Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2024/03/04 12:0 a.m.10 views

The vulnerability of the user_sdma_txadd function in the Linux operating system’s kernel driver allows a hacker to execute arbitrary code.

The vulnerability of the usersdmatxadd function in Linux kernel-based InfiniBand drivers is related to a pointer dereferencing error. Exploiting this vulnerability could allow an attacker to execute arbitrary code remotely...

7.8CVSS7AI score0.00251EPSS
Exploits0References21Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/03/04 12:0 a.m.10 views

The vulnerability of the update_cdn_status() function in the LiteSpeed Cache plugin for WordPress (LSCWP), a content management system for WordPress websites, allows a hacker to gain unauthorized access to protected information or enhance their privileges.

The vulnerability of the updatecdnstatus function in the LiteSpeed Cache plugin for WordPress LSCWP, a content management system for WordPress websites, is related to the lack of protective measures for website structures. Exploiting this vulnerability can allow an attacker to gain unauthorized...

6.8CVSS8.1AI score0.54872EPSS
Exploits5References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/22 12:0 a.m.10 views

Software vulnerabilities related to application optimization in Intel Optimization for TensorFlow framework, caused by incorrect elimination of special elements in the output data, allow attackers to exploit these vulnerabilities to gain enhanced privileges.

The vulnerability of software for application optimization in Intel Optimization for TensorFlow framework is related to incorrect elimination of certain elements in the output data. Exploiting this vulnerability can allow attackers to enhance their privileges...

5.5CVSS5.9AI score0.00189EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/20 12:0 a.m.10 views

The vulnerability of the file loading function of the corporate cloud storage system HGiga OAKlouds allows a attacker to execute arbitrary code.

The vulnerability of the file loading function of the corporate cloud storage system HGiga OAKlouds relates to the unlimited loading of dangerous types of files. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code by sending a specially crafted file...

10CVSS8.2AI score0.00942EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/20 12:0 a.m.10 views

The vulnerability in the implementation of the LDAP service protocol on Windows operating systems allows a perpetrator to cause a service failure.

The vulnerability of the LDAP Lightweight Directory Access Protocol implementation in the Windows operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...

6.8CVSS6.9AI score0.02079EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/02/20 12:0 a.m.10 views

The server for managing Fortinet FortiClient Enterprise Management Server (EMS) is vulnerable due to insecure privilege management, allowing attackers to execute arbitrary commands.

The vulnerability of the Fortinet FortiClient Enterprise Management Server EMS server relates to insecure management of privileges. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using specially crafted HTTP or HTTPS requests...

9CVSS7.5AI score0.00823EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/20 12:0 a.m.10 views

The vulnerability of Microsoft Excel, the Microsoft Office suite of programs, and Skype for Business, related to the issue of out-of-buffer operations in memory, allows attackers to execute arbitrary code.

The vulnerability of Microsoft Excel, the Microsoft Office suite, and Skype for Business involves an operation beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.9AI score0.01177EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/02/19 12:0 a.m.10 views

The vulnerability of the Windows operating system’s kernel, which allows a hacker to increase their privileges

The vulnerability of the Windows operating system’s kernel is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7.8CVSS7.7AI score0.20237EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/02/19 12:0 a.m.10 views

The vulnerability of the application software interface of the Cisco Meeting Server platform allows a perpetrator to cause a service failure.

The vulnerability of the application software interface of the Cisco Meeting Server platform is related to deficiencies in the mechanism for verifying input data. Exploiting this vulnerability could allow a malicious actor to cause service failures...

5.3CVSS5.9AI score0.00813EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/19 12:0 a.m.10 views

The vulnerability of the Snort module of the microprogramming software for Cisco Firepower Threat Defense (FTD) allows a perpetrator to trigger a service failure.

The vulnerability of the Snort module of the Cisco Firepower Threat Defense FTD software lies in the execution of a loop with an unavailable exit condition. Exploiting this vulnerability could allow a malicious actor to cause a service failure...

8.6CVSS7.8AI score0.00693EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/19 12:0 a.m.10 views

The vulnerability of the Windows operating system’s kernel allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Windows operating system kernels is related to the exposure of information. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

4.9CVSS6.4AI score0.00752EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/02/19 12:0 a.m.10 views

The vulnerability of the Windows Message Queuing system allows a perpetrator to execute arbitrary code.

The vulnerability of Windows’ Message Queuing system is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.7AI score0.00801EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/02/19 12:0 a.m.10 views

The vulnerability of the USB Generic Parent driver in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the USB Generic Driver in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

6.4CVSS7.3AI score0.00551EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/02/15 12:0 a.m.10 views

The vulnerability of HTTP/3 QUIC modules in NGINX Plus and NGINX OSS web servers allows attackers to cause service interruptions.

The vulnerability of HTTP/3 QUIC in NGINX Plus and NGINX OSS web servers is related to the swapping of the zero pointer. Exploiting this vulnerability allows a malicious actor to cause service interruptions by sending specially crafted requests...

7.8CVSS7.2AI score0.01061EPSS
Exploits0References6Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/02/14 12:0 a.m.10 views

The vulnerability of the XRef::fetch function (XRef.cc) in the PDF viewing software Xpdf, which allows a hacker to cause a service failure.

The vulnerability of the XRef::fetch function in the Xpdf PDF viewing software is related to code errors. Exploiting this vulnerability could allow an attacker to cause a service failure through a specially created PDF file...

5.5CVSS6.6AI score0.01618EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/06 12:0 a.m.10 views

Microsoft Edge’s vulnerability, related to security configuration errors, allows a hacker to bypass the sandbox protection mechanism and execute arbitrary code.

The vulnerability of Microsoft Edge relates to errors in security settings when processing HTML content. Exploiting this vulnerability allows a malicious actor to bypass sandbox protections and execute arbitrary code using a specially created file or web page...

8.3CVSS8.1AI score0.01231EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/02/06 12:0 a.m.10 views

The vulnerability of the macOS operating system’s Dev Tools component, which allows a hacker to increase their privileges

The vulnerability of the Dev Tools component of the macOS operating system exists due to insufficient testing of input data. Exploiting this vulnerability can allow attackers to gain increased privileges...

7.8CVSS7.2AI score0.00201EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/06 12:0 a.m.10 views

The vulnerability of the NEXO-OS operating system in the Bosch Nexo cordless nutrunner and Bosch Nexo special cordless nutrunner tools used in production lines allows a intruder to gain unauthorized access to the database.

The vulnerability of the NEXO-OS operating system for tools used in production line assembly work, such as the Bosch Nexo cordless nutrunner and the Bosch Nexo special cordless nutrunner, is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability ca...

5.3CVSS7.3AI score0.00622EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/06 12:0 a.m.10 views

The vulnerability of the Quick Look function in macOS operating systems allows a malicious actor to trigger a service failure or execute arbitrary code.

The vulnerability of the Quick Look function in macOS systems stems from a buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to cause a service failure or execute arbitrary code...

7.8CVSS7.8AI score0.00234EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/06 12:0 a.m.10 views

The vulnerability of the web components of Ivanti Connect Secure and Ivanti Policy Secure control tools allows a perpetrator to…

The vulnerability of the Ivanti Connect Secure and Ivanti Policy Secure web components related to access control vulnerabilities. Exploiting this vulnerability could allow a malicious actor to elevate their privileges to the level of an administrator...

9CVSS7.9AI score0.86806EPSS
Exploits4References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/02/06 12:0 a.m.10 views

The vulnerability in the web interface of the Cisco Prime Infrastructure monitoring and management system, as well as the Cisco Evolved Programmable Network (EPN) Manager software, allows a perpetrator to carry out cross-site scripting attacks.

The vulnerability in the web interface of the Cisco Prime Infrastructure monitoring and management system, as well as the Cisco Evolved Programmable Network EPN Manager software, exists due to the lack of protective measures for the web page structure. Exploiting this vulnerability allows a...

4.8CVSS5.3AI score0.00358EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/06 12:0 a.m.10 views

The vulnerability of the FileProvider component in the macOS operating system allows a hacker to disclose protected information.

The vulnerability of the FileProvider component in the macOS operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to disclose protected information...

5.5CVSS5.9AI score0.00196EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/06 12:0 a.m.10 views

The vulnerability in the web interface of the Cisco Prime Infrastructure monitoring and management system, as well as the Cisco Evolved Programmable Network (EPN) Manager software, allows a perpetrator to execute arbitrary commands in the basic operating system.

The vulnerability of the web interface for managing Cisco Prime Infrastructure network equipment and the Cisco Evolved Programmable Network EPN Manager software relates to improper handling of objects in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary...

7.7CVSS7.4AI score0.00695EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/05 12:0 a.m.10 views

The vulnerability of the setWrlAccessList function in the wireless access point software of Tenda W9 allows a intruder to execute arbitrary code.

The vulnerability of the setWrlAccessList function in the wireless access point software Tenda W9 involves reading data beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

10CVSS8.2AI score0.01399EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/02/05 12:0 a.m.10 views

The vulnerability in the implementation of the ICMPv6 protocol in the Linux operating system’s kernel, through the function fib6_add(), allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability in the implementation of the ICMPv6 protocol in the Linux operating system is related to the reutilization of previously freed memory due to competitive access to resources in the fib6add function within the net/ipv6/ip6fib.c module. Exploiting this vulnerability could allow a...

7.5CVSS7.2AI score0.02166EPSS
Exploits0References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/05 12:0 a.m.10 views

The vulnerability of the Rapid SCADA system, related to the improper assignment of permissions for critical resources, allows a intruder to increase their privileges.

The vulnerability of the SCADA system Rapid SCADA is related to the incorrect assignment of permissions for critical resources. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.2AI score0.00159EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/05 12:0 a.m.10 views

The vulnerability in the web interface of the wireless access point Tenda A15’s microprogramming software allows a perpetrator to execute arbitrary code.

The vulnerability of the web interface for managing microprogramming software in the Tenda A15 wireless access point is related to reading data outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

8.3CVSS7.7AI score0.01731EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/05 12:0 a.m.10 views

The vulnerability of the ext4_writeinline_data_end() function in the kernel of the OpenEuler operating system, which allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ext4writeinlinedataend function in the kernel of the OpenEuler operating system is related to integer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS6.5AI score0.00371EPSS
Exploits0References20Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/02/02 12:0 a.m.10 views

The vulnerability of the MachineSense microprogramming software components in FeverWarn ESP32, FeverWarn RaspberryPi, and the FeverWarn DataHub RaspberryPi systems, which allows a intruder to gain unauthorized access to protected information.

The vulnerability of the MachineSense microprogramming software components in FeverWarn ESP32, FeverWarn RaspberryPi, and the FeverWarn DataHub RaspberryPi systems is related to the absence of authentication procedures for critical functions. Exploiting this vulnerability could allow an attacker ...

7.7CVSS6.6AI score0.00582EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2024/02/02 12:0 a.m.10 views

The vulnerability in the web interface for controlling microprogrammed software-based network storage devices Zyxel NAS326 and NAS542 allows a perpetrator to execute arbitrary commands.

The vulnerability of the web interface for managing Zyxel NAS326 and NAS542 micro-programming systems exists due to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary comman...

8.3CVSS7.5AI score0.28472EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/02/02 12:0 a.m.10 views

The vulnerability of the digital platform for Miro’s collaborative work with macOS operating systems arises from improper code generation management. This allows a hacker to execute arbitrary code.

The vulnerability of the digital platform for Miro’s collaborative work with macOS operating systems is related to improper code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.2AI score0.01288EPSS
Exploits2References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/02 12:0 a.m.10 views

The vulnerability of the Delta Industrial Automation DOPSoft software for designing human-machine interfaces lies in buffer overflows in the stack. This allows an attacker to execute arbitrary code.

The vulnerability of the Delta Industrial Automation DOPSoft software for designing human-machine interfaces is related to buffer overflows in the stack during syntax analysis of the wLogTitlesPrevValueLen field. Exploitation of this vulnerability could allow a malicious actor to execute arbitrar...

10CVSS7.9AI score0.00986EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/02 12:0 a.m.10 views

The vulnerability of the PMR_ReadBytes() function in the PowerVR GPU driver for Android and ChromeOS systems allows attackers to exploit their privileges.

The vulnerability of the PMRReadBytes function in the PowerVR GPU driver for Android and ChromeOS operating systems is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow attackers to gain increased privileges...

7.8CVSS8.1AI score0.00414EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/01/30 12:0 a.m.10 views

The vulnerability of the args4j library in the Jenkins automation server’s command-line interface (CLI) allows a hacker to execute arbitrary code.

The vulnerability of the args4j library, a built-in command-line interface CLI for Jenkins automation servers, is related to insufficient protection of service data. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary code...

8.8CVSS8.1AI score0.99999EPSS
Exploits46References7Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/01/25 12:0 a.m.10 views

The vulnerability of iCloud Photo Library on operating systems macOS, iOS, and iPadOS allows attackers to disclose protected information.

The vulnerability of iCloud Photo Library in operating systems such as macOS, iOS, and iPadOS lies in the lack of data protection measures. Exploiting this vulnerability could allow an attacker to disclose protected information...

5.5CVSS5.9AI score0.00211EPSS
Exploits0References4Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/01/24 12:0 a.m.10 views

The vulnerability of the JavaFX component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows attackers to compromise the integrity of protected information.

The vulnerability of the JavaFX component of Oracle Java SE and the Oracle GraalVM Enterprise Edition platform exists due to insufficient testing of input data. Exploiting this vulnerability can allow an attacker to compromise the integrity of protected information...

3.1CVSS6.5AI score0.00553EPSS
Exploits0References6Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/01/18 12:0 a.m.10 views

The vulnerability of the prog.cgi component in D-Link DIR-X3260 Wi-Fi routers allows a hacker to execute arbitrary code.

The vulnerability of the prog.cgi component in D-Link DIR-X3260 Wi-Fi routers involves reading data outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.2CVSS7.3AI score0.01126EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/01/17 12:0 a.m.10 views

The vulnerability of the WLAvalancheService service in the Avalanche device management system allows a hacker to execute arbitrary code.

The vulnerability of the WLAvalancheService service in the mobile device management system of Avalanche is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.3AI score0.11337EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/01/17 12:0 a.m.10 views

The vulnerability of Fanuc i Series CNC control systems’ microprogrammed software, related to uncontrolled resource consumption, allows attackers to cause malfunctions during maintenance operations.

The vulnerability of Fanuc i Series CNC control systems’ microprogramming software is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause malfunctions in the system...

5.3CVSS5.6AI score0.01949EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/01/15 12:0 a.m.10 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab arises from insufficient verification of data authenticity. This allows a malicious actor to alter the metadata of signed commits.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to insufficient verification of data authenticity. Exploiting this vulnerability could allow a malicious actor, operating remotely, to modify the metadata of signed commits...

7.5CVSS6AI score0.00384EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/01/15 12:0 a.m.10 views

The vulnerability of the MICROprogramming software for the SIMATIC CN 4100 communication gateway, which stems from insufficient validation of input data, allows a intruder to alter the IP configuration and trigger a service failure.

The vulnerability of the SIMATIC CN 4100 communication gateway’s microprogramming software is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to alter the IP configuration and cause service failures...

7.8CVSS7.2AI score0.00567EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/01/12 12:0 a.m.10 views

The compatibility subsystem for running Linux applications allows Windows Subsystem for Linux (WSL) operating systems, enabling attackers to enhance their privileges.

The vulnerability of the compatibility subsystem for running Linux applications in Windows Subsystem for Linux WSL operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.3AI score0.007EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/01/11 12:0 a.m.10 views

The vulnerability of Adobe Experience Manager’s content and media data management system, related to the lack of measures taken to protect the website structure, allows attackers to execute XSS attacks.

The vulnerability of the Adobe Experience Manager content and media data management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks...

5.5CVSS5.9AI score0.00597EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/01/11 12:0 a.m.10 views

The vulnerability of the MySQL software component used for managing power supply sources in Voltronic Power View. This allows a hacker to elevate their privileges to the level of an administrator.

The vulnerability of the MySQL component in the software for managing power sources in Voltronic Power ViewPower Pro lies in the use of rigidly encoded credentials. Exploiting this vulnerability could allow an attacker to elevate their privileges to the level of an administrator...

7.8CVSS7.2AI score0.00234EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/12/27 12:0 a.m.10 views

The vulnerability of the programming software for PLCs (programmable logic controllers), namely the Saia PG5 Controls Suite, arises from incorrect restrictions on XML references to external objects. This vulnerability allows attackers to gain unauthorized access to protected information.

The vulnerability of the programming software for PLCs programmable logic controllers, Saia PG5 Controls Suite, is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

5.5CVSS5.9AI score0.00784EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/12/25 12:0 a.m.10 views

The vulnerability of the sms_decode_address_field() function in the OFono mobile phone stack allows a hacker to execute arbitrary code.

The vulnerability of the smsdecodeaddressfield function in the OFono mobile phone stack is related to the execution of operations outside the buffer in memory when sending SMS messages in PDU format. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

8.1CVSS8.2AI score0.01006EPSS
Exploits0References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/12/21 12:0 a.m.10 views

The vulnerability of the application access control library in the SAP XS Advanced sap-xssec development, integration, and application extension platform in the SAP Business Technology Platform (BTP) environment is related to insecure management of privileges. This allows attackers to escalate their privileges.

The vulnerability of the application access control library in the SAP XS Advanced sap-xssec development, integration, and application extension platform in the SAP Business Technology Platform BTP environment is related to insecure management of privileges. Exploiting this vulnerability can allo...

9.4CVSS7.7AI score0.01109EPSS
Exploits0References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/21 12:0 a.m.10 views

The vulnerability of the get_set.ccp file in the web interface for controlling the wireless router TRENDnet TEW-652BRP allows a hacker to execute arbitrary code.

The vulnerability of the getset.ccp file in the web interface for controlling the wireless router TRENDnet TEW-652BRP is related to the lack of data cleaning measures at the control level. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS8AI score0.03853EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/19 12:0 a.m.10 views

The vulnerability of the Bulk Modification Tool component in Nagios XI allows a hacker to execute arbitrary SQL code.

The vulnerability of the Bulk Modification Tool component in Nagios XI is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...

9CVSS8.2AI score0.3374EPSS
Exploits2References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/19 12:0 a.m.10 views

The vulnerability of FortiWeb web applications’ network firewalls arises from improper processing of output data for registration logs, allowing attackers to replace the traffic logs.

The vulnerability of FortiWeb web applications’ network firewalls is related to improper processing of output data for registration logs. Exploiting this vulnerability allows a malicious actor to replace traffic logs through a specially created web page...

5.3CVSS5.9AI score0.00478EPSS
Exploits0References2Affected Software1
Total number of security vulnerabilities5000