Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2023/12/14 12:0 a.m.10 views

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system, related to the lack of measures taken to protect the website structure, allows a perpetrator to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

5.5CVSS6.3AI score0.00597EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/14 12:0 a.m.10 views

The vulnerability of the BIOS loading, update, backup, and recovery utility from the Phoenix WinPhlash flash device (previously known as Phoenix SecureCore Tiano WinFlash) is related to deficiencies in access control mechanisms, allowing attackers to escalate their privileges.

The vulnerability of the BIOS loading, backup, and recovery utility for the Phoenix WinPhlash flash device previously known as Phoenix SecureCore Tiano WinFlash is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to enhance their privileges...

10CVSS7.7AI score0.01265EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/14 12:0 a.m.10 views

The vulnerability of the microprogramming software of the Ubiquiti Networks UniFi Dream Machine Pro, related to deficiencies in access control, allows intruders to circumvent domain restrictions.

The vulnerability of the microprogrammed software of the Ubiquiti Networks UniFi Dream Machine Pro relates to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to bypass domain restrictions using specially created packages...

10CVSS7.7AI score0.00847EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/13 12:0 a.m.10 views

The vulnerability in the Safari browser on operating systems such as iPadOS, iOS, and Mac OS allows a hacker to exploit it to access the history of web browsing activities.

The vulnerability of the Safari browser on iPadOS, iOS, and Mac OS relates to the disclosure of information. Exploiting this vulnerability allows a malicious actor to disclose the history of web browsing...

5CVSS6.5AI score0.00679EPSS
Exploits0References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/12/12 12:0 a.m.10 views

The vulnerability of the cstecgi.cgi implementation in TOTOLINK X5000R router microprogramming software allows a perpetrator to execute arbitrary commands.

The vulnerability of the cstecgi.cgi microprogramming system implementation in TOTOLINK X5000R routers is related to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

5.8CVSS6.7AI score0.30683EPSS
Exploits2References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/11 12:0 a.m.10 views

The vulnerability of the struts.multipart.saveDir configuration on the Apache Struts software platform allows attackers to cause service failures.

The vulnerability of the struts.multipart.saveDir configuration on the Apache Struts software platform is related to insufficient control over resources with dynamic management, as a result of processing query fields whose values exceed the maxStringLength limit. Exploiting this vulnerability...

7.8CVSS7.1AI score0.06286EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/11 12:0 a.m.10 views

The vulnerability in the implementation of the Media Capture application interface of Google Chrome and Microsoft Edge allows a perpetrator to disclose protected information.

The vulnerability of the Media Capture application interface in Google Chrome and Microsoft Edge browsers relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to disclose sensitive information...

7.8CVSS7.5AI score0.0102EPSS
Exploits0References13Affected Software7
BDU FSTEC
BDU FSTEC
added 2023/12/06 12:0 a.m.10 views

The vulnerability of the BIG-IP Access Policy Manager’s access control and remote authentication mechanisms, as well as the software products such as BIG-IP Advanced Firewall Manager, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Hybrid Defender, BIG-IP Domain Name System, BIG-IP Fraud Protection Service, BIG-IP Link Controller, BIG-IP Local Traffic Manager, BIG-IP Policy Enforcement Manager, BIG-IP Orchestrator, allows a perpetrator to trigger a service failure.

The vulnerabilities of the BIG-IP Access Policy Manager, as well as the BIG-IP Advanced Firewall Manager, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Hybrid Defender, BIG-IP Domain Name System, BIG-IP Fraud Protection Service, BIG-IP Link...

7.8CVSS7.5AI score0.00626EPSS
Exploits0References3Affected Software12
BDU FSTEC
BDU FSTEC
added 2023/12/01 12:0 a.m.10 views

The vulnerability of the Adobe Media Encoder application, related to access to an uninitialized pointer, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Adobe Media Encoder application relates to access to an uninitialized pointer. Exploiting this vulnerability could allow a perpetrator to gain unauthorized access to protected information through a specially created malicious file...

5.5CVSS5.5AI score0.00367EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/29 12:0 a.m.10 views

The vulnerability of the Apache Storm distributed stream processing software’s software platform in UNIX-like operating systems, related to access control deficiencies, allows attackers to disclose sensitive information.

The vulnerability of the Apache Storm distributed stream processing software’s software platform in UNIX-like operating systems is related to lack of access control mechanisms. Exploiting this vulnerability can allow attackers to disclose sensitive information that is protected by the system’s...

3.3CVSS5.8AI score0.00346EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/29 12:0 a.m.10 views

The vulnerability of Adobe InDesign’s computer layout automation tool, related to reading data outside the buffer in memory, allows attackers to exploit this to disclose protected information.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to reading data outside the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected information...

5.5CVSS6AI score0.00339EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/23 12:0 a.m.10 views

The vulnerability of the 3D modeling software Argon Ashlar-Vellum lies in its uncontrolled search element, which allows a hacker to execute arbitrary code.

The vulnerability of the 3D modeling software Argon Ashlar-Vellum is related to an uncontrolled element in the search process. Exploiting this vulnerability could allow a hacker to execute arbitrary code...

7.8CVSS7.5AI score0.00825EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/21 12:0 a.m.10 views

The vulnerability of the Golang programming language decoder, related to the distribution of resources without any restrictions or regulations, allows attackers to cause service failures.

The vulnerability of the Golang programming language decoder is related to the decoding of large amounts of compressed data, which consumes excessive memory and processing power. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.8CVSS6.8AI score0.0086EPSS
Exploits0References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/11/15 12:0 a.m.10 views

The vulnerability of the Graphexplorer component of the NagiosXI software, which stems from the lack of protective measures for the website structure, allows attackers to execute XSS attacks.

The vulnerability of the Graphexplorer component in NagiosXI relates to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out an XSS attack remotely...

9CVSS5.4AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/14 12:0 a.m.10 views

The vulnerability of the cplus-dem.c component of the GNU Binutils development environment allows a attacker to trigger a service failure.

The vulnerability of the cplus-dem.c component of the GNU Binutils development environment is related to the allocation of unlimited memory. Exploiting this vulnerability allows a remote attacker to cause a service failure using a specially created file...

7.8CVSS6.1AI score0.01399EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/11/10 12:0 a.m.10 views

The vulnerability of Lenovo printer’s microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of Lenovo printer’s microprogramming software arises from an overflow in the buffer on the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.2AI score0.00889EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/11/10 12:0 a.m.10 views

The vulnerability of the SetQuickVPNSettings module in D-Link wireless router software, such as DIR-882 and DIR-878, allows a hacker to execute arbitrary code.

The vulnerability of the SetQuickVPNSettings module in D-Link’s wireless router products, such as DIR-882 and DIR-878, is related to buffer overflow attacks. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

8.3CVSS8AI score0.01414EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/04 12:0 a.m.10 views

The vulnerability of distributed computing platforms and PowerJob’s task scheduling system, related to lack of access control, allows a intruder to gain unauthorized access to the user/save interface.

The vulnerability of distributed computing platforms and the PowerJob task scheduling system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to the user/save interface...

5.3CVSS5.9AI score0.02998EPSS
Exploits2References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/04 12:0 a.m.10 views

The vulnerability of the shib_logout.php script of the ILIAS learning management and support system allows a perpetrator to redirect a user to any given URL address.

The vulnerability of the shiblogout.php script in the ILIAS learning management and support system lies in the use of open redirection when processing the return parameter. Exploiting this vulnerability allows a malicious actor to redirect users to any given URL address...

6.4CVSS6.3AI score0.0199EPSS
Exploits3References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/04 12:0 a.m.10 views

The vulnerability of the CMS system Backdrop CMS, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of the CMS system Backdrop CMS is related to the failure to take measures to protect the structure of a web page as a result of performing the “Publish” action in the “Content” section. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attack...

4.9CVSS5.3AI score0.0196EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/04 12:0 a.m.10 views

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to writing outside the buffer boundaries, allowing a malicious actor to execute arbitrary code in the context of the current user.

The vulnerability of Siemens Solid Edge’s design and simulation tools is related to writing beyond buffer boundaries. Exploiting this vulnerability can allow attackers to execute arbitrary code in the context of the current user, using specially created PAR files...

7.8CVSS6.1AI score0.00218EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/11/04 12:0 a.m.10 views

The vulnerability of the exec() function in the execQuoted() method of the ilUtil class (/Services/Utilities/classes/class.ilUtil.php) of the ILIAS learning management and support system allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the exec function in the execQuoted method of the ilUtil class /Services/Utilities/classes/class.ilUtil.php of the ILIAS training and support management system is related to the lack of measures for cleaning input data. Exploiting this vulnerability could allow a remote...

9CVSS7.7AI score0.00765EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/03 12:0 a.m.10 views

The vulnerability of the `desktop_app/file.ajax.php?action=uploadfile` component in the main module of the Bitrix24 business management service allows a attacker to cause a service failure.

The vulnerability of the desktopapp/file.ajax.php?action=uploadfile component in the main module of the Bitrix24 business management service is related to the execution of a loop with an unavailable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service...

7.8CVSS7.3AI score0.24078EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/03 12:0 a.m.10 views

The vulnerability in the `bitrix/modules/crm/lib/order/import/instagram.php` file of the Crm service for business management in Bitrix24 allows a hacker to execute arbitrary code and increase their privileges.

The vulnerability in the bitrix/modules/crm/lib/order/import/instagram.php file of the Crm service for business management in Bitrix24 exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remote...

9CVSS8AI score0.01231EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/03 12:0 a.m.10 views

The vulnerability of the update download section for software solutions in the Spectrum Virtualize virtualization technology allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the update download section for Spectrum Virtualize software relates to insufficient protection of operational data during the download process. Exploiting this vulnerability allows an attacker to gain unauthorized access to protected information by using the “satask...

5.9CVSS7.2AI score0.00651EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/03 12:0 a.m.10 views

The vulnerability of the /goform/formSetACLFilter component in the D-Link N300 WI-Fi Router DIR-605L wireless access point software allows a attacker to cause a service failure or execute arbitrary code.

The vulnerability of the /goform/formSetACLFilter component in the D-Link N300 Wi-Fi Router DIR-605L wireless access point software relates to the ability to write data beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to cause service interruptions or execute...

10CVSS8.4AI score0.01191EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/03 12:0 a.m.10 views

The vulnerability of the /goform/formSetACLFilter component of the D-Link N300 WI-Fi Router DIR-605L software, which allows a intruder to trigger a service failure or execute arbitrary code.

The vulnerability of the /goform/formSetACLFilter component in the D-Link N300 Wi-Fi Router DIR-605L wireless access point software relates to the ability to write data beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to cause service interruptions or execute...

9CVSS8.2AI score0.01244EPSS
Exploits1References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/03 12:0 a.m.10 views

The vulnerability of the `foogallery_image_editor_modal` function in the FooGallery plugin of the WordPress content management system allows attackers to perform cross-site scripting attacks.

The vulnerability of the foogalleryimageeditormodal function in the FooGallery plugin of the WordPress content management system exists due to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks...

7.5CVSS6.5AI score0.01747EPSS
Exploits1References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/02 12:0 a.m.10 views

The vulnerability of the Infrastructure component of the Oracle FLEXCUBE Universal Banking system allows a perpetrator to gain access to read, modify, add, or delete data, or to cause service interruptions.

The vulnerability of the Infrastructure component of the Oracle FLEXCUBE Universal Banking system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to read, modify, add, or delete data, or to cause service...

6.1CVSS6.2AI score0.00322EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/02 12:0 a.m.10 views

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to reading beyond the memory boundary, allowing a malicious actor to execute arbitrary code.

The vulnerability of Siemens Solid Edge’s design and simulation tools is related to reading beyond the memory limit. Exploiting this vulnerability can allow an attacker to execute arbitrary code using specially created PAR files...

7.8CVSS7.6AI score0.00217EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/11/01 12:0 a.m.10 views

The vulnerability of the registerRequestHandle() function in TP-LINK TL-WR886N router software allows a hacker to manipulate the integrity, accessibility, and confidentiality of the protected information.

The vulnerability of the registerRequestHandle function in TP-LINK’s TL-WR886N router software lies in the fact that the operation’s output is stored outside of the buffer in memory. Exploiting this vulnerability could allow a remote attacker to compromise the integrity, availability, and...

10CVSS8.1AI score0.01027EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2023/10/26 12:0 a.m.10 views

The vulnerability of operating systems such as Mac OS, Cisco IOS, HP-UX, Tru64 UNIX, AIX, OS/2, Windows, Novell Netware, Solaris, IRIX, SCO Unix, bsdos, and Linux lies in the fact that ICMP information, such as masks and timestamps, can be transmitted by arbitrary hosts, allowing attackers to disclose sensitive information.

The vulnerabilities of operating systems such as Mac OS, Cisco IOS, HP-UX, Tru64 UNIX, AIX, OS/2, Windows, Novell Netware, Solaris, IRIX, SCO Unix, bsdos, and Linux stem from the fact that ICMP information, including masks and timestamps, is exposed to arbitrary hosts. Exploiting these...

2.9CVSS6.8AI score0.31586EPSS
Exploits1References9Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/25 12:0 a.m.10 views

The vulnerability of the 3D model texturing program Adobe Substance 3D Designer, related to reading data outside the buffer in memory, allows a hacker to execute arbitrary code.

The vulnerability of the 3D model texturing program Adobe Substance 3D Designer lies in the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created USD file...

7.8CVSS7.8AI score0.00345EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/21 12:0 a.m.10 views

The vulnerability of Weintek’s cMT3000 HMI Web CGI panel’s microprogramming software arises from buffer overflow in the stack. This allows a malicious actor to bypass the authentication process.

The vulnerability of Weintek’s cMT3000 HMI Web CGI panel software lies in buffer overflow attacks within the stack. Exploiting this vulnerability could allow an attacker to bypass the authentication process...

10CVSS8.1AI score0.00876EPSS
Exploits1References6Affected Software7
BDU FSTEC
BDU FSTEC
added 2023/10/21 12:0 a.m.10 views

The vulnerability of the IBM DB2 database management system and the IBM DB2 Connect Server automatic redirection server, related to errors in processing input data, allows a perpetrator to cause service interruptions.

The vulnerability of the IBM DB2 database management system and the IBM DB2 Connect Server automatic redirection server is related to errors in processing input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

5.3CVSS7.1AI score0.00782EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/10/21 12:0 a.m.10 views

The vulnerability of the Web Listener component of the Oracle HTTP Server allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Web Listener component of the Oracle HTTP Server is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

7.8CVSS7.2AI score0.0051EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/21 12:0 a.m.10 views

The vulnerability of the printer web page module (ARM) of Honeywell PM43, which allows a intruder to execute arbitrary commands

The vulnerability of the printer web page module ARM of Honeywell PM43 is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability can allow a remote attacker to execute arbitrary commands...

9.9CVSS8.1AI score0.33094EPSS
Exploits3References5
BDU FSTEC
BDU FSTEC
added 2023/10/17 12:0 a.m.10 views

The vulnerability of the Routing Protocol Demon (RPD) in Juniper Networks’ Junos OS and Junper Networks’ Junos OS Evolved operating systems allows a attacker to cause a service failure.

The vulnerability of the Routing Protocol Demon RPD in Juniper Networks’ Junos OS and Junper Networks’ Junos OS Evolved operating systems is related to syntax validation errors in input verification. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

6.5CVSS6.5AI score0.00268EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/10/17 12:0 a.m.10 views

The vulnerability of the microprogramming software of the D-Link DAP-1325 wireless signal amplifier arises from reading data beyond the buffer in memory. This allows a hacker to execute arbitrary code.

The vulnerability of the microprogrammed software of the D-Link DAP-1325 wireless signal amplifier lies in reading data outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

8.8CVSS8.2AI score0.0075EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/10/16 12:0 a.m.10 views

The vulnerability of the Windows Common Log File System (CLFS) driver in Windows operating systems allows a hacker to disclose protected information.

The vulnerability of the Windows Common Log File System CLFS driver in Windows operating systems is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to disclose protected information...

5.5CVSS6.6AI score0.08152EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/10/14 12:0 a.m.10 views

The vulnerability of the Microsoft Office software package, related to deficiencies in access control, allows attackers to escalate their privileges.

The vulnerability of the Microsoft Office package is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges...

8.4CVSS7.7AI score0.00606EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/10/14 12:0 a.m.10 views

The vulnerability of Fortinet FortiWLM, a centralized management system for WLAN access points and LAN switches, stems from insufficient validation of arguments passed in commands. This allows attackers to execute arbitrary code.

The vulnerability of Fortinet FortiWLM, a centralized management system for WLAN access points and LAN switches, is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code...

9CVSS7.9AI score0.02087EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/11 12:0 a.m.10 views

The vulnerability of the curl_easy_duphandle function in the libcurl library allows a hacker to create or re-record cookies.

The vulnerability of the curleasyduphandle function in the libcurl library is related to external control via a filename or file path. Exploiting this vulnerability allows a malicious actor to create or rewrite cookie files remotely...

3.7CVSS6.8AI score0.06208EPSS
Exploits0References13Affected Software8
BDU FSTEC
BDU FSTEC
added 2023/10/10 12:0 a.m.10 views

The vulnerability of the SetWLanRadioSecurity() function in D-Link DIR-3040 wireless router software allows a hacker to execute arbitrary code.

The vulnerability of the SetWLanRadioSecurity function in D-Link DIR-3040 wireless router software lies in the fact that the operation’s output escapes the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted HNAP requests...

7.7CVSS7.3AI score0.00705EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/10/10 12:0 a.m.10 views

The vulnerability of Acronis Cyber Protect 15’s data protection software lies in its insufficient verification of the authenticity of executed requests. This allows attackers to compromise the integrity of the protected information.

The vulnerability of Acronis Cyber Protect 15 software-related data protection software lies in the insufficient verification of the authenticity of executed requests. Exploiting this vulnerability can allow an attacker, operating remotely, to compromise the integrity of the protected information...

7.8CVSS5.3AI score0.00239EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/10/06 12:0 a.m.10 views

The vulnerability of the wloggui interface of the Control Web Panel (CWP) application (formerly CentOS Web Panel) allows a malicious user to escalate their privileges and execute arbitrary commands.

The vulnerability of the wloggui interface of the Control Web Panel CWP application formerly CentOS Web Panel is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary commands...

7.8CVSS7.5AI score0.00712EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/10/06 12:0 a.m.10 views

The vulnerability of the SetAPLanSettings function in the microprogramming software of the D-Link DAP-1325 wireless signal booster allows a intruder to execute arbitrary code.

The vulnerability of the SetAPLanSettings function in the microprogramming software of the D-Link DAP-1325 wireless signal booster relates to reading data outside the buffer in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

8.8CVSS8.2AI score0.0075EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/10/03 12:0 a.m.10 views

The vulnerability of the addWifiMacFilter function in the microprogramming software for Tenda AC10U allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the addWifiMacFilter function in the Tenda AC10U router software lies in the fact that the operation’s output goes beyond the buffer in memory. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the...

10CVSS8.1AI score0.0091EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/02 12:0 a.m.10 views

The vulnerability of the SonicWall Secure Mobile Access (SMA 1000) software lies in its ability to bypass authentication procedures. This allows attackers to gain access to arbitrary files and directories stored outside of the root web directory.

The vulnerability of the SonicWall Secure Mobile Access SMA 1000 security access device lies in its ability to bypass authentication procedures. Exploiting this vulnerability allows a malicious actor to gain access to arbitrary files and directories stored outside of the root web directory...

7.8CVSS7.3AI score0.72699EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/02 12:0 a.m.10 views

The vulnerability of the application software interface of the Cisco DNA Center allows a hacker to read and modify data in its internal repository.

The vulnerability of the Cisco DNA Center’s application programming interface is related to errors in access management. Exploiting this vulnerability allows a malicious actor to remotely read and modify data in the internal repository by sending specially crafted API requests...

9CVSS7.4AI score0.00483EPSS
Exploits0References2Affected Software1
Total number of security vulnerabilities5000