90509 matches found
Vulnerability of the md_check_recovery() function in the drivers/md/md.c module – The driver for supporting multiple devices (RAID and LVM) in the Linux kernel allows a hacker to trigger a service failure.
Vulnerability of the mdcheckrecovery function in the drivers/md/md.c module – The Linux kernel’s device support driver for multiple devices such as RAID and LVM is vulnerable due to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to cause system failures...
The vulnerability of the `ieee802154_create()` function in the `net/ieee802154/socket.c` module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the ieee802154create function in the net/ieee802154/socket.c module of the Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...
The vulnerability of the bpf_link_show_fdinfo() function in the kernel/bpf/syscall.c module of the Linux operating system allows a attacker to compromise the confidentiality and accessibility of the protected information.
The vulnerability of the bpflinkshowfdinfo function in the kernel/bpf/syscall.c module of the Linux operating system is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility of the protected...
The vulnerability of the ntpd implementation of the Network Time Synchronization Protocol allows a perpetrator to cause a service failure.
The vulnerability of the ntpd implementation of the Network Time Synchronization Protocol is related to insufficient validation of the data entered by users during the processing of NTP packets. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of the mctp_i2c_header_create() function in the drivers/net/mctp/mctp-i2c.c module of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the mctpi2cheadercreate function in the drivers/net/mctp/mctp-i2c.c kernel module of the Linux operating system is related to insufficient input validation. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the blk-cgroup kernel component in the Linux operating system, which allows a hacker to cause a service failure
The vulnerability of the blk-cgroup component in the Linux operating system’s kernel is related to memory corruption. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the octeon_ep component in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the octeonep component in the Linux operating system’s kernel is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Linux operating system’s Bluetooth kernel component, which allows a hacker to trigger a service failure
The vulnerability of the Linux operating system’s Bluetooth kernel component is related to improper error handling in the function isoinit in net/bluetooth/iso.c. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the ntfs3 component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the ntfs3 component in the Linux operating system’s kernel is related to incorrect blocking in the ntfsdhash function in fs/ntfs3/namei.c. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of Eclipse Jetty servlet containers, related to uncontrolled resource consumption, allows attackers to cause service failures.
The vulnerability of Eclipse Jetty servlet containers is related to uncontrolled resource consumption in the ThreadLimitHandler.getRemote function. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerability of the stm32_spdifrxremove() function in the sound/soc/stm/stm32_spdifrx.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the stm32spdifrxremove function in the sound/soc/stm/stm32spdifrx.c module of the Linux kernel is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability in the `include/net/ip_tunnels.h` header file of the IPv4 protocol implementation in Linux kernel allows a attacker to cause a service failure.
The vulnerability in the include/net/iptunnels.h header file of the IPv4 protocol implementation in Linux operating systems is related to incorrect resource blocking. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the mlx5_lag_create_port_sel_table() function in the net/mlx5 components of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the mlx5lagcreateportseltable function in Linux kernel-based net/mlx5 components is related to improper input validation. Exploiting this vulnerability can allow an attacker to cause system failures...
The vulnerability of the python-multipart streaming multi-component parser, related to uncontrolled resource consumption, allows a hacker to cause a service failure.
The vulnerability of the python-multipart streaming multi-component parser is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the hb_cairo_glyphs_from_buffer() function in the Harfbuzz text transformation library allows a hacker to execute arbitrary code.
The vulnerability of the hbcairoglyphsfrombuffer function in the Harfbuzz text transformation library is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the kernel component of the Linux operating system, which allows a hacker to cause a service failure
The vulnerability of the kernel component of the Linux operating system is related to a memory leak in the vcapapiencoderuletest function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Linux operating system’s kernel driver/perf components, which allows a hacker to trigger a service failure
The vulnerability of the alidrwpmuisr function in Linux kernel’s drivers/perf component is related to memory corruption. Exploiting this vulnerability can allow an attacker to cause a system failure...
The vulnerability of the bpf component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the bpf component in the Linux operating system’s kernel is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the mmc component in the Linux operating system’s kernel allows a hacker to gain elevated privileges within the system.
The vulnerability of the mmc component in the Linux operating system’s kernel is related to memory corruption. Exploiting this vulnerability can allow an attacker to gain elevated privileges within the system...
The vulnerability of Google Chrome browsers, related to memory usage after deallocation, allows attackers to compromise the confidentiality, integrity, and accessibility of data.
The vulnerability of Google Chrome relates to the use of memory after deallocation. Exploiting this vulnerability can allow an attacker to compromise privacy, integrity, and accessibility of data...
The vulnerability of the Linux operating system’s kernel USB component, which allows a hacker to trigger a service failure
The vulnerability of the usbtmccreateurb function in the Linux kernel USB component is related to a memory leak. Exploiting this vulnerability could allow an attacker to cause a system failure...
The vulnerability of the cross-platform web service infrastructure platform Mono ServiceStack, related to improper verification of the cryptographic signature of data, allows attackers to bypass the signature verification and gain access to protected information.
The vulnerability of the cross-platform web service infrastructure of Mono ServiceStack is related to improper verification of the cryptographic signature of data. Exploiting this vulnerability allows a malicious actor to bypass signature checks and gain access to protected information...
The vulnerability of the ethnl_set_channels() function in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the ethnlsetchannels function in the Linux operating system’s kernel is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the preempt_fence_work_func() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the preemptfenceworkfunc function in the Linux operating system’s kernel is related to insufficient resource locking. Exploiting this vulnerability can allow an attacker to trigger a service failure...
The vulnerability of the Inventory module in the GLPI system, which handles requests, incidents, and inventory management of computer equipment, allows a perpetrator to execute arbitrary codes.
The vulnerability of the Inventory module in the GLPI system, which handles requests, incidents, and inventory management of computer equipment, involves unlimited loading of dangerous files. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Inventory module in the GLPI system, which handles requests, incidents, and inventory management of computer equipment, allows a hacker to execute arbitrary SQL commands.
The vulnerability of the Inventory module in the GLPI system for job requests, incidents, and computer equipment inventory relates to the improper elimination of special elements used in SQL queries. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...
The vulnerability of the a6xx_gpu_init() function in the drivers/gpu/drm/msm/adreno/a6xx_gpu.c kernel of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the a6xxgpuinit function in the drivers/gpu/drm/msm/adreno/a6xxgpu.c module of the Linux kernel is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a system failure...
The vulnerability of the is_end_zone_blkaddr() function in the fs/f2fs/data.c file of the F2FS kernel of the Linux operating system allows a attacker to cause a service failure.
The vulnerability of the isendzoneblkaddr function in the fs/f2fs/data.c file of the F2FS file system in the Linux operating system is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation, related to the use of files and directories accessible to external parties, allows a perpetrator to delete or modify any files they desire.
The vulnerability of the software environment for simulation modeling of systems and processes in Siemens Tecnomatix Plant Simulation lies in the use of files and directories accessible to external parties. Exploiting this vulnerability could allow attackers to delete or modify any arbitrary file...
The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software lies in the lack of measures to neutralize special elements, allowing attackers to execute arbitrary code.
The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software lies in the incorrect limitation of the path name in the restricted access catalog, allowing attackers to read and write arbitrary files.
The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software is related to an incorrect limitation on the name of the path to the restricted-access catalog. Exploiting this vulnerability allows a malicious actor to read and write arbitrary files remotely...
The vulnerability of the command-line interface of SiPass IP access controllers allows attackers to execute arbitrary commands and gain unauthorized access to protected information.
The vulnerability of the command-line interface of SiPass IP access controllers is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary commands and gain unauthorized access to protected information...
The vulnerability of the `atmel_pmecc_create_user()` function in the `drivers/mtd/nand/raw/atmel/pmecc.c` file of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the atmelpmecccreateuser function in the drivers/mtd/nand/raw/atmel/pmecc.c file of the Linux kernel is related to a recurrence of memory deallocation. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...
Vulnerability of the efx_farch_handle_tx_event() function in the drivers/net/ethernet/sfc/farch.c module – a driver for supporting Ethernet network adapters in the Linux kernel, which allows an attacker to cause a service failure.
Vulnerability of the efxfarchhandletxevent function in the drivers/net/ethernet/sfc/farch.c module – The Linux kernel’s Ethernet network adapter support driver is vulnerable due to the use of a NULL pointer dereferencing. Exploiting this vulnerability could allow an attacker to cause a system...
The vulnerability of the CI Lint API component of the software platform based on git for collaborative code development in GitLab allows a attacker to perform an SSRF attack.
The vulnerability of the CI Lint API component of the software platform based on Git for collaborative code development on GitLab is related to insufficient testing of server-side requests. Exploiting this vulnerability allows a malicious actor to perform an SSRF attack remotely...
The vulnerability of the do_tcp_setsockopt() function in the net/ipv4/tcp.c module of the Linux operating system’s IPv4 protocol implementation allows a attacker to cause a service failure.
The vulnerability of the dotcpsetsockopt function in the net/ipv4/tcp.c module of the Linux operating system’s IPv4 protocol implementation is related to incorrect input validation. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the C-more Programming Software for programming and configuring sensor panels (EA9 Series) lies in buffer overflows in the stack, allowing an attacker to execute arbitrary code.
The vulnerability of the C-more Programming Software for programming and configuring sensor panels EA9 Series is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to execute arbitrary code using specially created EAP9 format files...
The vulnerability of the i2c_imx_xfer() function in the drivers/i2c/busses/i2c-imx.c module of the Linux kernel allows a hacker to gain access to protected information.
The vulnerability of the i2cimxxfer function in the drivers/i2c/busses/i2c-imx.c file of the Linux kernel is related to security configuration errors. Exploiting this vulnerability could allow an attacker to access protected information...
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the writing beyond buffer boundaries in memory. This allows a malicious actor to execute arbitrary code.
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment related to simulation modeling of systems and processes lies in the writing of data beyond buffer boundaries in memory. Exploiting this vulnerability coul...
The vulnerability of the FortiWeb web applications’ network interface filter component allows attackers to execute arbitrary commands.
The vulnerability of the log removal filter component in FortiWeb web applications is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary commands...
The vulnerability of the gitRepo function in the Kubernetes cluster management software allows a attacker to influence the confidentiality and integrity of the protected information.
The vulnerability of the gitRepo function in the Kubernetes cluster management software is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to influence the confidentiality and integrity of the protected information...
The vulnerability of the fromAdvSetMacMtuWan() function in the Tenda AC9 router’s software allows a hacker to execute arbitrary code or cause service failures.
The vulnerability of the fromAdvSetMacMtuWan function in the Tenda AC9 router’s microprogramming software is related to the buffer overflow attack when processing the cloneType parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause service failures...
The vulnerability of the vm_fault_t vas_mmap_fault() function in the arch/powerpc/platforms/book3s/vas-api.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the vmfaultt vasmmapfault function in the arch/powerpc/platforms/book3s/vas-api.c module of the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrit...
The vulnerability of the SSL-VPN portal for FortiOS operating systems allows a hacker to induce a service failure.
The vulnerability of the SSL-VPN portal for FortiOS operating systems is related to the assignment of the zero pointer. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...
The vulnerability of the DCM files on the medical image and data management system, as well as the Sante PACS Server, allows a hacker to record these files in the context of the current user.
The vulnerability of the DCM files on the medical image and data management system, as well as those on the Sante PACS Server, is related to incorrect restrictions on the path name for accessing the restricted catalog. Exploiting this vulnerability allows a malicious actor to write files under th...
The vulnerability in the isolated environment of the Web Content module of the Web pages displayed by the Safari browser and the visionOS, iOS, iPadOS, macOS operating systems allows a hacker to execute arbitrary code.
The vulnerability of the isolated Web Content module in the WebKit browser of Safari and the operating systems VisionOS, iOS, iPadOS, and macOS lies in the ability to write code outside of the allocated memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by...
The vulnerability of the DNN CMS system, related to the lack of measures taken to protect the website structure, allows attackers to execute arbitrary code.
The vulnerability of the DNN CMS system is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the reshardCollection command in the MongoDB database management system allows a attacker to compromise the integrity and accessibility of the protected information.
The vulnerability of the reshardCollection command in the MongoDB database management system is related to the reinsertion of data due to insufficient checks for unusual or exceptional states. Exploiting this vulnerability allows an attacker operating remotely to compromise the integrity and...
The vulnerability of the ArcGIS Server server, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.
The vulnerability of ArcGIS Server is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
The vulnerability of the SAP NetWeaver Application Server ABAP software integration platform, related to inconsistencies in responses to incoming requests, allows attackers to gain unauthorized access to protected information.
The vulnerability of the SAP NetWeaver Application Server ABAP software integration platform is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...