74701 matches found
The vulnerability of the ila_add_mapping() function in the net/ipv6/ila/ila_xlat.c module of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the ilaaddmapping function in the net/ipv6/ila/ilaxlat.c module of the Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protect...
The vulnerability of the nested_get_evmcs_page() function in the arch/x86/kvm/vmx/nested.c module of the virtualization subsystem on the Linux operating system’s x86 kernel platform allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the nestedgetevmcspage function in the arch/x86/kvm/vmx/nested.c module of the virtualization subsystem on the Linux operating system’s x86 kernel platform is related to incorrect input validation. Exploiting this vulnerability could allow an attacker to compromise the...
The vulnerability of the cpu_power_to_freq() function in the drivers/thermal/cpufreq_cooling.c module of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the cpupowertofreq function in the drivers/thermal/cpufreqcooling.c module of the Linux kernel is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a system failure...
Vulnerability of the lm3554_probe() function in the drivers/staging/media/atomisp/i2c/atomisp-lm3554.c module – A driver for supporting Intel Atom-based devices in the Linux operating system, which allows an attacker to gain access to protected information.
Vulnerability of the lm3554probe function in the drivers/staging/media/atomisp/i2c/atomisp-lm3554.c module – The driver for Intel Atom-based devices in the Linux operating system is vulnerable to a memory leak before the last reference is freed. Exploiting this vulnerability could allow an attack...
The vulnerability of the Fortinet FortiNAC access control device lies in the lack of measures taken at the management level to protect data. This allows attackers to copy local device files into local directories.
The vulnerability of the Fortinet FortiNAC network access control device is related to the lack of measures taken to protect data at the management level. Exploiting this vulnerability allows a malicious actor to copy device local files into local directories by connecting to the tcp/5555 port...
The vulnerability of the dcn35_notify_host_router_bw() function in the drivers/gpu/drm/amd/display/dc/clk_mgr/dcn35/dcn35_clk_mgr.c file of the Linux kernel allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the dcn35notifyhostrouterbw function in the drivers/gpu/drm/amd/display/dc/clkmgr/dcn35/dcn35clkmgr.c module of the Linux kernel is related to buffer overflow attacks. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
The vulnerability of the adv7511_probe() function in the drivers/gpu/drm/bridge/adv7511/adv7511_drv.c kernel module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the adv7511probe function in the drivers/gpu/drm/bridge/adv7511/adv7511drv.c kernel module of the Linux operating system is related to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...
The vulnerability of the paravirt_patch_default() function in the arch/x86/kernel/paravirt.c module on the x86 kernel of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the paravirtpatchdefault function in the arch/x86/kernel/paravirt.c module on the x86 kernel of the Linux operating system is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a perpetrator to compromise the confidentiality, integrity,...
Vulnerability of the devm_spi_alloc_master() function in the drivers/spi/spi.c module – The Linux kernel’s SPI device driver support allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
Vulnerability of the devmspiallocmaster function in the drivers/spi/spi.c module – The Linux kernel’s SPI device driver relies on the reclamation of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...
The vulnerability of the i2c_imx_xfer() function in the drivers/i2c/busses/i2c-imx.c module of the Linux kernel allows a hacker to gain access to protected information.
The vulnerability of the i2cimxxfer function in the drivers/i2c/busses/i2c-imx.c file of the Linux kernel is related to security configuration errors. Exploiting this vulnerability could allow an attacker to access protected information...
Vulnerability of the atomisp_alloc_css_stat_bufs() function in the drivers/staging/media/atomisp/pci/atomisp_ioctl.c module – This driver for Intel Atom-core devices in the Linux operating system allows a hacker to trigger a service failure.
Vulnerability of the atomispalloccssstatbufs function in the drivers/staging/media/atomisp/pci/atomispioctl.c module – The driver for Intel Atom-based devices in the Linux operating system is vulnerable to a vulnerability where memory previously released is re-released. Exploiting this...
The vulnerability of the FortiClient for MAC installer allows a perpetrator to execute arbitrary commands.
The vulnerability of the FortiClient for MAC installer is related to improper external management of the file name or path to the /tmp directory. Exploiting this vulnerability allows an attacker to execute arbitrary commands...
Vulnerability of the mhi_queue() function in the drivers/bus/mhi/core/main.c module – The MHI bus driver in the Linux kernel allows a hacker to cause a service failure.
Vulnerability of the mhiqueue function in the drivers/bus/mhi/core/main.c module – The MHI driver in the Linux kernel is vulnerable due to the repeated use of previously freed memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the xiic_xfer() function in the drivers/i2c/busses/i2c-xiic.c file of the Linux operating system allows a hacker to gain access to protected information.
The vulnerability of the xiicxfer function in the drivers/i2c/busses/i2c-xiic.c file of the Linux operating system’s kernel is related to security configuration errors. Exploiting this vulnerability could allow an attacker to gain access to protected information...
Vulnerability of the efx_set_channels() function in the drivers/net/ethernet/sfc/efx_channels.c module – a driver for supporting Ethernet network adapters in the Linux kernel, which allows an attacker to cause a service failure.
Vulnerability of the efxsetchannels function in the drivers/net/ethernet/sfc/efxchannels.c module – The Linux kernel’s Ethernet network adapter support driver is vulnerable due to the use of a NULL pointer dereferencing. Exploiting this vulnerability could allow an attacker to cause a system...
The vulnerability of the ext4handle_error() function in the fs/ext4/super.c module of the Linux file system support module allows a hacker to trigger a service failure.
The vulnerability of the ext4handleerror function in the fs/ext4/super.c module of the Linux file system support module is related to incorrect validation of input data. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the tpm_read_log_efi() function in the drivers/char/tpm/eventlog/efi.c kernel module of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the tpmreadlogefi function in the drivers/char/tpm/eventlog/efi.c kernel module of the Linux operating system is related to a numerical overflow or cyclic shift. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the CI Lint API component of the software platform based on git for collaborative code development in GitLab allows a attacker to perform an SSRF attack.
The vulnerability of the CI Lint API component of the software platform based on Git for collaborative code development on GitLab is related to insufficient testing of server-side requests. Exploiting this vulnerability allows a malicious actor to perform an SSRF attack remotely...
The vulnerability of the kprobe_fault_handler() function in the arch/riscv/kernel/probes/kprobes.c file of the module for the Linux operating system’s RISC-V architecture-based kernel, allows a hacker to trigger a service failure.
The vulnerability of the kprobefaulthandler function in the arch/riscv/kernel/probes/kprobes.c file of the module for the Linux operating system’s RISC-V architecture-based kernel involves incorrect input validation. Exploiting this vulnerability could allow an attacker to trigger a service failu...
The vulnerability of the JIT-compiler used by Mozilla Firefox, Firefox ESR, and the email client Thunderbird allows a hacker to execute arbitrary code.
The vulnerability of the JIT-compiler used by Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to type mixing errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Mozilla Firefox browser and the Thunderbird email client involves a buffer overflow in dynamic memory, allowing an attacker to execute arbitrary code.
The vulnerability of the Mozilla Firefox browser and the Thunderbird email client is related to overflowing buffers in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the String.toUpperCase() function in Mozilla Firefox and the Thunderbird email client allows a hacker to execute arbitrary code.
The vulnerability of the String.toUpperCase function in Mozilla Firefox and the Thunderbird email client is related to access to an uninitialized pointer. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to reading beyond the buffer in memory, allows a perpetrator to execute arbitrary code.
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment related to buffer overflow attacks involves reading data beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to execute...
The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation, related to the use of files and directories accessible to external parties, allows a perpetrator to delete or modify any files they desire.
The vulnerability of the software environment for simulation modeling of systems and processes in Siemens Tecnomatix Plant Simulation lies in the use of files and directories accessible to external parties. Exploiting this vulnerability could allow attackers to delete or modify any arbitrary file...
The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software lies in the incorrect limitation of the path name in the restricted access catalog, allowing attackers to read and write arbitrary files.
The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software is related to an incorrect limitation on the name of the path to the restricted-access catalog. Exploiting this vulnerability allows a malicious actor to read and write arbitrary files remotely...
The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software lies in the lack of measures to neutralize special elements, allowing attackers to execute arbitrary code.
The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the command-line interface of SiPass IP access controllers allows attackers to execute arbitrary commands and gain unauthorized access to protected information.
The vulnerability of the command-line interface of SiPass IP access controllers is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary commands and gain unauthorized access to protected information...
The vulnerability of the Git-based software platform for collaborative code development in GitLab EE/CE lies in the shortcomings of the error reporting mechanism, which allows attackers to disclose protected information.
The vulnerability of the Git-based software platform for collaborative code development in GitLab EE/CE is related to deficiencies in the error reporting mechanism. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information that should be protected...
The vulnerability of Siemens Industrial Edge Management’s centralized control platform for industrial peripheral applications and devices lies in the lack of protective measures for the website structure. This allows attackers to carry out cross-site scripting attacks.
The vulnerability of the platform for centralized management of industrial peripheral applications and Siemens Industrial Edge Management devices is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site...
The vulnerability of the C-more Programming Software for programming and configuring sensor panels (EA9 Series) lies in buffer overflows in the stack, allowing an attacker to execute arbitrary code.
The vulnerability of the C-more Programming Software for programming and configuring sensor panels EA9 Series is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to execute arbitrary code using specially created EAP9 format files...
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the writing beyond buffer boundaries in memory. This allows a malicious actor to execute arbitrary code.
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment related to simulation modeling of systems and processes lies in the writing of data beyond buffer boundaries in memory. Exploiting this vulnerability coul...
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the execution of operations beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software lies in the lack of measures to neutralize special elements, allowing attackers to execute arbitrary code.
The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software lies in the lack of measures to neutralize special elements, allowing attackers to execute arbitrary code.
The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Vulnerability of the efx_farch_handle_txFlushDone() function in the drivers/net/ethernet/sfc/farch.c module – A driver for supporting Ethernet network adapters in the Linux kernel, which allows a hacker to cause a service failure.
Vulnerability of the efxfarchhandletxFlushDone function in the drivers/net/ethernet/sfc/farch.c module – The Linux kernel’s Ethernet network adapter support driver is vulnerable due to the use of a NULL pointer dereferencing. Exploiting this vulnerability could allow an attacker to cause a system...
The vulnerability of Remote Desktop Services (RDS) for Windows operating systems allows a hacker to execute arbitrary code.
The vulnerability of Remote Desktop Services RDS for Windows operating systems is related to the use of unsafe mechanisms for processing authentication data in the operating system’s memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the Mozilla Firefox Focus browser, related to access control errors, allows attackers to bypass existing security restrictions.
The vulnerability of the Mozilla Firefox Focus browser is related to access control errors. Exploiting this vulnerability can allow a remote attacker to bypass existing security restrictions...
The vulnerability of the C-more Programming Software for programming and configuring sensor panels (EA9 Series) lies in buffer overflows in the stack, allowing an attacker to execute arbitrary code.
The vulnerability of the C-more Programming Software for programming and configuring sensor panels EA9 Series is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to execute arbitrary code using specially created EAP9 format files...
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the execution of operations beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
Vulnerability of the efx_farch_handle_tx_event() function in the drivers/net/ethernet/sfc/farch.c module – a driver for supporting Ethernet network adapters in the Linux kernel, which allows an attacker to cause a service failure.
Vulnerability of the efxfarchhandletxevent function in the drivers/net/ethernet/sfc/farch.c module – The Linux kernel’s Ethernet network adapter support driver is vulnerable due to the use of a NULL pointer dereferencing. Exploiting this vulnerability could allow an attacker to cause a system...
The vulnerability of the io_uring_del_task_file() function in the fs/io_uring.c module of the Linux kernel’s file system support module allows a attacker to cause a service failure.
The vulnerability of the iouringdeltaskfile function in the fs/iouring.c module of the Linux kernel’s file system support module is related to incorrect input validation. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the execution of operations beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to reading beyond the buffer in memory, allows a perpetrator to execute arbitrary code.
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment related to buffer overflow attacks involves reading data beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to execute...
The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation, related to the use of files and directories accessible to external parties, allows a perpetrator to delete or modify any files they desire.
The vulnerability of the software environment for simulation modeling of systems and processes in Siemens Tecnomatix Plant Simulation lies in the use of files and directories accessible to external parties. Exploiting this vulnerability could allow attackers to delete or modify any arbitrary file...
The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software lies in the lack of measures taken to neutralize specific elements, allowing attackers to influence the integrity, confidentiality, and accessibility of protected information.
The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software exists due to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability can allow a remote attacker to compromise the integrity, confidentiality, and accessibility of the...
The vulnerability of the EFI loader in microprogrammed software for SIMATIC IPC devices, SIMATIC PC tablets, and SIMATIC Field PG notebooks allows a perpetrator to influence the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the EFI loader in microprogrammed software for SIMATIC IPC devices, SIMATIC PC tablets, and SIMATIC Field PG notebooks is related to the breach of data protection mechanisms. Exploiting this vulnerability could allow attackers to compromise the confidentiality, integrity, and...
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the use of memory after it is released, allows a perpetrator to execute arbitrary code.
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment related to simulation modeling of systems and processes involves the use of memory after it is released. Exploiting this vulnerability could allow an...
The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software lies in the incorrect limitation of the path name in the restricted access catalog, allowing attackers to read and write arbitrary files.
The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software is related to an incorrect limitation on the name of the path to the restricted-access catalog. Exploiting this vulnerability allows a malicious actor to read and write arbitrary files remotely...
The vulnerability of the microprogrammed software of industrial routers SCALANCE M-800 and industrial switches SCALANCE SC-600, related to partial comparison, allows a intruder to influence the integrity of the protected information.
The vulnerability of the microprogrammed software of industrial routers SCALANCE M-800 and industrial switches SCALANCE SC-600 is related to a partial comparison. Exploiting this vulnerability could allow an attacker operating remotely to influence the integrity of the protected information...
The vulnerability of the Git-based software platform for collaborative code development in GitLab Enterprise Edition, related to the lack of measures taken to clean up data at the management level, allows a perpetrator to introduce arbitrary code.
The vulnerability of the Git-based software platform for collaborative code development in GitLab Enterprise Edition is related to the lack of measures taken to clean up data at the management level. Exploiting this vulnerability allows a perpetrator to introduce arbitrary code...