Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.10 views

The vulnerability of the _rtw_init_xmit_priv function in the drivers/staging/r8188eu/core/rtw_xmit.c file of the Linux kernel allows a hacker to cause a service failure or enhance their privileges.

The vulnerability of the rtwinitxmitpriv function in the drivers/staging/r8188eu/core/rtwxmit.c file of the Linux kernel is related to a pointer dereferencing error. Exploiting this vulnerability could allow an attacker to cause a service failure or gain increased privileges...

5.5CVSS6.7AI score0.00224EPSS
Exploits0References10Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.10 views

The vulnerability of the lkdtm_ARRAY_BOUNDS function in the drivers/misc/lkdtm/bugs.c module of the Linux kernel allows a attacker to cause a system failure or gain increased privileges.

The vulnerability of the lkdtmARRAYBOUNDS function in the drivers/misc/lkdtm/bugs.c module of the Linux kernel is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause system failures or gain increased privileges...

5.5CVSS6.6AI score0.00227EPSS
Exploits0References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.10 views

The vulnerability of the APC Easy UPS Online Monitoring Software lies in its ability to allow the loading of arbitrary files, which enables a intruder to execute arbitrary code.

The vulnerability of the APC Easy UPS Online Monitoring Software relates to the ability to load any arbitrary file. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by loading any JSP file remotely...

10CVSS8.2AI score0.01071EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.10 views

The vulnerability of the EndType parameter in the web interface of the POWER METER SICAM Q100 microprogramming system allows a hacker to disable the device (with subsequent automatic reboot) or execute arbitrary code.

The vulnerability of the EndType parameter in the web interface of the POWER METER SICAM Q100 measurement software is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to disable the device remotely, causing it to shut down automatically, or execute...

9CVSS7.1AI score0.01504EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.10 views

The vulnerability of the gweb component of the Connection dispatcher, related to writing outside of the allocated memory range, allows a hacker to execute arbitrary code.

The vulnerability of the gweb component of the Connman connection controller is related to writing beyond the boundaries of a reserved memory range. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.6AI score0.02392EPSS
Exploits0References10Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.10 views

The vulnerability of the Connman connection dispatcher’s WISPR support implementation lies in the use of memory after it is freed. This allows a hacker to cause a service failure or execute arbitrary code.

The vulnerability of the Connman connection dispatcher’s WISPR support implementation lies in the use of memory after it is freed. Exploiting this vulnerability can allow a malicious actor to cause service failures or execute arbitrary code...

10CVSS7.2AI score0.0152EPSS
Exploits0References11Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/12/19 12:0 a.m.10 views

The vulnerability of the Windows Terminal emulator for operating systems, which allows a hacker to execute arbitrary code.

The vulnerability of the Windows Terminal emulator for operating systems is related to insufficient checking of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

7.8CVSS7.8AI score0.01365EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/19 12:0 a.m.10 views

The vulnerability of the RecordType parameter in the web interface of the POWER METER SICAM Q100 software allows a hacker to disable the device (with subsequent automatic reboot) or execute arbitrary code.

The vulnerability of the RecordType parameter in the web interface of the POWER METER SICAM Q100 measurement software is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to disable the device remotely, causing it to shut down automatically, or execut...

9CVSS7.1AI score0.01355EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/19 12:0 a.m.10 views

The vulnerability of the xrdp_mm_chan_data_in() function on the XRDP server allows a hacker to execute arbitrary code.

The vulnerability of the xrdpmmchandatain function on the XRDP server is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.6AI score0.00847EPSS
Exploits0References12Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/12/19 12:0 a.m.10 views

The vulnerability of the Blink Frames component in the Google Chrome browser allows a hacker to execute arbitrary code.

The vulnerability of the Blink Frames component in Google Chrome browser relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS8AI score0.00651EPSS
Exploits0References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/12/19 12:0 a.m.10 views

The vulnerability of the xrdp_caps_process_confirm_active() function on the XRDP server allows a perpetrator to gain unauthorized access to protected information or cause service failures.

The vulnerability of the xrdpcapsprocessconfirm-active function on the XRDP server is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information or cause servic...

9.4CVSS7.4AI score0.00729EPSS
Exploits0References12Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/12/19 12:0 a.m.10 views

The vulnerability of the Citrix ADC application delivery controller (formerly Citrix NetScaler Application Delivery Controller) and the Citrix Gateway access control system (formerly Citrix NetScaler Gateway) allows a perpetrator to execute arbitrary code.

The vulnerability of the Citrix ADC application delivery controller formerly Citrix NetScaler Application Delivery Controller and the Citrix Gateway access control system formerly Citrix NetScaler Gateway is related to insufficient resource control during its existence. Exploiting this...

10CVSS8.5AI score0.06931EPSS
Exploits1References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/12/19 12:0 a.m.10 views

The vulnerability of the print spooler daemon on Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the Windows Print Spooler in operating systems related to the print queue is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.8AI score0.00521EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/12/14 12:0 a.m.10 views

The vulnerability of the xrdp_mm_trans_process_drdynvc_channel_open function on the XRDP server allows a hacker to gain access to a remote machine.

The vulnerability of the xrdpmmtransprocessdrdynvcchannelopen function in the XRDP server is related to the ability to write data beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to gain access to the remote machine...

10CVSS7.4AI score0.00799EPSS
Exploits0References10Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/12/12 12:0 a.m.10 views

The vulnerability of the control panel interface of the FortiADC application allows attackers to execute cross-site scripting attacks.

The vulnerability of the FortiADC application delivery controller interface exists because measures are not taken to protect the structure of the web page during its creation. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created ...

9CVSS5.6AI score0.00448EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/07 12:0 a.m.10 views

The vulnerability of the Windows operating system’s Web Account Manager allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Windows operating system’s Web Account Manager is related to insufficient protection of operational data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

7.8CVSS7.6AI score0.01683EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/12/07 12:0 a.m.10 views

The vulnerability of the Windows Server operating system allows attackers to increase their privileges.

The vulnerability of the Windows Server operating system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

9CVSS8AI score0.0204EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/12/05 12:0 a.m.10 views

The vulnerability of the embedded software of the NETGEAR R7000P router, related to buffer overflow vulnerabilities, allows a hacker to execute arbitrary code.

The vulnerability of the embedded software of the NETGEAR R7000P router is related to buffer overflow errors. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code through the openvpnserverip parameter...

10CVSS8.5AI score0.00967EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/02 12:0 a.m.10 views

The vulnerability of the command interpreter in Moxa EDR-810, EDR-G902, EDR-G903, TN-4900, and TN-5916 router microprogramming devices allows attackers to execute arbitrary code.

The vulnerability of the command interpreter in Moxa EDR-810, EDR-G902, EDR-G903, TN-4900, and TN-5916 microprogrammed service routers stems from errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted HTTP/HTT...

10CVSS6AI score
Exploits0References1Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/11/23 12:0 a.m.10 views

The vulnerability of the file system driver of Windows operating systems allows a hacker to execute arbitrary code with system privileges.

The vulnerability of the file system driver of Windows operating systems is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code with system privileges...

7.8CVSS8.1AI score0.23818EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/11/23 12:0 a.m.10 views

The vulnerability of Websoft HCM’s automation software for HR processes lies in its ability to download files of a dangerous type without limitation, allowing an attacker to execute arbitrary code.

The vulnerability of Websoft HCM’s automation software for HR processes is related to the unlimited loading of dangerous files. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS5.9AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/11/23 12:0 a.m.10 views

The vulnerability of the svg_parse_preserveaspectratio() function in the SVG Parser component of the GPAC multimedia platform allows a attacker to trigger a service failure.

The vulnerability of the svgparsepreserveaspectratio function in the SVG Parser component of the GPAC multimedia platform is related to improper cleaning or release of resources. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS7AI score0.00937EPSS
Exploits0References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/11/23 12:0 a.m.10 views

The vulnerability of the iControl SOAP interface for access control and remote authentication in BIG-IP and server software, BIG-IQ Centralized Management, allows a perpetrator to execute arbitrary commands with elevated privileges.

The vulnerability of the iControl SOAP interface for access control and remote authentication in BIG-IP and server software, BIG-IQ Centralized Management, is related to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands...

10CVSS8.2AI score0.87987EPSS
Exploits7References2Affected Software11
BDU FSTEC
BDU FSTEC
added 2022/11/23 12:0 a.m.10 views

The vulnerability of Websoft HCM’s automation software for HR processes lies in the redirection of URLs to unreliable websites, allowing attackers to redirect users to arbitrary URL addresses.

The vulnerability of Websoft HCM’s automation software for HR processes involves the redirection of URLs to an unreliable website. Exploiting this vulnerability allows a malicious actor to remotely redirect users to any given URL address...

7.6CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/11/22 12:0 a.m.10 views

The vulnerability of the cross-platform software development framework Qt, related to resource management errors, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the cross-platform software development framework Qt is related to resource management errors. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity, and cause service failures through a specially created web page...

9.8CVSS5.5AI score0.05951EPSS
Exploits1References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/11/22 12:0 a.m.10 views

The vulnerability of the server software HAProxy, related to insufficient input data validation, allows attackers to gain access to confidential data.

The vulnerability of the server software HAProxy is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to gain access to confidential data...

7.8CVSS7.1AI score0.02319EPSS
Exploits0References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/11/22 12:0 a.m.10 views

The vulnerability of the Grub configuration file allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Grub configuration file is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity, and cause service failures...

6.6CVSS6.7AI score0.00471EPSS
Exploits0References10Affected Software7
BDU FSTEC
BDU FSTEC
added 2022/11/21 12:0 a.m.10 views

The vulnerabilities of Microsoft Office packages, Microsoft 365 Apps for Enterprise, Microsoft SharePoint, Microsoft Excel, and Microsoft Office Web Apps Server are due to insufficient validation of input data. This allows attackers to execute arbitrary code.

The vulnerability of Microsoft Office packages, Microsoft 365 Apps for Enterprise, Microsoft SharePoint, Microsoft Excel, and Microsoft Office Web Apps Server exists due to insufficient validation of input data. Exploiting this vulnerability can allow attackers to execute arbitrary code...

7.8CVSS7.7AI score0.01133EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/11/21 12:0 a.m.10 views

The vulnerability of the SetSysEmailSettings() function in the web interface for managing D-Link DIR-1935 router microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the SetSysEmailSettings function in the web interface for managing D-Link DIR-1935 router microprogramming software is related to the lack of measures taken to sanitize the input data entered by the user in the input field. Exploiting this vulnerability can allow a remote...

7.7CVSS7.1AI score0.01085EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/11/21 12:0 a.m.10 views

The vulnerability of the SetIPv6FirewallSettings() function in the web interface for managing D-Link DIR-1935 router microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the SetIPv6FirewallSettings function in the web interface for managing D-Link DIR-1935 router microprogramming software is related to the failure to sanitize input data in the string entered by the user when processing the IPv6FirewallRule element. Exploiting this vulnerabili...

7.7CVSS7.1AI score0.0087EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/11/21 12:0 a.m.10 views

The vulnerability of the Cisco Identity Services Engine (ISE) platform, related to inadequate management of system resources, allows a perpetrator to trigger a service failure.

The vulnerability of the Cisco Identity Services Engine ISE network policy management platform is related to inadequate management of system resources. Exploiting this vulnerability could allow a malicious actor to trigger a service failure through specially created RADIUS traffic...

5.3CVSS5.9AI score0.00822EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/11/21 12:0 a.m.10 views

The vulnerability of the Cisco Umbrella security cloud service control panel allows attackers to carry out cross-site scripting attacks.

The vulnerability of the Cisco Umbrella security cloud service panel exists because measures are not taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created link...

5.5CVSS5.6AI score0.00435EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/11/21 12:0 a.m.10 views

The vulnerability of the SetStaticRouteIPv4Settings() function in the web interface for managing D-Link DIR-1935 router microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the SetStaticRouteIPv4Settings function in the web interface for managing D-Link DIR-1935 router microprogramming software is related to the failure of the system to properly validate the input data entered by the user when processing the StaticRouteIPv4Data element. Exploiti...

7.7CVSS7.1AI score0.01085EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/11/21 12:0 a.m.10 views

The vulnerability of the Microsoft Visual Studio software lies in the lack of proper input data validation, which allows attackers to execute arbitrary code.

The vulnerability of the Microsoft Visual Studio software exists due to insufficient testing of input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially created file...

7.8CVSS7.8AI score0.00774EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/11/17 12:0 a.m.10 views

The vulnerability of the Windows operating system’s Group Policy Services, related to deficiencies in access control, allows a perpetrator to increase their privileges.

The vulnerability of Group Policy Services in the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

9CVSS7.5AI score0.01425EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/11/17 12:0 a.m.10 views

The vulnerability of the Microsoft DWM Core Library on Microsoft Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the Microsoft DWM Core Library on Microsoft Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.2AI score0.00609EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/11/17 12:0 a.m.10 views

The vulnerability of Grub2 operating system loaders, related to the execution of operations outside the buffer boundaries, allows attackers to execute arbitrary code.

The vulnerability of Grub2 operating system loaders is related to the issue where operations occur outside of the buffer in memory when rendering certain Unicode sequences using a specially crafted font. Exploiting this vulnerability allows an attacker to execute arbitrary code...

6.3CVSS7.7AI score0.00872EPSS
Exploits0References16Affected Software9
BDU FSTEC
BDU FSTEC
added 2022/11/17 12:0 a.m.10 views

The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) management platform allows a attacker to perform a CSRF attack.

The vulnerability in the web interface of the Cisco Identity Services Engine ISE management platform relates to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to execute a CSRF attack using a specially created web page...

10CVSS7.4AI score0.00408EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/11/16 12:0 a.m.10 views

The vulnerability of the RTSP-based microprogramming software for IP cameras such as VPort P16-1MP-M12, VPort P16-1MP-M12-IR, and VPort P06-1MP-M12 allows a intruder to cause a service failure.

The vulnerability of the RTSP microprogramming software-based IP camera models VPort P16-1MP-M12, VPort P16-1MP-M12-IR, and VPort P06-1MP-M12 lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to cause a service failur...

7.8CVSS5.5AI score
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/11/16 12:0 a.m.10 views

The vulnerability of the RTSP-based microprogramming software for IP cameras such as VPort P16-1MP-M12, VPort P16-1MP-M12-IR, and VPort P06-1MP-M12 allows a intruder to cause a service failure.

The vulnerability of the RTSP microprogramming software-based IP camera models VPort P16-1MP-M12, VPort P16-1MP-M12-IR, and VPort P06-1MP-M12 lies in the use of uncontrolled format strings. Exploiting this vulnerability could allow a malicious actor to cause service failure...

7.8CVSS5.5AI score
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/11/15 12:0 a.m.10 views

The vulnerability in the web interface for controlling the Cisco AsyncOS operating system of the Cisco Email Security Appliance, as well as in the Cisco Secure Email and Web Manager, allows a perpetrator to execute arbitrary SQL queries.

The vulnerability in the web interface for controlling the Cisco AsyncOS operating system of the Cisco Email Security Appliance ESA and the Cisco Secure Email and Web Manager devices relates to the lack of protection for the SQL query structure. Exploiting this vulnerability allows a malicious...

8.5CVSS7AI score0.0075EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/11/15 12:0 a.m.10 views

Vulnerability of the Windows Graphics component in Microsoft Windows operating systems, allowing a hacker to execute arbitrary code

The vulnerability of the Windows Graphics component in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created malicious file...

7.8CVSS7.7AI score0.00804EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/11/11 12:0 a.m.10 views

The vulnerability in the BmffImage::boxHandler function of the bmffimage.cpp file in the library and command-line utilities for managing image metadata in Exiv2 allows a attacker to perform a denial-of-service attack.

The vulnerability of the BmffImage::boxHandler function in the bmffimage.cpp file of the Exiv2 image metadata management command-line utility is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to trigger a...

10CVSS6.9AI score
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/11/11 12:0 a.m.10 views

The vulnerability in the `QuickTimeVideo::decodeBlock` function of the `quicktimevideo.cpp` file in the library and command-line utilities for managing image metadata from Exiv2 allows a hacker to execute arbitrary code.

The vulnerability in the QuickTimeVideo::decodeBlock function of the quicktimevideo.cpp file in the library and command-line utilities for managing image metadata with Exiv2 is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a remo...

10CVSS8.3AI score
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/11/09 12:0 a.m.10 views

The vulnerability in the implementation of the Point to Point Tunneling Protocol (PPTP) network protocol in the Microsoft Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the Point to Point Tunneling Protocol PPTP network protocol implementation in the Microsoft Windows operating system is related to synchronization errors when using a shared resource. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.1CVSS8.1AI score0.01057EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/11/07 12:0 a.m.10 views

The vulnerability of the PJMEDIA RTP decoder and the PJMEDIA SDP parser of the multimedia communication library PJSIP allows a perpetrator to execute arbitrary code.

The vulnerability of the PJMEDIA RTP decoder and the PJMEDIA SDP parser, which are part of the PJSIP multimedia communication library, stems from the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.1AI score0.01084EPSS
Exploits0References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/11/03 12:0 a.m.10 views

The vulnerability of the chart.js component in the IBM Data Risk Manager application, which is designed for identifying, analyzing, and visualizing business risks. This vulnerability allows a malicious actor to execute arbitrary code.

The vulnerability of the chart.js component in the IBM Data Risk Manager application, which is used for identifying, analyzing, and visualizing business risks, stems from insufficient control over the modification of dynamically defined object properties. Exploiting this vulnerability could allow...

7.8CVSS7.7AI score0.04678EPSS
Exploits1References8Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/10/28 12:0 a.m.10 views

The vulnerability of the Media components in Google Chrome and Microsoft Edge allows a hacker to execute arbitrary code.

The vulnerability of the Media component in Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created web page from a remote location...

10CVSS8.2AI score0.0055EPSS
Exploits0References10Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/10/28 12:0 a.m.10 views

The vulnerability of the Samba networking communication package, related to errors in processing symbolic links, allows a hacker to gain access to the server’s file system.

The vulnerability of the Samba networking communication package is related to errors in processing symbolic links. Exploiting this vulnerability can allow a remote attacker to gain access to the server’s file system...

5.5CVSS6.3AI score0.02431EPSS
Exploits0References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/10/24 12:0 a.m.10 views

Vulnerability of the Shell component: The Core Client for command-line and code editor, Oracle MySQL Shell, allows an attacker to gain access to read, modify, add, or delete data.

The vulnerability of the Shell component: The Core Client for command-line input and the Oracle MySQL Shell code editor have vulnerabilities due to insufficient validation of input data. Exploiting these vulnerabilities can allow attackers to gain read, modify, add, or delete data permissions...

3.9CVSS6.5AI score0.0042EPSS
Exploits0References3Affected Software1
Total number of security vulnerabilities5000