The vulnerability of the monitoring, analysis, and automatic issue resolution platform of Palo Alto Networks Autonomous Digital Experience Manager lies in improper privilege assignment, allowing attackers to elevate their privileges to the root level.

The vulnerability of the monitoring, analysis, and automatic issue resolution platform used by Palo Alto Networks Autonomous Digital Experience Manager is related to improper privilege assignment. Exploiting this vulnerability can allow attackers to elevate their privileges to the root level...

The vulnerability of the SCADA system TRACE MODE 7, related to the storage of confidential information in unencrypted form in memory, allows a intruder to gain unauthorized access to the protected information.

The vulnerability of the SCADA system TRACE MODE 7 relates to the storage of confidential information in unencrypted form in memory. Exploiting this vulnerability can allow an intruder to gain unauthorized access to the protected information...

The vulnerability of the rproc_handle_resources() function in the remoteproc component of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the rprochandleresources function in the remoteproc component of the Linux operating system’s kernel is related to the lack of memory release after the effective lifespan of the function has ended. Exploiting this vulnerability could allow an attacker to cause a service failu...

The vulnerability of the Continuous Integration and Deployment Application Delivery system (CI/CD) of JetBrains TeamCity, related to deficiencies in authentication procedures, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Continuous Integration and Deployment Application Delivery system CI/CD of JetBrains TeamCity is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protecte...

The vulnerability of D-Link DI-7300G+ microprogrammed software lies in the lack of measures taken to neutralize special elements during the processing of the ASP file httpd_debug.asp, allowing attackers to execute arbitrary commands.

The vulnerability of D-Link DI-7300G+ router microprogramming software is related to the lack of measures taken to neutralize special elements during the processing of the asp-file httpddebug.asp. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the fromPptpUserAdd function (/goform/PPTPDClient) in the Tenda FH1201 router software allows a attacker to cause a service failure or execute arbitrary code.

The vulnerability of the fromPptpUserAdd /goform/PPTPDClient function in the Tenda FH1201 router microprogramming system is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code ...

The vulnerability of the Linux operating system’s kernel Wi-Fi component, which allows a hacker to trigger a service failure

The vulnerability of the Linux operating system’s kernel Wi-Fi component is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of the getdeleteddocuments.vm template in the XWiki platform, a collaborative web application. This allows attackers to execute arbitrary code.

The vulnerability of the getdeleteddocuments.vm template in the XWiki platform, a collaborative web application, arises from the lack of protection for the SQL query structure during the processing of the sort parameter. Exploiting this vulnerability allows an attacker to execute arbitrary code...

The vulnerability of the i2c_dw_xfer_init() function in the drivers/i2c/busses/i2c-designware-master.c module of Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the i2cdwxferinit function in the drivers/i2c/busses/i2c-designware-master.c file of the Linux kernel is related to the occurrence of operations outside the buffer boundaries due to incorrect initialization of resources. Exploiting this vulnerability can allow an attacker to...

The vulnerability of the xdp_linearize_page() function in the drivers/net/virtio_net.c module of Linux kernel allows a attacker to cause a service failure.

The vulnerability of the xdplinearizepage function in the drivers/net/virtionet.c module of Linux kernel systems is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability in the driver/modules/usb/chipidea/udc.c module of Linux operating systems allows a hacker to cause a service failure.

The vulnerability in the drivers/usb/chipidea/udc.c module of Linux operating systems is related to incorrect operation of the USB interface. This occurs regardless of whether the USB device controller is disabled, due to improper locking of resources. Exploiting this vulnerability can allow an...

The vulnerability of the Continuous Integration and Deployment Application Delivery system (CI/CD) of JetBrains TeamCity, related to the manipulation of cross-site requests, allows a hacker to perform a CSRF attack.

The vulnerability of the Continuous Integration and Deployment Application Delivery system CI/CD of JetBrains TeamCity is related to the manipulation of cross-site requests. Exploiting this vulnerability could allow a malicious actor to execute a CSRF attack remotely...

The vulnerability of the frmL7ProtForm() function in the HTTP POST Request Handler component of the Tenda FH451 router’s microprogramming system allows a hacker to execute arbitrary code.

The vulnerability of the frmL7ProtForm function in the HTTP POST Request Handler component of the Tenda FH451 microprogramming router software is related to buffer overflows in the stack when processing the page parameter. Exploiting this vulnerability could allow an attacker to execute arbitrary...

The vulnerability of the pcpu_alloc_noprof() function in the ice component of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the pcpuallocnoprof function in the ice component of the Linux operating system’s kernel is related to the lack of memory release after the effective lifespan has ended. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

The vulnerability of the btrfs_endTransaction.transaction() function in Linux operating system kernels, which allows a hacker to trigger a service failure

The vulnerability of the btrfsendTransactionTransaction function in Linux operating system kernels is related to incorrect handling of elements of the free space tree during reconstitution. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of the Continuous Integration and Deployment Application Delivery system (CI/CD) JetBrains TeamCity, related to the storage of information in an open manner, allows a hacker to expose confidential information.

The vulnerability of the Continuous Integration and Deployment Application Delivery system CI/CD of JetBrains TeamCity is related to the storage of information in an open manner. Exploiting this vulnerability can allow attackers to disclose confidential information...

The vulnerability of the rproc_attach() function in the remoteproc component of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the rprocattach function in the remoteproc component of the Linux operating system is related to the lack of memory release after the effective lifespan of the function has ended. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the build-ca command in the Easy-RSA certificate management tool allows a attacker to execute a brute-force attack.

The vulnerability of the build-ca command in the Easy-RSA certificate management tool is related to insufficient data encryption due to the use of the cipher:des-ede3-cbc algorithm. Exploiting this vulnerability allows an attacker to execute a brute-force attack...

The vulnerability of the squashfs_fill_super() function in the Squashfs component of Linux operating systems allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the squashfsfillsuper function in the Squashfs component of Linux operating systems is related to reading beyond the buffer boundaries of memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...

The vulnerability of the CI/CD application integration and delivery system JetBrains TeamCity, related to the lack of security measures for website structures, allows attackers to perform cross-site scripting attacks (XSS).

The vulnerability of the Continuous Integration and Deployment Application Delivery system CI/CD of TeamCity by JetBrains is related to the lack of measures taken to protect the structure of the agentpushPreset web page. Exploiting this vulnerability could allow a malicious actor to perform...

The vulnerability of the GraphQL interface of the Continuous Integration and Delivery application system JetBrains TeamCity, which allows a hacker to perform a CSRF attack

The vulnerability of the GraphQL interface of the Continuous Integration and Delivery application system CI/CD from JetBrains TeamCity is related to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to perform a CSRF attack remotely...

The vulnerability of the formSetMacFilterCfg function (/goform/setMacFilterCfg) in the Tenda AX1803 router software allows a attacker to trigger a service failure or execute arbitrary code.

The vulnerability of the formSetMacFilterCfg function /goform/setMacFilterCfg in the Tenda AX1803 router software lies in the issue of the operation exceeding the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause service failures or execute arbitrary code...

The vulnerability of the `put_unused_fd()` function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the putunusedfd function in the Linux operating system’s kernel is related to the lack of memory release after the effective lifespan of the function has ended. Exploiting this vulnerability could allow an attacker to trigger a service failure...

The vulnerability of the drm_sched_entity_push_job() function in the msm component of the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the drmschedentitypushjob function in the msm component of the Linux operating system’s kernel is related to the lack of memory release after the effective lifespan has ended. Exploiting this vulnerability could allow a perpetrator to cause a service failure...

The vulnerability of the kzalloc() function in the irq_sim component of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the kzalloc function in the irqsim component of the Linux operating system’s kernel is related to improper initialization of the resource. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

The vulnerability of the device management platform for heating, ventilation, and air conditioning systems, lighting, and energy consumption control within the Niagara Framework, along with the Niagara Enterprise Security tools for access control and security, can be exploited due to improper handling of argument separators in commands. This allows attackers to trigger service failures.

The vulnerability of the device management platform for heating, ventilation, and air conditioning systems, lighting, and energy consumption control within the Niagara Framework, along with the access control and security measures, is related to improper elimination of argument separators in the...

The vulnerability of the formSetWifiMacFilterCfg function (/goform/setWifiFilterCfg) in the Tenda AX1803 router software allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the formSetWifiMacFilterCfg function /goform/setWifiFilterCfg in the Tenda AX1803 router’s software lies in the fact that the operation’s output goes beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to cause service failures or execute...

The vulnerability of the __inode_add_ref() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the inodeaddref function in the Linux operating system is related to incorrect initialization of the resource. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the xsk_pool_get_rx_frame_size() function in the virtio-net component of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the xskpoolgetrxframesize function in the virtio-net component of the Linux operating system is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, a...

The vulnerability of the __xa_store() and __xa_erase() functions in the drivers/infiniband/hw/mlx5/odp.c module of Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the xastore and xaerase functions in the drivers/infiniband/hw/mlx5/odp.c module of Linux operating systems is related to incorrect resource locking. Exploiting this vulnerability could allow an attacker to cause service failures...

The vulnerability of the Websockify software platform for managing network infrastructure allows a hacker to gain unauthorized access to the device.

The vulnerability of the Websockify software platform for managing network infrastructure involves deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to the device...

The vulnerability of the configuration of the Version Control System (VCS) of the Continuous Integration and Delivery Application Framework (CI/CD) tool JetBrains TeamCity allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the TeamCity VCS configuration in continuous integration and delivery systems is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information from a remote location...

The vulnerability of the device management platform for systems involving heating, ventilation, and air conditioning, lighting, and energy consumption within the Niagara Framework, along with the Niagara Enterprise Security tools for access control and security, stems from incorrect assignment of permissions to critical resources. This allows attackers to gain unauthorized access to protected information, enhance their privileges, and execute arbitrary code.

The vulnerability of the device management platform for heating, ventilation, and air conditioning systems, lighting, and energy consumption control within the Niagara Framework, along with the access control and security measures, is related to the lack of proper protection for the...

The vulnerability of the amd_pmf_remove() function in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the amdpmfremove function in the Linux operating system is related to a memory reclamation error. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability in the module arch/loongarch/kvm/intc/eiointc.c of Linux operating systems allows a hacker to cause a service failure.

The vulnerability in the arch/loongarch/kvm/intc/eiointc.c module of Linux operating systems is related to incorrect array index checking. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the JetBrains YouTrack project management and task management software, related to errors in the user interface’s information presentation, allows attackers to circumvent existing security restrictions.

The vulnerability of the JetBrains YouTrack project and task management software is related to errors in the user interface’s information presentation. Exploiting this vulnerability can allow an attacker to circumvent existing security restrictions remotely...

The vulnerability of the carl9170_usb_rx_complete() function in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the carl9170usbrxcomplete function in the Linux operating system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the try_module_get() function in the Linux operating system’s kernel allows a hacker to induce a service failure.

The vulnerability of the trymoduleget function in the Linux operating system’s kernel is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the netfs_collect_in_app() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the netfscollectinapp function in the Linux operating system is related to an unreachable exit condition. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the notif_callback() function in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the notifcallback function in Linux operating systems is related to the expected behavior that may occur when this function is called in atomic context. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the Continuous Integration and Deployment Application Delivery system (CI/CD) of JetBrains TeamCity, related to errors in processing the relative path to the directory, allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Continuous Integration and Application Delivery system CI/CD of JetBrains TeamCity is related to errors in processing the relative path to the directory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the device management platform for heating, ventilation, and air conditioning systems, lighting, and energy consumption within the Niagara Framework, along with the access control and security measures of Niagara Enterprise Security, arises from the improper assignment of permissions to critical resources. This allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the device management platform for heating, ventilation, and air conditioning systems, lighting, and energy consumption control within the Niagara Framework, along with the access control and security measures of Niagara Enterprise Security, is related to the incorrect...

The vulnerability of the “hg pull” command in the Continuous Integration and Delivery Application Deployment system (CI/CD) of JetBrains TeamCity, which allows a hacker to expose confidential information

The vulnerability of the “hg pull” command in the Continuous Integration and Delivery Application Deployment system CI/CD of JetBrains TeamCity is related to the storage of information in an open manner. Exploiting this vulnerability can allow attackers to expose confidential information...

The vulnerability of the device management platform for systems involving heating, ventilation, and air conditioning, lighting, and energy consumption within the Niagara Framework, along with the Niagara Enterprise Security tools for access control and security, stems from insufficient calculation of password hashes. This allows attackers to gain access to the device.

The vulnerability of the device management platform for systems involving heating, ventilation, and air conditioning, lighting, and energy consumption, as well as the Niagara Framework and the access control and security measures, is related to insufficient calculation of password hashes...

The vulnerability of the jingx_asp() function in D-Link DI-8100 router microprogramming software allows a hacker to induce a service failure.

The vulnerability of the jingxasp function in D-Link DI-8100 router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service failure by sending a specially crafted HTTP request...

The vulnerability of the XDP_REDIRECT() function in the drivers/net/ethernet/broadcom/bnxt/bnxt.c module of Linux kernel can be exploited by attackers to cause service failures.

The vulnerability of the XDPREDIRECT function in the drivers/net/ethernet/broadcom/bnxt/bnxt.c module of Linux kernel systems is related to exception handling flaws. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Continuous Integration and Deployment Application Delivery system (CI/CD) of JetBrains TeamCity, related to the manipulation of cross-site requests, allows a hacker to perform a CSRF attack.

The vulnerability of the Continuous Integration and Deployment Application Delivery system CI/CD of JetBrains TeamCity is related to the manipulation of cross-site requests. Exploiting this vulnerability could allow a malicious actor to execute a CSRF attack remotely...

The vulnerability of the arp_sys_asp() function in D-Link DI-8100 router microprogramming software allows a hacker to cause a service failure.

The vulnerability of the arpsysasp function in D-Link DI-8100 router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failure by sending a specially crafted HTTP request...

The vulnerability of the userfaultfd_move() function in the mm/userfaultfd.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the userfaultfdmove function in the mm/userfaultfd.c module of the Linux operating system’s kernel is related to synchronization errors when using shared resources „Race Conditions“. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Continuous Integration and Deployment Application Delivery system (CI/CD) JetBrains TeamCity, related to improperly used standard permissions, allows a hacker to increase their privileges.

The vulnerability of the Continuous Integration and Deployment Application Delivery system CI/CD of JetBrains TeamCity is related to the incorrect use of standard permissions. Exploiting this vulnerability can allow attackers to increase their privileges...