The vulnerability of the Tenda AC20 router’s microprogramming software, related to reading data outside the buffer in memory, allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of Tenda AC20 microprogramming software lies in the reading of data outside the buffer in memory when processing the parameter “list” in the file /goform/SetStaticRouteCfg. Exploitation of this vulnerability allows a remote attacker to execute arbitrary code or cause service...

The vulnerability of the built-in web server boa (/boafrm/formIpQoS) of TOTOLINK A702R router’s microprogramming software allows a intruder to cause a service failure.

The vulnerability of the built-in web server boa /boafrm/formIpQoS of TOTOLINK A702R router software is related to the issue of the operation exceeding the buffer in memory when processing the mac parameter. Exploiting this vulnerability allows a malicious actor to cause service failure by sendin...

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to incorrect authentication, allows a hacker to bypass existing security restrictions.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to incorrect authentication. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions remotely...

The vulnerability of the reboot() and restore() functions in the /cgi-bin/lighttpd.cgi microprogramming system of LB-LINK routers allows a attacker to execute arbitrary code.

The vulnerability of the reboot and restore functions in the /cgi-bin/lighttpd.cgi microprogramming system of LB-LINK routers is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the `nvme_tcp_setup_ctrl()` function in the Linux operating system allows a hacker to increase their privileges.

The vulnerability of the nvmetcpsetupctrl function driver/nvme/host/tcp.c in the Linux kernel is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the ArxivReader framework for working with Large Language Models (LLMs) like LlamaIndex allows attackers to compromise the integrity of protected information.

The vulnerability of the ArxivReader framework for working with Large Language Models LLMs like LlamaIndex is related to a violation of expected behavior. Exploiting this vulnerability could allow an attacker to compromise the integrity of the protected information...

The vulnerability of the framework for working with large language models (LLMs) like LlamaIndex lies in the improper restriction on recursive references to entities in the DTD. This allows attackers to trigger a service failure.

The vulnerability of the LlamaIndex framework for working with large language models is related to an improper limitation on recursive references to entities in the DTD. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability of component r15 in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of component r15 in the Linux operating system’s kernel is related to incorrect resource locking. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Mattermost instant messaging application, related to an incorrect restriction on the path to the restricted catalog, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Mattermost instant messaging application is related to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

The vulnerability of the yiisoft/yii2-redis framework in Yii, which allows attackers to expose protected information.

The vulnerability of the yiisoft/yii2-redis framework in Yii is related to the exposure of information through registration files. Exploiting this vulnerability allows a malicious actor to disclose protected information through the AUTH parameter...

The vulnerability of the Docker-based deployment and email server management tool, mailcow:dockerized, lies in the redirection of URLs to an unreliable website, allowing attackers to carry out phishing attacks.

The vulnerability of the Docker-based deployment and email server management tool, mailcow:dockerized, relates to the redirection of URLs to an unreliable website. Exploiting this vulnerability allows a remote attacker to carry out phishing attacks using a specially created malicious link...

The vulnerability of the index.php file of the WeGIA web manager allows attackers to perform cross-site scripting attacks.

The vulnerability of the index.php file of the WeGIA web manager is related to the failure to protect the structure of the web page when processing the erro parameter. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

The vulnerability of the IAM authentication service for the Kubernetes MinIO Operator STS allows a perpetrator to escalate their privileges and expose protected information.

The vulnerability of the IAM authentication service for the Kubernetes MinIO Operator STS is related to insufficient protection of registration data. Exploiting this vulnerability can allow a malicious actor to increase their privileges and expose sensitive information...

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to incorrect authentication, allows a hacker to bypass existing security restrictions.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to incorrect authentication. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions remotely...

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

The vulnerability of the apcli_wps_gen_pincode function in the Netgear RAX5 router’s built-in software allows a hacker to execute arbitrary commands.

The vulnerability of the apcliwpsgenpincode function in Netgear RAX5 router’s built-in software is related to the lack of measures for cleaning input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the FTP service provided by TOTOLINK N600R and X2000R microprogrammable router software allows attackers to increase their privileges.

The vulnerability of the FTP service provided by TOTOLINK N600R and X2000R microprogrammed router software is related to the improper assignment of privileges. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

The vulnerability in the driver/net/wwan/t7xx/t7xx_netdev.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the drivers/net/wwan/t7xx/t7xxnetdev.c module of the Linux operating system is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability in the ReadParams function of the fcgiapp.c file, part of the FastCGI protocol implementation for the fcgii2 library (fcgi), allows a hacker to execute arbitrary code.

The vulnerability of the ReadParams function in the fcgiapp.c file of the FastCGI protocol implementation, within the fcgii2 fcgi library, is related to a numerical overflow vulnerability. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending requests containing...

The vulnerability of the rgxfw_write_robustness_buffer() function in the Driver Development Kit (DDK) toolset allows a hacker to gain unauthorized access to protected information.

The vulnerability of the rgxfwwriterobustnessbuffer function in the Driver Development Kit DDK toolset is related to context privilege switching errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the btintel_dsbr() function in the Linux kernel’s Bluetooth component allows a hacker to induce a service failure.

The vulnerability of the btinteldsbr function in the Linux kernel’s Bluetooth component is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to cause a system failure...

The vulnerability of the Podman software for managing and launching OCI containers is related to errors in the certificate validation process, allowing an attacker to execute a “man-in-the-middle” attack.

The vulnerability of the Podman software for managing and launching OCI containers is related to errors in the certificate validation process. Exploiting this vulnerability could allow a remote attacker to execute a “man-in-the-middle” attack...

The vulnerability of the built-in web server boa (/boafrm/formPortFw) of TOTOLINK A702R router’s microprogramming software allows a hacker to induce a service failure.

The vulnerability of the built-in web server boa /boafrm/formPortFw of TOTOLINK A702R router’s microprogramming software is related to the issue of the operation exceeding the buffer in memory when processing the parameter servicetyp. Exploiting this vulnerability allows a malicious actor to caus...

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to incorrect authentication, allows a hacker to bypass existing security restrictions.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to incorrect authentication. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions remotely...

The vulnerability of the sub_3D0BC function in Netgear EX6200 Wi-Fi router’s built-in software allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the sub3D0BC function in Netgear EX6200 Wi-Fi router’s built-in software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protecte...

The vulnerability of the vif_disable function in the Netgear RAX5 router’s built-in software allows a hacker to execute arbitrary commands.

The vulnerability of the vifdisable function in the Netgear RAX5 router’s built-in software is related to the lack of measures for cleaning input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the websocket-extensions module in the Ruby programming language allows a hacker to trigger a service failure.

The vulnerability of the websocket-extensions module in the Ruby programming language is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the sub_4256CC() function in TP-Link TL-WPA8630 router software allows a hacker to execute arbitrary code.

The vulnerability of the sub4256CC function in TP-Link TL-WPA8630 router software lies in the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the `atomctrl_initialize_mc_reg_table()` function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the atomctrlinitializemcregtable function in the Linux operating system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the avs_dai_find_path_template() function in the Linux operating system’s ASoC kernel allows a attacker to cause a service failure.

The vulnerability of the avsdaifindpathtemplate function in the Linux operating system’s ASoC kernel is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the Automation Stitch component in operating systems FortiOS and FortiProxy servers for protecting against Internet attacks allows attackers to bypass authentication procedures and gain increased privileges.

The vulnerability of the Automation Stitch component in FortiOS operating systems and FortiProxy proxy servers relates to bypassing the authentication process by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to circumvent the authentication process a...

The vulnerability of the mt7996_set_monitor() function in the Linux kernel’s Wi-Fi component allows a hacker to trigger a service failure.

The vulnerability of the mt7996setmonitor function in the Linux kernel’s Wi-Fi component is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the Redis database management system, related to uncontrolled memory allocation, allows attackers to trigger service failures.

The vulnerability of the Redis database management system is related to uncontrolled memory allocation. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

The vulnerability of the diskUsageBuildsStats component on the CI/CD application integration and delivery system’s page allows a hacker to execute cross-site scripting attacks.

The vulnerability of the diskUsageBuildsStats page in the Continuous Integration and Delivery Application System CI/CD of JetBrains TeamCity is related to the lack of security measures for the website structure. Exploiting this vulnerability could allow a malicious actor to execute cross-site...

The vulnerability of the Citrix ADC application delivery controller (formerly Citrix NetScaler Application Delivery Controller) and the Citrix Gateway virtual environment access control system (formerly Citrix NetScaler Gateway) relates to an operation that goes beyond the buffer in memory, allowing a malicious actor to cause service failures.

The vulnerability of the Citrix ADC application delivery controller formerly Citrix NetScaler Application Delivery Controller and the Citrix Gateway virtual environment access control system formerly Citrix NetScaler Gateway is related to an operation that goes beyond the buffer in memory...

The vulnerability in the `drivers/net/wireless/intel/iwlwifi/mld/mld.c` module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the drivers/net/wireless/intel/iwlwifi/mld/mld.c module of the Linux operating system is related to pointer manipulation. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the queue_work() function in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the queuework function in the Linux operating system’s kernel is related to the use of memory after it has been freed. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the io_bitmap_exit() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the iobitmapexit function in the Linux operating system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to trigger a service failure...

The vulnerability of the parse_int_array() function in the ASoC component of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the parseintarray function in the ASoC component of the Linux operating system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the Redis database management system server, which involves unlimited resource distribution, allows attackers to cause service failures.

The vulnerability of the Redis database management system is related to the unlimited distribution of resources. Exploiting this vulnerability allows a malicious actor to cause service failures through repeated unauthorized connections...

The vulnerability of the apcli_do_enr_pbc_wps function in the Netgear RAX5 router’s built-in software allows a hacker to execute arbitrary commands.

The vulnerability of the apclidoenrpbcwps function in Netgear RAX5 router’s built-in software is related to the lack of measures for cleaning input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the Linux operating system’s kernel bus component allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Linux operating system’s kernel bus component is related to a memory reclamation error. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

The vulnerability of the mgmtremove_adv_monitorcomplete() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the mgmtremoveadvmonitorcomplete function in the Linux operating system is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the rgxfw_hwr_log_info() function in the Driver Development Kit (DDK) – a set of tools for developing graphics processor drivers – allows a hacker to compromise the integrity of protected information.

The vulnerability of the rgxfwhwrloginfo function in the Driver Development Kit DDK involves a pointer being moved beyond the allocated memory area when processing the psHWRInfoBuf parameter. Exploiting this vulnerability can allow an attacker to compromise the integrity of the protected...

The vulnerability of the init_nfsd() function in the fs/nfsd/nfsctl.c file, which is part of the Linux kernel’s network file system support for NFS, allows a hacker to cause a service failure.

The vulnerability of the initnfsd function in the fs/nfsd/nfsctl.c file, which is part of the Linux kernel’s network file system support, relates to the assignment of the NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the built-in boa server (/boafrm/formMapDel) of the TOTOLINK X15 router’s microprogramming software allows a hacker to cause a service failure.

The vulnerability of the built-in server boa /boafrm/formMapDel of the TOTOLINK X15 router microprogramming software is related to the issue of the operation exceeding the buffer boundaries in memory when processing the parameter devicemac1. Exploiting this vulnerability allows a remote attacker ...

The vulnerability of the MongoDB database management system server allows a hacker to cause a service failure.

The vulnerability of the MongoDB database management system server is related to errors in data type mixing. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the CI/CD application integration and delivery system provided by JetBrains TeamCity, related to insufficient protection of registration data, allows attackers to disclose protected information.

The vulnerability of the Continuous Integration and Deployment application delivery system CI/CD of TeamCity in JetBrains is related to insufficient protection for registration data. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...

The vulnerability of the Grafana monitoring and surveillance platform, related to insufficient validation of input data, allows a perpetrator to trigger a service failure.

The vulnerability of the Grafana monitoring and observation platform is related to insufficient validation of input data during the processing of panel headers or names. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the idxd_alloc() function in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the idxdalloc function in the Linux operating system’s kernel is related to the lack of memory release after the effective lifespan has ended. Exploiting this vulnerability can allow an attacker to cause a service failure...