90336 matches found
The vulnerability of the SetPixelViaPixelInfo function in the console-based image editing tool ImageMagick allows a hacker to cause a service failure or execute arbitrary code.
The vulnerability of the SetPixelViaPixelInfo function in the ImageMagick console-based graphics editor is related to reading data beyond the buffer boundary in dynamic memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure or execute arbitrary code using a...
The vulnerability of the Data Store component of the Oracle Berkeley DB database management system allows a hacker to gain full control over the system.
The vulnerability of the Data Store component of the Oracle Berkeley DB database management system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain full control over the system...
The vulnerability of the Advanced Console controller’s sub-component of Oracle Identity Manager, a software platform of Oracle Fusion Middleware, allows an intruder to gain unauthorized access to protected data.
The vulnerability of the Advanced Console controller’s sub-component in Oracle Identity Manager, a software platform of Oracle Fusion Middleware, is related to access control deficiencies. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to...
The vulnerability of the handler in the Sn5Crypto.sys driver of the Secret Net Studio information protection system, which allows a hacker to cause a service failure.
The vulnerability of the handler in the Sn5Crypto.sys driver of the Secret Net Studio information protection system is related to errors during the verification of input parameters. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability in the XNU kernel of iOS, Mac OS, and TV OS allows attackers to perform unauthorized changes to the memory shared among processes.
The vulnerability of the XNU-based operating systems such as iOS, Mac OS, and TV OS is related to errors in the memory initialization mechanism. Exploiting this vulnerability allows an attacker to perform unauthorized changes to the memory shared among processes, using specially crafted executabl...
The vulnerability in the implementation of the lmc_init_one handler in Linux kernel allows a hacker to trigger a service failure.
The vulnerability in the implementation of the lmcinitone handler of the loaded module drivers/net/wan/lmc/lmc.ko in the Linux operating system arises due to the assignment of a null pointer. Exploiting this vulnerability can allow an attacker to cause a system failure by connecting a LanMedia...
The vulnerability in the syntax analyzer of Cisco Firepower Management Center’s network management software for Secure Sockets Layer (SSL) and Transport Layer Security (TLS protocols allows a perpetrator to bypass existing access control policies.
The vulnerability in the syntax analyzer of Cisco Firepower Management Center’s network management software for Secure Sockets Layer SSL and Transport Layer Security TLS protocols is related to errors in analyzing attributes in TLS packet headers. Exploiting this vulnerability can allow a malicio...
The vulnerabilities of the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in the OpenJPEG image encoding/decoding library allow a malicious actor to cause a service failure.
The vulnerability of the functions pinextpcrl, pinextcprl, and pinextrpcl in the lib/openjp3d/pi.c library, which is used for image encoding/decoding in OpenJPEG, is related to a bug that causes division by zero. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the ASN.1 BER dissector component of the Wireshark network traffic analyzer tool, which is related to the execution of operations beyond the memory limit, allows attackers to cause a service failure.
The vulnerability of the ASN.1 BER component epan/dissectors/packet-ber.c, a dissector for analyzing computer network traffic in Wireshark, is related to the execution of operations beyond the memory limits. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerability of the ui_clip_handle_data function in the RDP client rdesktop software, related to reading data beyond the buffer boundary, allows attackers to access confidential data.
The vulnerability of the uicliphandledata function in the RDP client rdesktop is related to reading data beyond the buffer boundary. Exploiting this vulnerability could allow an attacker to gain access to confidential data remotely...
The vulnerability of the rdpsnddbg_process function in the RDP client rdesktop program, related to integer overflow, causes a stack-based buffer overflow, allowing an attacker to execute arbitrary code.
The vulnerability of the rdpsnddbgprocess function in the RDP client rdesktop is related to a numerical overflow that causes buffer overflow based on heap. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...
The vulnerability of the PHP interpreter’s read function, related to reading beyond the boundaries of memory buffers, allows attackers to cause service failures, violate data confidentiality, and compromise the integrity of protected data.
The vulnerability of the PHP language interpreter’s read function is related to the rereading of buffers based on queues. Exploiting this vulnerability can allow attackers to cause service failures, violate the confidentiality and integrity of protected data by reading memory allocated to specifi...
The vulnerability of the xmlrpc_decode() function, a part of the XMLRPC interpreter for the PHP programming language, relates to the reading of data beyond the buffer memory boundary, allowing attackers to gain access to confidential data.
The vulnerability of the xmlrpcDecode function in the PHP programming language is related to an error that causes memory access beyond the allocated range. Exploiting this vulnerability can allow a remote attacker to gain access to confidential data...
The vulnerability of the rdesktop RDP client file, related to reading beyond the buffer boundary, allows a hacker to cause a service failure.
The vulnerability of the RDP client rdesktop mcs.c is related to reading data beyond the buffer boundary. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the Core component of the Oracle VM VirtualBox virtualization tool, which allows a hacker to gain full control over the application
The vulnerability of the Core component of the Oracle VM VirtualBox virtualization tool is related to lack of access control mechanisms. Exploiting this vulnerability can allow an attacker to gain full control over the application...
Vulnerability of the Server: Optimizer component of the Oracle MySQL database management system, which allows a hacker to cause a service failure.
The vulnerability of the Server: Optimizer component of the Oracle MySQL database management system is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using the MySQL protocol...
The vulnerability of the Core component of the Oracle VM VirtualBox virtualization tool allows a hacker to trigger a service failure and gain unauthorized access to protected information.
The vulnerability of the Core component of Oracle VM VirtualBox is related to deficiencies in access control. Exploiting this vulnerability can allow an intruder to trigger a service failure and gain unauthorized access to protected information...
The vulnerability of the Core component of the Oracle VM VirtualBox virtualization tool, which allows a hacker to gain full control over the application
The vulnerability of the Core component of Oracle VM VirtualBox is related to lack of access control. Exploiting this vulnerability can allow an attacker to gain full control over the application...
The vulnerability of the linux-astra-modules package of the Astra Linux operating system allows a hacker to gain unauthorized access to data.
The vulnerability of the linux-astra-modules package in the Astra Linux operating system is related to an error that causes information leakage through the prlimit utility for reading/setting limit values. Exploiting this vulnerability can allow a perpetrator to gain unauthorized access to data...
The vulnerability of Juniper Advanced Threat Prevention’s detection and prevention software lies in the fact that the secret password is stored publicly in /var/log/syslog. This allows attackers to gain access to the protected information.
The vulnerability of Juniper Advanced Threat Prevention’s detection and prevention software lies in the fact that the secret password is stored publicly in the /var/log/syslog file. Exploiting this vulnerability could allow an attacker to gain access to protected information...
The vulnerability of the JunOS operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the JunOS operating system’s kernel is related to errors in processing packets destined for another address. Exploiting this vulnerability can allow an attacker to trigger a kernel error and a service failure by sending specially crafted packets from external control interfac...
The vulnerability of the message filtering function of the Cisco AsyncOS operating system, which allows a intruder to trigger a service failure
The vulnerability of the Cisco AsyncOS operating system’s message filtering function is related to insufficient processing of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions through a specially crafted email message...
The vulnerability of the Core component in Oracle VM VirtualBox allows a hacker to gain full control over the application.
The vulnerability of the Core component in Oracle VM VirtualBox is related to access control deficiencies. Exploiting this vulnerability can allow an attacker to gain full control over the application...
The vulnerability of the Core component in Oracle VM VirtualBox allows a hacker to gain full control over the application.
The vulnerability of the Core component in Oracle VM VirtualBox is related to access control deficiencies. Exploiting this vulnerability can allow an attacker to gain full control over the application...
The vulnerability of the Core component in Oracle VM VirtualBox allows a hacker to gain full control over the application.
The vulnerability of the Core component in Oracle VM VirtualBox is related to access control deficiencies. Exploiting this vulnerability can allow an attacker to gain full control over the application...
The vulnerability of the ArubaOS operating systems, related to insufficient access control, allows attackers to gain access to arbitrary files on the device.
The vulnerability of the ArubaOS operating systems is related to insufficient access control. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to arbitrary files using the TCP ports 8080 or 8081...
The vulnerability of the Windows Data Sharing Service, a data exchange service for the Windows operating system, allows attackers to escalate their privileges.
The vulnerability of the Windows Data Sharing Service in the Windows operating system is related to file handling errors. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created application...
The vulnerability of the ALSA driver /dev/snd/seq in Linux operating systems allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the ALSA driver /dev/snd/seq in Linux operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...
The vulnerability of the Windows operating system, related to insecure management of privileges, allows a perpetrator to execute processes with elevated privileges.
The vulnerability of the Windows operating system is related to the insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...
The vulnerability of the Hyper-V hardware virtualization system in the Windows operating system allows a hacker to execute arbitrary code.
The vulnerability of the Hyper-V hardware virtualization technology in the Windows operating system is related to deficiencies in the authentication process of the guest operating system. Exploiting this vulnerability allows an attacker to execute arbitrary code through a specially created...
The vulnerability of the TUNER web service on the TeNIX programmable logic controllers M1500 and M3000 allows a hacker to execute arbitrary code.
The vulnerability of the TUNER web service on the TeNIX programmable logic controllers M1500 and M3000 is related to the absence of name filtering when generating a 404 HTTP error page. As a result, the name of the non-existent webpage is passed unchanged to the generated error page. Exploiting...
The vulnerability of the Internet Explorer browser arises from an operation that goes beyond the buffer in memory, allowing a malicious actor to execute arbitrary code.
The vulnerability of the Internet Explorer browser arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created web page...
The vulnerability of the software update service for Cisco WebEx Meetings Desktop App and WebEx Productivity Tools for Windows operating systems allows a malicious individual to execute arbitrary commands.
The vulnerability of the software update service for Cisco Webex Meetings Desktop App and Webex Productivity Tools for Windows operating systems is related to the improper handling of special elements used in the operating system’s command line. Exploiting this vulnerability can allow an attacker...
The vulnerability of the interface page of the D-Link DVA-5592 router’s microprogramming software allows a hacker to gain access to the router’s control panel with administrator privileges.
The vulnerability of the login page /ui/cbpc/login of the D-Link DVA-5592 router’s microprogramming software is related to the use of a pre-set PIN code 0000. Exploiting this vulnerability allows an attacker to bypass authentication procedures and gain access to the router’s control panel with...
The vulnerability of the Microsoft SharePoint Enterprise Server software, related to access control errors, allows a perpetrator to increase their privileges.
The vulnerability of the Microsoft SharePoint Enterprise Server software is related to access control errors. Exploiting this vulnerability can allow a malicious actor to increase their privileges through a specially crafted request...
The vulnerability of the remap_struct function in the sysstat system monitoring and analysis tool allows a attacker to execute arbitrary code or cause service interruptions.
The vulnerability of the remapstruct function in the sysstat system performance monitoring and analysis utility arises from reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code or cause a service failure...
The vulnerability of the mad_bit_skip function in the MPEG audio decoder Libmad, which is related to buffer overflow, allows a hacker to cause a service failure.
The vulnerability of the madbitskip function in bit.c of the MPEG audio decoder Libmad is related to an error that causes buffer overflows when processing a specially crafted audio file. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of Cisco AMP’s security tools for end devices allows attackers to trigger a service failure.
The vulnerability of Cisco AMP’s anti-virus and anti-malware tools for end devices is related to resource management errors. Exploiting this vulnerability allows a malicious actor to trigger a service failure a critical kernel error remotely, provided that the system is operating in a network...
The vulnerability of the Simple Network Management Protocol packet processor in the Cisco NX-OS operating system allows a attacker to trigger a service failure.
The vulnerability of the Simple Network Management Protocol SNMP packet handler in the Cisco NX-OS operating system arises due to errors in the data block verification of the SNMP protocol. Exploiting this vulnerability can allow a malicious actor to perform a reboot on the device remotely...
The vulnerability in the web interface for controlling Cisco Registered Envelope Service allows a perpetrator to inject arbitrary code into the web page that is uploaded.
The vulnerability of the web interface for managing security information transmitted by the Cisco Registered Envelope Service is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to inject arbitrary code into the...
The vulnerability of PDF viewing and editing programs such as Adobe Acrobat, Adobe Reader, and Adobe Acrobat Document Cloud, related to the manipulation of the zero pointer, allows attackers to execute arbitrary code.
The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat, Adobe Reader, Adobe Acrobat Document Cloud, and Adobe Reader Document Cloud are related to the handling of the null pointer. Exploiting these vulnerabilities allows a malicious actor to execute arbitrary code using a...
The vulnerability of the BIND DNS server lies in the improper release of resources during the processing of recursive requests to the DNS server. This allows a hacker to cause a service failure.
The vulnerability of the BIND DNS server is related to the improper release of resources during the processing of recursive requests to the DNS server when BIND operates as a DNSSEC-compliant resolver. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of the FreeRDP remote desktop protocol lies in errors in processing specially crafted request packets, which allows attackers to trigger service failures or perform “man-in-the-middle” attacks.
The vulnerability of the FreeRDP remote desktop protocol is related to errors in processing specially crafted request packets. Exploiting this vulnerability allows a malicious actor to cause an application to terminate abnormally or carry out “man-in-the-middle” attacks...
The vulnerability of the Windows Search component in Windows operating systems allows a perpetrator to execute arbitrary code.
The vulnerability of the Windows Search component in Windows operating systems is related to errors in memory object handling. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by using specially created messages sent to the search service, including those using an...
The vulnerability of Microsoft Word’s text editor lies in memory object processing errors, which allow attackers to execute arbitrary code.
The vulnerability of Microsoft Word relates to errors in memory object handling. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code with user privileges using a specially crafted file...
The vulnerability of the web interface of the Cisco Video Surveillance Media Server allows a intruder to trigger a service failure.
The vulnerability of the Cisco Video Surveillance Media Server’s web interface is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to cause service failures by using a specially crafted link...
The vulnerability of the Cisco Meeting Server platform relates to errors in processing user requests, which allow attackers to disclose protected information.
The vulnerability of the Cisco Meeting Server platform arises from errors in processing user requests. Exploiting this vulnerability allows a malicious actor to gain access to protected information through specially crafted requests...
The vulnerability of the HTTP-server on the RouterOS operating system of MikroTik allows a hacker to cause a service failure.
The vulnerability of the HTTP-server of the RouterOS operating system for MikroTik relates to buffer overflows in memory during recursive processing of JSON requests. Exploiting this vulnerability allows a malicious actor to cause a malfunction of the HTTP-server by using a specially crafted...
The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.
The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser is caused by an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially crafted web page content...
The vulnerability of Medtronic MiniMed medical equipment, related to insufficient protection of transmitted information, allows a perpetrator to disclose protected information.
The vulnerability of Medtronic MiniMed 508, 522, 523, 523K, 551, 722, 723, 723K, and 751 medical devices lies in the transmission of protected information in an unencrypted form. Exploiting this vulnerability could allow an intruder to disclose protected information...