74701 matches found
The vulnerability of the “hg pull” command in the Continuous Integration and Delivery Application Deployment system (CI/CD) of JetBrains TeamCity, which allows a hacker to expose confidential information
The vulnerability of the “hg pull” command in the Continuous Integration and Delivery Application Deployment system CI/CD of JetBrains TeamCity is related to the storage of information in an open manner. Exploiting this vulnerability can allow attackers to expose confidential information...
The vulnerability of the XDP_REDIRECT() function in the drivers/net/ethernet/broadcom/bnxt/bnxt.c module of Linux kernel can be exploited by attackers to cause service failures.
The vulnerability of the XDPREDIRECT function in the drivers/net/ethernet/broadcom/bnxt/bnxt.c module of Linux kernel systems is related to exception handling flaws. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the geteasycfg function (/cgi-bin/lighttpd.cgi) of the Web Management Interface component of the microprogramming-based router LB-LINK BL-AC3600 allows a attacker to disclose protected information.
The vulnerability of the geteasycfg function /cgi-bin/lighttpd.cgi of the Web Management Interface component of the microprogramming-based router LB-LINK BL-AC3600 is related to insufficient protection of operational data. Exploiting this vulnerability could allow an attacker to disclose sensitiv...
The vulnerability of the Continuous Integration and Deployment Application Delivery system (CI/CD) JetBrains TeamCity, related to improperly used standard permissions, allows a hacker to increase their privileges.
The vulnerability of the Continuous Integration and Deployment Application Delivery system CI/CD of JetBrains TeamCity is related to the incorrect use of standard permissions. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of the `create_validate_stream_for_sink()` function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the createvalidatestreamforsink function in the Linux operating system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the ep_poll() function in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the eppoll function in the Linux operating system’s kernel is related to improper resource locking. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the xe_svm_init() function in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the xesvminit function in the Linux operating system’s kernel is related to state management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of Fortinet FortiOS operating systems, related to integer overflows, allows attackers to cause crashes in the csfd daemon.
The vulnerability of Fortinet FortiOS operating systems is related to a numerical overflow condition. Exploiting this vulnerability allows an attacker to trigger a crash of the csfd daemon through a specially crafted request...
The vulnerability of the built-in web server boa (/boafrm/formFilter) of TOTOLINK A702R router’s microprogramming software allows a intruder to cause a service failure.
The vulnerability of the built-in web server boa /boafrm/formFilter of TOTOLINK A702R router software is related to the issue where the operation’s output goes beyond the buffer in memory when processing the parameter ip6addr. Exploiting this vulnerability can allow a malicious actor to cause...
The vulnerability of the MongoDB database management system’s server allows a hacker to cause a service failure.
The vulnerability of the MongoDB database management system server is related to excessive iteration. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...
The vulnerability of the built-in web server boa (/boafrm/formWlanMultipleAP) of TOTOLINK A702R router software allows a intruder to cause a service failure.
The vulnerability of the built-in web server boa /boafrm/formWlanMultipleAP of TOTOLINK A702R router software is related to the issue of the operation exceeding the buffer in memory when processing the submit-url parameter. Exploiting this vulnerability allows a malicious actor to cause service...
The vulnerability of the formSetIptv() function in the microprogramming software for the Tenda AX1803 allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the formSetIptv function in the microprogramming software for the Tenda AX1803 router is related to buffer overflows in the stack during the processing of the adv.iptv.stballvlans parameter. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause a...
The vulnerability of the Linux operating system’s Bluetooth kernel component, which allows a hacker to trigger a service failure
The vulnerability of the Linux operating system’s Bluetooth kernel component is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the hid_bpfdestroy_device() function in the HID component of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the hidbpfdestroydevice function in the HID component of the Linux kernel is related to improper elimination of certain elements in the output data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...
The vulnerability of Fortinet FortiOS operating systems, related to operations beyond the buffer in memory, allows attackers to cause a malfunction of the FGFM daemon.
The vulnerability of Fortinet FortiOS operating systems lies in the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to trigger a malfunction of the FGFM daemon using a specially created request...
The vulnerability of the built-in boa server (/boafrm/formMapDelDevice) of the TOTOLINK X15 router’s microprogramming software allows a hacker to cause a service failure or execute arbitrary commands.
The vulnerability of the built-in server boa /boafrm/formMapDelDevice of the TOTOLINK X15 router microprogramming software is related to the issue of the operation exceeding the buffer in memory when processing the macstr parameter. Exploiting this vulnerability allows a remote attacker to cause...
The vulnerability of the MongoDB database management system server allows a hacker to cause a service failure.
The vulnerability of the MongoDB database management system server is related to an uncontrolled recursion. Exploiting this vulnerability allows a malicious actor to cause service interruptions remotely...
The vulnerability of the Blitz Identity Provider software lies in its insufficient limit on authentication attempts. This allows a perpetrator to register an email account to which they have no access and then verify it.
The vulnerability of the Blitz Identity Provider software is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability allows a malicious actor to register a mail account that they do not have access to and then verify it...
The vulnerability of the reference_count function and the biasPadEnable() function in the Linux operating system’s kernel allows a hacker to increase their privileges within the system.
The vulnerability of the referencecount biasPadEnable function in the Linux operating system is related to competitive access to resources a state of competition. Exploiting this vulnerability can allow a hacker to enhance their privileges within the system...
The vulnerability of Tenda AC10 router microprogramming software, related to buffer overflow in dynamic memory, allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of Tenda AC10 microprogramming software lies in the overflow of the buffer in the dynamic memory during the processing of the device1D parameter in the /goform/RequestsProcessLaid file. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service...
The vulnerability of the built-in web server boa (/boafrm/formOneKeyAccessButton) of the TOTOLINK A702R router’s microprogramming software allows a intruder to trigger a service failure.
The vulnerability of the built-in web server boa /boafrm/formOneKeyAccessButton of the TOTOLINK A702R router’s microprogramming software is related to the issue of data being written outside the buffer in memory when processing the submit-url parameter. Exploiting this vulnerability allows a...
The vulnerability of the Bluetooth driver’s firmware microprogramming software of MediaTek’s chips, which allows a hacker to cause a service failure.
The vulnerability of the Bluetooth driver’s firmware microprogramming software of MediaTek is related to the violation of the buffer’s initial boundary. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of NETGEAR RAX30 router microprogramming software, related to improper cleaning or freeing of resources, allows a intruder to trigger a service failure.
The vulnerability of NETGEAR RAX30 router microprogramming software is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from deficiencies in the authentication process, which allows unauthorized users to gain unauthorized access to protected information.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the sftphandle() function in the LibSSH library allows a hacker to gain unauthorized access to protected information.
The vulnerability of the sftphandle function in the LibSSH library relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...
The vulnerability of the snd_usbmidi_free() function in the sound/usb/midi.c module of operating system kernels in Linux allows a hacker to cause a service failure.
The vulnerability of the sndusbmidifree function in the sound/usb/midi.c module of Linux kernel systems is related to improper initialization of the resource. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of the IWL_EXPORT_SYMBOL() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the IWLEXPORTSYMBOL function in the Linux operating system’s kernel is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the uclogic_input_configured() function in the HID component of the Linux kernel allows a hacker to trigger a service failure.
The vulnerability of the uclogicinputconfigured function in the HID component of the Linux kernel is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the mctp_dump_addrinfo() function in the Linux kernel’s network component allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the mctpdumpaddrinfo function in the Linux kernel component is related to insufficient protection of system data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the Bluetooth driver’s firmware microprogramming software of MediaTek’s chips, which allows a hacker to cause a service failure.
The vulnerability of the Bluetooth driver’s firmware microprogramming software of MediaTek is related to the violation of the buffer’s initial boundary. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of the Loader component in Google Chrome browsers allows attackers to bypass security restrictions.
The vulnerability of the Loader component in Google Chrome browsers relates to bypassing the authentication process by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to circumvent security restrictions remotely...
The vulnerability of the smb.conf configuration file (/etc-ro/smb.conf) of the Tenda AC18 router-based Samba server allows a hacker to bypass existing security restrictions and gain unauthorized access to protected information.
The vulnerability of the smb.conf configuration file /etc-ro/smb.conf of the Tenda AC18 router-based Samba server is related to weak password requirements. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and gain unauthorized access to protected...
The vulnerability of the encode_image function in the framework for working with Large Language Models (LLM) like LlamaIndex arises from an incorrect limitation on the path name to the restricted-access catalog. This vulnerability allows attackers to disclose protected information.
The vulnerability of the encodeimage function in the LlamaIndex framework, which is used for working with large language models, is related to an incorrect restriction on the path name of the restricted-access catalog. Exploiting this vulnerability could allow a malicious actor to disclose...
The vulnerability of the smp_store_mb() function in the dma-buf component of the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the smpstoremb function in the dma-buf component of the Linux operating system’s kernel is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Linux operating system’s kernel Wi-Fi component, which allows a hacker to damage memory
The vulnerability of the Linux operating system’s kernel Wi-Fi component is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to damage memory resources...
The vulnerability of Ollama’s system for running and managing large language models lies in its lack of proper input data validation, allowing attackers to execute arbitrary code.
The vulnerability of Ollama’s system for running and managing large language models is related to insufficient validation of input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the Tenda AC20 router’s microprogramming software, related to reading data outside the buffer in memory, allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of Tenda AC20 microprogramming software lies in the reading of data outside the buffer in memory when processing the parameter “list” in the file /goform/SetStaticRouteCfg. Exploitation of this vulnerability allows a remote attacker to execute arbitrary code or cause service...
The vulnerability of the built-in web server boa (/boafrm/formIpQoS) of TOTOLINK A702R router’s microprogramming software allows a intruder to cause a service failure.
The vulnerability of the built-in web server boa /boafrm/formIpQoS of TOTOLINK A702R router software is related to the issue of the operation exceeding the buffer in memory when processing the mac parameter. Exploiting this vulnerability allows a malicious actor to cause service failure by sendin...
The vulnerability of the MongoDB database management system server allows a hacker to cause a service failure.
The vulnerability of the MongoDB database management system server is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...
The vulnerability of DevTools components in Google Chrome allows a hacker to execute arbitrary code.
The vulnerability of DevTools components in Google Chrome browsers is related to an incorrect limitation on the visible layers of the user interface. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the reboot() and restore() functions in the /cgi-bin/lighttpd.cgi microprogramming system of LB-LINK routers allows a attacker to execute arbitrary code.
The vulnerability of the reboot and restore functions in the /cgi-bin/lighttpd.cgi microprogramming system of LB-LINK routers is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the integration gateway with ESIA ESIA-Bridge, related to bypassing authentication through spoofing, allows a perpetrator to disclose protected information.
The vulnerability of the ESIA-Bridge integration gateway relates to bypassing authentication through spoofing. Exploiting this vulnerability allows a malicious actor to disclose sensitive information by redirecting users to a specially crafted HTML page...
The vulnerability of the idr_for_each() function in the Linux operating system’s kernel allows a attacker to cause a service failure.
The vulnerability of the idrforeach function in the Linux operating system’s kernel arises from the operation exceeding the memory buffer boundaries. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the ufshcd_err_handling_prepare function in Linux kernel allows a attacker to cause a service failure.
The vulnerability of the ufshcderrhandlingprepare function in Linux kernels is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the PAM-PKCS#11 authentication module in Linux operating systems allows a hacker to bypass the authentication process.
The vulnerability of the PAM-PKCS11 authentication module in Linux operating systems is related to deficiencies in the authentication process. Exploiting this vulnerability can allow a malicious actor to bypass the authentication process remotely...
The vulnerability of the JsonPickleSerializer component in the framework for working with large language models (LLM) like LlamaIndex allows a perpetrator to execute arbitrary code.
The vulnerability of the JsonPickleSerializer component in the framework for working with large language models LLM like LlamaIndex is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the RGXFWIF_HWPERF_CTL_BLK() function in the Driver Development Kit (DDK) allows a hacker to execute arbitrary code.
The vulnerability of the RGXFWIFHWPERFCTLBLK function in the Driver Development Kit DDK is related to a pointer overflow that occurs beyond the allocated memory range. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability of the nChannels() function in the Linux kernel’s Wi-Fi component, which allows a hacker to trigger a service failure.
The vulnerability of the nChannels function in the Linux kernel’s Wi-Fi component is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the amdgpu_unmap_static_csa() function in the drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c file of the Linux kernel’s Direct Rendering Infrastructure (DRI) AMD GPU driver allows a malicious actor to cause a system crash.
The vulnerability of the amdgpuunmapstaticcsa function in the drivers/gpu/drm/amd/amdgpu/amdgpucsa.c file of the Linux kernel’s Direct Rendering Infrastructure DRI AMD GPU driver is related to improper memory release. Exploiting this vulnerability can allow an attacker to cause a system failure...
The vulnerability of the fb_cvt_hperiod() function in the fbdev component of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the fbcvthperiod function in the fbdev component of the Linux operating system is related to the lack of checks for division by zero. Exploiting this vulnerability could allow an attacker to cause a service failure...