Lucene search
K
Bdu FstecMost viewed

90604 matches found

BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.10 views

The vulnerability in the implementation of IPSec protocols on the SonicOS operating system allows a attacker to trigger a Denial-of-Service attack (DoS) or execute arbitrary code.

The vulnerability of the implementation of IPSec protocols on the SonicOS operating system is related to a numerical overflow condition. Exploiting this vulnerability allows a malicious actor to trigger a Denial-of-Service attack or execute arbitrary code by sending a specially crafted IKEv2...

5.3CVSS6.3AI score0.00786EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/08 12:0 a.m.10 views

The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom; the software for modeling and analyzing 3D models in Autodesk Navisworks Simulate; and the software for analyzing, coordinating, and verifying 3D models and project data in Autodesk Navisworks Manage. This allows a malicious individual to cause service interruptions or execute arbitrary code.

The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom, as well as the software for modeling, analyzing, and coordinating 3D models and project data in Autodesk Navisworks Manage, is related to a buffer overflow in the dynamic...

7.8CVSS7.9AI score0.00329EPSS
Exploits0References4Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/01/08 12:0 a.m.10 views

The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom; the software for modeling and analyzing 3D models in Autodesk Navisworks Simulate; and the software for analyzing, coordinating, and verifying 3D models and project data in Autodesk Navisworks Manage. This allows a malicious individual to cause service interruptions or execute arbitrary code.

The vulnerability of the DWFX software for viewing 3D models and project documents, as well as the software for modeling and analysis of 3D models Autodesk Navisworks Freedom, the software for analyzing, coordinating, and verifying 3D models and project data Autodesk Navisworks Manage, is related...

7.8CVSS7.9AI score0.00468EPSS
Exploits0References4Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/01/06 12:0 a.m.10 views

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

5.5CVSS5.9AI score0.00737EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/06 12:0 a.m.10 views

The vulnerability of the sec_pkcs7_decoder_start_decrypt() function in Mozilla Firefox and Thunderbird email client allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the secpkcs7decoderstartdecrypt function in Mozilla Firefox and Thunderbird’s email client is related to the reallocation of memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

10CVSS6.4AI score0.00919EPSS
Exploits0References15Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/01/06 12:0 a.m.10 views

The vulnerability of the Kubernetes cluster management system for running cloud applications across multiple Karmada clusters, related to incorrect privilege assignment, allows a hacker to elevate their privileges.

The vulnerability of the Kubernetes cluster management system for running cloud applications across multiple Karmada clusters is related to the improper assignment of privileges. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

9CVSS5.4AI score0.00485EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/31 12:0 a.m.10 views

The vulnerability of the btree_iter function in the bcache component of the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the btreeiter function in the bcache component of the Linux operating system’s kernel is related to the unlimited distribution of resources. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.00232EPSS
Exploits0References35Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/12/28 12:0 a.m.10 views

The vulnerability of the Nix packet manager in Unix operating systems arises from improper restrictions on the path name of the restricted access directory. This allows a malicious user to re-record any files in the system.

The vulnerability of the Nix packet manager in Unix operating systems is related to an improper limitation on the path name of the restricted access directory. Exploiting this vulnerability allows a remote attacker to re-record any files in the system...

9CVSS5.5AI score0.00566EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/28 12:0 a.m.10 views

The vulnerability of the Microsoft Dynamics 365 Business Central software for small and medium-sized businesses stems from deficiencies in the authentication process, which allows unauthorized users to elevate their privileges.

The vulnerability of the Microsoft Dynamics 365 Business Central software for small and medium-sized businesses is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to gain increased privileges remotely...

8.5CVSS5.4AI score0.00714EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/12/28 12:0 a.m.10 views

The vulnerability of the mechanism for detecting network traffic analysis tools, network detection, and response by the Cortex XDR Agent on Windows operating systems allows attackers to trigger service failures or execute arbitrary code.

The vulnerability of the mechanism for detecting network traffic analysis tools, network detection, and response by the Cortex XDR Agent on Windows operating systems is related to discrepancies in functionality according to the specifications. Exploiting this vulnerability can allow attackers to...

6CVSS5.8AI score0.00188EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/27 12:0 a.m.10 views

The vulnerability of the `__lpass_get_dmactl_handle` function in the qcom component of the Linux operating system allows a hacker to induce a service failure.

The vulnerability of the lpassgetdmactlhandle function in the qcom component of the Linux operating system is related to the use of an uninitialized pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

6.2CVSS5.9AI score0.00234EPSS
Exploits0References12Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/12/27 12:0 a.m.10 views

The vulnerability of the `__bch2_ioctl_subvolume_create()` function in the `fs/bcachefs/fs-ioctl.c` module of the bcachefs component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the bch2ioctlsubvolumecreate function in the fs/bcachefs/fs-ioctl.c module of the bcachefs component of the Linux operating system is related to a crash due to repeated resource blocking. Exploiting this vulnerability could allow an attacker to cause service failures...

5.5CVSS5.9AI score0.00148EPSS
Exploits0References10Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/27 12:0 a.m.10 views

The vulnerability of the Webmin CGI request handler allows a hacker to execute arbitrary code with root privileges.

The vulnerability of the Webmin CGI request handler relates to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with root privileges remotely...

9.9CVSS8.5AI score0.32018EPSS
Exploits0References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/27 12:0 a.m.10 views

The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena lies in the possibility of writing beyond buffer boundaries during the processing of DOE files. This allows a hacker to execute arbitrary code.

The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena lies in the issue of writing beyond buffer boundaries during the processing of DOE files. Exploiting this vulnerability allows attackers to execute arbitrary code by loading a specially crafted...

7.8CVSS6.2AI score0.00226EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/27 12:0 a.m.10 views

The vulnerability of Adobe InDesign’s computer layout automation tool, related to memory-walking attacks, allows attackers to bypass ASLR protection and disclose the protected information.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to memory-walking attacks. Exploiting this vulnerability can allow attackers to bypass ASLR protection and disclose the protected information...

5.5CVSS5.5AI score0.00322EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/27 12:0 a.m.10 views

The vulnerability of the iommufd_access_change_ioas() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the iommufdaccesschangeioas function in the Linux operating system is related to the copying of buffers without checking the input data. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.6AI score0.00227EPSS
Exploits0References12Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/12/27 12:0 a.m.10 views

The vulnerability of the Substance 3D Painter software for creating textures and materials for 3D models allows a hacker to trigger a service failure. This vulnerability is related to errors in pointer assignment.

The vulnerability of the Substance 3D Painter software for creating textures and materials for 3D models is related to pointer assignment errors. Exploiting this vulnerability can allow attackers to cause service failures...

5.5CVSS5.5AI score0.00362EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/27 12:0 a.m.10 views

The vulnerability in the module net/vmw_vsock/virtio_transport_common.c of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability in the module net/vmwvsock/virtiotransportcommon.c of the Linux operating system is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...

7.8CVSS6.6AI score0.00352EPSS
Exploits1References54Affected Software8
BDU FSTEC
BDU FSTEC
added 2024/12/26 12:0 a.m.10 views

The vulnerability of the Fortinet FortiClient Enterprise Management Server (EMS) and the FortiClient EMS Cloud cloud storage service lies in the lack of data cleaning measures at the management level. This allows attackers to execute arbitrary code.

The vulnerability of the Fortinet FortiClient Enterprise Management Server EMS and the FortiClient EMS Cloud cloud storage service is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.5CVSS5.9AI score0.01287EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/12/26 12:0 a.m.10 views

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the execution of operations beyond the buffer in memory when processing WRL files. Exploiting this vulnerability could allow an attacker to...

7.8CVSS6.3AI score0.00237EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/12/25 12:0 a.m.10 views

The vulnerability of the PDF document viewing program Foxit PDF Reader (formerly Foxit Reader) and the PDF file editing program Foxit PDF Editor (formerly Foxit PhantomPDF) is related to a bug in pointer handling after memory release, allowing an attacker to execute arbitrary code.

The vulnerability of the PDF document viewing program Foxit PDF Reader formerly Foxit Reader and the PDF file editing program Foxit PDF Editor formerly Foxit PhantomPDF is related to a bug in the handling of pointers after memory release during the processing of AcroForm objects. Exploiting this...

7.8CVSS7.6AI score0.00914EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/12/25 12:0 a.m.10 views

The vulnerabilities of the components of Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK, and the Oracle Java SE software platform allow attackers to gain unauthorized access to protected information.

The vulnerability of the components of Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK, and the Oracle Java SE software platform lies in the insecure storage of confidential information. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access...

3.7CVSS6.5AI score0.00651EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/12/23 12:0 a.m.10 views

The vulnerability in the Profile Name field of the software for monitoring, managing, and configuring VigorAP access points and VigorSwitches in the DrayTek VigorConnect local network allows a attacker to perform XSS attacks.

The vulnerability of the Profile Name field in software for monitoring, managing, and configuring VigorAP access points and VigorSwitches in the DrayTek VigorConnect local network is related to the lack of security measures taken to protect the website structure. Exploiting this vulnerability cou...

5.5CVSS5.8AI score0.00551EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/23 12:0 a.m.10 views

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

5.5CVSS5.9AI score0.00487EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/20 12:0 a.m.10 views

The vulnerability of the Linux operating system’s kernel’s ipv6 component, which allows a hacker to trigger a service failure

The vulnerability of the ipv6 component in the Linux operating system’s kernel is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

4.7CVSS6.4AI score0.0027EPSS
Exploits0References45Affected Software6
BDU FSTEC
BDU FSTEC
added 2024/12/20 12:0 a.m.10 views

The vulnerability of the operating system for managing Synology Router Manager allows for cross-site scripting attacks, as a lack of security measures has been taken to protect the website structure. This vulnerability enables attackers to carry out cross-site scripting attacks.

The vulnerability of the Synology Router Manager operating system for managing network devices is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

6.5CVSS5.2AI score0.0026EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/19 12:0 a.m.10 views

The vulnerability of the formSetPortMapping function in the Tenda G3 wireless access point’s microprogramming software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the formSetPortMapping function in the Tenda G3 wireless access point’s microprogramming software lies in the fact that the operation exceeds the buffer boundaries in memory when processing parameters such as pPortMapIndex, pLanIP, pProtocl, and pWanid. Exploiting this...

9CVSS6.3AI score0.00531EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.10 views

The vulnerability of the WhatsUp Gold network infrastructure monitoring system, related to errors when using privileged application programming interfaces (APIs), allows a hacker to execute arbitrary code.

The vulnerability of the WhatsUp Gold network infrastructure monitoring system is related to errors when privileged application programming interfaces APIs are used. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

10CVSS8.4AI score0.09741EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.10 views

The vulnerability of the application development environment and the Angular single-page application platform, related to improper code generation management, allows attackers to execute arbitrary code.

The vulnerability of the application development environment and the Angular single-page application platform is related to improper code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.4AI score0.02257EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.10 views

The vulnerability of the Adobe Animate software for creating multimedia and computer animations lies in insufficient validation of input data, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Animate program for creating multimedia and computer animations is related to insufficient testing of input data. Exploiting this vulnerability can allow attackers to execute arbitrary code...

7.8CVSS5.8AI score0.00426EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.10 views

The vulnerability of the Wireless Wide Area Network Service (WwanSvc) in Microsoft Windows operating systems allows a hacker to increase their privileges.

The vulnerability of the Wireless Wide Area Network Service WwanSvc in Microsoft Windows operating systems is related to operations that go beyond the buffer limits in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

6.8CVSS5.7AI score0.00812EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.10 views

The vulnerability of the IPerf3 network bandwidth measurement tool lies in the improper handling of test parameters sent to the server in JSON format. This allows a hacker to cause a service failure.

The vulnerability of the IPerf3 network bandwidth measurement tool is related to the improper processing of testing parameters sent to the server in JSON format. Exploiting this vulnerability can allow a remote attacker to cause service failures...

7.8CVSS6.6AI score0.00908EPSS
Exploits1References8Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.10 views

The vulnerability of Remote Desktop Services (RDS) for Windows operating systems allows a hacker to trigger a service failure.

The vulnerability of Remote Desktop Services RDS for Windows operating systems is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions from a remote location...

7.8CVSS5.5AI score0.02587EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/12/13 12:0 a.m.10 views

The vulnerability of the Naumen Service Management Platform’s portal for automating business processes is related to the lack of measures taken to protect the website structure, allowing attackers to carry out XSS attacks.

The vulnerability of the Naumen Service Management Platform Naumen SMP Portal lies in the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks...

8CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/12 12:0 a.m.10 views

The vulnerability of the web console of the automation process management tool for IT services, Ivanti Cloud Services Appliance, allows a perpetrator to execute arbitrary code.

The vulnerability of the web console of the Ivanti Cloud Services Appliance, which is used for automating IT service management processes, stems from the lack of data cleansing measures at the management level. Exploiting this vulnerability allows a malicious actor to execute arbitrary code...

9.1CVSS8.4AI score0.07703EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/12 12:0 a.m.10 views

The vulnerability of the Remote Desktop Client for Windows operating systems, related to access control deficiencies, allows a perpetrator to execute arbitrary code.

The vulnerability of the Remote Desktop Client on Windows operating systems is related to lack of access control mechanisms. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

9CVSS8.4AI score0.01507EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/12/12 12:0 a.m.10 views

The vulnerability of the Wireless Wide Area Network Service (WwanSvc) in Microsoft Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Wireless Wide Area Network Service WwanSvc in Microsoft Windows operating systems is related to operations that go beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

4.6CVSS5.7AI score0.00989EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/12/05 12:0 a.m.10 views

The vulnerability of the authentication mechanism of the XRDP remote access tool, which allows a intruder to gain unauthorized access

The vulnerability of the XRDP remote access authentication mechanism is related to deficiencies in the retry limit for authentication attempts, which is controlled by the MaxLoginRetry parameter set in the configuration file /etc/xrdp/sesman.ini. Exploiting this vulnerability allows a malicious...

10CVSS7.1AI score0.00602EPSS
Exploits0References10Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/12/05 12:0 a.m.10 views

The vulnerability of the bfa component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the bfa component in the Linux operating system’s kernel is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS7.1AI score0.00265EPSS
Exploits0References50Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/12/05 12:0 a.m.10 views

The vulnerability of the Puppet infrastructure automation tool and its startup application, Puppet Agent, relates to the insecure transfer of credentials. This allows a malicious individual to access confidential information.

The vulnerability of the Puppet infrastructure automation tool and its startup application, Puppet Agent, is related to the insecure transfer of credentials. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to confidential information...

10CVSS7.7AI score0.01328EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/12/04 12:0 a.m.10 views

The vulnerability of the swiotlb component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the swiotlb component in the Linux operating system’s kernel is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.3AI score0.00227EPSS
Exploits0References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/12/04 12:0 a.m.10 views

The vulnerability of the management software for Keycloak’s identification and access controls is related to the use of pre-set user accounts. This allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the Keycloak identity and access management software relates to the use of pre-set user credentials. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

5.9CVSS5.5AI score0.00937EPSS
Exploits0References9Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/12/03 12:0 a.m.10 views

The vulnerabilities of the disable_show() and disable_store() functions in the Linux kernel USB driver allow attackers to compromise the integrity and accessibility of protected information.

The vulnerability of the disableshow and disablestrore functions in the drivers/usb/core/port.c file of the Linux kernel’s USB driver is related to the use of a zero pointer. Exploiting this vulnerability could allow an attacker to compromise the integrity and accessibility of the protected...

9.4CVSS6.7AI score0.00923EPSS
Exploits0References25Affected Software7
BDU FSTEC
BDU FSTEC
added 2024/12/03 12:0 a.m.10 views

The vulnerability of the microprogrammed software of industrial routers Billion M100, Billion M150, Billion M120N, and Billion M500, related to the storage of passwords in an open manner, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the microprogrammed software of industrial routers Billion M100, Billion M150, Billion M120N, and Billion M500 is related to the storage of passwords in an open manner. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access ...

9CVSS7.2AI score0.00608EPSS
Exploits0References5Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/12/03 12:0 a.m.10 views

The vulnerability of the microprogrammed software of industrial routers Billion M100, Billion M150, Billion M120N, and Billion M500 lies in the absence of authentication for a critical function. This allows attackers to circumvent security restrictions, gain unauthorized access to protected information, or cause service failures.

The vulnerability of the microprogrammed software in industrial routers such as Billion M100, Billion M150, Billion M120N, and Billion M500 is related to the absence of authentication for a critical function. Exploiting this vulnerability can allow an attacker, operating remotely, to circumvent...

9CVSS7.2AI score0.00463EPSS
Exploits0References5Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/12/02 12:0 a.m.10 views

Vulnerability of spam protection modules: The Spam Protection, AntiSpam, and FireWall plugins for WordPress website content management systems are vulnerable due to deficiencies in authentication procedures, allowing attackers to execute arbitrary code.

The vulnerability of Spam protection, AntiSpam, and FireWall modules in the CleanTalk plugin for WordPress website content management systems is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS8.5AI score0.15236EPSS
Exploits1References4Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/12/02 12:0 a.m.10 views

The vulnerability of DRM/AMD components in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of DRM/AMDKFD components in Linux kernel relates to read misses beyond the boundary. Exploiting this vulnerability can allow an attacker to cause service failures...

6.6CVSS6.5AI score0.00244EPSS
Exploits0References26Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/11/29 12:0 a.m.10 views

The vulnerability of the monitoring tool for VMware Aria Operations, related to the lack of protective measures for the website structure, allows attackers to execute cross-site scripting attacks (XSS).

The vulnerability of the monitoring tool for VMware Aria Operations is related to the lack of protective measures for the website structure. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks XSS remotely...

8CVSS7.5AI score0.00408EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/27 12:0 a.m.10 views

The vulnerability of the isofs component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the isofs component in the Linux operating system’s kernel is related to reading data beyond the allowed range in memory for the isofsread inode function. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.9AI score0.00234EPSS
Exploits0References24Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.10 views

The vulnerability of the file conversion tools between different formats—PS/IGES Parasolid Translator and the simulation modeling application Simcenter Femap—allows a perpetrator to execute arbitrary code.

The vulnerability of the file conversion tools between different formats, such as PS/IGES Parasolid Translator and the simulation application Simcenter Femap, is related to reading data beyond the acceptable range in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary...

7.8CVSS7.6AI score0.0039EPSS
Exploits0References5Affected Software2
Total number of security vulnerabilities5000