAccess remote monitoring software lies in the insecure management of privileges. This allows a perpetrator to elevate their privileges and gain access to files.
The vulnerability of Advantech WebAccess remote monitoring software relates to insecure management of privileges. Exploiting this vulnerability can allow attackers to enhance their privileges and gain access to files...
The vulnerability of the fly-admin-int-check integrity control utility in the Astra Linux operating system, which allows a perpetrator to trigger a service failure.
The vulnerability of the fly-admin-int-check integrity control utility in the Astra Linux operating system is related to an unexpected termination of the program upon exit. Exploiting this vulnerability could allow a perpetrator to cause a service failure...
The vulnerability of the libssh2 library, related to writing beyond the buffer boundaries in memory, allows a attacker to cause a service failure, execute arbitrary code, or disclose sensitive information.
The vulnerability of the libssh2 library lies in the writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to cause service failures, execute arbitrary code, or disclose sensitive information...
The vulnerability in the IOx application environment for the Cisco IOS operating system allows a hacker to elevate their privileges to the root level.
The vulnerability in the IOx application environment for the Cisco IOS operating system is related to errors during role-based access control checks. Exploiting this vulnerability allows a malicious actor to elevate their privileges to the root level...
Vulnerability of the software complex: Regional electronic budget. An integration platform related to insufficient protection of web page structures, allowing attackers to execute arbitrary JavaScript code in the user’s browser.
Vulnerability of the software complex: Regional electronic budget. The integration platform is associated with insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code in the user’s browser remotely...
The vulnerability of the Windows AppX Deployment Service (AppXSVC) in the Windows operating system allows a perpetrator to escalate their privileges.
The vulnerability of the Windows AppX Deployment Service AppXSVC operating system is related to errors in handling hard links. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...
The vulnerability of the gpg data encryption tool from the gnupg package, related to errors in pointer arithmetic, allows a perpetrator to trigger a service failure.
The vulnerability of the gpg data encryption tool from the gnupg package is related to errors in pointer arithmetic. Exploiting this vulnerability could allow an attacker to trigger a service failure, by passing a specially crafted file as an argument to the command line...
The vulnerability of the nettle-hash cryptographic hash function’s implementation, caused by segmentation errors, allows a hacker to trigger a service failure.
The vulnerability of the nettle-hash cryptographic hash function lies in segmentation errors. Exploiting this vulnerability could allow an attacker to cause a service failure in an application by entering a specially crafted sequence of data into the command line...
The vulnerability of the `ppdcSource::find_variable` function in the workmanir utility from the libirman-dev package allows a hacker to cause a service failure.
The vulnerability of the ppdcSource::findvariable function /usr/lib/x8664-linux-gnu/libcupsppdc.so.1 in the workmanir utility from the libirman-dev package is related to buffer overflow vulnerabilities 0x00007ffff7bca37a. Exploiting this vulnerability may allow an attacker to cause a service...
The vulnerability of the Windows GDI component in Windows operating systems allows attackers to gain unauthorized access to protected information.
The vulnerability of the Windows GDI component in Windows operating systems is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability of the smsc75xx_bind processor in Linux kernel allows a hacker to trigger a service failure.
The vulnerability of the smsc75xxbind implementation in Linux kernel drivers drivers/net/usb/smsc75xx.ko is related to a memory allocation error. Exploiting this vulnerability can allow an attacker to cause a service failure when connecting a SMSC75XX USB 2.0 Gigabit Ethernet device. This creates...
The vulnerability of the Cisco Webex Network Recording Player and Cisco Webex Player for Windows operating systems arises from incorrect validation of input data, allowing an attacker to execute arbitrary code.
The vulnerability of the Cisco Webex Network Recording Player and Cisco Webex Player for Windows operating systems is related to improper validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code using specially crafted files in the Advanced Recording...
The vulnerability of the “Security Management Center” component of the Dr.Web Enterprise Security Suite allows a hacker to execute HTML code.
The vulnerability of the “Security Management Center” component of the Dr.Web Enterprise Security Suite exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary HTML code into the user’s browser by placin...
The vulnerability of the HTTP/2 server implementation in nginx allows a attacker to trigger a service failure.
The vulnerability of the HTTP/2 server implementation based on nginx is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...
The vulnerability of the access control service for remote catalogs and the authentication mechanism of the Astra Linux operating system allow a intruder to trigger a service failure.
The vulnerability of the access control service for remote catalogs and the authentication mechanism of the Astra Linux operating system is related to a flaw that causes domain users to be unable to obtain token credentials during authentication when they lose connection to the domain server...
The vulnerability of the User Monitoring component in the Application Management Pack of the Oracle E-Business Suite allows a malicious individual to gain unauthorized access to protected data.
The vulnerability of the User Monitoring component in the Application Management Pack of the Oracle E-Business Suite is related to access control errors. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected data using the HTTP...
Vulnerability in the MPEG-2 decoder of the Android operating system, allowing a hacker to execute arbitrary code
The vulnerability in the MPEG-2 decoder of the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code
The vulnerability of the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the Android operating system’s Mediaserver service allows a hacker to cause memory corruption during the use of media files or other data.
The vulnerability of the Android operating system’s Mediaserver service arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to inject arbitrary code using a specially created file, which can cause memory corruption duri...
The vulnerability in the Chakra JavaScript engine of the Microsoft Edge browser allows a hacker to execute arbitrary code or trigger memory corruption.
The vulnerability in the Chakra JavaScript engine of Microsoft Edge occurs due to an operation going beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause memory corruption...
The vulnerability of the Linux operating system’s kernel, which allows a hacker to obtain confidential information
The vulnerability of the serialmultiportstruct structure in the Linux operating system is related to access control deficiencies. Exploiting this vulnerability could allow a local attacker to obtain confidential information...
The vulnerability of the FFmpeg multimedia library, which allows a intruder to trigger a service failure or cause other effects
The vulnerability in the libavcodec/tiff.c function of the FFmpeg multimedia library arises from buffer overflow. Exploiting this vulnerability can allow an attacker to cause a service failure such as inability to read data outside the array bounds or have other effects by using a specially creat...
The vulnerabilities of Adobe Integrated Runtime and Flash Player software allow a perpetrator to execute arbitrary code.
The vulnerability of the instanceof function in Adobe Integrated Runtime and Flash Player is related to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by taking advantage of the processing of link handling...
The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.
The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the um_rp_autochannel() function in the microprogramming software for Linksys RE6250, RE6300, RE6350, RE6500, RE7000, and RE9000 allows a hacker to execute arbitrary code.
The vulnerability of the umrpautochannel function in the microprogramming software for Linksys RE6250, RE6300, RE6350, RE6500, RE7000, and RE9000 lies in the fact that the operation’s output escapes the buffer and is stored in memory when processing the apcliAuthMode2G and apcliAuthMode5G...
The vulnerability of the Alerts & IRM platform’s notification service for monitoring and surveillance allows a perpetrator to disclose protected information.
The vulnerability of the Alerts & IRM platform’s notification service for monitoring and surveillance in Grafana relates to insufficient protection of operational data when connected to the DingDing contact point. Exploiting this vulnerability can allow a malicious actor to disclose protected...
The vulnerability of the Renesas Electronics RH850/F1L microcontroller, related to improper protection against voltage spikes and clock frequency fluctuations, allows a hacker to gain access to the protected information.
The vulnerability of the Renesas Electronics RH850/F1L microcontroller is related to improper protection against voltage spikes and clock frequency fluctuations. Exploiting this vulnerability can allow an attacker to gain access to the protected information...
Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.
The vulnerability of the MySQL Server component involves an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions using the MySQL network protocol...
The vulnerability of Adobe Illustrator, related to writing beyond the buffer boundaries, allows a hacker to execute arbitrary code.
The vulnerability of Adobe Illustrator graphic editor is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created file...