Lucene search
K
Bdu FstecMost viewed

90509 matches found

BDU FSTEC
BDU FSTEC
added 2018/01/24 12:0 a.m.10 views

The vulnerability of the Apache Hadoop distributed development and execution platform, related to insufficient validation of input data, allows a malicious actor to execute commands with root privileges remotely.

The vulnerability of the Apache Hadoop distributed development and execution platform is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute commands with root privileges...

8.5CVSS5.9AI score0.01795EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/01/18 12:0 a.m.10 views

The vulnerability of the Sandbox component of the Mac OS X operating system allows a malicious actor to trigger a service failure or execute arbitrary code in a privileged context.

The vulnerability of the Sandbox component of the Mac OS X operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in a privileged context remotely, or to trigger a service failure...

9.3CVSS8.4AI score0.01162EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/01/12 12:0 a.m.10 views

The vulnerability of the GIF loader in the imlib2 library allows a hacker to trigger a service failure or gain access to confidential data.

The vulnerability of the imlib2 GIF library loader exists due to a read buffer overflow error. Exploiting this vulnerability can allow an attacker to cause service failures or gain access to confidential data using a specially created GIF image...

8.2CVSS7.8AI score0.02784EPSS
Exploits0References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2018/01/12 12:0 a.m.10 views

The vulnerability of the try_read_command function (memcached.c) in the memcached data caching software allows a attacker to cause a service failure.

The vulnerability of the tryreadcommand function in the memcached.c library lies in the fact that the operation is executed outside of the buffer in memory. Exploiting this vulnerability allows an attacker, operating locally, to cause a service failure segmentation fault by using a specially...

7.5CVSS7.7AI score0.04166EPSS
Exploits1References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/12/26 12:0 a.m.10 views

The vulnerability in GoAhead’s embedded web server software for the COM-module of SICAM RTUs SM-2556 allows a intruder to execute arbitrary code.

The vulnerability of GoAhead’s embedded web server’s COM-module software for SICAM RTUs SM-2556 is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

10CVSS5.9AI score0.05646EPSS
Exploits2References3
BDU FSTEC
BDU FSTEC
added 2017/12/26 12:0 a.m.10 views

The vulnerability in the Omnibox browser implementation of Google Chrome allows a hacker to replace the domain name.

The vulnerability of the Omnibox browser implementation by Google Chrome is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to replace a domain name using a specially crafted domain name that includes IDN Internationalized Domain Names...

6.5CVSS7.6AI score0.01313EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/12/21 12:0 a.m.10 views

The vulnerability of the FileReceiveServlet servlet in the network management system by Brocade Network Advisor allows a attacker to upload a malicious file into the file system, where it can be executed.

The vulnerability of the FileReceiveServlet server in the IP and SAN network management system provided by Brocade Network Advisor exists due to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability allows a malicious actor to download a malicious fi...

10CVSS7.7AI score0.07131EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/12/21 12:0 a.m.10 views

The vulnerability of MySQL and MariaDB database drivers for the Perl Database Interface (DBI) relates to buffer overflow attacks, allowing attackers to cause service interruptions.

The vulnerability of the MySQL and MariaDB database drivers for the Perl Database Interface DBI arises due to buffer overflow. Exploiting this vulnerability allows an attacker to trigger a fixed-length buffer error message, leading to a crash error FORTIFYSOURCE. This potentially results in servi...

7.5CVSS8AI score0.0406EPSS
Exploits0References8Affected Software2
BDU FSTEC
BDU FSTEC
added 2017/12/14 12:0 a.m.10 views

The vulnerability of the `usb_get_bos_descriptor` function in the Linux operating system’s kernel allows a hacker to cause a service failure or exert other effects.

The vulnerability of the usbgetbosdescriptor function in the Linux kernel’s drivers/usb/core/config.c file relates to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to cause a service failure or other effects through a specially created USB device...

6.8CVSS7.1AI score0.00381EPSS
Exploits0References22Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/12/14 12:0 a.m.10 views

The vulnerability of the “networkmap” component in ASUS’s microprogramming router software allows a hacker to execute arbitrary code.

The vulnerability of the “networkmap” component in ASUS’s microprogramming router software arises from buffer overflow. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by constructing long strings as values for the hostname and port in the response to a...

10CVSS6.5AI score0.21342EPSS
Exploits4References5Affected Software31
BDU FSTEC
BDU FSTEC
added 2017/12/04 12:0 a.m.10 views

The vulnerability in the server component of the SAP POS software for automating accounting, sales, and production processes allows a perpetrator to read and delete files, shut down the Xpress Server, view the contents of the POS terminal, and attack user accounts.

The vulnerability in the server component of the SAP POS software for accounting, trading, and production automation lies in the absence of authentication procedures during file reading, operation completion, daemon shutdown, and terminal reading. Exploiting this vulnerability allows a malicious...

10CVSS7.8AI score0.03916EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/12/04 12:0 a.m.10 views

The vulnerability of the Python script execution subsystem of the NX-OS network operating system allows a attacker to execute arbitrary commands on the underlying operating system.

The vulnerability of the Python script execution subsystem in the NX-OS network operating system is related to insufficient cleaning of user parameters used by certain Python functions in an isolated scripting environment. Exploiting this vulnerability allows a malicious actor to exit the isolate...

7.2CVSS7.1AI score0.00447EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/12/04 12:0 a.m.10 views

The vulnerability of the doFilter method in the UrlAccessController class of the HPE Intelligent Management Center PLAT software platform allows a attacker to bypass the authentication process.

The vulnerability of the doFilter method in the UrlAccessController class of the HPE Intelligent Management Center PLAT software platform for managing wired and wireless networks is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor ...

10CVSS7.8AI score0.68916EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2017/11/23 12:0 a.m.10 views

The vulnerability in the PHPMemcachedAdmin web interface exists due to errors in the mechanism for recovering serialized data. This allows attackers to escalate their privileges and execute arbitrary PHP code.

The vulnerability of the PHPMemcachedAdmin web interface exists due to errors in the mechanism for restoring serialized data. Exploiting this vulnerability allows a malicious actor to elevate their privileges to the level of an administrator and execute arbitrary PHP code...

10CVSS8.1AI score0.11763EPSS
Exploits1References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/11/23 12:0 a.m.10 views

The vulnerability of the Redmine.pm web application for managing projects and tasks allows a perpetrator to gain access to protected information or exert other effects.

The vulnerability of the Redmine.pm web application for managing projects and tasks in Redmine is related to the lack of verification of the “Repository” module in project settings. Exploiting this vulnerability may allow a malicious actor, operating remotely, to gain access to protected...

7.5CVSS7.2AI score0.01288EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/11/10 12:0 a.m.10 views

The vulnerability of the _isBidi function in the (bidi.c) library of Libidn2, which allows a hacker to cause a service failure or exert other effects.

The vulnerability of the isBidi function in the bidi.c library from Libidn2 is due to a numerical overflow condition. Exploiting this vulnerability could allow an attacker, operating remotely, to cause service failures or other adverse effects...

9.8CVSS7.7AI score0.02404EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2017/11/10 12:0 a.m.10 views

The vulnerability of the install/index.php script of the Exponent CMS system allows a hacker to execute arbitrary code.

The vulnerability of the Exponent CMS content management system is related to improper handling of code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the sc parameter in the install/index.php script...

10CVSS8.2AI score0.06636EPSS
Exploits3References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/11/10 12:0 a.m.10 views

The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser allows a hacker to execute arbitrary code.

The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser is related to improper handling of objects in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user, using a specially crafted web page...

7.6CVSS7.7AI score0.08761EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/10/26 12:0 a.m.10 views

The vulnerability of Microsoft Edge’s JavaScript interpreter allows a perpetrator to execute arbitrary code using specially crafted content.

The vulnerability of Microsoft Edge’s JavaScript interpreter is related to improper handling of objects in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user...

7.6CVSS7.7AI score0.64437EPSS
Exploits3References6
BDU FSTEC
BDU FSTEC
added 2017/10/26 12:0 a.m.10 views

The vulnerability of the FileUploadServlet class in the software for managing workstations through the ManageEngine Desktop Central web interface allows a malicious individual to upload and execute any file they desire.

The vulnerability of the FileUploadServlet class in the software for managing workstations through the web interface of ManageEngine Desktop Central is related to the lack of restrictions on file uploads. Exploiting this vulnerability allows an unauthorized intruder, operating remotely, to upload...

10CVSS7.8AI score0.73603EPSS
Exploits6References6
BDU FSTEC
BDU FSTEC
added 2017/10/25 12:0 a.m.10 views

The vulnerability of the graphical component of the Windows operating system, Win32k, allows a hacker to execute code in kernel mode and gain increased privileges.

The vulnerability of the graphical component of the Windows operating system, Win32k, is related to deficiencies in access control. Exploiting this vulnerability allows a local attacker to execute code at the kernel level and increase their privileges through a specially created application...

7.8CVSS7.5AI score0.01644EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2017/10/18 12:0 a.m.10 views

The vulnerability of the WPA2 protocol, which stems from errors in managing the cryptographic keys, allows unauthorized access to encrypted information transmitted over a wireless network.

The vulnerability of the WPA2 protocol, which provides security for Wi-Fi wireless networks, is related to errors in the management of cryptographic keys. Exploiting this vulnerability allows a perpetrator within the range of a Wi-Fi network to gain access to encrypted information transmitted ove...

7.9CVSS7AI score0.01742EPSS
Exploits0References23Affected Software39
BDU FSTEC
BDU FSTEC
added 2017/10/05 12:0 a.m.10 views

The vulnerability of the Arbor Peakflow SP traffic control analysis system lies in the lack of protection for operational data, allowing intruders to read arbitrary files.

The vulnerability of the Arbor Peakflow SP traffic control analysis system is related to the lack of protection for operational data. Exploiting this vulnerability allows a malicious actor to read arbitrary files...

6.8CVSS5.6AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/09/28 12:0 a.m.10 views

The vulnerability of the “/com.sap.portal.themes.styleservice.LockingTestPortalComponent” component of the SAP NetWeaver software integration platform allows a hacker to inject any HTML tags into a page.

The vulnerability of the “/com.sap.portal.themes.styleservice.LockingTestPortalComponent” component of the SAP NetWeaver software integration platform exists due to the lack of measures taken to protect the structure of web pages. This vulnerability allows a malicious actor to inject arbitrary HT...

6.4CVSS5.6AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/09/22 12:0 a.m.10 views

The vulnerability in the embedded microprogramming software of the IP-stack service for Huawei Campus series network switches models S2300, S2700, S3300, S3700, S5300EI, S5700EI, S5300SI, S5700SI, S5300HI, S5700HI, S6300EI, S6700EI, S5710HI, S5300LI, S5700LI, S2350EI, S2750EI, S5720HI, S7700, S9300, S9700 allows a intruder to cause service failure.

The vulnerability of the embedded microprogramming software of the IP-stack service for Huawei Campus series network switches, such as S2300, S2700, S3300, S3700, S5300EI, S5700EI, S5300SI, S5700SI, S5300HI, S5700HI, S6300EI, S6700EI, S5710HI, S5300LI, S5700LI, S2350EI, S2750EI, S5720HI, S7700,...

7.8CVSS7.2AI score0.00943EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2017/09/08 12:0 a.m.10 views

The vulnerability of the Archive::ReadHeader15 function in the libunrar.a library, a tool for decompressing UnRAR files, allows a malicious actor to cause an unexpected termination of the application.

The vulnerability of the Archive::ReadHeader15 function in the libunrar.a library, a tool for decompressing UnRAR files, arises due to the execution of an operation beyond the buffer boundaries in memory reading beyond the memory boundaries when calling EncodeFileName::Decode. Exploiting this...

7.5CVSS7.3AI score0.02259EPSS
Exploits1References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2017/09/01 12:0 a.m.10 views

The vulnerability of the LTE component of the Android operating system from the CAF repository, which allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the LTE component of the Android operating system exists due to insufficient verification of data related to the size of the frequency list. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the...

10CVSS7.8AI score0.00836EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2017/08/18 12:0 a.m.10 views

The vulnerability of the FileUploadController servlet in the web application, which is designed for managing and monitoring printing devices and image processing. SyncThru 6 allows a perpetrator to execute arbitrary code with system privileges.

The vulnerability of the FileUploadController servlet in the web application, which is designed for managing and monitoring printing devices and image processing, exists due to an incorrect path limitation for the restricted directory. Exploiting this vulnerability allows a malicious actor to...

10CVSS8.2AI score0.12633EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2017/08/18 12:0 a.m.10 views

The vulnerability of the FileUploadController servlet in the web application, which is designed for managing and monitoring printing devices and image processing. SyncThru 6 allows a perpetrator to execute arbitrary code with system privileges.

The vulnerability of the FileUploadController servlet in the web application, which is designed for managing and monitoring printing devices and image processing, exists due to an incorrect path limitation for the restricted directory. Exploiting this vulnerability allows a malicious actor to...

10CVSS8.2AI score0.12633EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2017/08/10 12:0 a.m.10 views

The vulnerability of the ReadOneDJVUImage function in the console-based ImageMagick graphic editor allows a hacker to trigger a service failure.

The vulnerability of the ReadOneDJVUImage function in the console-based ImageMagick graphics editor is related to resource management errors. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure an infinite loop, excessive consumption of computationa...

7.1CVSS7.1AI score0.0177EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/08/10 12:0 a.m.10 views

The vulnerability of the AcquireVirtualMemory component in the console-based ImageMagick graphics editor allows a hacker to trigger a service failure.

The vulnerability of the AcquireVirtualMemory component in the console-based ImageMagick graphics editor is related to a memory leak. Exploiting this vulnerability can allow an attacker to cause a service failure memory consumption...

7.8CVSS7.4AI score0.04868EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/08/03 12:0 a.m.10 views

The vulnerability of JavaScript handlers in the Microsoft Edge browser for the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of Microsoft Edge’s JavaScript handlers arises from an operation going beyond the buffer boundaries due to a memory object processing error. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in the context of the current user...

7.6CVSS7.9AI score0.66911EPSS
Exploits5References4
BDU FSTEC
BDU FSTEC
added 2017/07/14 12:0 a.m.10 views

The vulnerability of the sock_setsockopt function in the kernel of the Linux operating system’s net/core/sock.c file allows a hacker to cause a service failure or exert other effects.

The vulnerability of the socksetsockopt function in the kernel’s net/core/sock.c file in the Linux operating system arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a local attacker to cause a service failure or other adverse...

7.2CVSS7.2AI score0.00412EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/07/14 12:0 a.m.10 views

The vulnerability of the RW-message structure in the Aerospike Database Server of the Oracle Database database management system allows a perpetrator to execute arbitrary code.

The vulnerability of the RW-message structure in the Aerospike Database Server of the Oracle Database database management system is related to unvalidated array indexing. Exploiting this vulnerability allows a malicious actor to execute arbitrary code read from beyond the memory limit using a...

7.5CVSS8.2AI score0.07249EPSS
Exploits2References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/07/14 12:0 a.m.10 views

The vulnerability of the ring_buffer_resize function in the Linux kernel’s profiling subsystem allows a hacker to increase their privileges.

The vulnerability of the ringbufferresize function in the Linux kernel’s profiling subsystem arises due to integer overflow or cyclic shift attacks. Exploiting this vulnerability can allow an attacker, operating locally, to increase their privileges by writing to the file in the...

7.8CVSS7.1AI score0.00532EPSS
Exploits1References18Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/07/06 12:0 a.m.10 views

The vulnerability of the Windows operating system’s kernel driver mode allows attackers to escalate their privileges.

The vulnerability of the Windows operating system’s kernel mode driver is related to improper data handling. Exploiting this vulnerability can allow an attacker, operating locally, to increase their privileges...

7.2CVSS7.2AI score0.01004EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2017/07/06 12:0 a.m.10 views

The vulnerability of the Internet Explorer browser, which allows a hacker to execute arbitrary code

The vulnerability of the Internet Explorer browser is related to improper access to objects in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.6CVSS7.6AI score0.06117EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/07/06 12:0 a.m.10 views

The vulnerability of the Xen hypervisor, a platform for server virtualization called XenServer, allows a attacker to cause a service failure, obtain confidential information, or execute arbitrary code.

The vulnerability of the Xen hypervisor and the XenServer platform for server virtualization exists due to insufficient validation of input data. Exploiting this vulnerability can allow a guest user of the 86-bit operating system running locally to obtain confidential information, execute arbitra...

7.2CVSS7.9AI score0.00509EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2017/06/30 12:0 a.m.10 views

The vulnerability of the audio driver of the MediaTek Android operating system allows a hacker to execute arbitrary code.

The vulnerability of the audio driver of the MediaTek Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute arbitrary code within the kernel context, through the use of a local maliciou...

7.6CVSS7.5AI score0.00665EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/06/30 12:0 a.m.10 views

The vulnerability of Ubuntu and Debian GNU/Linux operating systems allows attackers to enhance their privileges.

The vulnerability of Ubuntu and Debian GNU/Linux operating systems is related to errors in error handling. Exploiting this vulnerability can allow an intruder to increase their privileges locally. The dmcrypt-get-device utility, which comes with the Ubuntu package for extraction, does not check t...

7.2CVSS7.1AI score0.00469EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2017/06/30 12:0 a.m.10 views

The vulnerability of the Android operating system’s camera, allowing a intruder to compromise the confidentiality of information

The vulnerability of the Android operating system’s camera is related to deficiencies in access control. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality of information...

9.3CVSS7.3AI score0.00363EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2017/06/30 12:0 a.m.10 views

The vulnerability of the tools::Polygon::Insert function in the LibreOffice office software package allows a hacker to trigger a service failure.

The vulnerability of the tools::Polygon::Insert function in the LibreOffice office software package is caused by a buffer overflow in the dynamic memory. Exploiting this vulnerability can allow an attacker to cause a service failure remotely...

10CVSS7.2AI score0.03864EPSS
Exploits0References10Affected Software5
BDU FSTEC
BDU FSTEC
added 2017/06/30 12:0 a.m.10 views

The vulnerability of the FFmpeg multimedia library, which allows a hacker to perform recording beyond the memory limit

The vulnerability of the FFmpeg multimedia library arises from an overflow in the buffer in the dynamic memory. Exploiting this vulnerability allows a malicious actor to perform write operations beyond the memory boundaries, related to the decodeframe function in libavcodec/pictordec.c...

7.5CVSS8AI score0.02564EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/06/23 12:0 a.m.10 views

The vulnerability in the loading of DLL files of the Cisco AnyConnect Secure Mobility Client software allows a perpetrator to install or execute a file with privileges equivalent to those of a Microsoft Windows system administrator account.

The vulnerability related to the loading of DLL files in the Cisco AnyConnect Secure Mobility Client encryption solution stems from deficiencies in access control. Exploiting this vulnerability allows a malicious actor, operating locally, to install or execute a DLL file with privileges equivalen...

7.2CVSS7.3AI score0.00371EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/06/23 12:0 a.m.10 views

The vulnerability of the coders/wpg.c component in the console-based image editing tool ImageMagick allows a hacker to exert undefined effects.

The vulnerability of the coders/wpg.c component in the console-based image editing tool ImageMagick is caused by an unaccounted-for unit. Exploiting this vulnerability can allow a remote attacker to exert unpredictable effects using vectors related to the copy of the string...

7.5CVSS6.5AI score0.05411EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2017/06/15 12:0 a.m.10 views

The vulnerability of the DiskArbitration component in the Mac OS X operating system allows a hacker to execute arbitrary code in a privileged context.

The vulnerability of the DiskArbitration component in the Mac OS X operating system arises due to synchronization errors when using a shared resource. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary code in privileged context racing condition through a...

7.6CVSS7.6AI score0.0439EPSS
Exploits2References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/06/15 12:0 a.m.10 views

The vulnerability of the SQLite component in Mac OS X and iOS operating systems allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the SQLite component in Mac OS X and iOS operating systems arises from the execution of an operation beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure memory corruption, application...

7.5CVSS8.7AI score0.0395EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2017/06/08 12:0 a.m.10 views

The vulnerability of the Microsoft Server Message Block 1.0 (SMBv1) network protocol on the Windows operating system allows a perpetrator to execute arbitrary code or cause a service failure.

The vulnerability of the Microsoft Server Message Block 1.0 SMBv1 operating system in Windows is related to improper data processing. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause service failures by manipulating certain requests...

9.3CVSS7.9AI score0.17121EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2017/06/08 12:0 a.m.10 views

Microsoft Edge browser vulnerability, allowing a hacker to trigger memory corruption

The vulnerability of Microsoft Edge arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to cause memory corruption...

7.6CVSS7.5AI score0.13788EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2017/06/08 12:0 a.m.10 views

The vulnerability in the JavaScript kernel of Microsoft Edge’s browser allows a hacker to trigger memory corruption.

The vulnerability in the Microsoft Edge JavaScript kernel is caused by a race condition that occurs outside of the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to induce memory corruption from a remote perspective...

7.6CVSS7.5AI score0.10701EPSS
Exploits0References3
Total number of security vulnerabilities5000