Lucene search
K
Bdu FstecMost viewed

90604 matches found

BDU FSTEC
BDU FSTEC
added 2024/01/24 12:0 a.m.10 views

The vulnerability of the Python library for interacting with git repositories, GitPython, is related to the use of an insecure search path, allowing attackers to execute arbitrary code with elevated privileges.

The vulnerability of the Python library for interacting with git repositories, GitPython, is related to the use of an unreliable search path. Exploiting this vulnerability allows a attacker to execute arbitrary code with elevated privileges using a specially created binary file...

7.8CVSS7.6AI score0.00316EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/01/24 12:0 a.m.10 views

The vulnerability of the JavaFX component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows attackers to compromise the integrity of protected information.

The vulnerability of the JavaFX component of Oracle Java SE and the Oracle GraalVM Enterprise Edition platform exists due to insufficient testing of input data. Exploiting this vulnerability can allow an attacker to compromise the integrity of protected information...

3.1CVSS6.5AI score0.00553EPSS
Exploits0References6Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/01/18 12:0 a.m.10 views

The vulnerability of the prog.cgi component in D-Link DIR-X3260 Wi-Fi routers allows a hacker to execute arbitrary code.

The vulnerability of the prog.cgi component in D-Link DIR-X3260 Wi-Fi routers involves reading data outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.2CVSS7.3AI score0.01126EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/01/17 12:0 a.m.10 views

The vulnerability of Fanuc i Series CNC control systems’ microprogrammed software, related to uncontrolled resource consumption, allows attackers to cause malfunctions during maintenance operations.

The vulnerability of Fanuc i Series CNC control systems’ microprogramming software is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause malfunctions in the system...

5.3CVSS5.6AI score0.01949EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/01/17 12:0 a.m.10 views

The vulnerability of the WLAvalancheService service in the Avalanche device management system allows a hacker to execute arbitrary code.

The vulnerability of the WLAvalancheService service in the mobile device management system of Avalanche is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.3AI score0.11337EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/01/17 12:0 a.m.10 views

The vulnerability of the Google Chrome browser’s Extensions allows a malicious actor to install a malicious extension and gain access to read files.

The vulnerability of the Google Chrome browser’s Extensions exists due to insufficient validation of input data. Exploiting this vulnerability allows attackers to deploy malicious extensions and gain access to files by using a specially crafted HTML page...

7.5CVSS5.9AI score0.00429EPSS
Exploits0References11Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/01/15 12:0 a.m.10 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab arises from insufficient verification of data authenticity. This allows a malicious actor to alter the metadata of signed commits.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to insufficient verification of data authenticity. Exploiting this vulnerability could allow a malicious actor, operating remotely, to modify the metadata of signed commits...

7.5CVSS6AI score0.00384EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/01/15 12:0 a.m.10 views

The vulnerability of the MICROprogramming software for the SIMATIC CN 4100 communication gateway, which stems from insufficient validation of input data, allows a intruder to alter the IP configuration and trigger a service failure.

The vulnerability of the SIMATIC CN 4100 communication gateway’s microprogramming software is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to alter the IP configuration and cause service failures...

7.8CVSS7.2AI score0.00567EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/01/12 12:0 a.m.10 views

The compatibility subsystem for running Linux applications allows Windows Subsystem for Linux (WSL) operating systems, enabling attackers to enhance their privileges.

The vulnerability of the compatibility subsystem for running Linux applications in Windows Subsystem for Linux WSL operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.3AI score0.007EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/01/11 12:0 a.m.10 views

The vulnerability of Adobe Experience Manager’s content and media data management system, related to the lack of measures taken to protect the website structure, allows attackers to execute XSS attacks.

The vulnerability of the Adobe Experience Manager content and media data management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks...

5.5CVSS5.9AI score0.00597EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/01/11 12:0 a.m.10 views

The vulnerability of the MySQL software component used for managing power supply sources in Voltronic Power View. This allows a hacker to elevate their privileges to the level of an administrator.

The vulnerability of the MySQL component in the software for managing power sources in Voltronic Power ViewPower Pro lies in the use of rigidly encoded credentials. Exploiting this vulnerability could allow an attacker to elevate their privileges to the level of an administrator...

7.8CVSS7.2AI score0.00234EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/01/11 12:0 a.m.10 views

The vulnerability of the selectEventConfig method in the software for managing power sources of Voltronic Power ViewPower Pro allows a hacker to execute arbitrary SQL code.

The vulnerability of the selectEventConfig method in the software for managing power supply sources of Voltronic Power ViewPower Pro relates to the lack of measures taken to protect the SQL query structure when data cleaning is insufficient. Exploiting this vulnerability could allow an attacker...

10CVSS8.2AI score0.01331EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/01/06 12:0 a.m.10 views

The vulnerability of Adobe Experience Manager’s content and media data management system, related to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.

The vulnerability of the Adobe Experience Manager content and media data management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks...

5.5CVSS5.9AI score0.00597EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/27 12:0 a.m.10 views

The vulnerability of the programming software for PLCs (programmable logic controllers), namely the Saia PG5 Controls Suite, arises from incorrect restrictions on XML references to external objects. This vulnerability allows attackers to gain unauthorized access to protected information.

The vulnerability of the programming software for PLCs programmable logic controllers, Saia PG5 Controls Suite, is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

5.5CVSS5.9AI score0.00784EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/12/25 12:0 a.m.10 views

The vulnerability of the sms_decode_address_field() function in the OFono mobile phone stack allows a hacker to execute arbitrary code.

The vulnerability of the smsdecodeaddressfield function in the OFono mobile phone stack is related to the execution of operations outside the buffer in memory when sending SMS messages in PDU format. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

8.1CVSS8.2AI score0.01006EPSS
Exploits0References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/12/21 12:0 a.m.10 views

The vulnerability of the Sunshine Photo Cart plugin of the WordPress content management system allows a hacker to execute XSS attacks.

The vulnerability of the Sunshine Photo Cart plugin of the WordPress content management system is related to the lack of measures taken to protect the website’s structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks...

6.4CVSS6.3AI score0.00902EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/21 12:0 a.m.10 views

The vulnerability of the application access control library in the SAP XS Advanced sap-xssec development, integration, and application extension platform in the SAP Business Technology Platform (BTP) environment is related to insecure management of privileges. This allows attackers to escalate their privileges.

The vulnerability of the application access control library in the SAP XS Advanced sap-xssec development, integration, and application extension platform in the SAP Business Technology Platform BTP environment is related to insecure management of privileges. Exploiting this vulnerability can allo...

9.4CVSS7.7AI score0.01109EPSS
Exploits0References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/21 12:0 a.m.10 views

The vulnerability of the Static Handler component of the web framework used to create scalable and high-performance web applications, Echo, allows a attacker to perform an SSRF attack.

The vulnerability of the Static Handler component of the web framework used to create scalable and high-performance web applications, Echo, involves redirecting URLs to an unreliable website. Exploiting this vulnerability can enable a remote attacker to perform an SSRF attack...

10CVSS7.8AI score0.02333EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/21 12:0 a.m.10 views

The vulnerability of the get_set.ccp file in the web interface for controlling the wireless router TRENDnet TEW-652BRP allows a hacker to execute arbitrary code.

The vulnerability of the getset.ccp file in the web interface for controlling the wireless router TRENDnet TEW-652BRP is related to the lack of data cleaning measures at the control level. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS8AI score0.03853EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/19 12:0 a.m.10 views

The vulnerability of FortiWeb web applications’ network firewalls arises from improper processing of output data for registration logs, allowing attackers to replace the traffic logs.

The vulnerability of FortiWeb web applications’ network firewalls is related to improper processing of output data for registration logs. Exploiting this vulnerability allows a malicious actor to replace traffic logs through a specially created web page...

5.3CVSS5.9AI score0.00478EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/19 12:0 a.m.10 views

The vulnerability of the Bulk Modification Tool component in Nagios XI allows a hacker to execute arbitrary SQL code.

The vulnerability of the Bulk Modification Tool component in Nagios XI is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...

9CVSS8.2AI score0.3374EPSS
Exploits2References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/19 12:0 a.m.10 views

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system, related to the lack of measures taken to protect the website structure, allows a perpetrator to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

5.5CVSS6.3AI score0.00597EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/18 12:0 a.m.10 views

The vulnerability of the driver for auxiliary functions in Windows Sockets operating systems allows attackers to increase their privileges.

The vulnerability of the WinSock auxiliary function driver in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.3AI score0.06541EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/12/18 12:0 a.m.10 views

The vulnerability of the Microsoft Office for Mac software, related to errors in user interface information representation, allows attackers to perform spear-phishing attacks.

The vulnerability of the Microsoft Office for Mac software is related to information representation errors in the user interface. Exploiting this vulnerability can allow attackers to perform spear-phishing attacks remotely...

5.3CVSS6.6AI score0.01186EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/12/18 12:0 a.m.10 views

The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the structure of web pages, allows attackers to disclose protected information.

The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a malicious actor to disclose protected information remotely...

4.1CVSS5.8AI score0.00597EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/18 12:0 a.m.10 views

The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to execute arbitrary code.

The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

5.5CVSS6.3AI score0.00597EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/18 12:0 a.m.10 views

The vulnerability of the Windows Hyper-V hardware virtualization system allows attackers to escalate their privileges.

The vulnerability of the Windows Hyper-V hardware virtualization system is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to increase their privileges...

7.8CVSS7.3AI score0.0173EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2023/12/15 12:0 a.m.10 views

The vulnerability of the software for creating and managing graphical user interfaces in industrial automation systems like SCADA CONPROSYS HMI Systems lies in the use of a password hash instead of a password for authentication. This allows attackers to exploit this flaw to disclose sensitive information through a “man-in-the-middle” attack.

The vulnerability of the SCADA CONPROSYS HMI System lies in the use of a password hash instead of a plain-text password for authentication. Exploiting this vulnerability allows an attacker, operating remotely, to disclose sensitive information through a “man-in-the-middle” attack...

5.3CVSS6.5AI score0.00879EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/15 12:0 a.m.10 views

The vulnerability of the IBM DB2 database management system, which arises due to insufficient validation of input data, allows a hacker to trigger a service failure.

The vulnerability of the IBM DB2 database management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions using a specially created RUNSTATS command for a table with a size of 8 TB...

7.8CVSS7.3AI score0.01053EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/15 12:0 a.m.10 views

The vulnerability of the IBM DB2 database management system, which arises due to insufficient validation of input data, allows a hacker to trigger a service failure.

The vulnerability of the IBM DB2 database management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

9.4CVSS7.3AI score0.01053EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/15 12:0 a.m.10 views

The vulnerability of the 5G mobile communication network organization software free5GC, related to the lack of authentication for critical functions, allows attackers to disclose protected information.

The vulnerability of the software for managing fifth-generation mobile communication networks 5G, free5GC, is related to the absence of authentication for a critical function. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose protected information...

7.8CVSS7.2AI score0.02863EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/15 12:0 a.m.10 views

The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring lies in its ability to restore unreliable data in memory, allowing an attacker to execute commands with local administrator privileges.

The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring lies in the recovery of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute code with local administrator privileges...

10CVSS8AI score0.16573EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/15 12:0 a.m.10 views

The vulnerability of the FedCM component in the Google Chrome browser allows a perpetrator to execute arbitrary code or trigger a service failure.

The vulnerability of the FedCM component in the Google Chrome browser relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause a service failure through a specially created malicious web page...

10CVSS8.1AI score0.00639EPSS
Exploits0References11Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/12/15 12:0 a.m.10 views

The vulnerability of the Windows operating system’s kernel allows attackers to enhance their privileges.

The vulnerability of the Windows operating system’s kernel is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7.8CVSS7.2AI score0.08698EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/12/14 12:0 a.m.10 views

The vulnerability of the Delta Electronics InfraSuite Device Master software in monitoring devices in real time arises from an incorrect limitation on the path name to the restricted access catalog. This allows a perpetrator to write to any file anywhere within the file system.

The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring exists due to an incorrect restriction on the path name to the restricted catalog. Exploiting this vulnerability allows a malicious actor to write to any file anywhere within the file syst...

9CVSS7.6AI score0.0153EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/14 12:0 a.m.10 views

The vulnerability of the microprogramming software of the Ubiquiti Networks UniFi Dream Machine Pro, related to deficiencies in access control, allows intruders to circumvent domain restrictions.

The vulnerability of the microprogrammed software of the Ubiquiti Networks UniFi Dream Machine Pro relates to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to bypass domain restrictions using specially created packages...

10CVSS7.7AI score0.00847EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/14 12:0 a.m.10 views

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system, related to the lack of measures taken to protect the website structure, allows a perpetrator to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

5.5CVSS6.3AI score0.00597EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/14 12:0 a.m.10 views

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system, related to the lack of measures taken to protect the website structure, allows a perpetrator to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

5.5CVSS6.3AI score0.00597EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/14 12:0 a.m.10 views

The vulnerability of the software for automation, dispatching, and analysis in the ICONICS Suite arises from the use of an unreliable search path, allowing a perpetrator to execute arbitrary code.

The vulnerability of the software for automation, dispatching, and analysis in the ICONICS Suite is related to the use of an unreliable search path. Exploiting this vulnerability allows a perpetrator to execute arbitrary code...

7.8CVSS7.5AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/13 12:0 a.m.10 views

The vulnerability in the Safari browser on operating systems such as iPadOS, iOS, and Mac OS allows a hacker to exploit it to access the history of web browsing activities.

The vulnerability of the Safari browser on iPadOS, iOS, and Mac OS relates to the disclosure of information. Exploiting this vulnerability allows a malicious actor to disclose the history of web browsing...

5CVSS6.5AI score0.00679EPSS
Exploits0References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/12/12 12:0 a.m.10 views

The vulnerability of the cstecgi.cgi implementation in TOTOLINK X5000R router microprogramming software allows a perpetrator to execute arbitrary commands.

The vulnerability of the cstecgi.cgi microprogramming system implementation in TOTOLINK X5000R routers is related to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

5.8CVSS6.7AI score0.30683EPSS
Exploits2References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/11 12:0 a.m.10 views

The vulnerability in the implementation of the Media Capture application interface of Google Chrome and Microsoft Edge allows a perpetrator to disclose protected information.

The vulnerability of the Media Capture application interface in Google Chrome and Microsoft Edge browsers relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to disclose sensitive information...

7.8CVSS7.5AI score0.0102EPSS
Exploits0References13Affected Software7
BDU FSTEC
BDU FSTEC
added 2023/12/06 12:0 a.m.10 views

The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring lies in improper restrictions on path names in the catalog. This allows attackers to disclose user information, obtain login credentials in plain text, or perform NTLM relay attacks.

The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring is related to an incorrect limitation on the path name to the catalog. Exploiting this vulnerability can allow a malicious actor to disclose user information, obtain login credentials in...

7.8CVSS7.2AI score0.01118EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/06 12:0 a.m.10 views

The vulnerability of the MPI process tracing tools Intel Trace Analyzer and Collector, related to writing beyond buffer boundaries, allows attackers to exploit their privileges.

The vulnerability of the MPI process tracing tools Intel Trace Analyzer and Collector lies in the ability to write beyond buffer boundaries. Exploiting this vulnerability can allow attackers to gain increased privileges...

7.8CVSS7.4AI score0.00186EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/12/06 12:0 a.m.10 views

The vulnerability of the BIG-IP Access Policy Manager’s access control and remote authentication mechanisms, as well as the software products such as BIG-IP Advanced Firewall Manager, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Hybrid Defender, BIG-IP Domain Name System, BIG-IP Fraud Protection Service, BIG-IP Link Controller, BIG-IP Local Traffic Manager, BIG-IP Policy Enforcement Manager, BIG-IP Orchestrator, allows a perpetrator to trigger a service failure.

The vulnerabilities of the BIG-IP Access Policy Manager, as well as the BIG-IP Advanced Firewall Manager, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Hybrid Defender, BIG-IP Domain Name System, BIG-IP Fraud Protection Service, BIG-IP Link...

7.8CVSS7.5AI score0.00626EPSS
Exploits0References3Affected Software12
BDU FSTEC
BDU FSTEC
added 2023/12/01 12:0 a.m.10 views

The vulnerability of the Adobe Media Encoder application, related to access to an uninitialized pointer, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Adobe Media Encoder application relates to access to an uninitialized pointer. Exploiting this vulnerability could allow a perpetrator to gain unauthorized access to protected information through a specially created malicious file...

5.5CVSS5.5AI score0.00367EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/29 12:0 a.m.10 views

The vulnerability of Adobe InDesign’s computer layout automation tool, related to reading data outside the buffer in memory, allows attackers to exploit this to disclose protected information.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to reading data outside the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected information...

5.5CVSS6AI score0.00339EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/29 12:0 a.m.10 views

The vulnerability of the Apache Storm distributed stream processing software’s software platform in UNIX-like operating systems, related to access control deficiencies, allows attackers to disclose sensitive information.

The vulnerability of the Apache Storm distributed stream processing software’s software platform in UNIX-like operating systems is related to lack of access control mechanisms. Exploiting this vulnerability can allow attackers to disclose sensitive information that is protected by the system’s...

3.3CVSS5.8AI score0.00346EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/23 12:0 a.m.10 views

The vulnerability of the 3D modeling software Argon Ashlar-Vellum lies in its uncontrolled search element, which allows a hacker to execute arbitrary code.

The vulnerability of the 3D modeling software Argon Ashlar-Vellum is related to an uncontrolled element in the search process. Exploiting this vulnerability could allow a hacker to execute arbitrary code...

7.8CVSS7.5AI score0.00825EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/22 12:0 a.m.10 views

The vulnerability of distributed computing platforms and PowerJob task scheduling systems, related to incorrect default permissions, allows attackers to gain unauthorized access to protected information.

The vulnerability of distributed computing platforms and the PowerJob task scheduling system is related to incorrect default permissions. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

5.3CVSS5.9AI score0.09545EPSS
Exploits2References3Affected Software1
Total number of security vulnerabilities5000