The vulnerability of the setWiFiScheduleCfg() function in the web/cgi-bin/cstecgi.cgi script of the TOTOLINK X5000R router’s microprogramming software allows a perpetrator to execute arbitrary commands.

The vulnerability of the setWiFiScheduleCfg function in the web/cgi-bin/cstecgi.cgi script of the TOTOLINK X5000R router’s microprogramming system is related to the failure to take measures to neutralize special elements used in the operating system’s processing of the sHour parameter. Exploiting...

The vulnerability of the setWiFiScheduleCfg() function in the web/cgi-bin/cstecgi.cgi script of the TOTOLINK X5000R router’s microprogramming software allows a perpetrator to execute arbitrary commands.

The vulnerability of the setWiFiScheduleCfg function in the web/cgi-bin/cstecgi.cgi script of the TOTOLINK X5000R router’s microprogramming system is related to the failure to take measures to neutralize special elements used in the operating system’s processing of the week parameter. Exploiting...

The vulnerability of the setWiFiScheduleCfg() function in the web/cgi-bin/cstecgi.cgi script of the TOTOLINK X5000R router’s microprogramming software allows a perpetrator to execute arbitrary commands.

The vulnerability of the setWiFiScheduleCfg function in the web/cgi-bin/cstecgi.cgi script of the TOTOLINK X5000R router’s microprogramming system is related to the failure to take measures to neutralize special elements used in the operating system’s processing of the desc parameter. Exploiting...

The vulnerability of the check_dws_cookie() function in the wireless repeater software of D-Link DAP-1620 allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the checkdwscookie function in the wireless repeater software developed by D-Link DAP-1620 lies in the fact that the operation’s output escapes the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause a service failu...

The vulnerability of the set_ws_action() function in D-Link DAP-1620 wireless repeater software allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the setwsaction function in D-Link DAP-1620 wireless repeater microprogramming software lies in the fact that the operation’s output escapes the buffer and enters memory. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and...

The vulnerability of the resolveFile method in the unified API for accessing various file systems in Apache Commons VFS allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the resolveFile method in the unified API for accessing various file systems using Apache Commons VFS is related to errors in processing the relative path to the directory when handling the scope parameter. Exploiting this vulnerability could allow an attacker to gain...

Vulnerability of the `close_ctree()` function (fs/btrfs/disk-io.c) in the Linux kernel, which allows an attacker to increase their privileges

The vulnerability of the closectree function fs/btrfs/disk-io.c in the Linux kernel relates to the possibility of using memory after it has been freed. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerabilities of the functions tpm2FlushSpace() and tpmDevTransmit() in the Linux operating system’s Trusted Platform Module (TPM) kernel driver allow a hacker to trigger a service failure.

The vulnerabilities of the functions tpm2FlushSpace and tpmDevTransmit in the Linux operating system’s Trusted Platform Module TPM kernel are related to the lack of memory release after the effective lifespan has ended. Exploiting these vulnerabilities can allow an attacker to trigger a service...

The vulnerability of components Veeam.Backup.Core.BackupSummary and Veeam.Backup.EsxManager.xmlFrameworkDs of the cloud, virtual, and physical system protection software Veeam Backup & Replication allows a attacker to execute arbitrary code.

The vulnerabilities of the Veeam.Backup.Core.BackupSummary component and the Veeam.Backup.EsxManager.xmlFrameworkDs components of the cloud, virtual, and physical system protection solutions from Veeam Backup & Replication are related to deserialization mechanism flaws. Exploiting these...

The vulnerability of the VMmanager 6 virtualization tool, related to the lack of protective measures for the SQL query structure, allows attackers to execute arbitrary SQL queries against the database.

The vulnerability of VMmanager 6’s virtualization mechanism is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries against the database remotely...

The vulnerability in the WebChannel API interface of Mozilla Firefox, Firefox ESR, and email clients Thunderbird, Thunderbird ESR, allows a perpetrator to escalate their privileges.

The vulnerability of the WebChannel API interface in browsers such as Mozilla Firefox, Firefox ESR, and email clients like Thunderbird, Thunderbird ESR, is related to authentication process flaws. Exploiting this vulnerability can allow attackers to enhance their privileges remotely...

The vulnerability in the nfsd module’s fs/nfsd/vfs.c kernel of the Linux operating system, which allows a intruder to cause a service failure.

The vulnerability of the nfsd module’s fs/nfsd/vfs.c part of the Linux operating system is related to incorrect resource blocking. Exploiting this vulnerability can allow a hacker to cause service failures...

The vulnerability of the dbDiscardAG() function in the file system of Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the dbDiscardAG function in the file system of Linux kernel is related to the operation of writing data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the RedisBloom data structure module of the Redis database management system, which is related to integer overflow, allows attackers to execute arbitrary code.

The vulnerability of the RedisBloom data structure module of the Redis database management system is related to integer overflow. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Apache Airflow Fab Provider software, which is used for creating, monitoring, and orchestrating data processing scenarios in Apache Airflow, stems from incorrect session duration settings. This allows attackers to maintain a session in the system.

The vulnerability of the Apache Airflow Fab Provider software, which is used for creating, monitoring, and orchestrating data processing scenarios, is related to incorrect session duration settings. Exploiting this vulnerability allows a malicious actor to maintain a session on the system...

The vulnerabilities of PDF viewing and editing programs from Adobe Acrobat Document Cloud, Acrobat Reader Document Cloud, Acrobat 2020, Acrobat 2024, and Acrobat Reader 2020 involve reading data beyond the buffer in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Acrobat Reader Document Cloud, Acrobat 2020, Acrobat 2024, and Acrobat Reader 2020 involve reading data beyond the buffer in memory. Exploiting these vulnerabilities can allow attackers to gain...

The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software, related to deficiencies in access control, allows attackers to escalate their privileges.

The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remotely...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to the swapping of pointers, allows a hacker to trigger a service failure.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to the use of pointers. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the Inventory module in the GLPI system, which handles requests, incidents, and inventory management of computer equipment, allows a hacker to execute arbitrary SQL commands.

The vulnerability of the Inventory module in the GLPI system for job requests, incidents, and computer equipment inventory relates to the improper elimination of special elements used in SQL queries. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...

The vulnerability of the Bitdefender BOX 1 device for protecting appliances and gadgets lies in the lack of measures taken at the control level to clean data. This allows a perpetrator to execute arbitrary commands.

The vulnerability of the Bitdefender BOX 1 device for protecting appliances and gadgets is related to the lack of measures taken to clean data at the control level during the processing of the final checkpoint /checkimageandtriggerrecovery. Exploiting this vulnerability allows a remote attacker t...

Vulnerability of the vhost_scsi_get_req() function (driver/vhost/scsi.c) in the Linux kernel, allowing a hacker to cause a service failure

The vulnerability of the vhostscsigetreq function driver/vhost/scsi.c in the Linux kernel is related to pointer aliasing. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the osnoise_hotplug_workfn() function (kernel/trace/trace_osnoise.c) in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the osnoisehotplugworkfn function kernel/trace/traceosnoise.c in the Linux operating system is related to resource management errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the nfs4_state_shutdown_net() function in the fs/nfsd/nfs4state.c module of the nfsd component of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the nfs4stateshutdownnet function in the fs/nfsd/nfs4state.c module of the nfsd component of the Linux operating system is related to the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

The vulnerability of the VMmanager 6 virtualization tool, related to the lack of protective measures for the SQL query structure, allows attackers to execute arbitrary SQL queries against the database.

The vulnerability of VMmanager 6’s virtualization mechanism is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries against the database remotely...

The vulnerability of the `commit_planes_for_stream()` function in the drivers/gpu/drm/amd/display/dc/core/dc.c kernel of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the commitplanesforstream function in the drivers/gpu/drm/amd/display/dc/core/dc.c file of the Linux kernel is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the filein_process function in the in_file.c file of the MP4Box packaging tool for the GPAC multimedia platform, related to buffer overflow in the stack, allows a attacker to cause a service failure.

The vulnerability of the fileinprocess function in the MP4Box packaging tool of the GPAC multimedia platform is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the `tcp_can_coalesce_send_queue_head()` function in the `net/ipv4/tcp_output.c` module of the Linux kernel allows a attacker to cause a service failure.

The vulnerability of the tcpcancoalescesendqueuehead function in the net/ipv4/tcpoutput.c module of the Linux kernel is associated with code errors. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

The vulnerabilities of the functions dbAdjTree() and dbFindLeaf() in the kernel module fs/jfs/jfs_dmap.c of the Linux operating system allow a hacker to cause a service failure.

The vulnerability of the functions dbAdjTree and dbFindLeaf in the kernel module fs/jfs/jfsdmap.c of the Linux operating system is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the Application-Layer Protocol Negotiation (ALPN) component in Mozilla Firefox, Firefox ESR, and email clients Thunderbird, Thunderbird ESR, allows a hacker to redirect users to any desired URL address.

The vulnerability of the Application-Layer Protocol Negotiation ALPN component in Mozilla Firefox, Firefox ESR, and Thunderbird email clients, including Thunderbird ESR, is related to the redirection of URLs to unreliable websites. Exploiting this vulnerability allows a malicious actor to redirec...

The vulnerability of the are_stream_backends_same() function in the drivers/gpu/drm/amd/display/dc/core/dc_resource.c file of the Linux kernel allows a attacker to cause a service failure.

The vulnerability of the arestreambackendssame function in the drivers/gpu/drm/amd/display/dc/core/dcresource.c file of the Linux kernel is related to the pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the ocfs2_set_buffer_uptodate() function in the cluster file system OCFS2 in Linux kernels allows a attacker to cause a service failure.

The vulnerability of the ocfs2setbufferuptodate function in the OCFS2 cluster file system of Linux operating systems is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerabilities of the functions adp5589_keypad_add() and adp5589_probe() in the ADP5589 driver (drivers/input/keyboard/adp5589-keys.c) in the Linux kernel allow a hacker to induce a service failure.

The vulnerability of the adp5589keypadadd and adp5589probe functions in the ADP5589 driver drivers/input/keyboard/adp5589-keys.c in the Linux kernel is related to the use of pointers. Exploiting this vulnerability could allow an attacker to cause a system failure...

The vulnerability of the `bnxt_qplib_alloc_init_hwq()` function in the drivers/infiniband/hw/bnxt_re/qplib_res.c module of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the bnxtqpliballocinithwq function in the drivers/infiniband/hw/bnxtre/qplibres.c module of the Linux kernel is related to code errors. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected informati...

The vulnerability of the dtInsert() function in the file system of the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the dtInsert function in the Linux operating system’s JFS file system is related to pointer manipulation. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the can_resize() function in the drivers/md/dm-cache-target.c module of the Linux kernel allows an attacker to compromise the confidentiality and accessibility of protected information.

The vulnerability of the canresize function in the drivers/md/dm-cache-target.c file of the Linux kernel is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility of the protected information...

The vulnerability of the `sc16is7xx_set_baud()` function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the sc16is7xxsetbaud function in the Linux operating system is related to deficiencies in the segmentation of the system’s controlled areas. Exploiting this vulnerability could allow an attacker to trigger a service failure...

The vulnerability of the amdgpudebugfs regs_smc_read() function in the drivers/gpu/drm/amd/amdgpu/amdgpudebugfs.c module of the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the amdgpudebugfs regssmcread function in the drivers/gpu/drm/amd/amdgpu/amdgpudebugfs.c module of the Linux operating system is related to the copying of buffers without checking the size of the input data a classic buffer overflow attack. Exploiting this vulnerability could...

The vulnerability of the Dell PowerScale OneFS operating system, related to uncontrolled resource consumption, allows a intruder to trigger a service failure.

The vulnerability of the Dell PowerScale OneFS operating system is related to an uncontrolled consumption of resources. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...

The vulnerability of the VMware Aria Automation (formerly vRealize Automation) automation software and the VMware Cloud Foundation virtualization platform, related to insufficient validation of incoming requests, allows a attacker to perform an SSRF attack.

The vulnerability of the VMware Aria Automation formerly vRealize Automation and VMware Cloud Foundation virtualization platform lies in the insufficient verification of incoming requests. Exploiting this vulnerability allows a malicious actor to execute an SSRF attack by sending a specially...

The vulnerability of the Substance 3D Sampler software for creating textures and materials for 3D models lies in the ability to write data beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Substance 3D Sampler software for creating textures and materials for 3D models lies in the writing of data beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

The vulnerability of Siemens Teamcenter Visualization’s lifecycle management system and Siemens Tecnomatix Plant Simulation’s software environment for modeling systems and processes lies in the reading of data beyond the buffer in memory. This allows attackers to execute arbitrary code.

The vulnerability of Siemens Teamcenter Visualization’s lifecycle management system and Siemens Tecnomatix Plant Simulation’s simulation software environment is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to execute arbitrary...

The vulnerability of the Web Intelligence component of the SAP BusinessObjects Business Intelligence platform allows attackers to perform cross-site scripting attacks.

The vulnerability of the Web Intelligence component of the SAP BusinessObjects Business Intelligence platform exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of the preempt_fence_work_func() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the preemptfenceworkfunc function in the Linux operating system’s kernel is related to insufficient resource locking. Exploiting this vulnerability can allow an attacker to trigger a service failure...

The vulnerability of the Inventory module in the GLPI system, which handles requests, incidents, and inventory management of computer equipment, allows a perpetrator to execute arbitrary codes.

The vulnerability of the Inventory module in the GLPI system, which handles requests, incidents, and inventory management of computer equipment, involves unlimited loading of dangerous files. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the HTTP protocol implementation in Bitdefender BOX 1 devices allows a perpetrator to carry out a “man-in-the-middle” type attack.

The vulnerability of the HTTP protocol implementation in Bitdefender BOX 1 devices for device protection involves the transmission of credentials in an unencrypted form. Exploiting this vulnerability allows a remote attacker to execute a “man-in-the-middle” type attack...

The vulnerability in the software web interface of the UserGate Next-Generation Firewall (NGFW), the unified management center UserGate Management Center (UGMC), the log collection system UserGate Log Analyzer (LogAn), and the event tracking and analysis tool UserGate Security Information and Event Management (SIEM) allows a perpetrator to execute arbitrary commands at the OS level.

The vulnerability of the software-based network firewall UserGate Next-Generation Firewall NGFW, the unified management center UserGate Management Center UGMC, the log collection system UserGate Log Analyzer LogAn, and the event tracking and analysis tool UserGate Security Information and Event...

The vulnerability of the _request_firmware() function in the drivers/base/firmware_loader/main.c kernel of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the requestfirmware function in the drivers/base/firmwareloader/main.c kernel of the Linux operating system is related to an incorrect limitation on the path name to the restricted-access directory. Exploiting this vulnerability could allow an attacker to compromise the...

Vulnerability of the functions calculate_ttu_cursor(), calculate_ttu_cursor() in Linux operating system kernels, allowing attackers to cause service failures

The vulnerability of the calculatettucursor functions in Linux kernel code is related to the lack of checks for division by zero. Exploiting this vulnerability could allow an attacker to trigger a system failure...

Vulnerability of the functions get_ext_path(), ext4_find_extent(), and ext4_split_extent_at() in the Linux operating system’s kernel, allowing a hacker to cause a service failure

The vulnerability of the functions getextpath, ext4findextent, and ext4splitextentat in the Linux operating system is related to the lack of memory release after the effective lifespan of these functions has ended. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the acpi_device_setup_files() function in the drivers/acpi/device_sysfs.c file of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the acpidevicesetupfiles function in the drivers/acpi/devicesysfs.c file of the Linux kernel relates to access to resources through incompatible types. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...