Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2022/03/04 12:0 a.m.10 views

The vulnerability of the embedded software of NETGEAR routers such as R7850, R7900P, R7960P, R8000, R8000P, RAX200, RAX75, RAX80, RBK852, RBR850, and RBS850 lies in the lack of measures to sanitize input data. This allows a malicious actor to execute arbitrary commands.

The vulnerability of NETGEAR’s integrated routing software devices such as R7850, R7900P, R7960P, R8000, R8000P, RAX200, RAX75, RAX80, RBK852, RBR850, and RBS850 lies in the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

8.4CVSS7.1AI score0.00631EPSS
Exploits0References3Affected Software11
BDU FSTEC
BDU FSTEC
added 2022/03/04 12:0 a.m.10 views

The vulnerability of the Microsoft Defender for IoT’s threat detection mechanism, related to the lack of protection measures for the SQL query structure, allows attackers to execute arbitrary code.

The vulnerability of the Microsoft Defender for IoT’s threat detection mechanism is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a attacker to execute arbitrary code...

9CVSS8.2AI score0.03825EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/03/04 12:0 a.m.10 views

The vulnerability of the Microsoft Defender for IoT’s threat detection mechanism, related to improper code generation, allows a malicious actor to execute arbitrary code.

The vulnerability of the Microsoft Defender for IoT threat detection mechanism is related to improper code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially crafted request...

9CVSS8.2AI score0.0403EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/03/04 12:0 a.m.10 views

The vulnerability of the server application for managing food manufacturing enterprises AK-EM 800, related to the use of rigidly encrypted accounting data, allows a perpetrator to increase their privileges.

The vulnerability of the server application for managing food manufacturing enterprises AK-EM 800 is related to the use of rigidly encrypted accounting data. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/03/04 12:0 a.m.10 views

The vulnerability of software for the development and mass production of printed circuit boards, related to the ability to read data beyond the buffer in memory, allows attackers to gain access to protected information or cause system failures.

The vulnerability of software for the development and mass production of printed circuit boards relates to the ability to read data beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to gain access to protected information or cause service failures by sending a...

9.3CVSS5.8AI score0.01304EPSS
Exploits1References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/03/04 12:0 a.m.10 views

The vulnerability of the Magento Commerce software development and management platform lies in the incorrect limitation of the path to the restricted catalog. This allows attackers to execute arbitrary code.

The vulnerability of the Magento Commerce development and management software platform relates to incorrect restrictions on the path to the restricted catalog. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user...

9CVSS7.8AI score0.03116EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/03/04 12:0 a.m.10 views

The vulnerability of the software-hardware system for storing protected information in Android Keystore on Samsung Galaxy devices allows a perpetrator to bypass security measures and extract private keys from the secure environment.

The vulnerability of the software-hardware system for storing protected information in Samsung Galaxy devices’ Android Keystores is related to insufficient validation of entered data. Exploiting this vulnerability can allow attackers to bypass security measures and extract private keys from the...

5.5CVSS6.2AI score0.00757EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/03/01 12:0 a.m.10 views

The vulnerability of the QNX Neutrino operating system’s kernel allows a perpetrator to escalate their privileges.

The vulnerability of the QNX Neutrino operating system’s kernel is related to privilege management errors. Exploiting this vulnerability can allow an attacker to increase their privileges...

10CVSS5.5AI score0.00173EPSS
Exploits0References1Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/03/01 12:0 a.m.10 views

The vulnerability of Windows Mobile Device Management for Windows operating systems allows attackers to escalate their privileges.

The vulnerability of Windows Mobile Device Management for Windows operating systems is related to insecure management of privileges. Exploiting this vulnerability can allow attackers to enhance their privileges...

5.5CVSS6.9AI score0.00656EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/03/01 12:0 a.m.10 views

The vulnerability of NETGEAR Wi-Fi router microprogramming software, including models D6220, D7000, D7000v2, R6400v2, R6700v3, R7000, R7100LG, and XR300, arises from buffer overflow attacks, allowing attackers to execute arbitrary code.

The vulnerability of NETGEAR Wi-Fi router software models D6220, D7000, D7000v2, R6400v2, R6700v3, R7000, R7100LG, and XR300 lies in buffer overflow attacks on the network interface layer. Exploiting this vulnerability can allow attackers to execute arbitrary code...

5.7CVSS6.2AI score
Exploits0References1Affected Software8
BDU FSTEC
BDU FSTEC
added 2022/02/25 12:0 a.m.10 views

The vulnerability of the Windows DWM Core Library on Windows operating systems, which allows attackers to enhance their privileges

The vulnerability of the Windows DWM Core Library in operating systems is related to security configuration errors. Exploiting this vulnerability can allow attackers to gain increased privileges...

7.8CVSS7.2AI score0.04196EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/02/25 12:0 a.m.10 views

Vulnerabilities of Microsoft 365, Microsoft Excel, Microsoft Office, Microsoft SharePoint, and Microsoft Office Web Apps are related to improper code generation, allowing attackers to execute arbitrary code.

Vulnerabilities of Microsoft 365, Microsoft Excel, Microsoft Office, Microsoft SharePoint, and Microsoft Office Web Apps are related to improper code generation management. Exploitation of these vulnerabilities can allow a malicious actor to execute arbitrary code remotely...

9.3CVSS8.5AI score0.03115EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/02/22 12:0 a.m.10 views

The vulnerability of the setup.php configuration file of the universal monitoring system Zabbix, related to authentication errors, allows a intruder to modify the configuration parameters.

The vulnerability of the setup.php configuration file of the Zabbix monitoring system is related to authentication errors. Exploiting this vulnerability allows a malicious actor to modify the configuration parameters remotely...

5.3CVSS7AI score0.84657EPSS
Exploits1References8Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/02/22 12:0 a.m.10 views

The vulnerability of the Apex One antivirus software lies in its improper handling of links before accessing a file, allowing attackers to escalate their privileges.

The vulnerability of the anti-virus software Apex One is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow a hacker to increase their privileges...

7.8CVSS5.5AI score0.00469EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/02/18 12:0 a.m.10 views

The vulnerability of the FUDforum internet forum, related to the lack of measures taken to protect the website structure, allows a perpetrator to execute arbitrary code.

The vulnerability of the FUDforum internet forum is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor, operating remotely, to inject arbitrary code during the administrator’s email reading process. This code can then...

9CVSS5.8AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/02/17 12:0 a.m.10 views

The vulnerability of the rendering mode in Vulkan browsers Google Chrome and Microsoft Edge allows a hacker to execute arbitrary code.

The vulnerability in the rendering mode of Google Chrome and Microsoft Edge browsers relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8AI score0.0075EPSS
Exploits0References9Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/02/17 12:0 a.m.10 views

The vulnerability of the ip6_xmit function in the (6_output.c) kernel of the Android operating system allows a hacker to increase their privileges.

The vulnerability of the ip6xmit function in the 6output.c kernel of the Android operating system is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

6.8CVSS7.2AI score0.00191EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/02/16 12:0 a.m.10 views

The vulnerability of the implementation of the SetWLanACLSettings() function in D-Link DIR-823-Pro wireless router software allows a hacker to execute arbitrary commands.

The vulnerability of the implementation of the SetWLanACLSettings function in D-Link DIR-823-Pro wireless router microprogramming software is related to insufficient cleaning of input data during the processing of the parameter wl0.0maclist. Exploiting this vulnerability allows a remote attacker ...

10CVSS8.1AI score0.03818EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/02/16 12:0 a.m.10 views

The vulnerability of the implementation of the SetNetworkTomographySettings() function in the microprogrammed software for D-Link DIR-823-Pro wireless routers allows a hacker to execute arbitrary commands.

The vulnerability of the implementation of the SetNetworkTomographySettings function in the microprogrammed wireless router software from D-Link DIR-823-Pro relates to insufficient cleaning of input data during the processing of parameters tomographypingaddress, tomographypingnumber,...

10CVSS8.1AI score0.0385EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/02/16 12:0 a.m.10 views

The vulnerability of the Google Chrome browser’s Extensions Platform component, which allows a perpetrator to access confidential information

The vulnerability of the Google Chrome browser’s Extensions Platform component is related to improperly implemented security checks for standard elements. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to confidential information through a specially create...

8.8CVSS7.1AI score0.00577EPSS
Exploits0References10Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/02/16 12:0 a.m.10 views

The vulnerability of the client library’s HTTP httplib2 module, related to uncontrolled resource consumption, allows attackers to cause service interruptions.

The vulnerability of the client library’s HTTP httplib2 module is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS7.2AI score0.03876EPSS
Exploits1References10Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/02/10 12:0 a.m.10 views

The vulnerability of the Pointer Lock component in Google Chrome browser allows a hacker to gain access to confidential information.

The vulnerability of the Pointer Lock component in Google Chrome browser is related to improperly implemented security checks for standard elements. Exploiting this vulnerability can allow a remote attacker to gain access to confidential information through a specially created web page...

8.8CVSS7.1AI score0.00952EPSS
Exploits1References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/02/10 12:0 a.m.10 views

The vulnerability of the Class.forName(...) method in the Kylin data processing platform allows attackers to compromise the confidentiality, integrity, and accessibility of information.

The vulnerability of the Class.forName... method in the Kylin data processing platform is related to the use of externally controlled input parameters for class selection. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of...

9.8CVSS7.7AI score0.02902EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/02/10 12:0 a.m.10 views

The vulnerability of the basic Windows DWM library in the Windows operating system allows attackers to escalate their privileges.

The vulnerability of the Windows DWM base library in the Windows operating system is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7CVSS7.2AI score0.00586EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/02/07 12:0 a.m.10 views

The vulnerability of AppX Deployment Extensions for Windows operating systems stems from deficiencies in access control, allowing attackers to escalate their privileges.

The vulnerability of AppX Deployment Extensions in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created application...

7.8CVSS7.1AI score0.00835EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/02/04 12:0 a.m.10 views

The vulnerability of the Win32k.sys component in Windows operating systems, which allows a hacker to increase their privileges

The vulnerability of the Win32k.sys component in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7CVSS7.7AI score0.55711EPSS
Exploits7References6
BDU FSTEC
BDU FSTEC
added 2022/02/01 12:0 a.m.10 views

The vulnerability of the Chart component in the SolarWinds Patch Manager software allows a hacker to execute arbitrary code by restoring unreliable data in memory.

The vulnerability of the Chart component in the SolarWinds Patch Manager software involves the restoration of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.9CVSS8AI score0.76411EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/02/01 12:0 a.m.10 views

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2020 are related to memory usage after it is freed. This allows attackers to execute arbitrary code.

The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 is related to the use of memory after it is freed. Exploiting this...

7.8CVSS7.6AI score0.08656EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/02/01 12:0 a.m.10 views

The vulnerability in the web interface for managing Cisco Enterprise Chat and Email allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Web interface for managing Cisco Enterprise Chat and Email involves inconsistencies in the responses to incoming requests. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information by sending...

5.3CVSS5.5AI score0.00745EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/01/26 12:0 a.m.10 views

The vulnerability of the Adobe Media Encoder application, related to reading beyond the buffer in memory, allows attackers to escalate their privileges and gain unauthorized access to protected information.

The vulnerability of the Adobe Media Encoder application relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges and gain unauthorized access to protected information through a specially created MP4 file...

4.3CVSS6.3AI score0.00312EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/01/25 12:0 a.m.10 views

The vulnerability of the online enrollment management system for students and learners lies in errors when processing the “Name” parameter on the “Add-Users” page. This allows a perpetrator to carry out cross-site scripting attacks.

The vulnerability of the Online Enrollment Management System for students and learners is related to errors in processing the “Name” parameter on the “Add-Users” page. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

5.4CVSS5.6AI score0.01635EPSS
Exploits4References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/01/25 12:0 a.m.10 views

The vulnerability of the UserAttributeSimilarityValidator component in the Django web development framework allows a attacker to perform a denial-of-service attack.

The vulnerability of the UserAttributeSimilarityValidator component in the Django web development framework is related to a resource management error. Exploiting this vulnerability could allow an attacker to perform a denial-of-service attack by sending a specially created password to the...

7.8CVSS7.1AI score0.02397EPSS
Exploits0References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/01/25 12:0 a.m.10 views

The vulnerability of NETGEAR’s Wi-Fi routers, namely RBK40, RBR40, and RBS40, stems from improper handling of the cryptographic generation process. This allows attackers to execute a Server Side Include Injection (SSI) attack.

The vulnerability of the built-in Wi-Fi router software from NETGEAR, namely RBK40, RBR40, and RBS40, is related to incorrect code generation. Exploiting this vulnerability could allow an attacker to perform a Server Side Include Injection attack...

7.1CVSS7.3AI score0.00313EPSS
Exploits0References3Affected Software10
BDU FSTEC
BDU FSTEC
added 2022/01/25 12:0 a.m.10 views

The vulnerability of the built-in Wi-Fi router software from NETGEAR, including models RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850, stems from insufficient measures taken to protect the website structure. This allows attackers to execute cross-site scripting attacks.

The vulnerability of NETGEAR Wi-Fi router software models such as RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850 is related to the lack of security measures for website structures. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...

6.5CVSS5.3AI score0.00418EPSS
Exploits0References3Affected Software15
BDU FSTEC
BDU FSTEC
added 2022/01/20 12:0 a.m.10 views

The vulnerability of the HttpObjectDecoder.java component of the Netty network programming framework, related to a deficiency in HTTP request interpretation, allows attackers to access confidential data and compromise its integrity.

The vulnerability of the HttpObjectDecoder.java component of the Netty network programming framework is related to a deficiency in HTTP request interpretation. Exploiting this vulnerability can allow an attacker to gain access to confidential data and compromise its integrity...

9.1CVSS6.8AI score0.13474EPSS
Exploits1References8Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/01/12 12:0 a.m.10 views

The vulnerability of the Media Foundation component in Microsoft Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Media Foundation component in Microsoft Windows operating systems is related to improper code generation. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially crafted request...

7.8CVSS7.7AI score0.02108EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2021/12/24 12:0 a.m.10 views

The vulnerability of the Apache DolphinScheduler scheduler platform, related to privilege management errors, allows a malicious actor to execute arbitrary SQL queries.

The vulnerability of the Apache DolphinScheduler scheduler platform is related to privilege management errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary SQL queries...

9CVSS8.1AI score0.01861EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/12/17 12:0 a.m.10 views

Microsoft Edge browser vulnerability, related to improper code generation management, allows attackers to execute arbitrary code.

The vulnerability of Microsoft Edge is related to incorrect code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

4.2CVSS6AI score0.00967EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/12/01 12:0 a.m.10 views

The vulnerability arises from the implementation of the automatic update method for server names in the Dynamic DNS system for domain names in systems using Amcrest IP cameras. This allows a perpetrator to execute arbitrary code or cause a service failure.

The vulnerability of the implementation of the automatic update method for domain names in Dynamic DNS systems of Amcrest IP cameras relates to the writing of data beyond the buffer boundaries in memory when using the 0x62 command with the 0x04 subcommand. Exploiting this vulnerability allows a...

8.8CVSS8.3AI score0.35643EPSS
Exploits4References5Affected Software17
BDU FSTEC
BDU FSTEC
added 2021/12/01 12:0 a.m.10 views

The vulnerability of the Telegram Desktop messaging app, related to the execution of operations outside the buffer boundaries, allows a hacker to cause a service failure.

The vulnerability of the Telegram Desktop messaging app is related to the execution of operations outside the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to cause service failures...

10CVSS5.9AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/11/18 12:0 a.m.10 views

The vulnerability of the Windows Installer component of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the Windows Installer component of the Windows operating system is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7.8CVSS7AI score0.20099EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2021/11/16 12:0 a.m.10 views

The vulnerability of the application programming interface for data exchange via Google Chrome’s Web Share browser allows a perpetrator to influence the confidentiality, integrity, and accessibility of data.

The vulnerability of the application programming interface for data exchange via Google Chrome’s Web Share browser lies in the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to compromise privacy, integrity, and accessibility of data...

10CVSS7.3AI score0.0407EPSS
Exploits0References10Affected Software7
BDU FSTEC
BDU FSTEC
added 2021/11/16 12:0 a.m.10 views

The vulnerability of the BKBCopyD.exe component in Yokogawa’s software products allows a hacker to execute arbitrary code with user privileges of the CENTUM system.

The vulnerability of the “BKBCopyD.exe” service in Yokogawa’s software products is caused by buffer overflow based on a stack. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary code with user privileges of CENTUM, by sending a specially created package to...

9CVSS6.3AI score0.36035EPSS
Exploits2References4
BDU FSTEC
BDU FSTEC
added 2021/11/16 12:0 a.m.10 views

The vulnerability of the BKESimmgr.exe component in Yokogawa’s software products allows a hacker to elevate their privileges and execute arbitrary code.

The vulnerability of the “BKESimmgr.exe” service in Yokogawa’s software products is caused by a buffer overflow based on a stack. Exploiting this vulnerability can allow an attacker to increase their privileges and execute arbitrary code by sending a specially created package to port 34205/TCP...

8.6CVSS6.3AI score0.56839EPSS
Exploits4References3
BDU FSTEC
BDU FSTEC
added 2021/11/15 12:0 a.m.10 views

The vulnerability of the software for creating metadata, processing, and exchanging sets of Adobe XMP-Toolkit-SDK standards lies in buffer overflows in dynamic memory. This allows attackers to gain access to protected information or cause service failures.

The vulnerability of the software for creating metadata, processing, and exchanging standard sets within the Adobe XMP-Toolkit-SDK is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow an attacker to access protected information or cause service failures...

3.3CVSS6.7AI score0.03751EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/11/15 12:0 a.m.10 views

The vulnerability of the macOS operating system, related to the ability to read data beyond the buffer in memory, allows a hacker to execute arbitrary code.

The vulnerability of the macOS operating system is related to the ability to read data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.7AI score0.01162EPSS
Exploits0References5Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/11/15 12:0 a.m.10 views

The vulnerability of the software for creating metadata, processing, and exchanging standard sets within the Adobe XMP-Toolkit-SDK lies in the insufficient validation of input data. This allows a perpetrator to execute arbitrary code.

The vulnerability of the software for creating metadata, processing, and exchanging standard sets within the Adobe XMP-Toolkit-SDK is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user,...

7.8CVSS7.6AI score0.02716EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/11/15 12:0 a.m.10 views

The vulnerability of the enterprise management server through the Internet-based Open Management Infrastructure (OMI) for virtual machine management in Azure allows a attacker to execute arbitrary code, resulting in management code generation errors.

The vulnerability of the enterprise management server through the Internet-based Open Management Infrastructure OMI for managing virtual machines in Azure is related to errors in code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS7.6AI score0.99723EPSS
Exploits19References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/11/12 12:0 a.m.10 views

The vulnerability of the systeminformation library in the Node.js software platform allows a hacker to execute arbitrary code.

The vulnerability of the systeminformation library in the Node.js software platform is related to errors in transmitting data to the parameters of the si.inetLatency, si.inetChecksite, si.services, and si.processLoad services. Exploiting this vulnerability allows a remote attacker to execute...

10CVSS8.1AI score0.01854EPSS
Exploits0References7Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/11/12 12:0 a.m.10 views

The vulnerability of Google Chrome’s browser permissions settings allows attackers to influence the confidentiality, integrity, and accessibility of protected information.

The vulnerability of Google Chrome’s browser permissions setting relates to the use of memory after deallocation. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information...

10CVSS7.4AI score0.04125EPSS
Exploits0References10Affected Software7
Total number of security vulnerabilities5000