Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2023/03/01 12:0 a.m.10 views

The vulnerability of the software platform for container deployment in the SUSE Rancher Wrangler production environment, related to unencrypted storage of user data, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the software platform for container deployment in the SUSE Rancher wrangler production environment is related to unencrypted storage of user credentials. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected...

9.9CVSS7.4AI score0.00553EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/27 12:0 a.m.10 views

The vulnerability of the PostScript Printer Driver (Pscript) in Windows operating systems allows a hacker to gain unauthorized access to protected information.

The vulnerability of the PostScript Printer Driver Pscript on Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

6.8CVSS7.1AI score0.01381EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/02/27 12:0 a.m.10 views

The vulnerability of Microsoft’s .NET Framework and .NET software platforms lies in the insufficient protection of operational data during code debugging, allowing attackers to execute arbitrary code.

The vulnerability of Microsoft .NET Framework and .NET software platforms is related to insufficient protection of sensitive data during code debugging. Exploiting this vulnerability can allow attackers to execute arbitrary code...

7.8CVSS7.6AI score0.01148EPSS
Exploits0References4Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/02/27 12:0 a.m.10 views

The vulnerability of the WDAC OLE DB driver for SQL Server on Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the WDAC OLE DB driver for SQL Server on Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted malicious packages remotely...

9CVSS8.3AI score0.01206EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/02/24 12:0 a.m.10 views

The vulnerability of the server administration interface for managing VMware Carbon Black App Control allows for the injection of arbitrary code, enabling a hacker to execute arbitrary commands.

The vulnerability of the server administration interface for managing VMware Carbon Black App Control relates to the possibility of executing code. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

9.1CVSS7.8AI score0.16873EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/22 12:0 a.m.10 views

The vulnerability of the Symantec Endpoint Protection antivirus software lies in its lack of access control mechanisms, which allows attackers to escalate their privileges.

The vulnerability of the Symantec Endpoint Protection antivirus software is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.2AI score0.00166EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/02/22 12:0 a.m.10 views

The vulnerability of the software for programming Mitsubishi Electric GX Works3 lies in the ability to use strictly encrypted user data, which allows a intruder to obtain information about the project files for security modules on the CPU.

The vulnerability of the software for programming Mitsubishi Electric GX Works3 relates to the possibility of using strictly encrypted user data. Exploiting this vulnerability can allow a malicious actor to obtain information about project files for security modules via the MELSEC protocol...

7.8CVSS7.4AI score0.0129EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/21 12:0 a.m.10 views

The vulnerability in the web interface for managing FatPipe’s software allows a hacker to execute arbitrary code.

The vulnerability of the FatPipe software management web interface is related to the unlimited download of dangerous files. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created malware file...

10CVSS8.1AI score0.39824EPSS
Exploits2References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/02/21 12:0 a.m.10 views

The vulnerability of the IBM Sterling Secure Proxy proxy server and the IBM Sterling External Authentication Server (SEAS) authentication and authorization server, which stems from the use of cryptographic algorithms containing defects, allows attackers to gain unauthorized access to protected information.

The vulnerability of the IBM Sterling Secure Proxy proxy server and the IBM Sterling External Authentication Server SEAS authentication and authorization server lies in the use of cryptographic algorithms that have vulnerabilities during installation. Exploiting this vulnerability can allow a...

2.3CVSS6AI score0.00119EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/02/21 12:0 a.m.10 views

The vulnerability of the monitoring system for critical equipment, StruxureWare Data Center Expert, related to errors during maintenance by one user on devices owned by another user, allows a violator to execute arbitrary code.

The vulnerability of the StruxureWare Data Center Expert monitoring system is related to errors that occur when one user maintains devices owned by another user. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

9CVSS8AI score0.00935EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/21 12:0 a.m.10 views

The vulnerability of the ExploreIT website content management system, related to the lack of measures to protect the SQL query structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of the ExploreIT website content management system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

10CVSS7.6AI score0.03829EPSS
Exploits3References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/21 12:0 a.m.10 views

The vulnerability of the command-line interface (CLI) implementation of Zyxel networking devices allows a perpetrator to execute arbitrary commands.

The vulnerability of CLI implementations for Zyxel network devices involves a lack of measures to neutralize special elements used in OS commands. Exploiting this vulnerability allows an attacker to execute arbitrary commands remotely...

8.3CVSS7.4AI score0.02806EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/02/21 12:0 a.m.10 views

The vulnerability of Dell Container Storage Modules lies in their uncontrolled DLL search path, which allows an attacker to execute arbitrary code.

The vulnerability of the Dell Container Storage Modules relates to an uncontrolled DLL search process. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.8CVSS8AI score0.02095EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/20 12:0 a.m.10 views

The vulnerability of the AMD Secure Encrypted Virtualization (SEV) implementation, a micro-software solution for AMD processors, allows attackers to disclose protected information.

The vulnerability of the AMD Secure Encrypted Virtualization SEV technology, a micro-software solution for AMD processors, arises from the execution of operations beyond the buffer in memory due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to...

5.5CVSS6.3AI score0.00171EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/02/20 12:0 a.m.10 views

The vulnerability of Cisco TelePresence CE and RoomOS software for Cisco Touch 10 devices is related to the absence of a mandatory cryptographic step.

The vulnerability of Cisco TelePresence CE and RoomOS software for Cisco Touch 10 devices is related to the absence of mandatory cryptographic steps. It exists due to insufficient identity verification during the pairing process. Exploiting this vulnerability can allow an attacker operating...

7.1CVSS5.4AI score0.00419EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/20 12:0 a.m.10 views

The vulnerability in the implementation of the GOT Mobile function in the software for graphic control panels from Mitsubishi Electric’s GOT2000 series, models GT27 and GT25, as well as the HMI platform GT SoftGOT2000, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the GOT Mobile function implementation in Mitsubishi Electric’s GOT2000 series graphic control panels, models GT27 and GT25, as well as the HMI platform GT SoftGOT2000, involves bypassing authentication through spoofing. Exploiting this vulnerability can allow unauthorized...

7.1CVSS7.4AI score0.00683EPSS
Exploits0References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/02/13 12:0 a.m.10 views

The vulnerability of QTS network storage operating systems from QNAP, related to insufficient validation of input data, allows attackers to execute arbitrary code.

The vulnerability of QTS network storage operating systems from QNAP is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.1AI score0.14367EPSS
Exploits6References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/08 12:0 a.m.10 views

The vulnerability of the sl_tx_timeout() function in the drivers/net/slip.c module of the SLIP driver for the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the sltxtimeout function in the drivers/net/slip.c module of the SLIP driver for the Linux operating system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

7.1CVSS6.6AI score0.00275EPSS
Exploits0References20Affected Software7
BDU FSTEC
BDU FSTEC
added 2023/02/08 12:0 a.m.10 views

The vulnerability of the Ragic Cloud DB network storage solution provided by QNAP NAS allows attackers to execute XSS attacks.

The vulnerability of the Ragic Cloud DB network storage solution provided by QNAP NAS exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks using a specially created link...

6.4CVSS5.9AI score0.00703EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/08 12:0 a.m.10 views

The vulnerability of the configuration of web applications using microprogramming software for Moxa SDS-3008 Ethernet switches allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the configuration of web applications developed with Microprogramming Software for Moxa SDS-3008 Ethernet switches lies in the transmission of data in an open manner. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected informatio...

5.9CVSS6.5AI score0.00646EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/03 12:0 a.m.10 views

The vulnerability of InHand Networks InRouter 302 and InRouter 615 microprogrammed software lies in the use of one-way hashing with predictable random data. This allows attackers to gain unauthorized access to protected information.

The vulnerability of InHand Networks InRouter 302 and InRouter 615 microprogrammed software lies in the use of one-way hashing with predictable random data. Exploiting this vulnerability allows an attacker, operating remotely, to gain unauthorized access to protected information by sending...

7CVSS7.7AI score0.00321EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/01/30 12:0 a.m.10 views

The vulnerability of the i740 video driver in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the i740 video driver in the Linux operating system is related to the lack of checks on user data. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.4AI score0.00271EPSS
Exploits0References19Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/01/27 12:0 a.m.10 views

The vulnerability of the Core server component of Oracle Communications Converged Application Server allows a hacker to gain full control over the application.

The vulnerability of the Core server component of Oracle Communications Converged Application Server is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain full control over the application using the UDP network protocol...

10CVSS7.7AI score0.00839EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/01/25 12:0 a.m.10 views

The vulnerability of the MSO protocol implementation in the GE Proficy Historian industrial data management platform allows a perpetrator to gain access to read, modify, or delete files.

The vulnerability of the MSO protocol implementation in the GE Proficy Historian industrial data management platform is related to the unlimited loading of dangerous files. Exploiting this vulnerability could allow a malicious actor to gain read, modify, or delete access to files by executing the...

7.8CVSS6.6AI score0.00556EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/01/23 12:0 a.m.10 views

The vulnerability of the network traffic analysis, network detection, and response mechanism of the Cortex XDR Agent, related to code errors, allows attackers to trigger a service failure for Windows system services.

The vulnerability of the Cortex XDR Agent, which is responsible for network traffic analysis, network detection, and response, is related to code errors. Exploiting this vulnerability can allow attackers to cause system services under Windows to fail...

5.5CVSS5.6AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/01/09 12:0 a.m.10 views

The vulnerability of the login/index.php implementation of the application for managing servers with CentOS Web Panel allows a hacker to execute arbitrary commands.

The vulnerability of the login/index.php implementation of the server management application for CentOS Web Panel is related to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute...

10CVSS8.4AI score0.99995EPSS
Exploits12References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/01/04 12:0 a.m.10 views

The vulnerability of the software for coordinating the operation of security systems and for managing real-time incident responses in Fortinet FortiSOAR is related to improper access control. This allows attackers to gain access to the API gateway.

The vulnerability of the software for coordinating the operation of security systems and for managing incident responses in real-time with Fortinet FortiSOAR is related to improper access control. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the...

7.8CVSS7.2AI score0.01206EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/28 12:0 a.m.10 views

The vulnerability of the Windows operating system’s kernel allows attackers to enhance their privileges.

The vulnerability of Windows operating system kernels is related to insufficient validation of input data during object processing. Exploiting this vulnerability can allow attackers to enhance their privileges...

8.2CVSS5.4AI score0.04918EPSS
Exploits1References10
BDU FSTEC
BDU FSTEC
added 2022/12/24 12:0 a.m.10 views

The vulnerability of the smb2_tree_disconnect function (fs/ksmbd/smb2pdu.c) in the ksmbd module of the Linux operating system allows a hacker to execute arbitrary code.

The vulnerability of the smb2treedisconnect function fs/ksmbd/smb2pdu.c in the ksmbd module of the Linux operating system is related to the use of memory after deallocation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.1AI score0.46428EPSS
Exploits0References15Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/12/24 12:0 a.m.10 views

The vulnerability of Adobe Illustrator’s graphic editor, related to reading data beyond the buffer in memory, allows attackers to exploit this to disclose protected information.

The vulnerability of Adobe Illustrator graphic editor is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to disclose protected information using a specially created file...

5.5CVSS6AI score0.00456EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/12/24 12:0 a.m.10 views

The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created link...

5.4CVSS5.6AI score0.0048EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.10 views

The vulnerability of the APC Easy UPS Online Monitoring Software lies in its ability to allow the loading of arbitrary files, which enables a intruder to execute arbitrary code.

The vulnerability of the APC Easy UPS Online Monitoring Software relates to the ability to load any arbitrary file. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by loading any JSP file remotely...

10CVSS8.2AI score0.01071EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.10 views

The vulnerability of the Connman connection dispatcher’s WISPR support implementation lies in the use of memory after it is freed. This allows a hacker to cause a service failure or execute arbitrary code.

The vulnerability of the Connman connection dispatcher’s WISPR support implementation lies in the use of memory after it is freed. Exploiting this vulnerability can allow a malicious actor to cause service failures or execute arbitrary code...

10CVSS7.2AI score0.01513EPSS
Exploits0References11Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.10 views

The vulnerability of the queue insertion function sch_sfb in Linux operating system kernels allows a hacker to cause a service failure.

The vulnerability of the queue insertion function schsfb in Linux operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.6AI score0.0045EPSS
Exploits0References9Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.10 views

The vulnerability of the gweb component of the Connection dispatcher, related to writing outside of the allocated memory range, allows a hacker to execute arbitrary code.

The vulnerability of the gweb component of the Connman connection controller is related to writing beyond the boundaries of a reserved memory range. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.6AI score0.0238EPSS
Exploits0References10Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.10 views

The vulnerability of the EndType parameter in the web interface of the POWER METER SICAM Q100 microprogramming system allows a hacker to disable the device (with subsequent automatic reboot) or execute arbitrary code.

The vulnerability of the EndType parameter in the web interface of the POWER METER SICAM Q100 measurement software is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to disable the device remotely, causing it to shut down automatically, or execute...

9CVSS7.1AI score0.01504EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.10 views

The vulnerability of the `ef100_update_stats` function in the `drivers/net/ethernet/sfc/ef100_nic.c` file of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the ef100updatestats function in the drivers/net/ethernet/sfc/ef100nic.c file of the Linux kernel is related to a pointer dereferencing error. Exploiting this vulnerability could allow an attacker to cause system failures or gain increased privileges...

5.5CVSS6.7AI score0.00214EPSS
Exploits0References10Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.10 views

The vulnerability of the application software interface of the VMware vRealize Network Insight (vRNI) system, related to the possibility of bypassing the directory protection mechanism, allows attackers to access protected information.

The vulnerability of the application software interface of the VMware vRealize Network Insight vRNI development and optimization software infrastructure is related to the possibility of bypassing the catalog. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain...

7.8CVSS7.4AI score0.01792EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.10 views

The vulnerability of the _rtw_init_xmit_priv function in the drivers/staging/r8188eu/core/rtw_xmit.c file of the Linux kernel allows a hacker to cause a service failure or enhance their privileges.

The vulnerability of the rtwinitxmitpriv function in the drivers/staging/r8188eu/core/rtwxmit.c file of the Linux kernel is related to a pointer dereferencing error. Exploiting this vulnerability could allow an attacker to cause a service failure or gain increased privileges...

5.5CVSS6.7AI score0.00224EPSS
Exploits0References10Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.10 views

The vulnerability of the `kfd_parse_subtype_iolink` function in the `drivers/gpu/drm/amd/amdkfd/kfd_crat.c` file of the Linux operating system’s kernel allows a hacker to trigger a service failure or increase their privileges.

The vulnerability of the kfdparsesubtypeiolink function in the drivers/gpu/drm/amd/amdkfd/kfdcrat.c file of the Linux operating system’s kernel is related to incorrect checking of the returned value from a method or function. Exploiting this vulnerability could allow an attacker to cause service...

5.5CVSS6.5AI score0.00214EPSS
Exploits0References10Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.10 views

The vulnerability of the lkdtm_ARRAY_BOUNDS function in the drivers/misc/lkdtm/bugs.c module of the Linux kernel allows a attacker to cause a system failure or gain increased privileges.

The vulnerability of the lkdtmARRAYBOUNDS function in the drivers/misc/lkdtm/bugs.c module of the Linux kernel is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause system failures or gain increased privileges...

5.5CVSS6.6AI score0.00227EPSS
Exploits0References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/12/19 12:0 a.m.10 views

The vulnerability of the Windows Terminal emulator for operating systems, which allows a hacker to execute arbitrary code.

The vulnerability of the Windows Terminal emulator for operating systems is related to insufficient checking of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

7.8CVSS7.8AI score0.01365EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/19 12:0 a.m.10 views

The vulnerability of the xrdp_mm_chan_data_in() function on the XRDP server allows a hacker to execute arbitrary code.

The vulnerability of the xrdpmmchandatain function on the XRDP server is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.6AI score0.00847EPSS
Exploits0References12Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/12/19 12:0 a.m.10 views

The vulnerability of the Blink Frames component in the Google Chrome browser allows a hacker to execute arbitrary code.

The vulnerability of the Blink Frames component in Google Chrome browser relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS8AI score0.00651EPSS
Exploits0References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/12/19 12:0 a.m.10 views

The vulnerability of the xrdp_caps_process_confirm_active() function on the XRDP server allows a perpetrator to gain unauthorized access to protected information or cause service failures.

The vulnerability of the xrdpcapsprocessconfirm-active function on the XRDP server is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information or cause servic...

9.4CVSS7.4AI score0.00729EPSS
Exploits0References12Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/12/19 12:0 a.m.10 views

The vulnerability of the RecordType parameter in the web interface of the POWER METER SICAM Q100 software allows a hacker to disable the device (with subsequent automatic reboot) or execute arbitrary code.

The vulnerability of the RecordType parameter in the web interface of the POWER METER SICAM Q100 measurement software is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to disable the device remotely, causing it to shut down automatically, or execut...

9CVSS7.1AI score0.01355EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/19 12:0 a.m.10 views

The vulnerability of the compatibility subsystem’s kernel allows for the execution of Linux applications on Windows operating systems through the Windows Subsystem for Linux (WSL2). This enables attackers to gain increased privileges.

The vulnerability of the compatibility subsystem’s kernel for running Linux applications, as provided by Windows Subsystem for Linux WSL2 on Windows operating systems, is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.3AI score0.00473EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/19 12:0 a.m.10 views

The vulnerability of the Citrix ADC application delivery controller (formerly Citrix NetScaler Application Delivery Controller) and the Citrix Gateway access control system (formerly Citrix NetScaler Gateway) allows a perpetrator to execute arbitrary code.

The vulnerability of the Citrix ADC application delivery controller formerly Citrix NetScaler Application Delivery Controller and the Citrix Gateway access control system formerly Citrix NetScaler Gateway is related to insufficient resource control during its existence. Exploiting this...

10CVSS8.5AI score0.06931EPSS
Exploits1References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/12/14 12:0 a.m.10 views

The vulnerability of the xrdp_mm_trans_process_drdynvc_channel_open function on the XRDP server allows a hacker to gain access to a remote machine.

The vulnerability of the xrdpmmtransprocessdrdynvcchannelopen function in the XRDP server is related to the ability to write data beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to gain access to the remote machine...

10CVSS7.4AI score0.00799EPSS
Exploits0References10Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/12/12 12:0 a.m.10 views

The vulnerability of the control panel interface of the FortiADC application allows attackers to execute cross-site scripting attacks.

The vulnerability of the FortiADC application delivery controller interface exists because measures are not taken to protect the structure of the web page during its creation. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created ...

9CVSS5.6AI score0.00448EPSS
Exploits0References3Affected Software1
Total number of security vulnerabilities5000