90509 matches found
The vulnerability of the Windows Device Association Service in Windows operating systems allows a hacker to increase their privileges.
The vulnerability of the Windows Device Association Service in Windows operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow attackers to gain increased privileges...
The vulnerability of the Apache Airflow network software lies in the insufficient control over resources with dynamic management, allowing a hacker to execute arbitrary code.
The vulnerability of the Apache Airflow network software lies in the insufficient control over resources with dynamic management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted HTTP request...
The vulnerability of the net/smc component in Linux operating systems allows a hacker to trigger a service failure.
The vulnerability of the net/smc component in Linux operating systems is related to the simultaneous execution using shared resources with incorrect synchronization. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit, related to the occurrence of operations outside the buffer in memory, allows attackers to access confidential data, compromise its integrity, and cause service failures.
The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit relates to the escape of operations beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to access confidential data, compromise its integrity, and cause service failures...
The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in the lack of protective measures for website structures, allowing attackers to exploit their privileges.
The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to the lack of measures taken to protect the website structure. Exploiting these vulnerabilities can allow attackers to enhance...
The vulnerability of the software for creating 3D visualizations in Adobe Substance 3D Stager lies in the ability to write beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.
The vulnerability of the software for creating 3D visualizations in Adobe Substance 3D Stager is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...
The vulnerability of the software for creating 3D visualizations in Adobe Substance 3D Stager lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.
The vulnerability of the Adobe Substance 3D Stager software for creating 3D visualizations is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created file...
The vulnerability of PDF viewing and editing programs such as Acrobat DC, Acrobat Reader DC, and Acrobat 2024 lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.
The vulnerability of PDF viewing and editing programs such as Acrobat DC, Acrobat Reader DC, and Acrobat 2024 is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the registration broker for Windows auxiliary technologies, ATBroker.exe, in Windows operating systems, allows a perpetrator to increase their privileges.
The vulnerability of the ATBroker.exe process responsible for registering auxiliary technologies in Windows operating systems is related to the improper assignment of permissions to a critical resource. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the software for creating 3D visualizations in Adobe Substance 3D Stager lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.
The vulnerability of the Adobe Substance 3D Stager software for creating 3D visualizations is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created file...
The vulnerability of the software for creating 3D visualizations in Adobe Substance 3D Stager lies in the ability to write beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.
The vulnerability of the software for creating 3D visualizations in Adobe Substance 3D Stager is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...
The vulnerability of the UNIX Disk Format File System Driver (UDFS) on Windows operating systems allows a hacker to increase their privileges.
The vulnerability of the UNIX Disk Format File System Driver UDFS on Windows operating systems lies in the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...
The vulnerability of the Resilient File System (ReFS) in Windows operating systems allows a perpetrator to increase their privileges.
The vulnerability of the Resilient File System ReFS in Windows operating systems relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of Microsoft Office and 365 Apps for Enterprise packages, related to data type mixing errors, allows attackers to execute arbitrary code.
The vulnerability of Microsoft Office packages and 365 Apps for Enterprise is related to data type mixing errors. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the Windows App Client’s remote desktop client, related to insufficient verification of data authenticity, allows attackers to perform spoofing attacks.
The vulnerability of the Windows App Client’s remote desktop client is related to insufficient verification of data authenticity. Exploiting this vulnerability allows a malicious actor to perform spear-phishing attacks remotely...
The vulnerability of Microsoft Office, Excel, and 365 Apps for Enterprise packages lies in the fact that operations are performed outside of the buffer in memory, allowing an attacker to execute arbitrary code.
The vulnerability of Microsoft Office, Excel, and 365 Apps for Enterprise packages is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the extension for Microsoft Entra ID (formerly Azure Active Directory). The Microsoft Azure AD SSH login extension, which is associated with initialization errors, allows a perpetrator to escalate their privileges.
The vulnerability of the Microsoft Entra ID formerly Azure Active Directory Microsoft Azure AD SSH login extension is related to initialization errors. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of the Zero Shot scFoundation software lies in the presence of a vulnerability in the borrowed component, allowing a perpetrator to execute arbitrary code.
The vulnerability of the Zero Shot scFoundation software is related to the presence of a vulnerability in the borrowed component. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the proprietary file system Windows Extensible File Allocation Table in Windows operating systems allows a hacker to increase their privileges.
The vulnerability of the proprietary file system Windows Extensible File Allocation Table in operating systems is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the xe_vmbind_ioctl() function in the drivers/gpu/drm/xe/xe_vm.c module of the Direct Rendering Infrastructure (DRI) driver in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the xevmbindiocl function in the drivers/gpu/drm/xe/xevm.c module of the Direct Rendering Infrastructure DRI driver for the Linux operating system is related to the reallocation of previously released memory. Exploiting this vulnerability could allow an attacker to compromise...
The vulnerability of the Windows GDI+ interface on Windows operating systems allows attackers to disclose protected information.
The vulnerability of the Windows GDI+ interface on Windows operating systems is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to disclose sensitive information...
The vulnerability of the Windows Device Association Service on Windows operating systems allows a perpetrator to increase their privileges.
The vulnerability of the Windows Device Association Service in Windows operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow attackers to gain increased privileges...
The vulnerability of the print spooler driver for Windows operating systems allows a hacker to execute arbitrary code.
The vulnerability of the Windows Print Spooler in operating systems related to printing vulnerabilities involve the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the perf/x86/intel component in the Linux operating system’s kernel, which allows a hacker to trigger a service failure
The vulnerability of the perf/x86/intel component in the Linux operating system is related to reading data from buffer files beyond their allowable limits. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the ceph kernel component in the Linux operating system, which allows a hacker to trigger a service failure
The vulnerability of the ceph kernel component in the Linux operating system is related to insufficient access control details. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the NBDKit Plugin Framework, a tool for creating NBD servers, is related to a single shift error, which allows a hacker to trigger a service failure.
The vulnerability of the NBDKit Plugin Framework, a tool for creating NBD servers, is related to a single-shift error. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Windows Hyper-V hardware virtualization system allows attackers to escalate their privileges.
The vulnerability of the Windows Hyper-V hardware virtualization system in Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the yuv2ya16_X_c_template() function in the libswscale/output.c component of the multimedia library FFmpeg allows a attacker to cause a service failure.
The vulnerability of the yuv2ya16Xctemplate function in the libswscale/output.c component of the multimedia library FFmpeg is related to integer overflow. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of PDF viewing and editing programs such as Acrobat DC, Acrobat Reader DC, and Acrobat 2024 lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.
The vulnerability of PDF viewing and editing programs such as Acrobat DC, Acrobat Reader DC, and Acrobat 2024 is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the software for creating 3D visualizations in Adobe Substance 3D Stager lies in the ability to write beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.
The vulnerability of the software for creating 3D visualizations in Adobe Substance 3D Stager is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...
The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in their lack of authentication mechanisms, which allow attackers to increase their privileges.
The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to deficiencies in authentication mechanisms. Exploiting these vulnerabilities can allow attackers to enhance their privileges...
The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in the lack of protective measures for website structures, allowing attackers to exploit their privileges.
The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to the lack of measures taken to protect the website structure. Exploiting these vulnerabilities can allow attackers to enhance...
The vulnerability of the Fortinet FortiDeceptor tool for detecting and responding to external and internal security threats relates to the ability to implant or modify arguments, allowing attackers to delete confidential files.
The vulnerability of the Fortinet FortiDeceptor tool for detecting and responding to external and internal security threats is related to the implementation or modification of arguments. Exploiting this vulnerability allows a remote attacker to delete confidential files using specially created HT...
The vulnerability of the Fortinet FortiClient Enterprise Management Server (EMS) and the FortiClient EMS Cloud cloud storage service lies in insufficient verification of the connection source. This allows attackers to replace the trusted host.
The vulnerability of the Fortinet FortiClient Enterprise Management Server EMS and the FortiClient EMS Cloud cloud storage service is related to insufficient verification of the connection source. Exploiting this vulnerability allows a malicious actor to replace the trusted host...
The vulnerability of the Azure IoT Explorer software, related to insufficient validation of input data, allows attackers to perform spoofing attacks.
The vulnerability of the Azure IoT Explorer software is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to carry out spoofing attacks remotely...
The vulnerability of the IShellLink interface in Windows operating systems allows attackers to perform spoofing attacks.
The vulnerability of the IShellLink interface in Windows operating systems is related to insufficient protection of service data. Exploiting this vulnerability allows a remote attacker to perform spoofing attacks...
The vulnerability of the Azure IoT Explorer software, related to the transmission of critical information in plaintext, allows a perpetrator to disclose protected information.
The vulnerability of the Azure IoT Explorer software is related to the transmission of critical information in open text format. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...
The vulnerability of the Azure IoT Explorer software, related to the transmission of critical information in plaintext, allows a perpetrator to disclose protected information.
The vulnerability of the Azure IoT Explorer software is related to the transmission of critical information in open text format. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...
The vulnerability of the Azure Automation Hybrid Worker Windows Extension stems from authentication procedures that have flaws, allowing attackers to escalate their privileges.
The vulnerability of the Azure Automation Hybrid Worker Windows Extension is related to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers to gain increased privileges...
The vulnerability of the Azure MCP Server Tools lies in insufficient validation of requests on the server side, allowing attackers to increase their privileges.
The vulnerability of the Azure MCP Server Tools is related to insufficient testing of requests on the server side. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...
The vulnerability of the OnBeacon() function in the drivers/staging/rtl8723bs/core/rtw_mlme_ext.c module allows unauthorized access to protected information by a remote attacker. This vulnerability enables unauthorized access to sensitive data.
The vulnerability of the OnBeacon function in the drivers/staging/rtl8723bs/core/rtwmlmeext.c module, which supports additional devices in the Linux operating system, is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to gain unauthoriz...
The vulnerability of the smb3_fs_contextParseParam() function in the fs/smb/client/fsContext.c module, which is part of the SMB client support for Linux operating systems, allows a hacker to cause a service failure.
The vulnerability of the smb3fscontextParseParam function in the fs/smb/client/fsContext.c module, which is part of the SMB client support for Linux operating systems, relates to incomplete cleanup of temporary or auxiliary resources. Exploiting this vulnerability could allow an attacker to cause...
The vulnerability of the write_one_eb() function in the fs/btrfs/extent_io.c module of the Btrfs file system in the Linux kernel allows a attacker to cause a service failure.
The vulnerability of the writeoneeb function in the fs/btrfs/extentio.c file of the Btrfs file system in the Linux kernel is related to incomplete cleanup of temporary or auxiliary resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability in the driver module drivers/hid/intel-thc-hid/intel-quicki2c/quicki2c-dev.h of the Intel-I2C driver in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the drivers/hid/intel-thc-hid/intel-quicki2c/quicki2c-dev.h module of the Linux operating system’s kernel relates to access to memory beyond the permissible buffer data size due to errors in interpreting data received from hardware components. Exploiting this vulnerability ca...
The vulnerability of the Windows operating system’s kernel, which allows a hacker to increase their privileges
The vulnerability of Windows operating system kernels is related to incorrect external management of file names or file paths. Exploiting this vulnerability can allow an attacker to gain increased privileges...
The vulnerability of the Windows Graphics component in Windows operating systems allows a hacker to trigger a service failure.
The vulnerability of the Windows Graphics component in Windows operating systems is related to pointer manipulation. Exploiting this vulnerability can allow an attacker to cause a system failure...
The vulnerability of the Windows Ancillary Function Driver for WinSock on Windows operating systems allows attackers to exploit their privileges.
The vulnerability of the Windows Ancillary Function Driver for WinSock operating systems is related to improper validation of the specified data type. Exploiting this vulnerability can allow an attacker to gain increased privileges...
The vulnerability of the Windows Operating System’s Telephony Service allows attackers to exploit their privileges.
The vulnerability of the Windows Operating System’s Telephony Service is related to overflowing buffers in the dynamic memory. Exploiting this vulnerability allows a remote attacker to gain increased privileges...
The vulnerabilities of the functions exfat_find_dir_entry() and exfat_count_dirEntries() in the fs/exfat/dir.c module of the exFAT file system for Linux operating systems allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the exfatfinddirentry and exfatcountdirEntries functions in the fs/exfat/dir.c file of the exFAT file system in Linux operating systems is related to the execution of a loop with an unreachable exit condition „Infinite loop“. Exploiting this vulnerability could allow an...
The vulnerabilities of the functions event_da_monitor() and error_da_monitor() in the kernel/trace/rv/rvTrace.h header of the Linux operating system allow a hacker to cause a service failure.
The vulnerability of the eventdamonitor and errordamonitor functions in the kernel/trace/rv/rvTrace.h header of the Linux operating system is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to cause a service failure...