90604 matches found
The vulnerability of the Zero Shot scFoundation software lies in the presence of a vulnerability in the borrowed component, allowing a perpetrator to execute arbitrary code.
The vulnerability of the Zero Shot scFoundation software is related to the presence of a vulnerability in the borrowed component. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Microsoft Authenticator multi-factor authentication application lies in authentication errors in the handler for the customizable URL scheme. This allows attackers to disclose sensitive information that is protected by this authentication mechanism.
The vulnerability of the Microsoft Authenticator multi-factor authentication application is related to authentication errors in the handler for the customizable URL scheme. Exploiting this vulnerability can allow a perpetrator to disclose sensitive information...
The vulnerability of the Windows Authentication component in Windows operating systems allows attackers to enhance their privileges.
The vulnerability of the Windows Authentication component in Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the `scrub_find_fill_first_stripe()` function in the `fs/btrfs/scrub.c` file of the btrfs file system in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the scrubfindfillfirststripe function in the fs/btrfs/scrub.c file of the btrfs file system in the Linux operating system is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerabilities of the functions event_da_monitor() and error_da_monitor() in the kernel/trace/rv/rvTrace.h header of the Linux operating system allow a hacker to cause a service failure.
The vulnerability of the eventdamonitor and errordamonitor functions in the kernel/trace/rv/rvTrace.h header of the Linux operating system is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Windows Graphics Component, which allows attackers to exploit their privileges.
The vulnerability of the Windows Graphics Component in Windows operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to gain increased privileges...
The vulnerability of the Windows Ancillary Function Driver for WinSock on Windows operating systems allows attackers to exploit their privileges.
The vulnerability of the Windows Ancillary Function Driver for WinSock operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the administrative module for managing the SAP NetWeaver Enterprise Portal Administration, related to deserialization mechanism flaws, allows an attacker to execute arbitrary code.
The vulnerability of the administrative module for managing the SAP NetWeaver Enterprise Portal Administration is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the Connected Devices Platform Service for Windows operating systems allows a perpetrator to escalate their privileges.
The vulnerability of the Connected Devices Platform Service for Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...
Vulnerability of Microsoft Office packages, 365 Apps for Enterprise, and Excel, related to unreliable pointer dereferencing, allowing attackers to execute arbitrary code.
The vulnerability of Microsoft Office packages, 365 Apps for Enterprise, and Excel is related to an unreliable pointer assignment mechanism. Exploiting this vulnerability allows an attacker to execute arbitrary code...
The vulnerability of the Windows Mobile Broadband Driver allows a hacker to execute arbitrary code.
The vulnerability of the Windows Mobile Broadband Driver for Windows operating systems is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the WPE WebKit and WebKitGTK web page rendering modules, related to the occurrence of operations outside the buffer in memory, allows attackers to access confidential data, compromise its integrity, and cause service failures.
The vulnerability of the WPE WebKit and WebKitGTK page rendering modules is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a remote attacker to access confidential data, compromise its integrity, and cause service failures...
The vulnerability of Windows Admin Center’s server management tool, related to access control errors, allows attackers to escalate their privileges.
The vulnerability of the Windows Admin Center management tool is related to access control errors. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the registration broker for Windows auxiliary technologies, ATBroker.exe, in Windows operating systems, allows a perpetrator to increase their privileges.
The vulnerability of the ATBroker.exe process responsible for registering auxiliary technologies in Windows operating systems is related to the improper assignment of permissions to a critical resource. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the Adobe DNG Software Development Kit’s file reading and writing software lies in the ability to write beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.
The vulnerability of the Adobe DNG Software Development Kit’s file reading and writing software relates to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially created file...
The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in the lack of protective measures for website structures, allowing attackers to exploit their privileges.
The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to the lack of measures taken to protect the website structure. Exploiting these vulnerabilities can allow attackers to enhance...
The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in the lack of protective measures for website structures, allowing attackers to exploit their privileges.
The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to the lack of measures taken to protect the website structure. Exploiting these vulnerabilities can allow attackers to enhance...
The vulnerability of the Fortinet FortiDeceptor tool for detecting and responding to external and internal security threats relates to the ability to implant or modify arguments, allowing attackers to delete confidential files.
The vulnerability of the Fortinet FortiDeceptor tool for detecting and responding to external and internal security threats is related to the implementation or modification of arguments. Exploiting this vulnerability allows a remote attacker to delete confidential files using specially created HT...
The vulnerability of the Azure IoT Explorer software, related to insufficient validation of input data, allows attackers to perform spoofing attacks.
The vulnerability of the Azure IoT Explorer software is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to carry out spoofing attacks remotely...
The vulnerability of Microsoft Office, Excel, and 365 Apps for Enterprise packages relates to reading data beyond the buffer in memory, allowing an attacker to execute arbitrary code.
The vulnerability of Microsoft Office, Excel, and 365 Apps for Enterprise packages is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the ASP.NET Core software platform, related to unlimited resource distribution, allows attackers to cause service failures.
The vulnerability of the ASP.NET Core software platform is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
The vulnerability of the Azure Automation Hybrid Worker Windows Extension stems from authentication procedures that have flaws, allowing attackers to escalate their privileges.
The vulnerability of the Azure Automation Hybrid Worker Windows Extension is related to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers to gain increased privileges...
The vulnerability of the Microsoft 365 Apps for Enterprise package lies in the lack of measures taken to protect the structure of web pages, allowing attackers to disclose protected information.
The vulnerability of the Microsoft 365 Apps for Enterprise package is related to the lack of measures taken to protect the structure of web pages, which allows attackers to disclose protected information...
The vulnerability of the Azure MCP Server Tools lies in insufficient validation of requests on the server side, allowing attackers to increase their privileges.
The vulnerability of the Azure MCP Server Tools is related to insufficient testing of requests on the server side. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...
Vulnerability of the management extension for Azure virtual machines: Azure Diagnostics for Linux Virtual Machines, which is related to buffer overflow in dynamic memory, allows attackers to escalate their privileges.
The vulnerability of the Azure management extension for virtual machines is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...
The vulnerability of the Azure IoT Explorer software lies in the insufficient restrictions on communication channels for specific endpoints, allowing attackers to disclose sensitive information.
The vulnerability of the Azure IoT Explorer software lies in the insufficient restrictions on communication channels for specified endpoints. Exploiting this vulnerability could allow a malicious actor to disclose protected information remotely...
The vulnerability of the proprietary file system Windows Extensible File Allocation Table in Windows operating systems allows a hacker to increase their privileges.
The vulnerability of the proprietary file system Windows Extensible File Allocation Table in operating systems is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the Windows GDI+ interface on Windows operating systems allows attackers to disclose protected information.
The vulnerability of the Windows GDI+ interface on Windows operating systems is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to disclose sensitive information...
The vulnerability of the sctp_rcv() function in the net/sctp/input.c module of the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the sctprcv function in the net/sctp/input.c module of the Linux kernel is related to the use of an uninitialized variable. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the defer_free() function in the mm/slub.c module of the Linux kernel’s memory management subsystem allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the deferfree function in the mm/slub.c module of the Linux kernel’s memory management subsystem is related to the repeated use of previously freed memory. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and...
The vulnerability of the NBDKit Plugin Framework, a tool for creating NBD servers, related to integer overflows, allows attackers to cause service failures.
The vulnerability of the NBDKit Plugin Framework, a tool for creating NBD servers, is related to a numerical overflow vulnerability. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the yuv2ya16_X_c_template() function in the libswscale/output.c component of the multimedia library FFmpeg allows a attacker to cause a service failure.
The vulnerability of the yuv2ya16Xctemplate function in the libswscale/output.c component of the multimedia library FFmpeg is related to integer overflow. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in the lack of protective measures for website structures, allowing attackers to exploit their privileges.
The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to the lack of measures taken to protect the website structure. Exploiting these vulnerabilities can allow attackers to enhance...
The vulnerability of the software for creating 3D visualizations in Adobe Substance 3D Stager lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.
The vulnerability of the Adobe Substance 3D Stager software for creating 3D visualizations is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created file...
The vulnerability of the software for creating 3D visualizations in Adobe Substance 3D Stager lies in the ability to write beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.
The vulnerability of the software for creating 3D visualizations in Adobe Substance 3D Stager is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...
The vulnerability of the software for creating 3D visualizations in Adobe Substance 3D Stager lies in the ability to write beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.
The vulnerability of the software for creating 3D visualizations in Adobe Substance 3D Stager is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...
The vulnerability of the Fortinet FortiManager software, which is used for centralized device management, and the Fortinet FortiAnalyzer software, which is used for event monitoring and analysis, stems from the presence of undocumented configuration commands. This allows a malicious actor to circumvent security restrictions and gain unauthorized access to protected information.
The vulnerability of the Fortinet FortiManager software, which is used for centralized device management, and the Fortinet FortiAnalyzer software, which is used for event monitoring and analysis, is related to the presence of undocumented configuration commands. Exploiting this vulnerability can...
The vulnerability of the Resilient File System (ReFS) in Windows operating systems allows a perpetrator to increase their privileges.
The vulnerability of the Resilient File System ReFS in Windows operating systems relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the Azure IoT Explorer software, related to the transmission of critical information in plaintext, allows a perpetrator to disclose protected information.
The vulnerability of the Azure IoT Explorer software is related to the transmission of critical information in open text format. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...
The vulnerability of the Windows App Client’s remote desktop client, related to insufficient verification of data authenticity, allows attackers to perform spoofing attacks.
The vulnerability of the Windows App Client’s remote desktop client is related to insufficient verification of data authenticity. Exploiting this vulnerability allows a malicious actor to perform spear-phishing attacks remotely...
The vulnerability of Microsoft Office, Excel, and 365 Apps for Enterprise packages lies in the fact that operations are performed outside of the buffer in memory, allowing an attacker to execute arbitrary code.
The vulnerability of Microsoft Office, Excel, and 365 Apps for Enterprise packages is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the extension for Microsoft Entra ID (formerly Azure Active Directory). The Microsoft Azure AD SSH login extension, which is associated with initialization errors, allows a perpetrator to escalate their privileges.
The vulnerability of the Microsoft Entra ID formerly Azure Active Directory Microsoft Azure AD SSH login extension is related to initialization errors. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of Microsoft SharePoint Server Subscription Edition, SharePoint Server, and SharePoint Enterprise Server lies in insufficient input data validation, allowing an attacker to execute arbitrary code.
The vulnerability of Microsoft SharePoint Server Subscription Edition, SharePoint Server, and SharePoint Enterprise Server is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code remotely...
The vulnerability of the rtw_get_ie() function in the drivers/staging/rtl8723bs/core/rtw_ieee80211.c module allows unauthorized access to protected information by a remote attacker. This vulnerability enables an intruder to gain unauthorized access to sensitive data.
The vulnerability of the rtwgetie function in the drivers/staging/rtl8723bs/core/rtwieee80211.c module, which supports additional devices in the Linux operating system, is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to gain...
The vulnerability of the OnBeacon() function in the drivers/staging/rtl8723bs/core/rtw_mlme_ext.c module allows unauthorized access to protected information by a remote attacker. This vulnerability enables unauthorized access to sensitive data.
The vulnerability of the OnBeacon function in the drivers/staging/rtl8723bs/core/rtwmlmeext.c module, which supports additional devices in the Linux operating system, is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to gain unauthoriz...
The vulnerability in the driver module drivers/hid/intel-thc-hid/intel-quicki2c/quicki2c-dev.h of the Intel-I2C driver in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the drivers/hid/intel-thc-hid/intel-quicki2c/quicki2c-dev.h module of the Linux operating system’s kernel relates to access to memory beyond the permissible buffer data size due to errors in interpreting data received from hardware components. Exploiting this vulnerability ca...
The vulnerability of the Kerberos Python-kdcproxy proxy server, related to insufficient validation of incoming requests, allows a perpetrator to access confidential data.
The vulnerability of the Kerberos Python-kdcproxy proxy server lies in insufficient validation of incoming requests. Exploiting this vulnerability allows a malicious actor to gain access to confidential data...
The vulnerability of the net/sctp component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the net/sctp component in the Linux operating system is related to pointer dereferencing errors. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of Adobe Experience Manager’s content and media data management system, related to the lack of measures taken to protect the website structure, allows a hacker to execute arbitrary JavaScript code.
The vulnerability of the Adobe Experience Manager content and media data management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow an attacker to execute arbitrary JavaScript code...
The vulnerability of Adobe Experience Manager’s content and media data management system, related to the lack of measures taken to protect the website structure, allows a hacker to execute arbitrary JavaScript code.
The vulnerability of the Adobe Experience Manager content and media data management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow an attacker to execute arbitrary JavaScript code...