Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2024/01/11 12:0 a.m.10 views

The vulnerability of the MySQL software component used for managing power supply sources in Voltronic Power View. This allows a hacker to elevate their privileges to the level of an administrator.

The vulnerability of the MySQL component in the software for managing power sources in Voltronic Power ViewPower Pro lies in the use of rigidly encoded credentials. Exploiting this vulnerability could allow an attacker to elevate their privileges to the level of an administrator...

7.8CVSS7.2AI score0.00234EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/12/27 12:0 a.m.10 views

The vulnerability of the programming software for PLCs (programmable logic controllers), namely the Saia PG5 Controls Suite, arises from incorrect restrictions on XML references to external objects. This vulnerability allows attackers to gain unauthorized access to protected information.

The vulnerability of the programming software for PLCs programmable logic controllers, Saia PG5 Controls Suite, is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

5.5CVSS5.9AI score0.00784EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/12/25 12:0 a.m.10 views

The vulnerability of the sms_decode_address_field() function in the OFono mobile phone stack allows a hacker to execute arbitrary code.

The vulnerability of the smsdecodeaddressfield function in the OFono mobile phone stack is related to the execution of operations outside the buffer in memory when sending SMS messages in PDU format. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

8.1CVSS8.2AI score0.01006EPSS
Exploits0References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/12/21 12:0 a.m.10 views

The vulnerability of the application access control library in the SAP XS Advanced sap-xssec development, integration, and application extension platform in the SAP Business Technology Platform (BTP) environment is related to insecure management of privileges. This allows attackers to escalate their privileges.

The vulnerability of the application access control library in the SAP XS Advanced sap-xssec development, integration, and application extension platform in the SAP Business Technology Platform BTP environment is related to insecure management of privileges. Exploiting this vulnerability can allo...

9.4CVSS7.7AI score0.01109EPSS
Exploits0References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/21 12:0 a.m.10 views

The vulnerability of the get_set.ccp file in the web interface for controlling the wireless router TRENDnet TEW-652BRP allows a hacker to execute arbitrary code.

The vulnerability of the getset.ccp file in the web interface for controlling the wireless router TRENDnet TEW-652BRP is related to the lack of data cleaning measures at the control level. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS8AI score0.03853EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/19 12:0 a.m.10 views

The vulnerability of the Bulk Modification Tool component in Nagios XI allows a hacker to execute arbitrary SQL code.

The vulnerability of the Bulk Modification Tool component in Nagios XI is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...

9CVSS8.2AI score0.3374EPSS
Exploits2References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/19 12:0 a.m.10 views

The vulnerability of FortiWeb web applications’ network firewalls arises from improper processing of output data for registration logs, allowing attackers to replace the traffic logs.

The vulnerability of FortiWeb web applications’ network firewalls is related to improper processing of output data for registration logs. Exploiting this vulnerability allows a malicious actor to replace traffic logs through a specially created web page...

5.3CVSS5.9AI score0.00478EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/18 12:0 a.m.10 views

The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the structure of web pages, allows attackers to disclose protected information.

The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a malicious actor to disclose protected information remotely...

4.1CVSS5.8AI score0.00597EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/18 12:0 a.m.10 views

The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to execute arbitrary code.

The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

5.5CVSS6.3AI score0.00597EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/18 12:0 a.m.10 views

The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to execute arbitrary code.

The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

5.5CVSS6.3AI score0.00597EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/18 12:0 a.m.10 views

The vulnerability of the Microsoft Office for Mac software, related to errors in user interface information representation, allows attackers to perform spear-phishing attacks.

The vulnerability of the Microsoft Office for Mac software is related to information representation errors in the user interface. Exploiting this vulnerability can allow attackers to perform spear-phishing attacks remotely...

5.3CVSS6.6AI score0.01186EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/12/18 12:0 a.m.10 views

The vulnerability of the Windows Hyper-V hardware virtualization system allows attackers to escalate their privileges.

The vulnerability of the Windows Hyper-V hardware virtualization system is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to increase their privileges...

7.8CVSS7.3AI score0.0173EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2023/12/15 12:0 a.m.10 views

The vulnerability of the IBM DB2 database management system, which arises due to insufficient validation of input data, allows a hacker to trigger a service failure.

The vulnerability of the IBM DB2 database management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

9.4CVSS7.3AI score0.01053EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/15 12:0 a.m.10 views

The vulnerability of the Autoptimize plugin of the WordPress content management system, related to security mechanism errors, allows attackers to gain unauthorized access to information.

The vulnerability of the Autoptimize plugin of the WordPress content management system is related to security mechanism errors. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to information...

5.3CVSS5.9AI score0.0146EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/15 12:0 a.m.10 views

The vulnerability of the 5G mobile communication network organization software free5GC, related to the lack of authentication for critical functions, allows attackers to disclose protected information.

The vulnerability of the software for managing fifth-generation mobile communication networks 5G, free5GC, is related to the absence of authentication for a critical function. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose protected information...

7.8CVSS7.2AI score0.02863EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/15 12:0 a.m.10 views

The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring lies in its ability to restore unreliable data in memory, allowing an attacker to execute commands with local administrator privileges.

The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring lies in the recovery of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute code with local administrator privileges...

10CVSS8AI score0.16573EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/15 12:0 a.m.10 views

The vulnerability of the FedCM component in the Google Chrome browser allows a perpetrator to execute arbitrary code or trigger a service failure.

The vulnerability of the FedCM component in the Google Chrome browser relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause a service failure through a specially created malicious web page...

10CVSS8.1AI score0.00639EPSS
Exploits0References11Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/12/14 12:0 a.m.10 views

The vulnerability of the microprogramming software of the Ubiquiti Networks UniFi Dream Machine Pro, related to deficiencies in access control, allows intruders to circumvent domain restrictions.

The vulnerability of the microprogrammed software of the Ubiquiti Networks UniFi Dream Machine Pro relates to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to bypass domain restrictions using specially created packages...

10CVSS7.7AI score0.00847EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/13 12:0 a.m.10 views

The vulnerability in the Safari browser on operating systems such as iPadOS, iOS, and Mac OS allows a hacker to exploit it to access the history of web browsing activities.

The vulnerability of the Safari browser on iPadOS, iOS, and Mac OS relates to the disclosure of information. Exploiting this vulnerability allows a malicious actor to disclose the history of web browsing...

5CVSS6.5AI score0.00679EPSS
Exploits0References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/12/12 12:0 a.m.10 views

The vulnerability of the cstecgi.cgi implementation in TOTOLINK X5000R router microprogramming software allows a perpetrator to execute arbitrary commands.

The vulnerability of the cstecgi.cgi microprogramming system implementation in TOTOLINK X5000R routers is related to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

5.8CVSS6.7AI score0.30683EPSS
Exploits2References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/11 12:0 a.m.10 views

The vulnerability of the struts.multipart.saveDir configuration on the Apache Struts software platform allows attackers to cause service failures.

The vulnerability of the struts.multipart.saveDir configuration on the Apache Struts software platform is related to insufficient control over resources with dynamic management, as a result of processing query fields whose values exceed the maxStringLength limit. Exploiting this vulnerability...

7.8CVSS7.1AI score0.06286EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/11 12:0 a.m.10 views

The vulnerability in the implementation of the Media Capture application interface of Google Chrome and Microsoft Edge allows a perpetrator to disclose protected information.

The vulnerability of the Media Capture application interface in Google Chrome and Microsoft Edge browsers relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to disclose sensitive information...

7.8CVSS7.5AI score0.0102EPSS
Exploits0References13Affected Software7
BDU FSTEC
BDU FSTEC
added 2023/12/06 12:0 a.m.10 views

The vulnerability of the BIG-IP Access Policy Manager’s access control and remote authentication mechanisms, as well as the software products such as BIG-IP Advanced Firewall Manager, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Hybrid Defender, BIG-IP Domain Name System, BIG-IP Fraud Protection Service, BIG-IP Link Controller, BIG-IP Local Traffic Manager, BIG-IP Policy Enforcement Manager, BIG-IP Orchestrator, allows a perpetrator to trigger a service failure.

The vulnerabilities of the BIG-IP Access Policy Manager, as well as the BIG-IP Advanced Firewall Manager, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Hybrid Defender, BIG-IP Domain Name System, BIG-IP Fraud Protection Service, BIG-IP Link...

7.8CVSS7.5AI score0.00626EPSS
Exploits0References3Affected Software12
BDU FSTEC
BDU FSTEC
added 2023/12/01 12:0 a.m.10 views

The vulnerability of the Adobe Media Encoder application, related to access to an uninitialized pointer, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Adobe Media Encoder application relates to access to an uninitialized pointer. Exploiting this vulnerability could allow a perpetrator to gain unauthorized access to protected information through a specially created malicious file...

5.5CVSS5.5AI score0.00367EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/29 12:0 a.m.10 views

The vulnerability of Adobe InDesign’s computer layout automation tool, related to reading data outside the buffer in memory, allows attackers to exploit this to disclose protected information.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to reading data outside the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected information...

5.5CVSS6AI score0.00339EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/29 12:0 a.m.10 views

The vulnerability of the Apache Storm distributed stream processing software’s software platform in UNIX-like operating systems, related to access control deficiencies, allows attackers to disclose sensitive information.

The vulnerability of the Apache Storm distributed stream processing software’s software platform in UNIX-like operating systems is related to lack of access control mechanisms. Exploiting this vulnerability can allow attackers to disclose sensitive information that is protected by the system’s...

3.3CVSS5.8AI score0.00346EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/23 12:0 a.m.10 views

The vulnerability of the 3D modeling software Argon Ashlar-Vellum lies in its uncontrolled search element, which allows a hacker to execute arbitrary code.

The vulnerability of the 3D modeling software Argon Ashlar-Vellum is related to an uncontrolled element in the search process. Exploiting this vulnerability could allow a hacker to execute arbitrary code...

7.8CVSS7.5AI score0.00825EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/21 12:0 a.m.10 views

The vulnerability of the Golang programming language decoder, related to the distribution of resources without any restrictions or regulations, allows attackers to cause service failures.

The vulnerability of the Golang programming language decoder is related to the decoding of large amounts of compressed data, which consumes excessive memory and processing power. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.8CVSS6.8AI score0.0086EPSS
Exploits0References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/11/14 12:0 a.m.10 views

The vulnerability of the cplus-dem.c component of the GNU Binutils development environment allows a attacker to trigger a service failure.

The vulnerability of the cplus-dem.c component of the GNU Binutils development environment is related to the allocation of unlimited memory. Exploiting this vulnerability allows a remote attacker to cause a service failure using a specially created file...

7.8CVSS6.1AI score0.01399EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/11/10 12:0 a.m.10 views

The vulnerability of the SetQuickVPNSettings module in D-Link wireless router software, such as DIR-882 and DIR-878, allows a hacker to execute arbitrary code.

The vulnerability of the SetQuickVPNSettings module in D-Link’s wireless router products, such as DIR-882 and DIR-878, is related to buffer overflow attacks. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

8.3CVSS8AI score0.01414EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/10 12:0 a.m.10 views

The vulnerability of Lenovo printer’s microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of Lenovo printer’s microprogramming software arises from an overflow in the buffer on the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.2AI score0.00889EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/11/04 12:0 a.m.10 views

The vulnerability of the CMS system Backdrop CMS, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of the CMS system Backdrop CMS is related to the failure to take measures to protect the structure of a web page as a result of performing the “Publish” action in the “Content” section. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attack...

4.9CVSS5.3AI score0.0196EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/04 12:0 a.m.10 views

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to writing outside the buffer boundaries, allowing a malicious actor to execute arbitrary code in the context of the current user.

The vulnerability of Siemens Solid Edge’s design and simulation tools is related to writing beyond buffer boundaries. Exploiting this vulnerability can allow attackers to execute arbitrary code in the context of the current user, using specially created PAR files...

7.8CVSS6.1AI score0.00218EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/11/04 12:0 a.m.10 views

The vulnerability of distributed computing platforms and PowerJob’s task scheduling system, related to lack of access control, allows a intruder to gain unauthorized access to the user/save interface.

The vulnerability of distributed computing platforms and the PowerJob task scheduling system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to the user/save interface...

5.3CVSS5.9AI score0.02998EPSS
Exploits2References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/04 12:0 a.m.10 views

The vulnerability of the exec() function in the execQuoted() method of the ilUtil class (/Services/Utilities/classes/class.ilUtil.php) of the ILIAS learning management and support system allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the exec function in the execQuoted method of the ilUtil class /Services/Utilities/classes/class.ilUtil.php of the ILIAS training and support management system is related to the lack of measures for cleaning input data. Exploiting this vulnerability could allow a remote...

9CVSS7.7AI score0.00765EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/04 12:0 a.m.10 views

The vulnerability of the shib_logout.php script of the ILIAS learning management and support system allows a perpetrator to redirect a user to any given URL address.

The vulnerability of the shiblogout.php script in the ILIAS learning management and support system lies in the use of open redirection when processing the return parameter. Exploiting this vulnerability allows a malicious actor to redirect users to any given URL address...

6.4CVSS6.3AI score0.0199EPSS
Exploits3References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/03 12:0 a.m.10 views

The vulnerability of the `foogallery_image_editor_modal` function in the FooGallery plugin of the WordPress content management system allows attackers to perform cross-site scripting attacks.

The vulnerability of the foogalleryimageeditormodal function in the FooGallery plugin of the WordPress content management system exists due to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks...

7.5CVSS6.5AI score0.01747EPSS
Exploits1References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/03 12:0 a.m.10 views

The vulnerability of the `desktop_app/file.ajax.php?action=uploadfile` component in the main module of the Bitrix24 business management service allows a attacker to cause a service failure.

The vulnerability of the desktopapp/file.ajax.php?action=uploadfile component in the main module of the Bitrix24 business management service is related to the execution of a loop with an unavailable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service...

7.8CVSS7.3AI score0.24078EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/03 12:0 a.m.10 views

The vulnerability of the /goform/formSetACLFilter component of the D-Link N300 WI-Fi Router DIR-605L software, which allows a intruder to trigger a service failure or execute arbitrary code.

The vulnerability of the /goform/formSetACLFilter component in the D-Link N300 Wi-Fi Router DIR-605L wireless access point software relates to the ability to write data beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to cause service interruptions or execute...

9CVSS8.2AI score0.01244EPSS
Exploits1References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/03 12:0 a.m.10 views

The vulnerability in the `bitrix/modules/crm/lib/order/import/instagram.php` file of the Crm service for business management in Bitrix24 allows a hacker to execute arbitrary code and increase their privileges.

The vulnerability in the bitrix/modules/crm/lib/order/import/instagram.php file of the Crm service for business management in Bitrix24 exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remote...

9CVSS8AI score0.01231EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/03 12:0 a.m.10 views

The vulnerability of the /goform/formSetACLFilter component in the D-Link N300 WI-Fi Router DIR-605L wireless access point software allows a attacker to cause a service failure or execute arbitrary code.

The vulnerability of the /goform/formSetACLFilter component in the D-Link N300 Wi-Fi Router DIR-605L wireless access point software relates to the ability to write data beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to cause service interruptions or execute...

10CVSS8.4AI score0.01191EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/03 12:0 a.m.10 views

The vulnerability of the update download section for software solutions in the Spectrum Virtualize virtualization technology allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the update download section for Spectrum Virtualize software relates to insufficient protection of operational data during the download process. Exploiting this vulnerability allows an attacker to gain unauthorized access to protected information by using the “satask...

5.9CVSS7.2AI score0.00651EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/02 12:0 a.m.10 views

The vulnerability of the WebApp Provider component of Google Chrome allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Google Chrome browser’s WebApp Provider component is related to improperly implemented security checks for standard elements. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information through a specially...

7.8CVSS5.8AI score0.00646EPSS
Exploits0References10Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/11/02 12:0 a.m.10 views

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to reading beyond the memory boundary, allowing a malicious actor to execute arbitrary code.

The vulnerability of Siemens Solid Edge’s design and simulation tools is related to reading beyond the memory limit. Exploiting this vulnerability can allow an attacker to execute arbitrary code using specially created PAR files...

7.8CVSS7.6AI score0.00217EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/11/01 12:0 a.m.10 views

The vulnerability of the chkRegVeriRegister() function in TP-LINK’s router software TL-WR886N allows a perpetrator to influence the integrity, accessibility, and confidentiality of the protected information.

The vulnerability of the chkRegVeriRegister function in TP-LINK’s TL-WR886N router software lies in the fact that the operation is performed outside of the buffer in memory. Exploiting this vulnerability allows an attacker to compromise the integrity, availability, and confidentiality of the...

10CVSS7.9AI score0.01027EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2023/11/01 12:0 a.m.10 views

The vulnerability of the registerRequestHandle() function in TP-LINK TL-WR886N router software allows a hacker to manipulate the integrity, accessibility, and confidentiality of the protected information.

The vulnerability of the registerRequestHandle function in TP-LINK’s TL-WR886N router software lies in the fact that the operation’s output is stored outside of the buffer in memory. Exploiting this vulnerability could allow a remote attacker to compromise the integrity, availability, and...

10CVSS8.1AI score0.01027EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2023/10/26 12:0 a.m.10 views

The vulnerability of operating systems such as Mac OS, Cisco IOS, HP-UX, Tru64 UNIX, AIX, OS/2, Windows, Novell Netware, Solaris, IRIX, SCO Unix, bsdos, and Linux lies in the fact that ICMP information, such as masks and timestamps, can be transmitted by arbitrary hosts, allowing attackers to disclose sensitive information.

The vulnerabilities of operating systems such as Mac OS, Cisco IOS, HP-UX, Tru64 UNIX, AIX, OS/2, Windows, Novell Netware, Solaris, IRIX, SCO Unix, bsdos, and Linux stem from the fact that ICMP information, including masks and timestamps, is exposed to arbitrary hosts. Exploiting these...

2.9CVSS6.8AI score0.31586EPSS
Exploits1References9Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/25 12:0 a.m.10 views

The vulnerability of the 3D model texturing program Adobe Substance 3D Designer, related to reading data outside the buffer in memory, allows a hacker to execute arbitrary code.

The vulnerability of the 3D model texturing program Adobe Substance 3D Designer lies in the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created USD file...

7.8CVSS7.8AI score0.00345EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/21 12:0 a.m.10 views

The vulnerability of the WireGuard VPN service, related to errors in handling links, allows a malicious actor to block IP traffic on selected IP addresses.

The vulnerability of the VPN service WireGuard is related to errors in handling links. Exploiting this vulnerability allows a remote attacker to block IP traffic on selected IP addresses...

6.1CVSS6.1AI score0.00812EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/21 12:0 a.m.10 views

The vulnerability of the IBM DB2 database management system and the IBM DB2 Connect Server automatic redirection server, related to errors in processing input data, allows a perpetrator to cause service interruptions.

The vulnerability of the IBM DB2 database management system and the IBM DB2 Connect Server automatic redirection server is related to errors in processing input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

5.3CVSS7.1AI score0.00782EPSS
Exploits0References4Affected Software2
Total number of security vulnerabilities5000