74701 matches found
The vulnerability of the cow_file_range() function in the fs/btrfs/inode.c module of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the cowfilerange function in the fs/btrfs/inode.c module of the Linux operating system is related to improper resource locking. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the virtual server “1C-Bitrix: Virtual Machine” involves deficiencies in access control, allowing attackers to elevate their privileges to the root level.
The vulnerability of the virtual server “1C-Bitrix: Virtual Machine” is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to elevate their privileges to the root level...
The vulnerability of the E-Staff automation system for recruitment processes is related to errors in data filtering during object export. This allows a perpetrator to gain unauthorized access to protected information and execute arbitrary codes.
The vulnerability of the E-Staff recruitment process automation system is related to errors in data filtering during object export. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information and execute arbitrary codes...
The vulnerability of the E-Staff automated recruitment process system, related to errors in data filtering in image display functions, allows a perpetrator to execute arbitrary code.
The vulnerability of the E-Staff recruitment process automation system is related to errors in data filtering in image display functions. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a specially crafted HTML page...
The vulnerability of the E-Staff automation system for recruitment processes is related to errors in XML data filtering during document printing, allowing a perpetrator to execute arbitrary commands.
The vulnerability of the E-Staff recruitment process automation system is related to errors in XML data filtering during document printing. Exploiting this vulnerability allows a malicious actor to remotely execute arbitrary commands by sending a specially crafted XML document...
The vulnerability of the hmm_range_fault() function in the drivers/gpu/drm/xe/xe_hmm.c kernel module of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the hmmrangefault function in the drivers/gpu/drm/xe/xehmm.c kernel module of the Linux operating system is related to improper resource locking. Exploiting this vulnerability could allow an attacker to cause a service failure...
Microsoft Edge browser’s vulnerability, related to insufficient validation of input data, allows attackers to execute arbitrary code.
The vulnerability of Microsoft Edge is related to insufficient validation of input data during the processing of the ms-its URI scheme. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by opening a specially created malicious file or web page...
The vulnerability of the Data Manager component of Siemens SENTRON 7KT PAC1260, a multi-functional instrument for measuring parameters of electrical circuits, allows a hacker to gain access to read, modify, and delete data.
The vulnerability of the Data Manager component of Siemens SENTRON 7KT PAC1260 multi-functional measurement instruments for electrical networks lies in the lack of authentication for a critical function. Exploiting this vulnerability can allow an attacker to gain access to read, modify, and delet...
The vulnerability of the Data Manager component of Siemens SENTRON 7KT PAC1260 multi-functional measurement instruments for electrical networks allows a hacker to gain unauthorized access to protected information.
The vulnerability of the Data Manager component of Siemens SENTRON 7KT PAC1260 multi-functional measurement instruments related to an incorrect restriction on the path name to the restricted access catalog. Exploiting this vulnerability could allow an attacker to gain unauthorized access to...
The vulnerability of the Apple Account component in the MacOS operating system allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Apple Account component in the MacOS operating system is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the hda_sdw_machine_select() function in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the hdasdwmachineselect function in the Linux operating system is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the show_meminfo() function in the Linux kernel’s Direct Rendering Infrastructure (DRI) support driver allows a malicious actor to cause a service failure.
The vulnerability of the showmeminfo function in the Linux kernel’s Direct Rendering Infrastructure DRI support driver is related to insufficient resource locking. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the btintel_pcie_setup_hdev() function in the Linux kernel’s Bluetooth device support driver allows a hacker to cause a service failure.
The vulnerability of the btintelpciesetuphdev function in the Linux kernel’s Bluetooth device support driver is related to improper control of resource identifiers “resource injection”. Exploiting this vulnerability could allow an attacker to cause a service failure...
Vulnerability of the stm32_cryp_irq_thread() function – the driver of the Linux kernel cryptographic accelerator, allowing a hacker to cause a service failure
The vulnerability of the stm32crypirqthread function in the Linux kernel cryptographic acceleration driver is related to the multiple locking of critical resources. Exploiting this vulnerability could allow an attacker to cause a system failure...
The vulnerability of the AdvSetMacMtuWan function in the microprogramming software for Tenda AC10 allows a hacker to execute arbitrary code.
The vulnerability of the AdvSetMacMtuWan function in the Tenda AC10 router microprogramming software is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted GE...
The vulnerability of the rio_add_net() function in the drivers/rapidio/rio-scan.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the rioaddnet function in the drivers/rapidio/rio-scan.c module of the Linux kernel is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the mgmt_alloc_skb() function in the net/bluetooth/mgmt.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the mgmtallocskb function in the net/bluetooth/mgmt.c module of the Linux kernel is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the smb2_lock() function in the fs/smb/server/smb2pdu.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the smb2lock function in the fs/smb/server/smb2pdu.c module of the Linux operating system is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the smb2_lock() function in the fs/smb/server/smb2pdu.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the smb2lock function in the fs/smb/server/smb2pdu.c module of the Linux operating system is related to improper locking of resources. Exploiting this vulnerability could allow an attacker to cause service failures...
The vulnerability of the parse_sec_desc() function in the fs/smb/server/smbacl.c module of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the parsesecdesc function in the fs/smb/server/smbacl.c module of the Linux operating system is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the kfd_queue_acquire_buffers() function in the drivers/gpu/drm/amd/amdkfd/kfd_queue.c module of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the kfdqueueacquirebuffers function in the drivers/gpu/drm/amd/amdkfd/kfdqueue.c module of the Linux operating system is related to the pointer manipulation. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability in the arch/loongarch/mm/mmap.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability in the arch/loongarch/mm/mmap.c module of the Linux operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the iio_read_channel_info() function in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the iioreadchannelinfo function in the Linux operating system is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the E-Staff automated recruitment process system, related to data filtering errors, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the E-Staff recruitment process automation system is related to data filtering errors. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the E-Staff automated recruitment process system, related to errors in data filtering in document display functions, allows a perpetrator to execute arbitrary JavaScript code.
The vulnerability of the E-Staff recruitment process automation system is related to errors in data filtering in document display functions. Exploiting this vulnerability could allow a malicious actor to execute arbitrary JavaScript code remotely...
The vulnerability of the E-Staff recruitment automation system, related to errors in data filtering during file conversion, allows a perpetrator to gain unauthorized access to protected information and enhance their privileges.
The vulnerability of the E-Staff recruitment process automation system is related to errors in data filtering during file conversion. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information and enhance their privileges...
The vulnerability of the input_event() function in the drivers/hid/hid-appleir.c module of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the inputevent function in the drivers/hid/hid-appleir.c module of the Linux kernel is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a system failure...
The vulnerability of the ipheth_rcvbulk_callback() function in the Linux kernel’s USB device driver support mechanism allows a hacker to induce a service failure.
The vulnerability of the iphethrcvbulkcallback function in the Linux kernel’s USB device driver support routine is related to improper disabling or release of resources. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Data Manager component of Siemens SENTRON 7KT PAC1260, a multi-functional device for measuring parameters of electrical circuits, allows a hacker to gain unauthorized access to the device.
The vulnerability of the Data Manager component of Siemens SENTRON 7KT PAC1260 multi-functional measurement devices for electrical networks lies in the lack of authentication for a critical function. Exploiting this vulnerability can allow an unauthorized attacker to gain unauthorized access to t...
The vulnerability of the qcuefi_set_reference() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the qcuefisetreference function in the Linux operating system’s kernel is related to insufficient locking of resources. Exploiting this vulnerability could allow an attacker to trigger a service failure...
The vulnerability of the pinctrl_register_one_pin() function in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the pinctrlregisteronepin function in the Linux operating system is related to insufficient locking of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the hisi_spi_probe() function in Linux kernel-based SPI device drivers allows a hacker to induce a service failure.
The vulnerability of the hisispiprobe function in Linux kernel-based SPI device drivers is related to a division by zero error due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause system failures...
The vulnerability of the mgmt_alloc_skb() function in the net/bluetooth/mgmt.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the mgmtallocskb function in the net/bluetooth/mgmt.c module of the Linux kernel is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the ipc_msg_send_request() function in the fs/smb/server/transport_ipc.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the ipcmsgsendrequest function in the fs/smb/server/transportipc.c module of the Linux operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the graphical interface of the FortiSIEM security management system allows attackers to increase their privileges.
The vulnerability of the FortiSIEM security management graphical interface is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows a malicious actor to enhance their privileges by sending specially crafted HTTP requests remotely...
The vulnerability of the vmw_dumb_create() function in the Linux kernel’s Direct Rendering Infrastructure (DRI) support driver allows a malicious actor to cause a service failure.
The vulnerability of the vmwdumbcreate function in the Linux kernel’s Direct Rendering Infrastructure DRI driver relates to a violation of the buffer boundary. Exploiting this vulnerability can allow an attacker to trigger a service failure...
The vulnerability of Fortinet FortiOS operating systems stems from authentication mechanism flaws, which allow attackers to gain access to device configuration details and bypass existing security measures.
The vulnerability of Fortinet FortiOS operating systems is related to deficiencies in authentication mechanisms. Exploiting this vulnerability allows a malicious actor to gain access to device configuration information and bypass existing security measures...
The vulnerability of the web interface of the cross-platform FTP server CrushFTP allows a hacker to gain unauthorized access to arbitrary directories and files.
The vulnerability of the cross-platform FTP server CrushFTP lies in the deficiencies of its access control mechanism. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to arbitrary directories and files by sending a specially crafted POST request...
The vulnerability of the E-Staff automated recruitment process system, related to data filtering errors, allows a perpetrator to execute arbitrary codes.
The vulnerability of the E-Staff recruitment automation system is related to data filtering errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted HTML page...
The vulnerability of the E-Staff automated recruitment process system, related to errors in data filtering during file recording, allows a perpetrator to execute arbitrary commands.
The vulnerability of the E-Staff recruitment process automation system is related to errors in data filtering during the writing of information into files. Exploiting this vulnerability can allow a malicious actor to reset the administrator’s credentials and execute arbitrary commands...
The vulnerability of the E-Staff automated recruitment process system, related to data filtering errors, allows a perpetrator to compromise the integrity and accessibility of the protected information.
The vulnerability of the E-Staff recruitment automation system is related to errors in data filtering. Exploiting this vulnerability can allow a malicious actor, operating remotely, to compromise the integrity and accessibility of the protected information...
The vulnerability of the E-Staff automation system for recruitment processes lies in errors during data filtering when fields of objects are modified. This allows a malicious individual to gain unauthorized access to protected information and execute arbitrary codes.
The vulnerability of the E-Staff recruitment process automation system is related to errors in data filtering when fields of objects are modified. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information and execute arbitrary...
The vulnerability of the E-Staff automation system for recruitment processes is related to errors in data filtering when fields of objects are changed. This allows a perpetrator to execute arbitrary commands.
The vulnerability of the E-Staff recruitment process automation system is related to errors in data filtering when fields of objects are modified. Exploiting this vulnerability allows a malicious actor to bypass security measures and execute arbitrary commands by writing web slugs...
The vulnerability in the driver/gpio/gpio-aggregator.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability in the drivers/gpio/gpio-aggregator.c module of the Linux operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the lua-nginx-module in NGINX web servers, related to inconsistent interpretation of HTTP requests, allows attackers to send hidden HTTP requests (HTTP Request Smuggling attack).
The vulnerability of the lua-nginx-module in NGINX web servers is related to inconsistent interpretation of HTTP requests. Exploiting this vulnerability allows a malicious actor to send hidden HTTP requests a type of HTTP Request Smuggling attack...
The vulnerability of the hda_sdw_machine_select() function in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the hdasdwmachineselect function in the Linux operating system is related to the lack of input validation for cyclic operations. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the dmub_dcn35_get_current_time() function in the Direct Rendering Infrastructure (DRI) driver for AMD kernel-based Linux operating systems allows a malicious actor to cause a system failure.
The vulnerability of the dmubdcn35getcurrenttime function in the Direct Rendering Infrastructure DRI driver for AMD kernel-based Linux operating systems is related to the reutilization of previously freed memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the iSurvey Module component of the software for creating and processing scenarios in Oracle Scripting of the Oracle E-Business Suite allows a perpetrator to gain unauthorized access to the system.
The vulnerability of the iSurvey Module component of the software for creating and processing scenarios in Oracle Scripting, a system for automating business activities within the Oracle E-Business Suite, is related to insufficient validation of input data. Exploiting this vulnerability could all...
The vulnerability of the software for centralized device management in Fortinet’s FortiManager and security event monitoring and analysis tools, FortiAnalyzer, arises from the ability to disclose information through registration files, allowing an intruder to gain unauthorized access to protected information.
The vulnerability of the software for centralized device management in Fortinet’s FortiManager and security event monitoring and analysis tools, FortiAnalyzer, relates to the disclosure of information through registration files. Exploiting this vulnerability can allow an attacker, operating...
The vulnerability of the graphical interface of the Fortinet FortiDeceptor tool for detecting and responding to external and internal security threats allows a perpetrator to execute arbitrary code.
The vulnerability of the graphical interface of the Fortinet FortiDeceptor tool for detecting and responding to external and internal security threats is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a remote attacker to execute...