Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.10 views

The vulnerability of the SSL VPN remote access technology implemented on SonicOS operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the SSL VPN remote access technology implemented on SonicOS systems is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

8.5CVSS8.1AI score0.95132EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.10 views

The vulnerability of Typogrify, a Drupal CMS system, relates to the lack of measures taken to protect the website structure. This allows attackers to carry out XSS attacks.

The vulnerability of Typogrify, a module within the Drupal CMS system, is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows an attacker to carry out XSS attacks remotely...

5.5CVSS5.4AI score0.00215EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.10 views

The vulnerability of the switch network firewall for HPE CX 10000 corporate networks allows a intruder to disclose protected information.

The vulnerability of the switch network firewalls for HPE CX 10000 corporate networks is related to insufficient protection of operational data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

3.4CVSS5.5AI score0.00236EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.10 views

The vulnerability of the --hidden-recipient mode in Mutt and NeoMutt email clients, which allows a hacker to disclose protected information.

The vulnerability of the “--hidden-recipient” mode in Mutt and NeoMutt clients is related to incorrect processing of header fields during PGP encryption. Exploiting this vulnerability can allow a remote attacker to disclose the protected information...

5.3CVSS5.9AI score0.00295EPSS
Exploits0References9Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.10 views

The vulnerability of the System component of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of the System component of the Android operating system is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8AI score0.00221EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.10 views

The vulnerability of the SSL VPN remote access technology for SonicOS operating systems allows a hacker to increase their privileges.

The vulnerability of the SSL VPN remote access technology implemented on SonicOS is related to the bypassing of authentication due to a fundamental error in the implementation. Exploiting this vulnerability allows a malicious actor to enhance their privileges remotely...

9.4CVSS6.6AI score0.00459EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.10 views

The vulnerability of Mutt and NeoMutt email clients, related to errors in verifying the cryptographic signature, allows a hacker to alter the list of trusted recipients and expose the encrypted information.

The vulnerability of Mutt and NeoMutt email clients stems from errors in verifying the cryptographic signature when processing header fields. Exploiting this vulnerability could allow a malicious actor to alter the list of trusted recipients and expose the sensitive information being protected...

7.4CVSS7.1AI score0.00331EPSS
Exploits0References11Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.10 views

The vulnerability in the implementation of IPSec protocols on the SonicOS operating system allows a attacker to trigger a Denial-of-Service attack (DoS) or execute arbitrary code.

The vulnerability of the implementation of IPSec protocols on the SonicOS operating system is related to a numerical overflow condition. Exploiting this vulnerability allows a malicious actor to trigger a Denial-of-Service attack or execute arbitrary code by sending a specially crafted IKEv2...

5.3CVSS6.3AI score0.00786EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/08 12:0 a.m.10 views

The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom; the software for modeling and analyzing 3D models in Autodesk Navisworks Simulate; and the software for analyzing, coordinating, and verifying 3D models and project data in Autodesk Navisworks Manage. This allows a malicious individual to cause service interruptions or execute arbitrary code.

The vulnerability of the DWFX software for viewing 3D models and project documents, as well as the software for modeling and analysis of 3D models Autodesk Navisworks Freedom, the software for analyzing, coordinating, and verifying 3D models and project data Autodesk Navisworks Manage, is related...

7.8CVSS7.9AI score0.00468EPSS
Exploits0References4Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/01/06 12:0 a.m.10 views

The vulnerability of the sec_pkcs7_decoder_start_decrypt() function in Mozilla Firefox and Thunderbird email client allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the secpkcs7decoderstartdecrypt function in Mozilla Firefox and Thunderbird’s email client is related to the reallocation of memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

10CVSS6.4AI score0.00919EPSS
Exploits0References15Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/01/06 12:0 a.m.10 views

The vulnerability of the Kubernetes cluster management system for running cloud applications across multiple Karmada clusters, related to incorrect privilege assignment, allows a hacker to elevate their privileges.

The vulnerability of the Kubernetes cluster management system for running cloud applications across multiple Karmada clusters is related to the improper assignment of privileges. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

9CVSS5.4AI score0.00485EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/03 12:0 a.m.10 views

The vulnerability of the Adobe Experience Manager content and media data management system is related to errors in processing input data, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager content and media data management system is related to errors in processing input data. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code remotely...

4CVSS5.9AI score0.00916EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/28 12:0 a.m.10 views

The vulnerability of the Nix packet manager in Unix operating systems arises from improper restrictions on the path name of the restricted access directory. This allows a malicious user to re-record any files in the system.

The vulnerability of the Nix packet manager in Unix operating systems is related to an improper limitation on the path name of the restricted access directory. Exploiting this vulnerability allows a remote attacker to re-record any files in the system...

9CVSS5.5AI score0.00566EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/28 12:0 a.m.10 views

The vulnerability of the Microsoft Dynamics 365 Business Central software for small and medium-sized businesses stems from deficiencies in the authentication process, which allows unauthorized users to elevate their privileges.

The vulnerability of the Microsoft Dynamics 365 Business Central software for small and medium-sized businesses is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to gain increased privileges remotely...

8.5CVSS5.4AI score0.00714EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/12/28 12:0 a.m.10 views

The vulnerability of the mechanism for detecting network traffic analysis tools, network detection, and response by the Cortex XDR Agent on Windows operating systems allows attackers to trigger service failures or execute arbitrary code.

The vulnerability of the mechanism for detecting network traffic analysis tools, network detection, and response by the Cortex XDR Agent on Windows operating systems is related to discrepancies in functionality according to the specifications. Exploiting this vulnerability can allow attackers to...

6CVSS5.8AI score0.00188EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/27 12:0 a.m.10 views

The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena lies in the possibility of writing beyond buffer boundaries during the processing of DOE files. This allows a hacker to execute arbitrary code.

The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena lies in the issue of writing beyond buffer boundaries during the processing of DOE files. Exploiting this vulnerability allows attackers to execute arbitrary code by loading a specially crafted...

7.8CVSS6.2AI score0.00226EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/27 12:0 a.m.10 views

The vulnerability of the `__lpass_get_dmactl_handle` function in the qcom component of the Linux operating system allows a hacker to induce a service failure.

The vulnerability of the lpassgetdmactlhandle function in the qcom component of the Linux operating system is related to the use of an uninitialized pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

6.2CVSS5.9AI score0.00234EPSS
Exploits0References12Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/12/27 12:0 a.m.10 views

The vulnerability of the iommufd_access_change_ioas() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the iommufdaccesschangeioas function in the Linux operating system is related to the copying of buffers without checking the input data. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.6AI score0.00227EPSS
Exploits0References12Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/12/27 12:0 a.m.10 views

The vulnerability of the CI/CD application integration and delivery system provided by JetBrains TeamCity, due to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.

The vulnerability of the CI/CD application integration and delivery system provided by JetBrains TeamCity exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks remotely...

5.5CVSS5.4AI score0.00765EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/27 12:0 a.m.10 views

The vulnerability of the Webmin CGI request handler allows a hacker to execute arbitrary code with root privileges.

The vulnerability of the Webmin CGI request handler relates to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with root privileges remotely...

9.9CVSS8.5AI score0.32018EPSS
Exploits0References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/27 12:0 a.m.10 views

The vulnerability of Adobe InDesign’s computer layout automation tool, related to memory-walking attacks, allows attackers to bypass ASLR protection and disclose the protected information.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to memory-walking attacks. Exploiting this vulnerability can allow an attacker to bypass ASLR protection and disclose the protected information...

5.5CVSS5.4AI score0.00322EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/27 12:0 a.m.10 views

The vulnerability of the Substance 3D Painter software for creating textures and materials for 3D models allows a hacker to trigger a service failure. This vulnerability is related to errors in pointer assignment.

The vulnerability of the Substance 3D Painter software for creating textures and materials for 3D models is related to pointer assignment errors. Exploiting this vulnerability can allow attackers to cause service failures...

5.5CVSS5.5AI score0.00362EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/27 12:0 a.m.10 views

The vulnerability of Adobe InDesign’s computer layout automation tool, related to memory-walking attacks, allows attackers to bypass ASLR protection and disclose the protected information.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to memory-walking attacks. Exploiting this vulnerability can allow attackers to bypass ASLR protection and disclose the protected information...

5.5CVSS5.5AI score0.00322EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/26 12:0 a.m.10 views

The vulnerability of the Fortinet FortiClient Enterprise Management Server (EMS) and the FortiClient EMS Cloud cloud storage service lies in the lack of data cleaning measures at the management level. This allows attackers to execute arbitrary code.

The vulnerability of the Fortinet FortiClient Enterprise Management Server EMS and the FortiClient EMS Cloud cloud storage service is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.5CVSS5.9AI score0.01287EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/12/25 12:0 a.m.10 views

The vulnerabilities of the components of Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK, and the Oracle Java SE software platform allow attackers to gain unauthorized access to protected information.

The vulnerability of the components of Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK, and the Oracle Java SE software platform lies in the insecure storage of confidential information. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access...

3.7CVSS6.5AI score0.00651EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/12/25 12:0 a.m.10 views

The vulnerability of the PDF document viewing program Foxit PDF Reader (formerly Foxit Reader) and the PDF file editing program Foxit PDF Editor (formerly Foxit PhantomPDF) is related to a bug in pointer handling after memory release, allowing an attacker to execute arbitrary code.

The vulnerability of the PDF document viewing program Foxit PDF Reader formerly Foxit Reader and the PDF file editing program Foxit PDF Editor formerly Foxit PhantomPDF is related to a bug in the handling of pointers after memory release during the processing of AcroForm objects. Exploiting this...

7.8CVSS7.6AI score0.00914EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/12/23 12:0 a.m.10 views

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

5.5CVSS5.9AI score0.00487EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/23 12:0 a.m.10 views

The vulnerability in the Profile Name field of the software for monitoring, managing, and configuring VigorAP access points and VigorSwitches in the DrayTek VigorConnect local network allows a attacker to perform XSS attacks.

The vulnerability of the Profile Name field in software for monitoring, managing, and configuring VigorAP access points and VigorSwitches in the DrayTek VigorConnect local network is related to the lack of security measures taken to protect the website structure. Exploiting this vulnerability cou...

5.5CVSS5.8AI score0.00551EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/20 12:0 a.m.10 views

The vulnerability of the operating system for managing Synology Router Manager allows for cross-site scripting attacks, as a lack of security measures has been taken to protect the website structure. This vulnerability enables attackers to carry out cross-site scripting attacks.

The vulnerability of the Synology Router Manager operating system for managing network devices is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

6.5CVSS5.2AI score0.0026EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/20 12:0 a.m.10 views

The vulnerability of the Linux operating system’s kernel’s ipv6 component, which allows a hacker to trigger a service failure

The vulnerability of the ipv6 component in the Linux operating system’s kernel is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

4.7CVSS6.4AI score0.0027EPSS
Exploits0References45Affected Software6
BDU FSTEC
BDU FSTEC
added 2024/12/19 12:0 a.m.10 views

The vulnerability of the formSetPortMapping function in the Tenda G3 wireless access point’s microprogramming software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the formSetPortMapping function in the Tenda G3 wireless access point’s microprogramming software lies in the fact that the operation exceeds the buffer boundaries in memory when processing parameters such as pPortMapIndex, pLanIP, pProtocl, and pWanid. Exploiting this...

9CVSS6.3AI score0.00531EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/17 12:0 a.m.10 views

The vulnerability of the Comment module in the Drupal CMS system allows a hacker to trigger a service failure.

The vulnerability of the Comment module in the Drupal CMS system relates to the execution of a loop with an unavailable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

7.8CVSS5.7AI score0.00457EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.10 views

The vulnerability of the IPerf3 network bandwidth measurement tool lies in the improper handling of test parameters sent to the server in JSON format. This allows a hacker to cause a service failure.

The vulnerability of the IPerf3 network bandwidth measurement tool is related to the improper processing of testing parameters sent to the server in JSON format. Exploiting this vulnerability can allow a remote attacker to cause service failures...

7.8CVSS6.6AI score0.00908EPSS
Exploits1References8Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.10 views

The vulnerability of the WhatsUp Gold network infrastructure monitoring system, related to errors when using privileged application programming interfaces (APIs), allows a hacker to execute arbitrary code.

The vulnerability of the WhatsUp Gold network infrastructure monitoring system is related to errors when privileged application programming interfaces APIs are used. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

10CVSS8.4AI score0.09504EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.10 views

The vulnerability of the application development environment and the Angular single-page application platform, related to improper code generation management, allows attackers to execute arbitrary code.

The vulnerability of the application development environment and the Angular single-page application platform is related to improper code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.4AI score0.02257EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.10 views

The vulnerability of the Wireless Wide Area Network Service (WwanSvc) in Microsoft Windows operating systems allows a hacker to increase their privileges.

The vulnerability of the Wireless Wide Area Network Service WwanSvc in Microsoft Windows operating systems is related to operations that go beyond the buffer limits in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

6.8CVSS5.7AI score0.00812EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.10 views

The vulnerability of Remote Desktop Services (RDS) for Windows operating systems allows a hacker to trigger a service failure.

The vulnerability of Remote Desktop Services RDS for Windows operating systems is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions from a remote location...

7.8CVSS5.5AI score0.02587EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.10 views

The vulnerability of the Adobe Animate software for creating multimedia and computer animations lies in insufficient validation of input data, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Animate program for creating multimedia and computer animations is related to insufficient testing of input data. Exploiting this vulnerability can allow attackers to execute arbitrary code...

7.8CVSS5.8AI score0.00426EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/12/13 12:0 a.m.10 views

The vulnerability of the Naumen Service Management Platform’s portal for automating business processes is related to the lack of measures taken to protect the website structure, allowing attackers to carry out XSS attacks.

The vulnerability of the Naumen Service Management Platform Naumen SMP Portal lies in the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks...

8CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/12 12:0 a.m.10 views

The vulnerability of the Remote Desktop Client for Windows operating systems, related to access control deficiencies, allows a perpetrator to execute arbitrary code.

The vulnerability of the Remote Desktop Client on Windows operating systems is related to lack of access control mechanisms. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

9CVSS8.4AI score0.01507EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/12/12 12:0 a.m.10 views

The vulnerability of the Wireless Wide Area Network Service (WwanSvc) in Microsoft Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Wireless Wide Area Network Service WwanSvc in Microsoft Windows operating systems is related to operations that go beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

4.6CVSS5.7AI score0.00989EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/12/06 12:0 a.m.10 views

The vulnerability of the atob method in the universal monitoring system Zabbix allows attackers to compromise the integrity of the protected information.

The vulnerability of the atob method in the Zabbix universal monitoring system is related to access to a critical private variable through a publicly accessible method. Exploiting this vulnerability allows an attacker to compromise the integrity of the protected information...

6.8CVSS6.6AI score0.00797EPSS
Exploits0References10Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/12/05 12:0 a.m.10 views

The vulnerability of the Puppet infrastructure automation tool and its startup application, Puppet Agent, relates to the insecure transfer of credentials. This allows a malicious individual to access confidential information.

The vulnerability of the Puppet infrastructure automation tool and its startup application, Puppet Agent, is related to the insecure transfer of credentials. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to confidential information...

10CVSS7.7AI score0.01328EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/12/05 12:0 a.m.10 views

The vulnerability of the authentication mechanism of the XRDP remote access tool, which allows a intruder to gain unauthorized access

The vulnerability of the XRDP remote access authentication mechanism is related to deficiencies in the retry limit for authentication attempts, which is controlled by the MaxLoginRetry parameter set in the configuration file /etc/xrdp/sesman.ini. Exploiting this vulnerability allows a malicious...

10CVSS7.1AI score0.00602EPSS
Exploits0References10Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/12/04 12:0 a.m.10 views

The vulnerability of the management software for Keycloak’s identification and access controls is related to the use of pre-set user accounts. This allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the Keycloak identity and access management software relates to the use of pre-set user credentials. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

5.9CVSS5.5AI score0.00937EPSS
Exploits0References9Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/12/03 12:0 a.m.10 views

The vulnerabilities of the disable_show() and disable_store() functions in the Linux kernel USB driver allow attackers to compromise the integrity and accessibility of protected information.

The vulnerability of the disableshow and disablestrore functions in the drivers/usb/core/port.c file of the Linux kernel’s USB driver is related to the use of a zero pointer. Exploiting this vulnerability could allow an attacker to compromise the integrity and accessibility of the protected...

9.4CVSS6.7AI score0.00923EPSS
Exploits0References25Affected Software7
BDU FSTEC
BDU FSTEC
added 2024/12/03 12:0 a.m.10 views

The vulnerability of the microprogrammed software of industrial routers Billion M100, Billion M150, Billion M120N, and Billion M500, related to the storage of passwords in an open manner, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the microprogrammed software of industrial routers Billion M100, Billion M150, Billion M120N, and Billion M500 is related to the storage of passwords in an open manner. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access ...

9CVSS7.2AI score0.00608EPSS
Exploits0References5Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/12/03 12:0 a.m.10 views

The vulnerability of the microprogrammed software of industrial routers Billion M100, Billion M150, Billion M120N, and Billion M500 lies in the absence of authentication for a critical function. This allows attackers to circumvent security restrictions, gain unauthorized access to protected information, or cause service failures.

The vulnerability of the microprogrammed software in industrial routers such as Billion M100, Billion M150, Billion M120N, and Billion M500 is related to the absence of authentication for a critical function. Exploiting this vulnerability can allow an attacker, operating remotely, to circumvent...

9CVSS7.2AI score0.00463EPSS
Exploits0References5Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/12/02 12:0 a.m.10 views

The vulnerability of DRM/AMD components in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of DRM/AMDKFD components in Linux kernel relates to read misses beyond the boundary. Exploiting this vulnerability can allow an attacker to cause service failures...

6.6CVSS6.5AI score0.00244EPSS
Exploits0References26Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/11/29 12:0 a.m.10 views

The vulnerability of the monitoring tool for VMware Aria Operations, related to the lack of protective measures for the website structure, allows attackers to execute cross-site scripting attacks (XSS).

The vulnerability of the monitoring tool for VMware Aria Operations is related to the lack of protective measures for the website structure. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks XSS remotely...

8CVSS7.5AI score0.00408EPSS
Exploits0References3Affected Software1
Total number of security vulnerabilities5000