Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.10 views

The vulnerability of the f2fs component of the Linux operating system’s kernel, which allows a hacker to cause a service failure

The vulnerability of the f2fs kernel component in the Linux operating system is related to incorrect input validation in the fs/f2fs/f2fs.h file. Exploiting this vulnerability can allow an attacker to cause a system failure...

5.5CVSS5.8AI score0.00266EPSS
Exploits0References20Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.10 views

The vulnerability of the kprobes/x86 components in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the kprobes/x86 components in the Linux operating system’s kernel is related to incorrect input checking in the canprobe function. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.8AI score0.00241EPSS
Exploits0References24Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.10 views

The vulnerability of the qcom component in the Linux operating system’s kernel allows a hacker to influence the accessibility of protected information.

The vulnerability of the qcom component in the Linux operating system’s kernel is related to read misses outside of the memory boundary. Exploiting this vulnerability could allow an attacker to compromise the accessibility of protected information...

5.5CVSS5.9AI score0.00224EPSS
Exploits0References20Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.10 views

The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks relates to the lack of security measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely.

The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks relates to the lack of security measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS7.7AI score0.40512EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.10 views

The vulnerability of the netdev component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the netdev component in the Linux operating system’s kernel is related to errors in resource management within the netdev Triggered Notifications function. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.9AI score0.00222EPSS
Exploits0References20Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.10 views

The vulnerability of components related to DRM, AMD, and display kernels in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of components such as DRM, AMD, and display kernels in the Linux operating system is related to the assignment of the NULL pointer in the edpsetreplayallowactive function. Exploiting this vulnerability can allow a hacker to trigger a service failure...

5.5CVSS5.8AI score0.00248EPSS
Exploits0References20Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.10 views

The vulnerability of the md component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the md component in the Linux operating system’s kernel is related to errors in resource management in the submitflushes function. Exploiting this vulnerability can allow an attacker to trigger a service failure...

5.5CVSS6.2AI score0.00272EPSS
Exploits0References16Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.10 views

The vulnerability of the Portal for ArcGIS web portal, related to the lack of protective measures for the website structure, allows attackers to carry out cross-site scripting attacks and gain full control over the application.

The vulnerability of the Portal for ArcGIS is related to the lack of measures taken to protect the web page structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks and gain full control over the application through a specially created web page...

5.5CVSS5.2AI score0.00268EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.10 views

The vulnerabilities of the s390/cio components of Linux kernel, which allow a hacker to trigger a service failure

The vulnerability of the s390/cio component of the Linux operating system’s kernel is related to the state of the ccwdevicesetonline function. Exploiting this vulnerability can allow an attacker to gain increased privileges within the system...

5.5CVSS6.1AI score0.00175EPSS
Exploits0References36Affected Software6
BDU FSTEC
BDU FSTEC
added 2024/11/12 12:0 a.m.10 views

The vulnerability of the platform driver for video surveillance systems called Siveillance Video (formerly known as Siveillance VMS) allows a intruder to execute arbitrary code.

The vulnerability of the platform driver for video surveillance systems called Siveillance Video formerly known as Siveillance VMS lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

6.7CVSS5.9AI score0.00219EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/11 12:0 a.m.10 views

The vulnerability of the Schneider Electric Data Center Expert software monitoring tool for equipment information lies in the lack of authentication for a critical function, allowing attackers to gain access to confidential information.

The vulnerability of the Schneider Electric Data Center Expert monitoring software relates to the absence of authentication for a critical function. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to confidential information...

5.9CVSS6.2AI score0.0054EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/11 12:0 a.m.10 views

The vulnerability of the full-screen mode of the Mozilla Firefox Focus browser on Android operating systems allows attackers to carry out spoofing attacks.

The vulnerability of Mozilla Firefox Focus’ full-screen mode on Android operating systems is related to an improper limitation on the number of user interface layers that can be displayed. Exploiting this vulnerability allows a remote attacker to perform spoofing attacks...

6.4CVSS7.1AI score0.0028EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/08 12:0 a.m.10 views

The vulnerability of the iommufd component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the iommufd component in the Linux operating system’s kernel is related to improper release of resources in the ioptaddaccess function. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00222EPSS
Exploits0References13Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/11/07 12:0 a.m.10 views

The vulnerability of the AWS Core plugin in the Continuous Integration and Delivery application system (CI/CD) of JetBrains TeamCity allows a hacker to execute cross-site scripting attacks.

The vulnerability of the AWS Core plugin in the Continuous Integration and Delivery application system CI/CD of JetBrains TeamCity exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting...

5.5CVSS5.2AI score0.00278EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/07 12:0 a.m.10 views

The vulnerability of the sptlrpc_svc_unwrap_request() function in the ptlrpc module of the Lustre file system, related to reading beyond the buffer data’s allowable limits, allows a attacker to cause a service failure.

The vulnerability of the sptlrpcsvcunwraprequest function in the ptlrpc module of the Lustre file system is related to reading data from buffers beyond their acceptable limits. Exploiting this vulnerability could allow a remote attacker to cause service failures...

7.8CVSS7.2AI score0.01896EPSS
Exploits1References8Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/11/06 12:0 a.m.10 views

The vulnerability of the cdns_i3c_masterremove() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the cdnsi3cmasterremove function in the drivers/i3c/master/i3c-master-cdns.c file of the Linux kernel is related to the reutilization of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker to compromise the...

7CVSS7.2AI score0.00214EPSS
Exploits0References14Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/11/06 12:0 a.m.10 views

The vulnerability of the tx() function in the ATA over Ethernet (AoE) driver of the Linux operating system allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the tx function in the drivers/block/aoe/aoenet.c module of the Linux kernel is related to an incorrect counting of references to the netdevice structure object. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause service failures...

8.3CVSS7.8AI score0.00259EPSS
Exploits0References28Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/11/01 12:0 a.m.10 views

The vulnerability of the TCP Intercept function and the Snort intrusion detection system of Cisco Firepower Threat Defense (FTD) allows attackers to bypass security restrictions and carry out SYN flood attacks.

The vulnerability of the TCP Intercept function and the Snort intrusion detection system of Cisco Firepower Threat Defense’s microprogramming network interface devices is related to resource management errors caused by an incorrect setting of the Maximum Embryonic TCP connections value. Exploitin...

5.8CVSS5.5AI score0.00391EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/01 12:0 a.m.10 views

Vulnerability of the Server component: The Optimizer component of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Oracle MySQL Server component of the database management system’s optimizer is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL network protocol...

6.8CVSS6.6AI score0.00876EPSS
Exploits0References7Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/11/01 12:0 a.m.10 views

The vulnerability of the Relevanssi plugin of the WordPress content management system allows attackers to execute cross-site scripting attacks.

The vulnerability of the Relevanssi plugin of the WordPress content management system exists due to the lack of measures taken to protect the website’s structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks by injecting malicious scripts...

5.5CVSS5.2AI score0.00414EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/01 12:0 a.m.10 views

The vulnerability of the CLFS driver for Microsoft Windows operating systems allows a hacker to gain increased privileges.

The vulnerability of the CLFS driver in Microsoft Windows operating systems is related to errors in privilege management. Exploiting this vulnerability can allow an attacker to elevate their privileges to the SYSTEM level using a specially crafted blk-file...

7.8CVSS5.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/10/31 12:0 a.m.10 views

The vulnerability of the NuPoint Unified Messaging component of the Mitel MiCollab collaboration platform allows a intruder to gain unauthorized access to protected information.

The vulnerability of the NuPoint Unified Messaging component of the Mitel MiCollab collaboration platform is related to an incorrect restriction on the path to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected...

7.8CVSS8AI score0.98067EPSS
Exploits3References3
BDU FSTEC
BDU FSTEC
added 2024/10/31 12:0 a.m.10 views

The vulnerability of the formEasySetPassword function (/goform/formEasySetPassword) in D-Link DIR-605L router software allows a hacker to execute arbitrary code.

The vulnerability of the formEasySetPassword function /goform/formEasySetPassword in D-Link DIR-605L router microprogramming software is related to copying buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code using th...

9CVSS8.1AI score0.01515EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2024/10/31 12:0 a.m.10 views

The vulnerability of Ember ZNet’s microprogramming software library for monitoring and controlling Sentron Powercenter 1000 allows a intruder to cause a service failure.

The vulnerability of Ember ZNet’s microprogramming software for monitoring and controlling energy systems in Sentron Powercenter 1000 lies in the possibility of manipulating the NWK serial number. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

7.8CVSS7.1AI score0.00351EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/31 12:0 a.m.10 views

The vulnerability of the Suite Applications Services package of the MiCollab collaboration platform allows a perpetrator to execute cross-site scripting attacks.

The vulnerability of the Suite Applications Services package of the MiCollab collaboration platform is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...

5.5CVSS5.2AI score0.00291EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/30 12:0 a.m.10 views

The vulnerability of the UDF functions in the MariaDB database management system allows a hacker to execute arbitrary code.

The vulnerability of the UDF functions in the MariaDB database management system is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS6.3AI score0.02098EPSS
Exploits2References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/29 12:0 a.m.10 views

The vulnerability of the FortiAnalyzer device, a security event monitoring and analysis tool, allows a intruder to execute arbitrary code or commands.

The vulnerability of the FortiAnalyzer security event monitoring and analysis tool, the Fazsvcd module, is related to the use of an uncontrolled format string. Exploiting this vulnerability allows a attacker to execute arbitrary code or commands using specially created requests...

9CVSS6AI score0.00616EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/10/28 12:0 a.m.10 views

The vulnerability of the SCKUd Gate software, related to the disclosure of information, allows attackers to obtain information about registered users in the system.

The vulnerability of the SCKU Dome software is related to the disclosure of information. Exploiting this vulnerability can allow a remote attacker to obtain information about registered users within the system...

5.3CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/25 12:0 a.m.10 views

The vulnerability in the operating_mode.cgi script of NETGEAR EX3700 microprogramming devices allows a hacker to execute arbitrary commands.

The vulnerability of the operatingmode.cgi script in NETGEAR EX3700 microprogramming devices is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands using the apmode parameter...

8.4CVSS5.9AI score0.01803EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/24 12:0 a.m.10 views

Microsoft Edge browser’s vulnerability, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of Microsoft Edge relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

10CVSS6.2AI score0.00974EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.10 views

The vulnerability of the Pandoc format conversion library written in Haskell allows attackers to create or rewrite any files in the system.

The vulnerability of the Pandoc format conversion library written in Haskell is related to insufficient validation of input data. Exploiting this vulnerability allows attackers to create or overwrite arbitrary files in the system by using the --extract-media parameter or by exporting files in PDF...

5CVSS6.3AI score0.00368EPSS
Exploits1References9Affected Software6
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.10 views

The vulnerability of the formDeviceReboot function in D-Link DIR-619L router microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the formDeviceReboot function in D-Link DIR-619L router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the nextpage parameter...

9CVSS8.4AI score0.01756EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.10 views

The vulnerability of the web interface of the HiLCOS operating system’s microprogrammed software for devices such as BAT-R, BAT-F, BAT450-F, BAT867-R, BAT867-F, WLC, and BAT Controller Virtual allows a perpetrator to cause service interruptions.

The vulnerability of the web interface of the HiLCOS operating system’s microprogrammed device management software for models BAT-R, BAT-F, BAT450-F, BAT867-R, BAT867-F, WLC, and BAT Controller Virtual is related to the possibility of buffer overflow in dynamic memory. Exploiting this vulnerabili...

7.8CVSS5.9AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.10 views

The vulnerability of the Vinteo video conference software server, related to the failure to take measures to neutralize special elements, allows attackers to enhance their privileges and execute arbitrary code.

The vulnerability of the Vinteo video conference software server relates to the lack of measures taken to neutralize special elements. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...

8.1CVSS5.8AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/18 12:0 a.m.10 views

The vulnerability of the SAML SSO authentication mechanism in the corporate version of the GitHub Enterprise Server allows attackers to escalate their privileges and disclose sensitive information.

The vulnerability of the SAML SSO authentication mechanism in the corporate version of the GitHub Enterprise Server is related to errors in verifying the cryptographic signature. Exploiting this vulnerability could allow a malicious actor to increase their privileges and disclose sensitive...

8.5CVSS8AI score0.22443EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.10 views

The vulnerability of the mmio_read() function in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the mmioread function in the Linux operating system’s kernel is related to a memory leak that occurs due to incorrect initialization of the variable val. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.4AI score0.00199EPSS
Exploits0References14Affected Software6
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.10 views

The vulnerability of the dasd_ese_needs_format() function in the Linux operating system’s kernel on the s390 platform allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the dasdeseneedsformat function in the drivers/s390/block/dasd.c module of the Linux operating system’s kernel on the s390 platform is related to memory writing beyond the bounds of the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the...

7.8CVSS6.8AI score0.00243EPSS
Exploits0References26Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.10 views

The vulnerability of the io_alloc_pbuf_ring() function in the io_uring subsystem of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the ioallocpbufring function in the iouring/kbuf.c module of the iouring subsystem in the Linux operating system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS5.9AI score0.0021EPSS
Exploits0References9Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.10 views

The vulnerability of the `of_irq_parse_one()` function in the Linux operating system allows a attacker to compromise the confidentiality and accessibility of the protected information.

The vulnerability of the ofirqparseone function in the Linux operating system is related to reading memory beyond the bounds of the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility of the protected information...

7.1CVSS6.5AI score0.00295EPSS
Exploits0References30Affected Software7
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.10 views

The vulnerability of the Kerberos protocol for Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Kerberos protocol for Windows operating systems lies in the absence of the necessary encryption step. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to protected information...

6.5CVSS5.5AI score0.00666EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.10 views

The vulnerability of the Windows Mobile Broadband Driver for Windows operating systems allows a hacker to induce a service failure.

The vulnerability of the Windows Mobile Broadband Driver for Windows operating systems is related to the execution of operations beyond the buffer in memory due to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

6.5CVSS5.9AI score0.00788EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.10 views

The vulnerability of the SAP Shared Service Framework’s network service management software, related to deficiencies in the authentication process, allows a perpetrator to escalate their privileges.

The vulnerability of the SAP Shared Service Framework’s network service management software is related to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers to enhance their privileges remotely...

4.3CVSS5.5AI score0.00246EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/15 12:0 a.m.10 views

The vulnerability of the Zangi Private Messenger messaging application, related to deficiencies in the session key generation mechanism, allows a hacker to execute a “man-in-the-middle” attack.

The vulnerability of the Zangi Private Messenger messaging application is related to deficiencies in the mechanism for generating session keys. Exploiting this vulnerability could allow a remote attacker to carry out a “man-in-the-middle” attack...

7.8CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/14 12:0 a.m.10 views

The vulnerability of the Hyper-V hardware virtualization system for Windows operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the Hyper-V hardware virtualization technology in Windows operating systems is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

7.8CVSS5.4AI score0.02279EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/10/14 12:0 a.m.10 views

The vulnerability of the Windows Mobile Broadband Driver for Windows operating systems allows a hacker to induce a service failure.

The vulnerability of the Windows Mobile Broadband Driver for Windows operating systems is related to pointer assignment errors. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

6.5CVSS5.5AI score0.00807EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/10/14 12:0 a.m.10 views

The vulnerability of the Hyper-V hardware virtualization system for Windows operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the Hyper-V hardware virtualization technology for Windows operating systems relates to the unrestricted and unregulated distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

7.8CVSS5.5AI score0.02279EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/10/11 12:0 a.m.10 views

The vulnerability of the Palo Alto Networks Expedition configuration migration tool lies in the lack of security measures for SQL query structures. This allows attackers to access database contents, create, and read arbitrary files.

The vulnerability of the Palo Alto Networks Expedition configuration migration tool lies in the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to remotely access database contents, create and read arbitrary files by injecting specially...

8.5CVSS8.3AI score0.99597EPSS
Exploits3References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/11 12:0 a.m.10 views

The vulnerability of the swap_endian() function in the WireGuard subsystem of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the swapendian function in the drivers/net/wireguard/allowedips.c sub-module of the WireGuard subsystem in the Linux operating system is related to incorrect data reading. Exploiting this vulnerability could allow a attacker to cause a service failure...

5.5CVSS6.3AI score0.00228EPSS
Exploits0References27Affected Software6
BDU FSTEC
BDU FSTEC
added 2024/10/09 12:0 a.m.10 views

The vulnerability of the component cgi-bin/mainfunction.cgi/cvmcfgupload in the microprogramming software for DrayTek Vigor allows a hacker to execute arbitrary code.

The vulnerability of the cgi-bin/mainfunction.cgi/cvmcfgupload component of DrayTek Vigor routing software exists due to the failure to eliminate special elements used in the operating system command. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.5AI score0.84599EPSS
Exploits1References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/10/09 12:0 a.m.10 views

The vulnerability of the implementation of the Global Search technology in the software platform based on git for collaborative code development on GitLab allows a perpetrator to disclose protected information.

The vulnerability of the Git-based software platform’s implementation of the Global Search technology for collaborative code development on GitLab is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose...

7.8CVSS5.8AI score0.00521EPSS
Exploits0References6Affected Software1
Total number of security vulnerabilities5000