The vulnerability of the graphical interface of the Fortinet FortiDeceptor tool for detecting and responding to external and internal security threats allows a perpetrator to execute arbitrary code.

The vulnerability of the graphical interface of the Fortinet FortiDeceptor tool for detecting and responding to external and internal security threats is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a remote attacker to execute...

The vulnerability of the 3D model texturing program Adobe Substance 3D Designer lies in buffer overflows in dynamic memory, allowing attackers to execute arbitrary code.

The vulnerability of the 3D model texturing program Adobe Substance 3D Designer is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the E-Staff automation system for recruitment processes is related to errors in data filtering when obtaining information about the target. This allows a violator to gain unauthorized access to protected information.

The vulnerability of the E-Staff recruitment process automation system is related to errors in data filtering when obtaining information about the target. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the E-Staff automated recruitment process system, related to errors in data filtering during object updates, allows a perpetrator to execute arbitrary JavaScript code.

The vulnerability of the E-Staff recruitment process automation system is related to errors in data filtering during object updates. Exploiting this vulnerability could allow a malicious actor to execute arbitrary JavaScript code remotely...

The vulnerability of the E-Staff automated recruitment process system, related to data filtering errors, allows a violator to compromise the integrity of the protected information.

The vulnerability of the E-Staff recruitment process automation system is related to errors in data filtering. Exploiting this vulnerability could allow a malicious actor, operating remotely, to compromise the integrity of the protected information...

The vulnerability of the SSH client ssh-agent on Jenkins automation servers is related to errors in the code of the pseudorandom number generator used for generating host keys. This vulnerability allows a attacker to execute a “man-in-the-middle” type attack.

The vulnerability of the SSH client ssh-agent on Jenkins automation servers is related to errors in the code of the pseudorandom number generator used for generating host keys. Exploiting this vulnerability could allow a remote attacker to execute a “man-in-the-middle” type attack...

The vulnerability of the SSH client ssh-slave in Jenkins automation servers arises from errors in the code of the pseudorandom number generator used for generating host keys. This vulnerability allows an attacker to execute a “man-in-the-middle” type attack.

The vulnerability of the SSH client ssh-slave in Jenkins automation servers is related to errors in the code of the pseudorandom number generator used for generating host keys. Exploiting this vulnerability allows a remote attacker to execute a “man-in-the-middle” type attack...

The vulnerability of the `bfad_init()` function in the `drivers/scsi/bfa/bfad.c` file of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the bfadinit function in the drivers/scsi/bfa/bfad.c file of the Linux kernel is related to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

The vulnerability of the lan78xx_probe() function in the drivers/net/usb/lan78xx.c module of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the lan78xxprobe function in the drivers/net/usb/lan78xx.c module of the Linux kernel is related to the repeated release of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...

The vulnerability of the cifs_strndup_from_utf16() function in the /fs/smb/client/reparse.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the cifsstrndupfromutf16 function in the /fs/smb/client/reparse.c module of the Linux kernel involves copying buffers without checking their size—a classic buffer overflow attack. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

The software client’s vulnerability for providing remote access with SonicWall NetExtender allows a intruder to upload any files they want.

The vulnerability of the software client for remote access support provided by SonicWall NetExtender is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability could allow attackers to upload arbitrary files...

The vulnerability of the event forwarding mechanism in IBM QRadar WinCollect Agent, related to unlimited resource distribution, allows a perpetrator to trigger a service failure.

The vulnerability of the event forwarding mechanism in IBM QRadar WinCollect Agent is related to the unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

The vulnerability of the WPE WebKit and WebKitGTK web page rendering modules, related to reading beyond the buffer data limit, allows attackers to cause service failures.

The vulnerability of the WPE WebKit and WebKitGTK page rendering modules is related to reading data beyond the buffer boundaries. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

The vulnerability of the on_frame_recv_callback() function (soup-server-message-io-http1.c) in the GNOME graphical interface library libsoup allows a attacker to cause a service failure.

The vulnerability of the onframerecvcallback function soup-server-message-io-http1.c in the GNOME graphical interface library libsoup is related to incorrect interpretation of input data when processing pseudoheaders such as :scheme, :authority, and :path. Exploitation of this vulnerability could...

The vulnerability of the GNOME graphical interface library libsoup, which allows a hacker to cause a service failure

The vulnerability of the GNOME graphical interface library libsoup is related to asymmetrical resource consumption. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

Vulnerability of the trans_stat_show() function in the drivers/devfreq/devfreq.c module – A driver for supporting dynamic voltage and frequency scaling in the Linux operating system. This vulnerability allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the transstatshow function in the drivers/devfreq/devfreq.c module – The drivers for dynamic voltage and frequency scaling in the Linux operating system are vulnerable to buffer overflow attacks without proper input data size checking classical buffer overflow attack. Exploiting...

The vulnerability of the dfx regs uninit() function in the Linux operating system’s drivers/crypto/hisilicon/debugfs.c file allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the dfx regsuninit function in the Linux operating system’s drivers/crypto/hisilicon/debugfs.c file relates to the re-release of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility o...

Vulnerability of the ath11k_dp_process_rx() function in the drivers/net/wireless/ath/ath11k/dp_rx.c module – The driver for Atheros/Qualcomm wireless adapter support in the Linux operating system, which allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the ath11kdpprocessrx function in the drivers/net/wireless/ath/ath11k/dprx.c module of the Atheros/Qualcomm wireless adapter driver for the Linux operating system is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to compromise the...

The vulnerability in the structure of const nla_policy nl80211_policy{} in the net/wireless/nl80211.c module of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the const nlapolicy nl80211policy structure in the net/wireless/nl80211.c module of the Linux kernel is related to a single-shift error. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the PHP framework Yii, related to the lack of protection for website structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of the PHP framework Yii is related to the lack of protective measures for the structure of web pages. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...

The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from deficiencies in the error reporting mechanism. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to shortcomings in the error reporting mechanism. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from an improper limitation on the visible layers of the user interface. This allows attackers to perform spoofing attacks.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to an incorrect restriction on the visible layers of the user interface. Exploiting this vulnerability allows a malicious actor to perform spear-phishing attacks remotely...

The vulnerability of the l2cap_sock_alloc() function in the net/bluetooth/l2cap_sock.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the l2capsockalloc function in the net/bluetooth/l2capsock.c module of the Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...

The vulnerability of the APP Enforcement module of the DrayTek Vigor router software allows a violator to execute arbitrary code.

The vulnerability of the APP Enforcement APPE module of DrayTek Vigor router software is related to errors in the SSL certificate validation process. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the memset() function in the drivers/gpu/drm/amd/amdgpu/amdgpu_job.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the memset function in the drivers/gpu/drm/amd/amdgpu/amdgpujob.c module of the Linux kernel’s CPU is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

Vulnerability of the functions urllib.parse.urlsplit() and urlparse() in the Python programming language, which allows attackers to exploit these vulnerabilities to gain enhanced privileges.

The vulnerability of the urllib.parse.urlsplit and urlparse functions in the Python interpreter is related to improper validation of input data. Exploiting this vulnerability can allow an attacker to enhance their privileges remotely...

The vulnerability of the Consul and Consul Enterprise service configuration tool, which stems from insufficient validation of requests on the server side, allows attackers to carry out SSRF attacks.

The vulnerability of the Consul and Consul Enterprise service configuration tool is related to insufficient validation of requests on the server side. Exploiting this vulnerability allows a malicious actor to carry out an SSRF attack remotely...

The vulnerability of the Rails Html Sanitizer configuration tool for cleaning HTML applications allows attackers to perform cross-site scripting attacks.

The vulnerability of the Rails Html Sanitizer configuration tool for cleaning HTML applications is related to improper elimination of input data during web page generation. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...

The vulnerability of the Rails Html Sanitizer configuration tool for cleaning HTML applications allows attackers to perform cross-site scripting attacks.

The vulnerability of the Rails Html Sanitizer configuration tool for cleaning HTML applications is related to improper elimination of input data during web page generation. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...

The vulnerability of the Rails Html Sanitizer configuration tool for cleaning HTML applications allows attackers to perform cross-site scripting attacks.

The vulnerability of the Rails Html Sanitizer configuration tool for cleaning HTML applications is related to improper elimination of input data during web page generation. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...

The vulnerability of Linksys Velop WHW01’s microprogramming software arises from incorrect pathname restrictions for access to restricted catalogs. This allows attackers to escalate their privileges.

The vulnerability of Linksys Velop WHW01 microprogrammed software lies in the incorrect limitation of the path name to the restricted access directory. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the tdhttpd service in the microprogramming software for Tenda AX1806 allows a hacker to cause a service failure.

The vulnerability of the tdhttpd service in the microprogramming-based router software of Tenda AX1806 relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause a service failure...

The software client’s vulnerability for providing remote access with SonicWall NetExtender allows a intruder to delete any files they want.

The vulnerability of the software client for remote access support provided by SonicWall NetExtender is related to deficiencies in access control. Exploiting this vulnerability could allow a hacker to delete any files they desire...

The vulnerability in the kernel implementation of NVIDIA GeForce, Quadro, NVS, and Tesla graphics processors allows a hacker to cause service failures.

The vulnerability of the kernel-based implementations of NVIDIA GeForce, Quadro, NVS, and Tesla graphics processors is related to pointer dereferencing errors. Exploiting this vulnerability can allow an attacker to cause system failures...

The vulnerability of the kernel-level driver nvlddmkm.sys from NVIDIA’s graphics processing units, including GeForce, Quadro, NVS, and Tesla, allows attackers to cause system failures or gain unauthorized access to protected information.

The vulnerability of the kernel mode driver nvlddmkm.sys of NVIDIA’s graphics processing units, including GeForce, Quadro, NVS, and Tesla, relates to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause system failures or gain unauthorized...

The vulnerability of the WPE WebKit and WebKitGTK web page rendering modules, related to data type conversion errors, allows attackers to influence the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the WPE WebKit and WebKitGTK page rendering modules is related to data type conversion errors. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

Vulnerability of the smu_v13_0_update_pcie_parameters() function in the drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0.c module – This driver supports AMD graphics card Direct Rendering Infrastructure (DRI) in Linux operating systems. It can be exploited by attackers to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the smuv130updatepcieparameters function in the drivers/gpu/drm/amd/pm/swsmu/smu13/smuv130.c module – The driver that supports Direct Rendering Infrastructure DRI for AMD graphics cards in Linux operating systems has a unvalidated array indexing issue. Exploiting this vulnerabili...

Vulnerability of the soup_multipart_new_from_message() function (soup-multipart.c) in the GNOME graphical interface library libsoup, which allows a hacker to cause a service failure

The vulnerability of the soupmultipartnewfrommessage function soup-multipart.c in the GNOME graphical interface library libsoup is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

The vulnerability of the function cm3_helper_translate_curve_toHW_format() in the AMD Display driver’s kernel module /drivers/gpu/drm/amd/display/dc/dcn30/dcn30_cm_common.c, which can be exploited by attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the cm3helpertranslatecurvetohwformat function in the AMD Display driver’s kernel module /drivers/gpu/drm/amd/display/dc/dcn30/dcn30cmcommon.c in the Linux kernel is related to the copying of buffers without checking their size a classic buffer overflow attack. Exploiting thi...

The vulnerability of the c_show() function in the net/sunrpc/cache.c module of the Linux operating system’s RPC implementation allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the cshow function in the net/sunrpc/cache.c module of the Linux operating system’s RPC implementation is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

The vulnerability of the hci_conn_del_sysfs() function in the net/bluetooth/hci_sysfs.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the hciconndelsysfs function in the net/bluetooth/hcisysfs.c module of the Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...

The vulnerability in the `net/ipv4/inet_connection_sock.c` module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability in the net/ipv4/inetconnectionsock.c module of the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

The vulnerability of the libexpat library for analyzing XML files, related to buffer overflow in the stack, allows an attacker to execute arbitrary code on the target system.

The vulnerability of the libexpat library for analyzing XML files involves buffer overflow in the stack. Exploiting this vulnerability allows a malicious actor to execute arbitrary code on the target system remotely...

The vulnerability of the NameHandler component of the Consul and Consul Enterprise service configuration tools allows a hacker to access potentially confidential information.

The vulnerability of the Name Handler component in the Consul and Consul Enterprise service configuration tool is related to the lack of authentication. Exploiting this vulnerability can allow a malicious actor, operating remotely, to access potentially confidential information...

The vulnerability of the Rails Html Sanitizer configuration tool for cleaning HTML applications allows attackers to perform cross-site scripting attacks.

The vulnerability of the Rails Html Sanitizer configuration tool for cleaning HTML applications is related to improper elimination of input data during web page generation. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...

The vulnerability of the GLPI system’s request, incident, and asset inventory management processes, related to the lack of measures taken to protect the website structure, allows attackers to carry out attacks using cross-site scripting (XSS).

The vulnerability of the GLPI system’s request, incident, and asset inventory management functions is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows attackers who operate remotely to carry out attacks using cross-site scripting XSS...

The vulnerability of the GLPI system for managing requests, incidents, and inventory of computer equipment, related to insufficient protection of operational data, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the GLPI system for requests, incidents, and inventory management is related to insufficient protection of operational data. Exploiting this vulnerability can allow unauthorized actors to gain unauthorized access to protected information...

The vulnerability in the embedded web server and microprogramming software of TOTOLINK A3002R routers allows a perpetrator to execute arbitrary code.

The vulnerability of the built-in web server microprogramming software on TOTOLINK A3002R routers is related to incorrect code generation management. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially crafted POST request /boafrm/formWsc...

The vulnerability of the Direct Memory Access (DMA) mechanism implemented in the BIOS of Dell notebook microprogramming systems allows a hacker to execute arbitrary code.

The vulnerability of the Direct Memory Access DMA mechanism implemented in the BIOS of Dell notebook microprogramming systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the kernel-level driver nvlddmkm.sys from NVIDIA’s graphics processing units, including GeForce, Quadro, NVS, and Tesla, allows attackers to cause system failures, gain unauthorized access to protected information, or enhance their privileges.

The vulnerability of the kernel-level driver nvlddmkm.sys of NVIDIA’s graphics processors, including GeForce, Quadro, NVS, and Tesla, is related to the execution of operations outside the buffer boundaries. This occurs due to an improper representation of information by the user interface...