90604 matches found
The vulnerabilities of the functions cifs_abort_connection() and generic_ip_connect() in the Linux operating system allow a hacker to cause a service failure.
The vulnerability of the cifsabortconnection and genericipconnect functions in the Linux kernel is related to the lack of memory release after the effective lifespan of these functions has ended. Exploiting this vulnerability could allow a remote attacker to cause service failures...
The vulnerability of the sun50i_cpufreq_get_efuse() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the sun50icpufreqgetefuse function in the Linux operating system is related to reading data beyond the allowed range of memory. Exploiting this vulnerability can allow an attacker to cause a system failure...
The vulnerability of Juniper Networks Junos OS Evolved, a system for detecting anomalies in operating systems, allows a hacker to execute arbitrary code with root privileges.
The vulnerability of the Juniper Networks Junos OS Evolved system for detecting anomalies is related to the improper assignment of permissions to critical resources. Exploiting this vulnerability allows a remote attacker to execute arbitrary code with root privileges by sending specially crafted...
The vulnerability of the PT NGFW network firewall, related to the lack of access control, allows a intruder to gain unauthorized access to MinIO backup copies.
The vulnerability of the PT NGFW network firewall is related to the lack of access control. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to MinIO’s backup copies...
The vulnerability of the sub_420618 function in the /goform/set_upnp file of D-link DIR-823X microprogramming routers allows a hacker to execute arbitrary commands.
The vulnerability of the sub420618 function in the /goform/setupnp function of the D-link DIR-823X microprogramming router software is related to the failure to take measures to neutralize special elements during the processing of the upnpenable parameter. Exploiting this vulnerability allows a...
The vulnerability of the `rt2x00libremove_hw()` function in the `drivers/net/wireless/ralink/rt2x00/rt2x00dev.c` file of the Ralink wireless adapter driver in the Linux operating system’s kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the rt2x00libremovehw function in the drivers/net/wireless/ralink/rt2x00/rt2x00dev.c file of the Ralink wireless adapter driver in the Linux operating system kernel is related to improper memory release. Exploiting this vulnerability could allow an attacker to compromise the...
The vulnerability of embedded software developed by Qualcomm, related to integer overflow when processing the parameter al__cpLocation, allows attackers to escalate their privileges.
The vulnerability of embedded Qualcomm software is related to a numerical overflow when processing the parameter alcpLocation. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the adv_firewall.php script implemented by the DMZ Host Feature component of the D-Link DIR-615 router microsystem allows a hacker to execute arbitrary code.
The vulnerability of the advfirewall.php implementation of the DMZ Host Feature component of the D-Link DIR-615 router microsystem lies in the failure to eliminate special elements used in the operating system’s command when processing the dmzipaddr parameter. Exploiting this vulnerability allows...
The vulnerability of the adv_routing.php implementation of the Web Configuration Interface component of the D-Link DIR-615 router software allows a hacker to execute arbitrary code.
The vulnerability of the advrouting.php implementation of the Web Configuration Interface component of the D-Link DIR-615 router microprogramming system is related to the failure to take measures to neutralize special elements used in the operating system’s command when processing the...
The vulnerability of the sub_420688 function (/goform/set_qos) in D-link DIR-823X router microprogramming software allows a hacker to execute arbitrary commands.
The vulnerability of the sub420688 /goform/setqos function in D-link DIR-823X router microprogramming software is related to the failure to take measures to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by sending specially craft...
The vulnerability of the ssdp.cgi file in D-Link DIR-600 B5 router microprogramming software allows a hacker to execute arbitrary commands.
The vulnerability of the ssdp.cgi file of the D-Link DIR-600 B5 router’s microprogramming system is related to insufficient checking of arguments passed in the command when processing the parameters HTTPST/REMOTEADDR/REMOTEPORT/SERVERID. Exploiting this vulnerability allows a remote attacker to...
The vulnerability of the sub_419920 (/boafrm/formLtefotaUpgradeQuectel) function in the DWR-M921 router microprogramming software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the sub419920 /boafrm/formLtefotaUpgradeQuectel function in the DWR-M921 router microprogramming software is related to the lack of data cleaning measures at the control level. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service failure...
The vulnerability in the embedded web server boa (/boafrm/formLtefotaUpgradeFibocom) of the DWR-M921 router’s microprogramming software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the embedded web server boa /boafrm/formLtefotaUpgradeFibocom of the DWR-M921 router software is related to the lack of data cleaning at the management level. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause a service failure when processing...
The vulnerability of the setAPNetwork function (/cgi-bin/cstecgi.cgi) in the TOTOLINK WA300 router software allows a hacker to execute arbitrary commands.
The vulnerability of the setAPNetwork /cgi-bin/cstecgi.cgi function in the TOTOLINK WA300 router software is related to the lack of measures to sanitize input data during the processing of the ipAddr parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the Production Environment module of the Netmake ScriptCase platform for developing web applications in PHP language allows a hacker to bypass the administrator password.
The vulnerability of the Production Environment module of the Netmake ScriptCase platform for developing web applications in PHP is related to errors in the representation of certain functions. Exploiting this vulnerability can allow a malicious actor to bypass the administrator’s password by...
The vulnerability of the Production Environment module of the Netmake ScriptCase platform for developing web applications in PHP language allows a hacker to bypass the administrator password.
The vulnerability of the Production Environment module of the Netmake ScriptCase platform for developing web applications in PHP is related to errors in the representation of certain functions. Exploiting this vulnerability can allow a malicious actor to bypass the administrator’s password by...
The vulnerability of the sub_446B18 function in the /goform/formPdbUpConfig file of the UTT 521G router’s microprogramming software, which allows a hacker to execute arbitrary commands.
The vulnerability of the sub446B18 function in the /goform/formPdbUpConfig file of the UTT 521G router microprogramming system is related to the failure to take measures to neutralize special elements used in the operating system’s command processing when handling the policyNames parameter...
The vulnerability of the goform/SetIpMacBind file in the Tenda TX3 router microprogramming software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the goform/SetIpMacBind function in the Tenda TX3 router microprogramming system lies in the fact that the operation’s output goes beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibili...
The vulnerability of the sub_4223E0 function (/goform/setMacFilterCfg) in the Tenda TX9 Pro router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the sub4223E0 function /goform/setMacFilterCfg in the Tenda TX9 Pro router software is related to the operation of writing data beyond the buffer in memory when processing the deviceList parameter. Exploiting this vulnerability allows an attacker to compromise the...
The vulnerability of the sub_432580 function (/goform/fastetting_wifi_set) in the microprogramming software for Tenda TX9 Pro allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the sub432580 /goform/fastsettingwifiset function in the microprogramming software for Tenda TX9 Pro relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and...
The vulnerability of the set_qosMib_list (/goform/formSetQosBand) function in the Tenda RX3 router software allows a attacker to trigger a service failure.
The vulnerability of the setqosMiblist /goform/formSetQosBand function in the Tenda RX3 router software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to cause service interruptions remotely...
The vulnerability of the formGetDdosDefenceList() function in the Tenda AC9 router’s microprogramming software allows a attacker to execute arbitrary code or cause a service failure.
The vulnerability of the formGetDdosDefenceList function in the Tenda AC9 router’s microprogramming software is related to the operation of writing data outside the buffer in memory when processing the security.ddos.map parameter. Exploiting this vulnerability allows a remote attacker to execute...
The vulnerability of the set_device_name function (/goform/setBlackRule) of the MAC Filtering Configuration Endpoint component in the Tenda RX3 microprogramming router software allows a violator to trigger a service failure.
The vulnerability of the setdevicename function /goform/setBlackRule of the MAC Filtering Configuration Endpoint component in the Tenda RX3 microprogramming router software lies in the copying of buffer data without checking the size of the input data during the processing of the devName/mac...
The vulnerability of the sprintf function in the microprogramming software for Tenda W20E routers allows a hacker to cause a service failure.
The vulnerability of the sprintf function goform/formDelWewifiPic in the microprogramming software for Tenda W20E routers stems from the operation that goes beyond the buffer boundaries in memory when processing the picName parameter. Exploiting this vulnerability can allow an attacker to cause...
The vulnerability of the addAuthUser function (goform/formAddWebAuthUse) in the Tenda W20E router software allows a hacker to execute arbitrary commands.
The vulnerability of the addAuthUser function goform/formAddWebAuthUse in the Tenda W20E router microprogramming system lies in the fact that the operation’s output escapes the buffer and is stored in the userInfo parameter’s memory. Exploiting this vulnerability allows a remote attacker to execu...
The vulnerability of the pPortMapIndex function (implemented in goform/formDelPortMapping) in the Tenda W20E router software allows a hacker to execute arbitrary commands.
The vulnerability of the pPortMapIndex function implemented in goform/formDelPortMapping of the Tenda W20E router software is related to the execution of operations outside the buffer in the parameter strcpy area of memory. Exploiting this vulnerability allows a remote attacker to execute arbitra...
The vulnerability of the addWewifiWhiteUser function (in the goform/formAddWewifiWhiteUser function) in the Tenda W20E router software allows a hacker to execute arbitrary commands.
The vulnerability of the addWewifiWhiteUser function in the goform/formAddWewifiWhiteUser function of the Tenda W20E router’s microprogramming software is related to the execution of operations outside the buffer in the userInfo parameter’s memory. Exploiting this vulnerability could allow a remo...
The vulnerability of the `pnfs_mark_layout_stateid_invalid()` function in the `fs/nfs/pnfs.c` module, which is part of the NFS client support in Linux kernel, allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the pnfsmarklayoutstateidinvalid function in the fs/nfs/pnfs.c module relates to errors during link counters updates in Linux kernel-based NFS client support. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and accessibility of...
The vulnerability of the qla2x00_create_host() function in the drivers/scsi/qla2xxx/qla_os.c driver module of the Linux SCSI device kernel allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the qla2x00createhost function in the drivers/scsi/qla2xxx/qlaos.c driver for Linux SCSI devices is related to the occurrence of operations outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
The vulnerability of the rxe_srq_from_attr() function in the drivers/infiniband/sw/rxe/rxe_srq.c file of the Linux operating system’s kernel driver InfiniBand allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the rxesrqfromattr function in the drivers/infiniband/sw/rxe/rxesrq.c file of the Linux operating system’s InfiniBand driver is related to the assignment of the NULL pointer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, a...
The vulnerability of the skb_segment() function in the net/core/skbuff.c module, which supports network functions of the Linux kernel, allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the skbgment function in the net/core/skbuff.c module, which supports networking functions of the Linux kernel, is related to the use of the NULL pointer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...
The vulnerability of the ath9k_hif_usb_rx_stream() function in the drivers/net/wireless/ath/ath9k/hif_usb.c file of the Atheros/Qualcomm wireless communication adapter driver for the Linux operating system allows a malicious actor to cause a service failure remotely.
The vulnerability of the ath9khifusbrxstream function in the drivers/net/wireless/ath/ath9k/hifusb.c module of the Atheros/Qualcomm wireless communication adapter driver in the Linux operating system is related to the failure to release resources after their useful life has ended. Exploiting this...
The vulnerability of the seqiv_aead_encrypt_complete2() function in the crypto/seqiv.c module of the Linux kernel’s cryptographic subsystem allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the seqivaeadencryptcomplete2 function in the crypto/seqiv.c module of the Linux kernel cryptographic subsystem is related to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
The vulnerability of the nlm_unlock_files() function in the fs/lockd/svcsubs.c module of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the nlmunlockfiles function in the fs/lockd/svcsubs.c module of the Linux kernel is related to improper initialization. Exploiting this vulnerability could allow an attacker to cause service failures...
The vulnerability of the msc313_rtc_probe() function in the drivers/rtc/rtc-msc313.c file of the Linux operating system’s Real Time Clock driver allows a hacker to cause a service failure.
The vulnerability of the msc313rtcprobe function in the drivers/rtc/rtc-msc313.c file of the Linux operating system’s Real Time Clock driver is related to the improper implementation of thread management. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the do_floppy_init() function in the drivers/block/floppy.c module of the Linux kernel’s block devices driver allows a attacker to cause a service failure.
The vulnerability of the dofloppyinit function in the drivers/block/floppy.c module of the Linux kernel’s block devices driver is related to improper memory release. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the tegra241cmdqv_init_structures() function in the drivers/iommu/arm/arm-smmu-v3/tegra241-cmdqv.c file of the Linux operating system’s IOMMU kernel driver allows a attacker to cause a service failure.
The vulnerability of the tegra241cmdqvinitstructures function in the drivers/iommu/arm/arm-smmu-v3/tegra241-cmdqv.c file of the Linux operating system’s IOMMU kernel is related to the distribution of resources without any restrictions or regulation. Exploiting this vulnerability could allow a...
The vulnerability of the sub_1BF84() function in D-Link DIR-868L router’s software allows a hacker to execute arbitrary code with system privileges.
The vulnerability of the sub1BF84 function in D-Link DIR-868L router microprogramming software is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code with system privileges by sending specially...
The vulnerability of the sub_4208A0 function (/goform/set_dmz) in the Configuration Handler component of the D-link DIR-823X microprogrammable router software allows a attacker to execute arbitrary commands.
The vulnerability of the sub4208A0 /goform/setdmz function in the Configuration Handler component of the D-link DIR-823X router microprogramming system is related to the failure to take measures to neutralize special elements during the processing of the dmzhost/dmzenable parameter. Exploiting th...
The vulnerability of the sub_4175CC function (/goform/set_static_route_table) in D-link DIR-823X router software allows a hacker to execute arbitrary commands.
The vulnerability of the sub4175CC function /goform/setstaticroutetable of the D-link DIR-823X router software is related to the failure to take measures to neutralize special elements during the processing of the parameter interface/destip/netmask/gateway/metric. Exploiting this vulnerability...
The vulnerability of the /goform/set_ac_status function in D-link DIR-823X router microprogramming software allows a hacker to execute arbitrary commands.
The vulnerability of the /goform/setacstatus function in D-link DIR-823X router microprogramming software is related to the failure to eliminate special elements during the processing of parameters acipaddr/acipstatus/aprandtime. Exploiting this vulnerability allows a remote attacker to execute...
The vulnerability of the set_jhttpd_info() function in D-Link DI-7100G C1 router microprogramming software allows a hacker to execute arbitrary commands.
The vulnerability of the setjhttpdinfo function in D-Link DI-7100G C1 router microprogramming software is related to the lack of measures taken to clean data at the control level when processing the usbusername parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary...
The vulnerability of the /goform/getHomePageInfo function in the microprogramming software for Pix-Link LV-WR21Q allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the /goform/getHomePageInfo function in the microprogramming software for Pix-Link LV-WR21Q routers is related to the absence of authentication for critical functions. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
The vulnerability of the sub_43F020 (/goform/formPdbUpConfig) function in the UTT HiPER 810 router software allows a hacker to execute arbitrary commands.
The vulnerability of the sub43F020 /goform/formPdbUpConfig function in the UTT HiPER 810 router microprogramming system is related to the lack of measures taken for data cleaning at the control level. Exploiting this vulnerability could allow a remote attacker to execute arbitrary commands...
The vulnerability of the EPSON Status Monitor 3 monitoring tool lies in the absence of quotation marks in the code for elements or search paths. This allows a malicious user to execute arbitrary code with system privileges.
The vulnerability of the EPSON Status Monitor 3 monitoring tool is related to the absence of quotation marks in the code for elements or search paths. Exploiting this vulnerability allows an attacker to execute arbitrary code with system privileges...
The vulnerability of the sub_42D03C (/goform/SetStaticRouteCfg) function in the Tenda TX9 Pro router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the sub42D03C /goform/SetStaticRouteCfg function in the Tenda TX9 Pro router software is related to the operation of writing data outside the buffer in memory when processing the deviceList parameter. Exploiting this vulnerability allows an attacker to compromise the...
The vulnerability of Realtek Andrea RT Filters software lies in the lack of quotation marks when writing elements or search paths. This allows a malicious actor to execute arbitrary code with system privileges.
The vulnerability of the Realtek Andrea RT Filters software is related to the absence of quotation marks in the code for elements or search paths. Exploiting this vulnerability allows an attacker to execute arbitrary code with system privileges...
The vulnerability of the /goform/fast_setting_wifi_set file in the microprogramming software for Tenda RX3 routers allows a hacker to cause a service failure.
The vulnerability of the /goform/fastsettingwifiset function in the microprogramming software for Tenda RX3 routers lies in the copying of buffers without checking the size of the input data during the processing of the ssid5g parameter. Exploiting this vulnerability could allow an attacker to...
The vulnerability of the goform/SetIpMacBind file in the Tenda RX3 router microprogramming software allows a hacker to cause a service failure.
The vulnerability of the /goform/openSchedWifi file in the microprogramming software for Tenda RX3 routers stems from the copying of buffers without checking the size of the input data during the processing of the schedStartTime/schedEndTime parameters. Exploiting this vulnerability could allow a...
The vulnerability of the fromSetIpMacBind function (/goform/SetIpMacBind) in the Tenda RX3 router software allows a attacker to cause a service failure.
The vulnerability of the fromSetIpMacBind function /goform/SetIpMacBind in the Tenda RX3 router software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to cause a service failure remotely...