Lucene search
K
Bdu FstecMost viewed

90604 matches found

BDU FSTEC
BDU FSTEC
added 2024/10/31 12:0 a.m.10 views

The vulnerability of Ember ZNet’s microprogramming software library for monitoring and controlling Sentron Powercenter 1000 allows a intruder to cause a service failure.

The vulnerability of Ember ZNet’s microprogramming software for monitoring and controlling energy systems in Sentron Powercenter 1000 lies in the possibility of manipulating the NWK serial number. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

7.8CVSS7.1AI score0.00351EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/31 12:0 a.m.10 views

The vulnerability of the Suite Applications Services package of the MiCollab collaboration platform allows a perpetrator to execute cross-site scripting attacks.

The vulnerability of the Suite Applications Services package of the MiCollab collaboration platform is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...

5.5CVSS5.2AI score0.00291EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/30 12:0 a.m.10 views

The vulnerability of the software for managing and monitoring hardware resources of the IBM Flexible Service Processor (FSP) in IBM Power System software allows a hacker to gain access to the FSP services.

The vulnerability of the software for managing and monitoring hardware resources of the IBM Flexible Service Processor FSP in IBM Power System software is related to the use of pre-installed account data. Exploiting this vulnerability can allow a malicious actor to gain access to FSP services...

10CVSS5.4AI score0.00434EPSS
Exploits0References2Affected Software23
BDU FSTEC
BDU FSTEC
added 2024/10/29 12:0 a.m.10 views

The vulnerability of the FortiAnalyzer device, a security event monitoring and analysis tool, allows a intruder to execute arbitrary code or commands.

The vulnerability of the FortiAnalyzer security event monitoring and analysis tool, the Fazsvcd module, is related to the use of an uncontrolled format string. Exploiting this vulnerability allows a attacker to execute arbitrary code or commands using specially created requests...

9CVSS6AI score0.00616EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/10/28 12:0 a.m.10 views

The vulnerability of the SCKUd Gate software, related to the disclosure of information, allows attackers to obtain information about registered users in the system.

The vulnerability of the SCKU Dome software is related to the disclosure of information. Exploiting this vulnerability can allow a remote attacker to obtain information about registered users within the system...

5.3CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/25 12:0 a.m.10 views

The vulnerability in the operating_mode.cgi script of NETGEAR EX3700 microprogramming devices allows a hacker to execute arbitrary commands.

The vulnerability of the operatingmode.cgi script in NETGEAR EX3700 microprogramming devices is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands using the apmode parameter...

8.4CVSS5.9AI score0.01803EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/24 12:0 a.m.10 views

The vulnerability of the Jenkins automation server, related to access control deficiencies, allows a hacker to bypass restrictions and create temporary elements.

The vulnerability of the Jenkins automation server is related to lack of access control. Exploiting this vulnerability allows a malicious actor to bypass restrictions and create temporary elements...

4.3CVSS6.6AI score0.00669EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/10/24 12:0 a.m.10 views

The vulnerability of the read() and write() functions in the amdpgu driver of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the read and write functions in the drivers/gpu/drm/amd/display/modules/hdcp/hdcpddc.c file, a driver for AMD GPU, in the Linux operating system is related to incorrect index calculations. Exploiting this vulnerability could allow an attacker to compromise the confidentiality...

7.8CVSS6.5AI score0.00245EPSS
Exploits0References21Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.10 views

The vulnerability of the Vinteo video conference software server, related to the failure to take measures to neutralize special elements, allows attackers to enhance their privileges and execute arbitrary code.

The vulnerability of the Vinteo video conference software server relates to the lack of measures taken to neutralize special elements. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...

8.1CVSS5.8AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.10 views

The vulnerability of the formDeviceReboot function in D-Link DIR-619L router microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the formDeviceReboot function in D-Link DIR-619L router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the nextpage parameter...

9CVSS8.4AI score0.01756EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.10 views

The vulnerability of the Pandoc format conversion library written in Haskell allows attackers to create or rewrite any files in the system.

The vulnerability of the Pandoc format conversion library written in Haskell is related to insufficient validation of input data. Exploiting this vulnerability allows attackers to create or overwrite arbitrary files in the system by using the --extract-media parameter or by exporting files in PDF...

5CVSS6.3AI score0.00368EPSS
Exploits1References9Affected Software6
BDU FSTEC
BDU FSTEC
added 2024/10/18 12:0 a.m.10 views

The vulnerability of the SAML SSO authentication mechanism in the corporate version of the GitHub Enterprise Server allows attackers to escalate their privileges and disclose sensitive information.

The vulnerability of the SAML SSO authentication mechanism in the corporate version of the GitHub Enterprise Server is related to errors in verifying the cryptographic signature. Exploiting this vulnerability could allow a malicious actor to increase their privileges and disclose sensitive...

8.5CVSS8AI score0.22443EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/18 12:0 a.m.10 views

The vulnerability of the mtk_wed_setup_tc_block() function in the MediaTek network device driver for Linux operating systems allows a hacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the mtkwedsetuptcblock function in the drivers/net/ethernet/mediatek/mtkwed.c file of the network device driver for MediaTek’s Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the...

7.8CVSS7.1AI score0.00214EPSS
Exploits0References11Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.10 views

The vulnerability of the SAP Shared Service Framework’s network service management software, related to deficiencies in the authentication process, allows a perpetrator to escalate their privileges.

The vulnerability of the SAP Shared Service Framework’s network service management software is related to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers to enhance their privileges remotely...

4.3CVSS5.5AI score0.00246EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.10 views

The vulnerability of the dasd_ese_needs_format() function in the Linux operating system’s kernel on the s390 platform allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the dasdeseneedsformat function in the drivers/s390/block/dasd.c module of the Linux operating system’s kernel on the s390 platform is related to memory writing beyond the bounds of the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the...

7.8CVSS6.8AI score0.00243EPSS
Exploits0References26Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.10 views

The vulnerability of the Windows Mobile Broadband Driver for Windows operating systems allows a hacker to induce a service failure.

The vulnerability of the Windows Mobile Broadband Driver for Windows operating systems is related to the execution of operations beyond the buffer in memory due to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

6.5CVSS5.9AI score0.00788EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.10 views

The vulnerability of the sqlo_union_scope component in the Virtuoso-opensource web application development platform allows a attacker to trigger a service failure.

The vulnerability of the sqlounionscope component in the Virtuoso-opensource web application development platform is related to improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to trigger a service failure using specially created S...

7.8CVSS7.3AI score0.00905EPSS
Exploits1References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.10 views

The vulnerability of the `of_irq_parse_one()` function in the Linux operating system allows a attacker to compromise the confidentiality and accessibility of the protected information.

The vulnerability of the ofirqparseone function in the Linux operating system is related to reading memory beyond the bounds of the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility of the protected information...

7.1CVSS6.5AI score0.00295EPSS
Exploits0References30Affected Software7
BDU FSTEC
BDU FSTEC
added 2024/10/14 12:0 a.m.10 views

The vulnerability of the Windows Mobile Broadband Driver for Windows operating systems allows a hacker to induce a service failure.

The vulnerability of the Windows Mobile Broadband Driver for Windows operating systems is related to the execution of operations beyond the buffer in memory due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...

6.5CVSS5.8AI score0.00807EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/10/14 12:0 a.m.10 views

The vulnerability of the Hyper-V hardware virtualization system for Windows operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the Hyper-V hardware virtualization technology for Windows operating systems relates to the unrestricted and unregulated distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

7.8CVSS5.5AI score0.02279EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/10/14 12:0 a.m.10 views

The vulnerability of the OpenSSH cryptographic protection mechanism for Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the OpenSSH cryptographic security mechanism for Windows operating systems is related to improper external management of file names or file paths. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.1CVSS5.9AI score0.01303EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/10/14 12:0 a.m.10 views

The vulnerability of the Autofill function in Microsoft Edge and Google Chrome browsers allows a hacker to replace the user’s interface.

The vulnerability of the Autofill function in Microsoft Edge and Google Chrome browsers is related to improper security checks for standard elements. Exploiting this vulnerability could allow a malicious actor to replace the user interface with a specially created HTML page...

5CVSS6.4AI score0.00347EPSS
Exploits0References10Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/10/14 12:0 a.m.10 views

The vulnerability of the Hyper-V hardware virtualization system for Windows operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the Hyper-V hardware virtualization technology in Windows operating systems is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

7.8CVSS5.4AI score0.02279EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/10/11 12:0 a.m.10 views

The vulnerability of the swap_endian() function in the WireGuard subsystem of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the swapendian function in the drivers/net/wireguard/allowedips.c sub-module of the WireGuard subsystem in the Linux operating system is related to incorrect data reading. Exploiting this vulnerability could allow a attacker to cause a service failure...

5.5CVSS6.3AI score0.00228EPSS
Exploits0References27Affected Software6
BDU FSTEC
BDU FSTEC
added 2024/10/11 12:0 a.m.10 views

The vulnerability of the Palo Alto Networks Expedition configuration migration tool lies in the lack of security measures for SQL query structures. This allows attackers to access database contents, create, and read arbitrary files.

The vulnerability of the Palo Alto Networks Expedition configuration migration tool lies in the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to remotely access database contents, create and read arbitrary files by injecting specially...

8.5CVSS8.3AI score0.99597EPSS
Exploits3References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/09 12:0 a.m.10 views

The vulnerability of the component cgi-bin/mainfunction.cgi/cvmcfgupload in the microprogramming software for DrayTek Vigor allows a hacker to execute arbitrary code.

The vulnerability of the cgi-bin/mainfunction.cgi/cvmcfgupload component of DrayTek Vigor routing software exists due to the failure to eliminate special elements used in the operating system command. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.5AI score0.84599EPSS
Exploits1References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/10/09 12:0 a.m.10 views

The vulnerability of Microsoft Office for Mac and 365 Apps for Enterprise packages relates to the execution of operations beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Office for Mac and 365 Apps for Enterprise packages is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS6.2AI score0.0078EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/10/09 12:0 a.m.10 views

The vulnerability of the implementation of the Global Search technology in the software platform based on git for collaborative code development on GitLab allows a perpetrator to disclose protected information.

The vulnerability of the Git-based software platform’s implementation of the Global Search technology for collaborative code development on GitLab is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose...

7.8CVSS5.8AI score0.00521EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/08 12:0 a.m.10 views

The vulnerability of the Microsoft PowerPoint presentation preparation program lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of the Microsoft PowerPoint presentation preparation program is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.5AI score0.00929EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/10/03 12:0 a.m.10 views

The vulnerability of the Ivanti EPM endpoint management software lies in its lack of measures to neutralize special elements used in the operating system’s command set. This allows a perpetrator to execute arbitrary code.

The vulnerability of the Ivanti EPM endpoint management software exists because measures to neutralize special elements used in the operating system command are not taken. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.9AI score0.19565EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/02 12:0 a.m.10 views

The vulnerability of the Group Member Handler component in the Git-based software platform, which is used for collaborative code development on GitLab, allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the Group Member Handler component in the Git-based software platform for collaborative code development on GitLab relates to bypassing authentication using a key controlled by the user. Exploiting this vulnerability could allow an attacker, operating remotely, to gain...

4.3CVSS5.5AI score0.00372EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.10 views

The vulnerability of the cgi_create_album() function (/cgi-bin/photocenter_mgr.cgi) in the microprogramming software of D-Link devices such as DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 allows a hacker to execute arbitrary commands.

The vulnerability of the cgicreatealbum function /cgi-bin/photocentermgr.cgi in the microprogramming software of D-Link devices such as DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4...

9CVSS8.1AI score0.0117EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.10 views

The vulnerability of the FUN_00415aa4() function (/usr/sbin/shttpd) of the TOTOLINK X6000R router software allows a attacker to execute arbitrary commands.

The vulnerability of the FUN00415aa4 function /usr/sbin/shttpd of the TOTOLINK X6000R router operating system is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability can allow a remote attacker to execute arbitrary commands using a specially...

10CVSS7AI score0.06239EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.10 views

The vulnerability of the mod_jk module of the Apache Tomcat JK Connector allows attackers to disclose sensitive information or cause service failures.

The vulnerability of the JkShmFile directive in the modjk module of the Apache Tomcat JK Connector is related to the incorrect use of standard permissions. Exploiting this vulnerability can allow an attacker to disclose information about the modjk module or cause service failures...

5.9CVSS6.2AI score0.00326EPSS
Exploits0References6Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.10 views

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to the use of uninitialized variables. Exploiting this vulnerability allows a remote attacker to execute arbitrary code through a specially created HTML page...

10CVSS6AI score0.0035EPSS
Exploits1References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.10 views

The vulnerabilities of the functions cgi_create_playlist() and cgi_get_tracks_list() (/cgi-bin/MyMusic.cgi) in the microprogramming software of D-Link devices such as DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 allow a malicious individual to execute arbitrary commands.

The vulnerabilities of the functions cgicreateplaylist and cgigettrackslist /cgi-bin/MyMusic.cgi in the microprogramming software of D-Link devices such as DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343...

9CVSS7.3AI score0.19464EPSS
Exploits1References7
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.10 views

The vulnerability of the microprogrammed logic controller (PLC) Advantech ADAM-5630 software, related to the falsification of inter-site requests, allows a intruder to intercept the user’s session.

The vulnerability of the microprogrammed logic controller PLC Advantech ADAM-5630 software is related to the manipulation of intersite requests. Exploiting this vulnerability allows a malicious actor to intercept the user’s session remotely...

8.3CVSS5.4AI score0.00207EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.10 views

The vulnerability of the arm64/mm component of the Linux operating system’s kernel allows for a denial-of-service attack to be initiated.

The vulnerability of the arm64/mm component in the Linux operating system’s kernel is related to improper handling of memory allocation errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.9AI score0.00205EPSS
Exploits0References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.10 views

The vulnerability of the ice component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the ice component in the Linux operating system’s kernel is related to the assignment of the NULL pointer in the kzalloc function. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.2AI score0.00205EPSS
Exploits0References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.10 views

The vulnerability of DHCP Snooping on Cisco IOS XE operating systems allows a intruder to trigger a service failure.

The vulnerability of DHCP Snooping in Cisco IOS XE operating systems is related to a logical priority error during the processing of IPv4 packets. Exploiting this vulnerability allows an attacker to cause service interruptions by sending specially crafted packets remotely...

8.6CVSS5.4AI score0.00575EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.10 views

The vulnerability in the CODESYS web server environment allows a attacker to cause a service failure.

The vulnerability in the CODESYS web server’s execution environment related to CODESYS Control is due to insufficient checking of unusual or exceptional states. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service failures by sending a specially crafte...

7.8CVSS5.7AI score0.00621EPSS
Exploits0References2Affected Software18
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.10 views

The vulnerability of the cgi_set_cover() function (/cgi-bin/photocenter_mgr.cgi) in the microprogramming software of D-Link devices such as DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 allows a hacker to execute arbitrary commands.

The vulnerability of the cgisetcover function /cgi-bin/photocentermgr.cgi in the microprogramming software of D-Link devices such as DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4,...

9CVSS8.1AI score0.16225EPSS
Exploits1References7
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.10 views

The vulnerability of the Dawn component in the Google Chrome browser allows a hacker to execute arbitrary code.

The vulnerability of the Dawn component in the Google Chrome browser allows for the use of memory after it is freed. Exploiting this vulnerability could enable a malicious actor to execute arbitrary code using a specially created HTML page from a remote location...

10CVSS6AI score0.00429EPSS
Exploits1References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.10 views

The vulnerability of ESET antivirus protection lies in the improper handling of symbolic links before accessing a file, which allows a hacker to trigger a service failure.

The vulnerability of ESET antivirus protection is related to the incorrect handling of symbolic links before accessing a file. Exploiting this vulnerability can allow an attacker to cause service interruptions...

5.5CVSS5.5AI score0.002EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.10 views

The vulnerability of the io_uring/poll component in the Linux operating system’s kernel allows for a malfunction to occur, leading to service failure.

The vulnerability of the iouring/poll component in the Linux operating system’s kernel is related to the state of the race condition during multi-address request operations. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.9AI score0.00205EPSS
Exploits0References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.10 views

The vulnerability of the WebRTC component in Google Chrome browsers, related to recording beyond the buffer limit, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the WebRTC component in the Google Chrome web browser is related to memory corruption beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to access sensitive data, compromise its integrity, and cause service interruptions...

9.3CVSS7.3AI score0.01742EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/09/27 12:0 a.m.10 views

The vulnerability of the CORS mechanism implementation in Python PyPi storage solutions allows attackers to disclose protected information.

The vulnerability of the CORS mechanism implemented in Python PyPi software repositories is related to improper resolution of path equivalence. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

5CVSS6AI score0.00652EPSS
Exploits1References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/09/27 12:0 a.m.10 views

The vulnerability of the try_match function in the Python PyPi software repository allows a attacker to compromise the confidentiality of the protected information.

The vulnerability of the trymatch function in Python PyPi software products is related to incorrect handling of registries. Exploiting this vulnerability allows an attacker to influence the confidentiality of protected information by circumventing CORS policies and altering the URL path registry...

5.4CVSS6.2AI score0.00642EPSS
Exploits1References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/09/26 12:0 a.m.10 views

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software, related to the occurrence of operations outside the buffer in memory, allows attackers to disclose protected information.

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software lies in the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected information using a specially created U3D file...

3.3CVSS6.1AI score0.00304EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/09/24 12:0 a.m.10 views

The vulnerability in the Linux kernel driver for microprogrammed network controllers and adapters of Intel Ethernet allows a hacker to exploit their privileges.

The vulnerability in the Linux kernel driver for microprogrammed network controllers and adapters of Intel Ethernet is related to insecure privilege management. Exploiting this vulnerability could allow an attacker to enhance their privileges...

8.8CVSS5.5AI score0.00184EPSS
Exploits0References4Affected Software1
Total number of security vulnerabilities5000