74701 matches found
The vulnerability of the adjust_ptr_min_max_vals() function in the kernel/bpf/verifier.c module, which is part of the BPF interpreter support in the Linux operating system’s kernel, allows attackers to compromise the confidentiality and accessibility of protected information.
The vulnerability of the adjustptrminmaxvals function in the kernel/bpf/verifier.c module, which is part of the BPF interpreter for Linux operating systems, is related to incorrect validation of input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality an...
The vulnerability of the idx_to_offset() function in the tools/power/x86/turbostat/turbostat.c module of the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the idxtooffset function in the tools/power/x86/turbostat/turbostat.c module of the Linux operating system is related to integer overflow or cyclic shift vulnerabilities. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
Vulnerability of the function bt1_rom_map_copy_from(), located in the driver/mtd/maps/physmap-bt1-rom.c module. This driver provides support for accessing memory devices in Linux kernels, which can be exploited by attackers to compromise confidentiality.
The vulnerability of the bt1rommapcopyfrom function in the drivers/mtd/maps/physmap-bt1-rom.c module – the driver for accessing memory devices in Linux kernels – involves reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise confidentiality...
The vulnerability of the ila_add_mapping() function in the net/ipv6/ila/ila_xlat.c module of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the ilaaddmapping function in the net/ipv6/ila/ilaxlat.c module of the Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protect...
Vulnerability of the mtk_drm_bind() function in the drivers/gpu/drm/mediatek/mtk_drm_drv.c module – This driver provides support for Direct Rendering Infrastructure (DRI) in Mediatek graphics cards in Linux operating systems. It allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
Vulnerability of the mtkdrmbind function in the drivers/gpu/drm/mediatek/mtkdrmdrv.c module – The DRI driver for Mediatek graphics cards in Linux operating systems relies on the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the...
The vulnerability of the default_operstate() function in the net/core/link_watch.c module exposes the support for network functions in the Linux kernel. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the defaultoperstate function in the net/core/linkwatch.c module related to the support for kernel network functions in the Linux operating system is associated with the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to...
The vulnerability of the OData protocol implementation in the SAP Fiori for SAP ERP business application platform allows a attacker to perform a cache poisoning attack or intercept sessions.
The vulnerability of the OData protocol implementation in SAP Fiori for SAP ERP business application development platforms is related to deficiencies in handling HTTP header requests. Exploiting this vulnerability allows a malicious actor to perform a cache poisoning attack or intercept sessions ...
The vulnerability of video surveillance cameras for monitoring and surveillance systems, including IntelBras IP cameras, allows a intruder to gain unauthorized access to devices and protected information.
The vulnerability of video surveillance cameras for monitoring and surveillance systems related to incorrect restrictions on the path name to the restricted catalog. Exploiting this vulnerability can allow an intruder to gain unauthorized access to devices and protected information...
The vulnerability of Remote Desktop Services (RDS) for Windows operating systems allows a hacker to execute arbitrary code.
The vulnerability of Remote Desktop Services RDS for Windows operating systems is related to the use of unsafe mechanisms for processing authentication data in the operating system’s memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the microprogramming software on Intel Server Board M50FCP and Intel Server Board D50DNP, related to an error in handling exceptional states, allows a perpetrator to trigger a service failure.
The vulnerability of the microprogramming software on Intel Server Board M50FCP and Intel Server Board D50DNP is related to an error in handling exceptional states. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...
The vulnerability of the corporate messaging system ROSSAT, related to insufficient protection of operational data, allows a perpetrator to gain unauthorized access to read, modify, or delete data.
The vulnerability of the corporate messaging system ROSSAT is related to insufficient protection of operational data. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to read, modify, or delete data by sending a specially crafted GET request...
The vulnerability of the cmd/go component of the GOAUTH function in the Golang programming language library allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the cmd/go function GOAUTH in the Golang programming language library is related to insufficient protection for registration data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
Vulnerability of the rxe_dealloc() function in the drivers/infiniband/sw/rxe/rxe.c module – The InfiniBand kernel support driver for the Linux operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
Vulnerability of the rxedealloc function in the drivers/infiniband/sw/rxe/rxe.c module – The Linux kernel’s InfiniBand support driver is vulnerable due to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrit...
The vulnerability of the fromAdvSetMacMtuWan() function in the Tenda AC9 router’s software allows a hacker to execute arbitrary code or cause service failures.
The vulnerability of the fromAdvSetMacMtuWan function in the Tenda AC9 router’s microprogramming software is related to the buffer overflow attack when processing the wanMTU parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause service failures...
The vulnerability of the Vnet/IP SCADA system of Yokogawa CENTUM VP allows a intruder to execute arbitrary code and trigger a maintenance failure.
The vulnerability of the Vnet/IP SCADA system of Yokogawa CENTUM VP is related to a countable loss of significance. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands and cause service failures by sending specially crafted packets...
The vulnerability of the routing protocol BGP implementation in Cisco IOS XR allows a attacker to cause a service failure.
The vulnerability of the BGP routing protocol implementation in Cisco IOS XR operating systems lies in the fact that the operation data is written outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to cause service failures by sending specially crafted BGP reques...
The vulnerability of the Adobe Substance 3D Modeler software for 3D modeling lies in buffer overflows in dynamic memory, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Substance 3D Modeler software for 3D modeling is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the `block_type_get_arity` function in the `core/iwasm/interpreter/wasm.h` file in the execution environment for WebAssembly applications, such as WebAssembly Micro Runtime (WAMR), allows a malicious actor to cause a service failure.
The vulnerability of the blocktypegetarity function in the core/iwasm/interpreter/wasm.h file, within the WebAssembly environment for WebAssembly Micro Runtime applications WAMR, involves reading beyond the permitted range of memory. Exploiting this vulnerability could allow a malicious actor to...
The vulnerability of the Fluent Bit logging collection and processing tool, related to the swapping of the zero pointer, allows a malicious actor to trigger a service failure.
The vulnerability of the Fluent Bit logging and processing tool is related to the assignment of the zero pointer. Exploiting this vulnerability can allow a malicious actor to cause a service failure through a specially crafted HTTP request...
The vulnerability of the /admin/article.php file of the Subpage Handler component of the Emlog Pro CMS system allows attackers to execute XSS attacks.
The vulnerability of the /admin/article.php file of the Subpage Handler component of the Emlog Pro CMS system relates to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks...
The vulnerability of the USB Video Class Driver (UVC) on Windows operating systems allows a hacker to execute arbitrary code.
The vulnerability of the USB Video Class Driver UVC on Windows operating systems is related to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially crafted file...
The vulnerability of the Windows RRAS operating system’s routing and remote access service allows a hacker to execute arbitrary code.
The vulnerability of the Windows RRAS operating system’s routing and remote access service is related to buffer overflow attacks. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of microprogrammed software for Intel processors, related to access privilege violations, allows attackers to enhance their privileges.
The vulnerabilities of microprogrammed software in Intel processors are related to access control errors. Exploiting these vulnerabilities can allow attackers to enhance their privileges...
The vulnerability of the Git-based software platform for collaborative code development on GitLab EE/CE lies in the use of incorrect authentication tokens due to unlimited resource distribution. This allows a hacker to cause service failures.
The vulnerability of the Git-based software platform for collaborative code development in GitLab EE/CE stems from the use of incorrect authentication tokens due to unlimited resource distribution. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the Git-based software platform for collaborative code development on GitLab EE/CE arises from the lack of measures taken to protect the structure of web pages. This allows attackers to carry out XSS attacks.
The vulnerability of the Git-based software platform for collaborative code development in GitLab EE/CE is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
The vulnerability of UEFI microprogramming systems in Intel processors allows attackers to enhance their privileges.
The vulnerability of UEFI microprogramming systems of Intel processors is related to deficiencies in input data validation. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the Substance 3D Painter software for creating textures and materials for 3D models allows a hacker to execute arbitrary code by reading data beyond the buffer in memory.
The vulnerability of the Substance 3D Painter software for creating textures and materials for 3D models involves reading data beyond the buffer limit in memory. Exploiting this vulnerability allows a hacker to execute arbitrary code using a specially created malicious file...
The vulnerability of component mp42aac in the AP4_BitReader::ReadBits function of the ISO-MP4 Bento4 reading and writing library, which allows a malicious actor to cause a service failure.
The vulnerability of component mp42aac in the AP4BitReader::ReadBits function of the ISO-MP4 Bento4 reading and writing library is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the `createInDir` function in the Golang library allows attackers to escalate their privileges and gain unauthorized access to protected information.
The vulnerability of the createInDir function in the Golang library related to link handling errors. Exploiting this vulnerability can allow attackers to enhance their privileges and gain unauthorized access to protected information...
The vulnerability of the Tittle parameter in the Events/Agenda module of the Dolibarr system, which is used for resource planning and managing relationships with customers, allows attackers to carry out XSS attacks.
The vulnerability of the Tittle parameter in the Events/Agenda module of the Dolibarr system, which is used for resource planning and managing relationships with customers, relates to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious act...
The vulnerability of the sh7760fb_alloc_mem function in the drivers/video/fbdev/sh7760fb.c driver of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the sh7760fballocmem function in the drivers/video/fbdev/sh7760fb.c driver of the fbdev kernel of the Linux operating system is related to improper memory release before deleting the last reference „memory leak“. Exploiting this vulnerability could allow an attacker to cause ...
The vulnerability of the Apache NiFi data processing platform, related to the leakage of user names and passwords, allows attackers to gain unauthorized access to protected information.
The vulnerability of the Apache NiFi data processing platform lies in the leakage of the user’s name and password during connection to the MongoDB database. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the FortiNAC-F network access control mechanism, related to errors in the certificate validation process, allows a perpetrator to execute a type of “man-in-the-middle” attack.
The vulnerability of the FortiNAC-F network access control mechanism is related to errors in the certificate validation process. Exploiting this vulnerability could allow a remote attacker to execute a “man-in-the-middle” attack...
The vulnerability of the IBM Security QRadar EDR endpoint protection mechanism, related to the unencrypted storage of critical information, allows attackers to gain unauthorized access to the protected data.
The vulnerability of the IBM Security QRadar EDR endpoint protection mechanism lies in the unencrypted storage of critical information. Exploiting this vulnerability could allow attackers to gain unauthorized access to the protected data...
The vulnerability of the SAML SSO library in Ruby SAML and the Git-based software platform for collaborative code development on GitLab CE/EE allows a perpetrator to bypass authentication.
The vulnerability of the SAML SSO library in Ruby SAML and the Git-based software platform for collaborative code development on GitLab CE/EE is related to errors in cryptographic signature verification. Exploiting this vulnerability could allow an attacker to bypass authentication processes...
The vulnerabilities of the functions php_libxml_input_buffer_create_filename() and php_libxml_sniff_charset_from_stream() in the PHP interpreter allow a hacker to redirect users to any desired URL address.
The vulnerabilities of the functions phplibxmlinputbuffercreatefilename and phplibxmlsniffcharsetfromstream in the PHP interpreter are related to the use of open redirection. Exploiting these vulnerabilities could allow a malicious actor to redirect users to any desired URL address...
The vulnerability of the Windows File Explorer driver on Windows operating systems, allowing attackers to disclose protected information
The vulnerability of the Windows File Explorer in Windows operating systems is related to the disclosure of information. Exploiting this vulnerability can allow a remote attacker to disclose protected information...
The vulnerability of Acronis Cyber Protect Cloud Agent lies in its use of an insecure search path, which allows attackers to escalate their privileges.
The vulnerability of Acronis Cyber Protect Cloud Agent is related to the use of an insecure search path. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created DLL...
The vulnerability of the io_sq_thread() function in the io_uring/sqpoll.c module of the Linux kernel’s asynchronous input/output interface allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the iosqthread function in the iouring/sqpoll.c module, a component of the Linux kernel’s asynchronous input/output interface, is related to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...
The vulnerability of the nfs_local_read_done() function in the fs/nfs/localio.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the nfslocalreaddone function in the fs/nfs/localio.c module of the Linux kernel is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...
The vulnerability in the GraphQL library for Ruby and the git-based software platform for collaborative code development on GitLab CE/EE arises from improper code generation management. This vulnerability allows a perpetrator to execute arbitrary code.
The vulnerability of the GraphQL library for Ruby and the git-based software platform used for collaborative code development on GitLab CE/EE is related to improper code generation management. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...
Vulnerability eliminated
...
The vulnerability of Adobe Substance 3D Modeler software lies in its ability to read data beyond the allowed range of memory. This allows attackers to bypass the ASLR protection mechanism and disclose confidential information.
The vulnerability of the Adobe Substance 3D Modeler software-related to reading data beyond the allowed range of memory. Exploiting this vulnerability could allow an attacker to bypass ASLR protection and disclose confidential information...
The vulnerability of the web interface of the IBM Sterling B2B Integrator software allows a perpetrator to execute arbitrary code and gain unauthorized access to protected information.
The vulnerability of the web interface of the IBM Sterling B2B Integrator software solution relates to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely and gain unauthorized access to protected...
The vulnerability of the Git-based software platform for collaborative code development on GitLab lies in its ability to bypass access control mechanisms, allowing attackers to send requests to vulnerable devices.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the possibility of bypassing access control mechanisms. Exploiting this vulnerability allows a malicious actor to send requests to the vulnerable device remotely...
The vulnerability of the Tittle parameter in the Product Dolibarr module of the system for planning enterprise resources and managing customer relationships allows attackers to carry out XSS attacks.
The vulnerability of the Tittle parameter in the Product Dolibarr module, a system for planning enterprise resources and managing relationships with customers, is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows an attacker, operating...
The vulnerability of the igc_clean_tx_ring() function in the drivers/net/ethernet/intel/igc/igc_main.c file of the Linux kernel’s Ethernet adapter support driver allows a attacker to cause a service failure.
The vulnerability of the igccleantxring function in the drivers/net/ethernet/intel/igc/igcmain.c file of the Linux kernel’s Ethernet adapter support module is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the gitRepo function in the Kubernetes cluster management software allows a attacker to influence the confidentiality and integrity of the protected information.
The vulnerability of the gitRepo function in the Kubernetes cluster management software is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to influence the confidentiality and integrity of the protected information...
The vulnerability of the web interface of the IBM Sterling B2B Integrator software allows a perpetrator to execute arbitrary code and gain unauthorized access to protected information.
The vulnerability of the web interface of the IBM Sterling B2B Integrator software solution relates to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely and gain unauthorized access to protected...
The vulnerability of the NTLM protocol implementation in Windows operating systems allows a hacker to execute arbitrary code.
The vulnerability of the NTLM protocol implemented by the Windows operating system is related to external file name or path control. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...