90604 matches found
The vulnerability of the Local Security Authority (LSA) service in the Windows operating system allows a perpetrator to elevate their privileges.
The vulnerability of the Local Security Authority LSA service in the Windows operating system is related to synchronization errors when using a common resource. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the Microsoft Windows operating system’s Telephony Service allows a perpetrator to execute arbitrary code.
The vulnerability of the Microsoft Windows operating system’s Telephony Service is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the DRM/AMD/display components in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the DRM/amd/display components in the Linux operating system is related to pointer assignment errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the ASP.NET Core software platform and the Microsoft Visual Studio development environment, related to unlimited resource distribution, allows attackers to trigger service failures.
The vulnerability of the ASP.NET Core software platform and the Microsoft Visual Studio development environment is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
The vulnerability of the parse_module() function in the bfd/vms-alpha.c component of the GNU Binutils development environment allows a attacker to access confidential data and also trigger a service failure.
The vulnerability of the parsemodule function in the bfd/vms-alpha.c component of the GNU Binutils development environment is related to reading data from beyond the allowed buffer limits. Exploiting this vulnerability could allow an attacker to access confidential data and also cause service...
The vulnerability of the library for working with the DICOM format in DCMT, related to the repeated memory release, allows a perpetrator to trigger a service failure.
The vulnerability of the library for working with the DICOM format in DCMT is related to the repeated memory release. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the dcmnet component of the library for working with DICOM format allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service interruptions.
The vulnerability of the dcmnet component of the library for working with DICOM format in DCMTK is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and even cause...
The vulnerability of the readDataVar() function in the hdf/dataobject.c component of the Libmysofa library for audio processing allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failure.
The vulnerability of the readDataVar function in the hdf/dataobject.c component of the Libmysofa library for audio processing is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to gain access to confidential data, compromise its integrity, an...
The vulnerability of the Windows Common Log File System (CLFS) driver in Windows operating systems allows a hacker to elevate their privileges to a system-level level.
The vulnerability of the Windows Common Log File System CLFS driver in Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their system-level privileges...
The vulnerability of the read_subimage_data function in the OpenImageIO image processing library allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the readsubimagedata function in the OpenImageIO image processing library is related to the copying of buffers without checking the input data. Exploiting this vulnerability could allow an attacker to gain access to confidential data, compromise its integrity, and even cause...
The vulnerability of the au_read_header function in the src/au.c component of the Libsndfile library for reading and writing audio files allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the aureadheader function in the src/au.c file of the Libsndfile library, which is used for reading and writing audio files, is related to a numerical overflow issue. Exploiting this vulnerability could allow an attacker to access confidential data, compromise its integrity,...
The vulnerability of the SafeSetMacFilter function in the Tenda O4 V3.0 wireless Wi-Fi access point software allows a intruder to influence the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the SafeSetMacFilter function in the Tenda O4 V3.0 wireless Wi-Fi access point software relates to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to influence the confidentiality, integrity, and...
The vulnerability of Canon’s microprogrammed printer software of the imageCLASS MF, imageCLASS LBP, i-SENSYS MF, i-SENSYS LBP, Satera MF series lies in the ability to execute arbitrary code or trigger malfunctions during use, by reading data from memory beyond the buffer limits.
The vulnerability of Canon’s microprogrammed printer software for the imageCLASS MF, imageCLASS LBP, i-SENSYS MF, i-SENSYS LBP, and Satera MF series lies in the reading of data beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code or caus...
The vulnerability of the chat message exchange function in Cisco Enterprise Chat and Email (ECE) allows a perpetrator to cause a service failure.
The vulnerability of the chat message exchange function in Cisco Enterprise Chat and Email ECE is related to insufficient processing of regular expressions. Exploiting this vulnerability can allow a malicious actor to cause service failures by sending specially crafted requests...
The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.
The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created link...
The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.
The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created link...
The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.
The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created link...
The vulnerability of the functions intel_iommu_init() (drivers/iommu/intel/iommu.c) and enable_drhd_fault_handling() (drivers/iommu/intel/dmar.c) in the Linux kernel allows a hacker to trigger a service failure.
The vulnerability of the functions inteliommuinit drivers/iommu/intel/iommu.c and enabledrhdfaulthandling drivers/iommu/intel/dmar.c in the Linux kernel is related to insufficient locking. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the modTMSM component in the Trend Micro Apex Central security monitoring and management tool allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the modTMSM component in the Trend Micro Apex Central security management and monitoring tool is related to insufficient checking of incoming requests. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...
The vulnerability of the print_info() function in the src/iinfo/iinfo.cpp module of the OpenImageIO library allows a attacker to cause a service failure.
The vulnerability of the printinfo function in the src/iinfo/iinfo.cpp module of the OpenImageIO library is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of the pata_macio_do_resume() function in the Linux operating system’s SATA/PATA kernel support driver allows a hacker to cause a service failure.
The vulnerability of the patamaciodoresume function in the SATA/PATA driver of the Linux operating system is related to incorrect validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the nfs4_show_open() function in the network file system of Linux kernel allows a hacker to cause a service failure.
The vulnerability of the nfs4showopen function in the network file system of Linux kernels is related to pointer manipulation. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the simple_offsetdestroy() function in the Linux kernel file system allows a attacker to cause a service failure.
The vulnerability of the simpleoffsetdestroy function in the Linux kernel file system is related to the execution of a loop with an unreachable exit condition „Infinite loop“. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Command Line Interface (CLI) of the Fortinet FortiClient security device allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Command Line Interface CLI of the Fortinet FortiClient security device is related to the storage of critical information in an open manner. Exploiting this vulnerability can allow an attacker to gain unauthorized access to the protected information...
The vulnerability of the BmpInput::read_native_scanline() function in the src/bmp.imageio/bmpinput.cpp module of the OpenImageIO library allows a hacker to cause a service failure.
The vulnerability of the BmpInput::readnativescanline function in the src/bmp.imageio/bmpinput.cpp module of the OpenImageIO library is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the genelinkbind() function (drivers/net/usb/gl620a.c) in the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the genelinkbind function drivers/net/usb/gl620a.c in the Linux kernel is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the omap8250_suspend() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the omap8250suspend function in the Linux operating system is related to improper control of resource identifiers “resource injection”. Exploiting this vulnerability can allow an attacker to trigger a service failure...
The vulnerability of the `ovl_dentry_update_reval()` function in the `fs/overlayfs/copy_up.c` file of the Linux kernel file system allows a attacker to cause a service failure.
The vulnerability of the ovldentryupdatereval function in the fs/overlayfs/copyup.c file of the Linux kernel file system is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the psi/zbfont.c file in the software suite for processing, transforming, and generating Ghostscript documents allows a perpetrator to execute arbitrary code.
The vulnerability of the psi/zbfont.c file in the software for processing, converting, and generating Ghostscript documents is related to the copying of buffers without checking the size of the input data, as a result of incorrect conversion of glyphs to Unicode. Exploiting this vulnerability can...
The vulnerability of the transformMiddleware function in the @fs mechanism of the local development server for Vite allows a hacker to read arbitrary files.
The vulnerability of the transformMiddleware function in the @fs mechanism of the local development server for Vite applications is related to incorrect processing of special symbols in input data. Exploiting this vulnerability allows a malicious actor to read arbitrary files by sending a special...
The vulnerability of the simple_inode_init_ts() function in the Linux file system allows a hacker to trigger a service failure.
The vulnerability of the simpleinodeinitts function in the Linux file system is related to the reutilization of previously freed memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the `ieee802154_create()` function in the `net/ieee802154/socket.c` module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the ieee802154create function in the net/ieee802154/socket.c module of the Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...
Vulnerability of the mt7921_mcu_tx_rate_report() function in the drivers/net/wireless/mediatek/mt76/mt7921/mcu.c module – This driver is part of the Linux kernel’s wireless adapter support framework. It allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
Vulnerability of the mt7921mcutxratereport function in the drivers/net/wireless/mediatek/mt76/mt7921/mcu.c module – The driver for supporting wireless connection adapters in the Linux operating system is vulnerable due to buffer out-of-bounds reading. Exploiting this vulnerability could allow an...
Vulnerability of the dsps_probe() function in the drivers/usb/musb/musb_dsps.c module – The driver for supporting USB devices in Linux kernels allows a hacker to cause a service failure.
Vulnerability of the dspsprobe function in the drivers/usb/musb/musbdsps.c module – The Linux kernel’s USB device support driver is vulnerable due to a pointer issue related to NULL pointers. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the jfs_readdir() function in the fs/jfs/jfs_dtree.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the jfsreaddir function in the fs/jfs/jfsdtree.c module of the Linux operating system is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
Vulnerability of the md_check_recovery() function in the drivers/md/md.c module – The driver for supporting multiple devices (RAID and LVM) in the Linux kernel allows a hacker to trigger a service failure.
Vulnerability of the mdcheckrecovery function in the drivers/md/md.c module – The Linux kernel’s device support driver for multiple devices such as RAID and LVM is vulnerable due to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to cause system failures...
Vulnerability of the xenvif_disconnect_queue() function in the drivers/net/xen-netback/interface.c module – the Linux kernel network adapter driver support mechanism, which allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.
Vulnerability of the xenvifdisconnectqueue function in the drivers/net/xen-netback/interface.c module – The Linux kernel network adapter driver relies on the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrit...
The vulnerability of the SAML SSO library in Ruby allows a attacker to trigger a service failure.
The vulnerability of the SAML SSO library in Ruby SAML relates to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause a service failure...
The vulnerability of the AddPortMapping method in Netgear WNR854T router software allows a hacker to execute arbitrary commands.
The vulnerability of the AddPortMapping method in Netgear WNR854T router microprogramming software lies in the lack of measures to neutralize special elements used in the operating system’s commands when processing the NewInternalClient parameter. Exploiting this vulnerability allows a remote...
The vulnerability of the xe_vm_userptr_pin() function in the drivers/gpu/drm/xe/xe_vm.c file of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the xevmuserptrpin function in the drivers/gpu/drm/xe/xevm.c file of the Linux kernel is related to improper release of resources. Exploiting this vulnerability could allow an attacker to cause service failures...
The vulnerability of the Splunk Enterprise platform for operational analysis, related to deficiencies in access control, allows a perpetrator to execute arbitrary code.
The vulnerability of the Splunk Enterprise platform for operational analysis is related to deficiencies in access control for the directory $SPLUNKHOME/var/run/splunk/apptemp. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code...
The vulnerability of DRM/RockChip components in Linux operating systems allows a hacker to trigger a service failure.
The vulnerability of DRM/RockChip kernels in the Linux operating system is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow a hacker to cause a service failure...
The vulnerability of the hb_cairo_glyphs_from_buffer() function in the Harfbuzz text transformation library allows a hacker to execute arbitrary code.
The vulnerability of the hbcairoglyphsfrombuffer function in the Harfbuzz text transformation library is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the sctp_sf_ootb() function in the net/sctp/sm_statefuns.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the sctpsfootb function in the net/sctp/smstatefuns.c module of the Linux kernel is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability in the `include/net/ip_tunnels.h` header file of the IPv4 protocol implementation in Linux kernel allows a attacker to cause a service failure.
The vulnerability in the include/net/iptunnels.h header file of the IPv4 protocol implementation in Linux operating systems is related to incorrect resource blocking. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the kernel component of the Linux operating system, which allows a hacker to cause a service failure
The vulnerability of the kernel component of the Linux operating system is related to a memory leak in the vcapapiencoderuletest function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the ntfs3 component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the ntfs3 component in the Linux operating system’s kernel is related to incorrect blocking in the ntfsdhash function in fs/ntfs3/namei.c. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the cachefiles_daemon_open() function in the cachefiles component of the Linux operating system allows a hacker to gain elevated privileges within the system.
The vulnerability of the cachefilesdaemonopen function in the cachefiles component of the Linux kernel is related to a memory leak. Exploiting this vulnerability can allow an attacker to gain elevated privileges within the system...
The vulnerability of the mlx5_lag_create_port_sel_table() function in the net/mlx5 components of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the mlx5lagcreateportseltable function in Linux kernel-based net/mlx5 components is related to improper input validation. Exploiting this vulnerability can allow an attacker to cause system failures...
The vulnerability of the blk-cgroup kernel component in the Linux operating system, which allows a hacker to cause a service failure
The vulnerability of the blk-cgroup component in the Linux operating system’s kernel is related to memory corruption. Exploiting this vulnerability can allow an attacker to cause a service failure...