Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2023/02/20 12:0 a.m.10 views

The vulnerability of Cisco TelePresence CE and RoomOS software for Cisco Touch 10 devices is related to the absence of a mandatory cryptographic step.

The vulnerability of Cisco TelePresence CE and RoomOS software for Cisco Touch 10 devices is related to the absence of mandatory cryptographic steps. It exists due to insufficient identity verification during the pairing process. Exploiting this vulnerability can allow an attacker operating...

7.1CVSS5.4AI score0.00419EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/20 12:0 a.m.10 views

The vulnerability in the implementation of the GOT Mobile function in the software for graphic control panels from Mitsubishi Electric’s GOT2000 series, models GT27 and GT25, as well as the HMI platform GT SoftGOT2000, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the GOT Mobile function implementation in Mitsubishi Electric’s GOT2000 series graphic control panels, models GT27 and GT25, as well as the HMI platform GT SoftGOT2000, involves bypassing authentication through spoofing. Exploiting this vulnerability can allow unauthorized...

7.1CVSS7.4AI score0.00683EPSS
Exploits0References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/02/20 12:0 a.m.10 views

The vulnerability of the AMD Secure Encrypted Virtualization (SEV) implementation, a micro-software solution for AMD processors, allows attackers to disclose protected information.

The vulnerability of the AMD Secure Encrypted Virtualization SEV technology, a micro-software solution for AMD processors, arises from the execution of operations beyond the buffer in memory due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to...

5.5CVSS6.3AI score0.00171EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/02/13 12:0 a.m.10 views

The vulnerability of QTS network storage operating systems from QNAP, related to insufficient validation of input data, allows attackers to execute arbitrary code.

The vulnerability of QTS network storage operating systems from QNAP is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.1AI score0.14367EPSS
Exploits6References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/08 12:0 a.m.10 views

The vulnerability of the Ragic Cloud DB network storage solution provided by QNAP NAS allows attackers to execute XSS attacks.

The vulnerability of the Ragic Cloud DB network storage solution provided by QNAP NAS exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks using a specially created link...

6.4CVSS5.9AI score0.00703EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/08 12:0 a.m.10 views

The vulnerability of the sl_tx_timeout() function in the drivers/net/slip.c module of the SLIP driver for the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the sltxtimeout function in the drivers/net/slip.c module of the SLIP driver for the Linux operating system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

7.1CVSS6.6AI score0.00275EPSS
Exploits0References20Affected Software7
BDU FSTEC
BDU FSTEC
added 2023/02/08 12:0 a.m.10 views

The vulnerability of the configuration of web applications using microprogramming software for Moxa SDS-3008 Ethernet switches allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the configuration of web applications developed with Microprogramming Software for Moxa SDS-3008 Ethernet switches lies in the transmission of data in an open manner. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected informatio...

5.9CVSS6.5AI score0.00646EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/03 12:0 a.m.10 views

The vulnerability of InHand Networks InRouter 302 and InRouter 615 microprogrammed software lies in the use of one-way hashing with predictable random data. This allows attackers to gain unauthorized access to protected information.

The vulnerability of InHand Networks InRouter 302 and InRouter 615 microprogrammed software lies in the use of one-way hashing with predictable random data. Exploiting this vulnerability allows an attacker, operating remotely, to gain unauthorized access to protected information by sending...

7CVSS7.7AI score0.00321EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/01/30 12:0 a.m.10 views

The vulnerability of the i740 video driver in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the i740 video driver in the Linux operating system is related to the lack of checks on user data. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.4AI score0.00271EPSS
Exploits0References19Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/01/27 12:0 a.m.10 views

The vulnerability of the Core server component of Oracle Communications Converged Application Server allows a hacker to gain full control over the application.

The vulnerability of the Core server component of Oracle Communications Converged Application Server is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain full control over the application using the UDP network protocol...

10CVSS7.7AI score0.00839EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/01/25 12:0 a.m.10 views

The vulnerability of the MSO protocol implementation in the GE Proficy Historian industrial data management platform allows a perpetrator to gain access to read, modify, or delete files.

The vulnerability of the MSO protocol implementation in the GE Proficy Historian industrial data management platform is related to the unlimited loading of dangerous files. Exploiting this vulnerability could allow a malicious actor to gain read, modify, or delete access to files by executing the...

7.8CVSS6.6AI score0.00556EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/01/23 12:0 a.m.10 views

The vulnerability of the network traffic analysis, network detection, and response mechanism of the Cortex XDR Agent, related to code errors, allows attackers to trigger a service failure for Windows system services.

The vulnerability of the Cortex XDR Agent, which is responsible for network traffic analysis, network detection, and response, is related to code errors. Exploiting this vulnerability can allow attackers to cause system services under Windows to fail...

5.5CVSS5.6AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/01/09 12:0 a.m.10 views

The vulnerability of the login/index.php implementation of the application for managing servers with CentOS Web Panel allows a hacker to execute arbitrary commands.

The vulnerability of the login/index.php implementation of the server management application for CentOS Web Panel is related to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute...

10CVSS8.4AI score0.99995EPSS
Exploits12References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/01/04 12:0 a.m.10 views

The vulnerability of the software for coordinating the operation of security systems and for managing real-time incident responses in Fortinet FortiSOAR is related to improper access control. This allows attackers to gain access to the API gateway.

The vulnerability of the software for coordinating the operation of security systems and for managing incident responses in real-time with Fortinet FortiSOAR is related to improper access control. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the...

7.8CVSS7.2AI score0.01206EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/28 12:0 a.m.10 views

The vulnerability of the Windows operating system’s kernel allows attackers to enhance their privileges.

The vulnerability of Windows operating system kernels is related to insufficient validation of input data during object processing. Exploiting this vulnerability can allow attackers to enhance their privileges...

8.2CVSS5.4AI score0.04918EPSS
Exploits1References10
BDU FSTEC
BDU FSTEC
added 2022/12/24 12:0 a.m.10 views

The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created link...

5.4CVSS5.6AI score0.0048EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/24 12:0 a.m.10 views

The vulnerability of the smb2_tree_disconnect function (fs/ksmbd/smb2pdu.c) in the ksmbd module of the Linux operating system allows a hacker to execute arbitrary code.

The vulnerability of the smb2treedisconnect function fs/ksmbd/smb2pdu.c in the ksmbd module of the Linux operating system is related to the use of memory after deallocation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.1AI score0.46428EPSS
Exploits0References15Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/12/24 12:0 a.m.10 views

The vulnerability of Adobe Illustrator’s graphic editor, related to reading data beyond the buffer in memory, allows attackers to exploit this to disclose protected information.

The vulnerability of Adobe Illustrator graphic editor is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to disclose protected information using a specially created file...

5.5CVSS6AI score0.00456EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/12/23 12:0 a.m.10 views

The vulnerability of the decon_set_win_config() function in the Display and Enhancement Controller (DECON) driver of the Display Processing Unit (DPU) for Android mobile devices from Samsung allows a malicious actor to gain access to read, modify, or delete files, or to cause a service failure.

The vulnerability of the deconsetwinconfig function in the Display and Enhancement Controller DECON driver of the Display Processing Unit DPU for Android mobile devices from Samsung relates to the use of memory after it is freed during the processing of file descriptors. Exploiting this...

6.1CVSS5.6AI score0.0089EPSS
Exploits0References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.10 views

The vulnerability of the gweb component of the Connection dispatcher, related to writing outside of the allocated memory range, allows a hacker to execute arbitrary code.

The vulnerability of the gweb component of the Connman connection controller is related to writing beyond the boundaries of a reserved memory range. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.6AI score0.0238EPSS
Exploits0References10Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.10 views

The vulnerability of the EndType parameter in the web interface of the POWER METER SICAM Q100 microprogramming system allows a hacker to disable the device (with subsequent automatic reboot) or execute arbitrary code.

The vulnerability of the EndType parameter in the web interface of the POWER METER SICAM Q100 measurement software is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to disable the device remotely, causing it to shut down automatically, or execute...

9CVSS7.1AI score0.01504EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.10 views

The vulnerability of the APC Easy UPS Online Monitoring Software lies in its ability to allow the loading of arbitrary files, which enables a intruder to execute arbitrary code.

The vulnerability of the APC Easy UPS Online Monitoring Software relates to the ability to load any arbitrary file. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by loading any JSP file remotely...

10CVSS8.2AI score0.01071EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.10 views

The vulnerability of the _rtw_init_xmit_priv function in the drivers/staging/r8188eu/core/rtw_xmit.c file of the Linux kernel allows a hacker to cause a service failure or enhance their privileges.

The vulnerability of the rtwinitxmitpriv function in the drivers/staging/r8188eu/core/rtwxmit.c file of the Linux kernel is related to a pointer dereferencing error. Exploiting this vulnerability could allow an attacker to cause a service failure or gain increased privileges...

5.5CVSS6.7AI score0.00224EPSS
Exploits0References10Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.10 views

The vulnerability of the `ef100_update_stats` function in the `drivers/net/ethernet/sfc/ef100_nic.c` file of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the ef100updatestats function in the drivers/net/ethernet/sfc/ef100nic.c file of the Linux kernel is related to a pointer dereferencing error. Exploiting this vulnerability could allow an attacker to cause system failures or gain increased privileges...

5.5CVSS6.7AI score0.00214EPSS
Exploits0References10Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.10 views

The vulnerability of the Connman connection dispatcher’s WISPR support implementation lies in the use of memory after it is freed. This allows a hacker to cause a service failure or execute arbitrary code.

The vulnerability of the Connman connection dispatcher’s WISPR support implementation lies in the use of memory after it is freed. Exploiting this vulnerability can allow a malicious actor to cause service failures or execute arbitrary code...

10CVSS7.2AI score0.01513EPSS
Exploits0References11Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.10 views

The vulnerability of the lkdtm_ARRAY_BOUNDS function in the drivers/misc/lkdtm/bugs.c module of the Linux kernel allows a attacker to cause a system failure or gain increased privileges.

The vulnerability of the lkdtmARRAYBOUNDS function in the drivers/misc/lkdtm/bugs.c module of the Linux kernel is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause system failures or gain increased privileges...

5.5CVSS6.6AI score0.00227EPSS
Exploits0References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/12/19 12:0 a.m.10 views

The vulnerability of the compatibility subsystem’s kernel allows for the execution of Linux applications on Windows operating systems through the Windows Subsystem for Linux (WSL2). This enables attackers to gain increased privileges.

The vulnerability of the compatibility subsystem’s kernel for running Linux applications, as provided by Windows Subsystem for Linux WSL2 on Windows operating systems, is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.3AI score0.00473EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/19 12:0 a.m.10 views

The vulnerability of the xrdp_mm_chan_data_in() function on the XRDP server allows a hacker to execute arbitrary code.

The vulnerability of the xrdpmmchandatain function on the XRDP server is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.6AI score0.00847EPSS
Exploits0References12Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/12/19 12:0 a.m.10 views

The vulnerability of the xrdp_caps_process_confirm_active() function on the XRDP server allows a perpetrator to gain unauthorized access to protected information or cause service failures.

The vulnerability of the xrdpcapsprocessconfirm-active function on the XRDP server is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information or cause servic...

9.4CVSS7.4AI score0.00729EPSS
Exploits0References12Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/12/19 12:0 a.m.10 views

The vulnerability of the Windows Terminal emulator for operating systems, which allows a hacker to execute arbitrary code.

The vulnerability of the Windows Terminal emulator for operating systems is related to insufficient checking of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

7.8CVSS7.8AI score0.01365EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/19 12:0 a.m.10 views

The vulnerability of the RecordType parameter in the web interface of the POWER METER SICAM Q100 software allows a hacker to disable the device (with subsequent automatic reboot) or execute arbitrary code.

The vulnerability of the RecordType parameter in the web interface of the POWER METER SICAM Q100 measurement software is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to disable the device remotely, causing it to shut down automatically, or execut...

9CVSS7.1AI score0.01355EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/19 12:0 a.m.10 views

The vulnerability of the Blink Frames component in the Google Chrome browser allows a hacker to execute arbitrary code.

The vulnerability of the Blink Frames component in Google Chrome browser relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS8AI score0.00651EPSS
Exploits0References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/12/19 12:0 a.m.10 views

The vulnerability of the Citrix ADC application delivery controller (formerly Citrix NetScaler Application Delivery Controller) and the Citrix Gateway access control system (formerly Citrix NetScaler Gateway) allows a perpetrator to execute arbitrary code.

The vulnerability of the Citrix ADC application delivery controller formerly Citrix NetScaler Application Delivery Controller and the Citrix Gateway access control system formerly Citrix NetScaler Gateway is related to insufficient resource control during its existence. Exploiting this...

10CVSS8.5AI score0.06931EPSS
Exploits1References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/12/14 12:0 a.m.10 views

The vulnerability of the xrdp_mm_trans_process_drdynvc_channel_open function on the XRDP server allows a hacker to gain access to a remote machine.

The vulnerability of the xrdpmmtransprocessdrdynvcchannelopen function in the XRDP server is related to the ability to write data beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to gain access to the remote machine...

10CVSS7.4AI score0.00799EPSS
Exploits0References10Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/12/12 12:0 a.m.10 views

The vulnerability of the control panel interface of the FortiADC application allows attackers to execute cross-site scripting attacks.

The vulnerability of the FortiADC application delivery controller interface exists because measures are not taken to protect the structure of the web page during its creation. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created ...

9CVSS5.6AI score0.00448EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/07 12:0 a.m.10 views

The vulnerability of the Windows operating system’s Web Account Manager allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Windows operating system’s Web Account Manager is related to insufficient protection of operational data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

7.8CVSS7.6AI score0.01683EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/12/07 12:0 a.m.10 views

The vulnerability of the Windows Server operating system allows attackers to increase their privileges.

The vulnerability of the Windows Server operating system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

9CVSS8AI score0.0204EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/12/05 12:0 a.m.10 views

The vulnerability of the embedded software of the NETGEAR R7000P router, related to buffer overflow vulnerabilities, allows a hacker to execute arbitrary code.

The vulnerability of the embedded software of the NETGEAR R7000P router is related to buffer overflow errors. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code through the openvpnserverip parameter...

10CVSS8.5AI score0.00967EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/02 12:0 a.m.10 views

The vulnerability of the command interpreter in Moxa EDR-810, EDR-G902, EDR-G903, TN-4900, and TN-5916 router microprogramming devices allows attackers to execute arbitrary code.

The vulnerability of the command interpreter in Moxa EDR-810, EDR-G902, EDR-G903, TN-4900, and TN-5916 microprogrammed service routers stems from errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted HTTP/HTT...

10CVSS6AI score
Exploits0References1Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/11/23 12:0 a.m.10 views

The vulnerability of the file system driver of Windows operating systems allows a hacker to execute arbitrary code with system privileges.

The vulnerability of the file system driver of Windows operating systems is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code with system privileges...

7.8CVSS8.1AI score0.23818EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/11/23 12:0 a.m.10 views

The vulnerability of the iControl SOAP interface for access control and remote authentication in BIG-IP and server software, BIG-IQ Centralized Management, allows a perpetrator to execute arbitrary commands with elevated privileges.

The vulnerability of the iControl SOAP interface for access control and remote authentication in BIG-IP and server software, BIG-IQ Centralized Management, is related to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands...

10CVSS8.2AI score0.87987EPSS
Exploits7References2Affected Software11
BDU FSTEC
BDU FSTEC
added 2022/11/23 12:0 a.m.10 views

The vulnerability of the svg_parse_preserveaspectratio() function in the SVG Parser component of the GPAC multimedia platform allows a attacker to trigger a service failure.

The vulnerability of the svgparsepreserveaspectratio function in the SVG Parser component of the GPAC multimedia platform is related to improper cleaning or release of resources. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS7AI score0.00937EPSS
Exploits0References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/11/23 12:0 a.m.10 views

The vulnerability of Websoft HCM’s automation software for HR processes lies in the redirection of URLs to unreliable websites, allowing attackers to redirect users to arbitrary URL addresses.

The vulnerability of Websoft HCM’s automation software for HR processes involves the redirection of URLs to an unreliable website. Exploiting this vulnerability allows a malicious actor to remotely redirect users to any given URL address...

7.6CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/11/23 12:0 a.m.10 views

The vulnerability of Websoft HCM’s automation software for HR processes lies in its ability to download files of a dangerous type without limitation, allowing an attacker to execute arbitrary code.

The vulnerability of Websoft HCM’s automation software for HR processes is related to the unlimited loading of dangerous files. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS5.9AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/11/22 12:0 a.m.10 views

The vulnerability of the cross-platform software development framework Qt, related to resource management errors, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the cross-platform software development framework Qt is related to resource management errors. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity, and cause service failures through a specially created web page...

9.8CVSS5.5AI score0.05951EPSS
Exploits1References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/11/22 12:0 a.m.10 views

The vulnerability of the Grub configuration file allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Grub configuration file is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity, and cause service failures...

6.6CVSS6.7AI score0.00471EPSS
Exploits0References10Affected Software7
BDU FSTEC
BDU FSTEC
added 2022/11/22 12:0 a.m.10 views

The vulnerability of the server software HAProxy, related to insufficient input data validation, allows attackers to gain access to confidential data.

The vulnerability of the server software HAProxy is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to gain access to confidential data...

7.8CVSS7.1AI score0.02319EPSS
Exploits0References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/11/21 12:0 a.m.10 views

The vulnerability of the SetSysEmailSettings() function in the web interface for managing D-Link DIR-1935 router microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the SetSysEmailSettings function in the web interface for managing D-Link DIR-1935 router microprogramming software is related to the lack of measures taken to sanitize the input data entered by the user in the input field. Exploiting this vulnerability can allow a remote...

7.7CVSS7.1AI score0.01085EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/11/21 12:0 a.m.10 views

The vulnerabilities of Microsoft Office packages, Microsoft 365 Apps for Enterprise, Microsoft SharePoint, Microsoft Excel, and Microsoft Office Web Apps Server are due to insufficient validation of input data. This allows attackers to execute arbitrary code.

The vulnerability of Microsoft Office packages, Microsoft 365 Apps for Enterprise, Microsoft SharePoint, Microsoft Excel, and Microsoft Office Web Apps Server exists due to insufficient validation of input data. Exploiting this vulnerability can allow attackers to execute arbitrary code...

7.8CVSS7.7AI score0.01133EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/11/21 12:0 a.m.10 views

The vulnerability of the SetIPv6FirewallSettings() function in the web interface for managing D-Link DIR-1935 router microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the SetIPv6FirewallSettings function in the web interface for managing D-Link DIR-1935 router microprogramming software is related to the failure to sanitize input data in the string entered by the user when processing the IPv6FirewallRule element. Exploiting this vulnerabili...

7.7CVSS7.1AI score0.0087EPSS
Exploits0References5Affected Software1
Total number of security vulnerabilities5000