The vulnerability of the application software interfaces of Session Smart Router and WAN Assurance, Session Smart Conductor, relates to bypassing the authentication process by using an alternative path or channel. This allows a perpetrator to gain full control over the device.

The vulnerability of the Application Programming Interface of routers like Session Smart Router and WAN Assurance, Session Smart Conductor, lies in the ability to bypass authentication procedures by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor,...

The vulnerability of the setWebWlanIdx function in the /lib/cste_modules/wireless.so file of the TOTOLINK A3100R router’s microprogramming system, which allows a attacker to execute arbitrary commands.

The vulnerability of the setWebWlanIdx function in the /lib/cstemodules/wireless.so module of the TOTOLINK A3100R router’s microprogramming system is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a...

The vulnerability of the Microsoft Visual Studio software development tool, related to an uncontrolled search path element, allows a hacker to escalate their privileges.

The vulnerability of the Microsoft Visual Studio software development tool is related to an uncontrollable element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of Remote Desktop Services (RDS) for Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of Remote Desktop Services RDS for Windows operating systems lies in the use of insecure mechanisms for processing authentication data in the operating system’s memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Microsoft Office and Microsoft 365 Apps for Enterprise software lies in the use of memory after it is released, allowing an attacker to execute arbitrary code.

The vulnerability of the Microsoft Office and Microsoft 365 Apps for Enterprise software packages is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability in the implementation of the LDAP Lightweight Directory Access Protocol on the Windows operating system allows a perpetrator to execute arbitrary code.

The vulnerability of the LDAP Lightweight Directory Access Protocol implementation in the Windows operating system is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the ColdFusion software platform, related to deficiencies in the deserialization mechanism, allows attackers to execute arbitrary code.

The vulnerability of the ColdFusion software platform is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

The vulnerability of Websoft HCM’s automation software for HR processes stems from insufficient validation of input data, allowing attackers to compromise the integrity and accessibility of protected information.

The vulnerability of Websoft HCM’s automation software for HR processes is related to insufficient verification of entered data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to compromise the integrity and accessibility of protected information...

The vulnerability of the Power Dependency Coordinator component in the Windows operating system allows a hacker to disclose protected information.

The vulnerability of the Power Dependency Coordinator component in the Windows operating system is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker to disclose the protected information...

The vulnerability of the ColdFusion software platform, related to deficiencies in the deserialization mechanism, allows attackers to execute arbitrary code.

The vulnerability of the ColdFusion software platform is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

The vulnerability of the apcli Cancel_wps() function (/usr/lib/lua/luci/controller/mtkwifi.lua) in the TOTOLINK A6000R router software allows a attacker to execute arbitrary commands or cause service interruptions.

The vulnerability of the apcliCancelwps function /usr/lib/lua/luci/controller/mtkwifi.lua of the TOTOLINK A6000R router’s software is related to the lack of measures taken to neutralize special elements used in operating system commands. Exploiting this vulnerability allows a remote attacker to...

The vulnerability of AMD64 Microcode in processor microcodes, related to insufficient validation of input data, allows attackers to compromise data integrity.

The vulnerability of AMD64 Microcode in processors relates to the improper handling of certain special address ranges with invalid device table entries. Exploiting this vulnerability can allow an attacker to compromise data integrity...

The vulnerability of the high-performance server system HPE Cray XD670, related to bypassing authentication through spoofing, allows a perpetrator to trigger a service failure.

The vulnerability of the high-performance server system HPE Cray XD670 relates to bypassing authentication through spoofing. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

The vulnerability of the MP3 Stream Handler component in the Live555 multimedia streaming library allows a attacker to cause a service failure.

The vulnerability of the MP3 Stream Handler component in the Live555 multimedia streaming library lies in its ability to read data from buffers beyond acceptable limits. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

The vulnerability of the GLPI system for managing requests, incidents, and inventory of computer equipment, related to incorrect authorization, allows a violator to disclose protected information.

The vulnerability of the GLPI system for requests, incidents, and inventory management is related to improper authorization. Exploiting this vulnerability can allow a malicious actor to disclose protected information...

The vulnerability of the Microsoft AutoUpdate (MAU) application for Mac, which deals with access control deficiencies, allows a malicious individual to escalate their privileges.

The vulnerability of the Microsoft AutoUpdate MAU for Mac application relates to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the library for developing web applications – Werkzeug, related to writing beyond the buffer boundaries, allows attackers to trigger a service failure.

The vulnerability of the Werkzeug library for developing web applications relates to writing beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability of the SAXBuilder tool for project management and information sharing in the JIRA system allows attackers to carry out XXE attacks.

The vulnerability of the SAXBuilder tool for project management and information sharing in the JIRA system is related to an error in restricting XML links to external objects. Exploiting this vulnerability could allow a malicious actor to carry out XXE attacks remotely...

The vulnerability of the driver_override_show() function in the Linux operating system’s kernel drivers (drivers/cdx/cdx.c) allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the driveroverrideshow function in the Linux operating system’s drivers/cdx/cdx.c file relates to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

The vulnerability of the chat message exchange function in Cisco Enterprise Chat and Email (ECE) allows a perpetrator to cause a service failure.

The vulnerability of the chat message exchange function in Cisco Enterprise Chat and Email ECE is related to insufficient processing of regular expressions. Exploiting this vulnerability can allow a malicious actor to cause service failures by sending specially crafted requests...

The vulnerability in the web interface of the Cisco Prime Infrastructure monitoring and management system, as well as the Cisco Evolved Programmable Network Manager (EPNM) software for managing network services, allows a perpetrator to carry out cross-site scripting attacks.

The vulnerability of the web interface for managing Cisco Prime Infrastructure network equipment and the Cisco Evolved Programmable Network Manager EPNM software lies in the insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to perform...

The vulnerability of the usb_find_common_endpoints() function in the USB driver (drivers/usb/atm/cxacru.c) of Linux kernel allows a hacker to induce a service failure.

The vulnerability of the usbfindcommonendpoints function in the USB driver drivers/usb/atm/cxacru.c of Linux kernel systems is related to insufficient validation of input data during the processing of endpoints. Exploiting this vulnerability can allow attackers to cause service failures...

The vulnerability in the web interface of the Cisco Prime Infrastructure monitoring and management system, as well as the Cisco Evolved Programmable Network Manager (EPNM) software for managing network services, allows a perpetrator to carry out cross-site scripting attacks.

The vulnerability of the web interface for managing Cisco Prime Infrastructure network equipment and the Cisco Evolved Programmable Network Manager EPNM software lies in the insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to perform...

The vulnerability of the Tauri shell plugin framework for creating cross-platform desktop applications relates to insufficient validation of input data. This allows attackers to bypass security restrictions and execute arbitrary code.

The vulnerability of the Tauri framework’s shell plugin for creating cross-platform desktop applications is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and execute arbitrary code...

The vulnerability in the net/8021q/vlan.c module of Linux kernel allows a hacker to cause a service failure.

The vulnerability in the net/8021q/vlan.c module of Linux operating systems is related to reading beyond the buffer boundaries in memory due to incorrect initialization of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Ruby Sinatra web application development framework, related to errors in handling input data, allows attackers to compromise the confidentiality and integrity of protected information.

The vulnerability of the Ruby Sinatra web application development framework is related to errors in processing input data. Exploiting this vulnerability allows an attacker to compromise the confidentiality and integrity of protected information through the X-Forwarded-Host header...

The vulnerability of the BFS file system of the Grub2 operating system, which allows a hacker to disclose protected information

The vulnerability of the BFS file system of the Grub2 operating system is related to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability of the Jenkins automation server, related to deficiencies in authentication procedures, allows attackers to escalate their privileges and gain unauthorized access to protected information.

The vulnerability of the Jenkins automation server is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to enhance their privileges and gain unauthorized access to protected information...

Vulnerability of the mptcp_nlremove_subflow_and_signal_addr() function (net/mptcp/pm_netlink.c) in the Linux kernel, allowing a hacker to cause a service failure

The vulnerability of the mptcpnlremovesubflowandsignaladdr function net/mptcp/pmnetlink.c in the Linux kernel is related to insufficient locking mechanisms. Exploiting this vulnerability could allow an attacker to cause a service failure...

Vulnerability of the __do_patch_instructions_mm() function (arch/powerpc/lib/code-patching.c) in the Linux operating system, allowing a hacker to trigger a service failure

The vulnerability of the dopatchinstructionsmm function arch/powerpc/lib/code-patching.c in the Linux operating system kernel is related to resource management errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

Vulnerability of the bpf_test_init() function (net/bpf/test_run.c) in the Linux operating system kernel, which allows an attacker to escalate their privileges

The vulnerability of the bpftestinit function net/bpf/testrun.c in the Linux operating system is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to increase their privileges...

The vulnerability of the sub_4A75C0 function in the microprogramming software of Tenda AC10 allows a hacker to cause a service failure.

The vulnerability of sub4A75C0 in the microprogramming software of Tenda AC10 routers lies in the ability to write data beyond the buffer in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

The vulnerability in the software for optimizing and deploying AI-based application solutions from AMD Ryzen AI, related to integer overflow, allows attackers to compromise the integrity and accessibility of protected information.

The vulnerability of software for optimizing and deploying AI-based applications related to AMD Ryzen AI is associated with a numerical overflow condition. Exploiting this vulnerability can allow attackers to compromise the integrity and accessibility of protected information...

The vulnerability of the fs/hfs.c file, a component of the hfs loader for operating system Grub2, allows a attacker to execute arbitrary code.

The vulnerability of the fs/hfs.c file, a component of the Grub2 operating system loader, is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code in the context of the current user, using a specially created fil...

Vulnerability of software for optimizing and deploying AI-based application: The AMD Ryzen AI platform has a vulnerability related to incorrect default permissions, which allows attackers to increase their privileges and execute arbitrary code.

The vulnerability of software for optimizing and deploying AI-based applications on AMD Ryzen AI is related to incorrect default permissions for the installation folder. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...

Vulnerability of the auto_active() function in the drivers/gpu/drm/i915/i915_active.c module – A driver for supporting Linux kernel’s Direct Rendering Infrastructure (DRI), which allows a hacker to trigger a service failure.

Vulnerability of the autoactive function in the drivers/gpu/drm/i915/i915active.c module – The driver for Linux’s Direct Rendering Infrastructure DRI kernel is vulnerable due to improper input validation. Exploiting this vulnerability could allow an attacker to cause system failures...

The vulnerability of the `fixup_bpf_calls()` function in the `kernel/bpf/verifier.c` module, which supports the BPF interpreter of the Linux operating system, allows a hacker to trigger a service failure.

The vulnerability of the fixupbpfcalls function in the kernel/bpf/verifier.c module, which is part of the Linux kernel’s BPF interpreter support, is related to incorrect input validation. Exploiting this vulnerability could allow an attacker to trigger a system failure...

The vulnerability of the Jenkins automation server plugin Asakusa Satellite lies in the lack of password masking, which allows attackers to gain unauthorized access to protected information.

The vulnerability of the Jenkins automation server plugin Asakusa Satellite is related to the absence of password masking. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

The vulnerability of the FortiSIEM security management system, related to insufficient protection of operational data, allows a attacker to obtain the database password.

The vulnerability of the FortiSIEM security management system is related to insufficient protection of operational data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to obtain database passwords through specially created API requests...

The vulnerability of the Synology BeeStation Manager (BSM), Synology DiskStation Manager (DSM), and Synology BeeStation OS lies in errors related to the certificate validation process. This allows attackers to create a limited number of arbitrary files.

The vulnerability of the Synology BeeStation Manager BSM, Synology DiskStation Manager DSM, and Synology BeeStation OS is related to errors in the certificate validation process. Exploiting this vulnerability allows a malicious actor to write a limited number of arbitrary files...

The vulnerability of the sys_exec() function in the MariaDB database management system allows a attacker to execute arbitrary commands with elevated privileges.

The vulnerability of the sysexec function in the MariaDB database management system is related to improper code generation. Exploiting this vulnerability allows an attacker to execute arbitrary commands with elevated privileges...

The vulnerability of the Ruby interpreter, related to the use of hidden time channels for data transmission, allows an attacker to execute the Marvin attack.

The vulnerability of the Ruby interpreter lies in the use of hidden time channels for data transmission. Exploiting this vulnerability allows a remote attacker to execute the Marvin attack...

The vulnerability of the Dell EMC Data Domain Operating System (DD OS) relates to deficiencies in access control, allowing attackers to enhance their privileges and execute arbitrary commands.

The vulnerability of the Dell EMC Data Domain Operating System DD OS is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to enhance their privileges and execute arbitrary commands remotely...

The vulnerability of the Fortinet FortiNDR (Network Detection and Response) software, a hardware-based information protection solution utilizing AI and deep neural networks, relates to the. This vulnerability allows attackers to execute CSRF attacks.

The vulnerability of the Fortinet FortiNDR Network Detection and Response software, which is based on AI and deep neural networks, relates to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to execute a CSRF attack using specially crafted HTTP GET...

Vulnerability of the mana_poll_tx_cq() function in the drivers/net/ethernet/microsoft/mana/mana_en.c module – A driver for supporting Ethernet network adapters in Microsoft’s Linux-based operating systems, which allows a hacker to cause a service failure.

Vulnerability of the manapolltxcq function in the drivers/net/ethernet/microsoft/mana/manaen.c module – The network adapter driver support in Microsoft’s Linux kernel is vulnerable due to incorrect input validation. Exploiting this vulnerability could allow an attacker to cause service failures...

The vulnerability of the Stack Hammer plugin on the Jenkins automation server, related to deficiencies in access control, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Stack Hammer plugin in the Jenkins automation server is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created link...

The vulnerability of the sub_458FBC function in Tenda AC10 microprogrammed router software allows a hacker to induce a service failure.

The vulnerability of the sub458FBC function in Tenda AC10 microprogrammed router software is related to the possibility of writing data outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failure...

The vulnerability of software for optimizing and deploying AI-based applications on AMD Ryzen AI systems, related to integer overflow, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of software for optimizing and deploying AI-based applications on AMD Ryzen AI systems is related to a numerical overflow condition. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

The vulnerability of the HFSPlus file system driver of the Grub2 operating system allows a attacker to trigger a service failure.

The vulnerability of the HFSPlus file system driver of the Grub2 operating system is related to improper manipulation of the link counter for resources. Exploiting this vulnerability can allow an attacker to cause a service failure...