74701 matches found
The vulnerability of the TIFF Image development platform QNX SDP allows attackers to disclose protected information.
The vulnerability of the TIFF Image development platform QNX SDP is related to an off-by-one error. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information that is protected by the system’s security measures...
The vulnerability in the AudioIPC component of Mozilla Firefox, Firefox ESR, and the email client Thunderbird, Thunderbird ESR, allows a hacker to execute arbitrary code.
The vulnerability of the AudioIPC component affects browsers such as Mozilla Firefox, Firefox ESR, and the email client Thunderbird, Thunderbird ESR. This vulnerability is related to the ability to utilize memory after it is freed. Exploiting this vulnerability could allow a malicious actor to...
The vulnerability in the RegExp component of Mozilla Firefox, Firefox ESR, and the email client Thunderbird, Thunderbird ESR, allows a hacker to execute arbitrary code.
The vulnerability of the RegExp component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird, Thunderbird ESR, is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird, Thunderbird ESR, are related to the execution of operations beyond the buffer boundaries in memory. This allows attackers to execute arbitrary code.
The vulnerability in Mozilla Firefox, Firefox ESR, and the email client Thunderbird, Thunderbird ESR, is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability in the RegExp component of Mozilla Firefox, Firefox ESR, and the email client Thunderbird, Thunderbird ESR, allows attackers to influence the confidentiality and integrity of protected information.
The vulnerability of the RegExp component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird, Thunderbird ESR, is related to insufficient processing of regular expressions. Exploiting this vulnerability can allow an attacker to influence the confidentiality and integrity of protect...
The vulnerability of Cobalt Ashlar-Vellum’s software for parametric automated design and 3D modeling lies in buffer overflow attacks in dynamic memory, allowing an attacker to execute arbitrary code.
The vulnerability of the Cobalt Ashlar-Vellum software for parametric automated design and 3D modeling is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code within the context of the current process...
The vulnerability of the EcoStruxure Panel Server module lies in the exposure of password values in the log file, allowing attackers to disclose sensitive information.
The vulnerability of the EcoStruxure Panel Server module relates to the disclosure of password values in the log file. Exploiting this vulnerability can allow attackers to disclose the protected information...
The vulnerability of the NTLM Hash component of the Windows operating system, which allows a hacker to perform spoofing attacks
The vulnerability of the NTLM Hash component of the Windows operating system is related to incorrect external management of file names or file paths. Exploiting this vulnerability allows a remote attacker to perform spoofing attacks...
The vulnerability of the Windows Win32 Kernel Subsystem, which allows a hacker to elevate their privileges to a system level.
The vulnerability of the Windows Win32 Kernel Subsystem in the operating system is related to the possibility of exploiting memory after it is freed. Exploiting this vulnerability can allow an attacker to elevate their privileges to a system-level level...
The vulnerability of the Substance 3D Sampler software for creating textures and materials for 3D models lies in its ability to read data beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.
The vulnerability of the Substance 3D Sampler software for creating textures and materials for 3D models involves reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code within the context of the current user...
The vulnerability of the Azure Arc software for connecting local infrastructure lies in the lack of data cleansing measures at the management level, allowing attackers to escalate their privileges.
The vulnerability of the Azure Arc software installer for local infrastructure is related to the lack of data cleansing measures at the management level. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the CxUIUSvc64.exe and CxUIUSvc32.exe components of the Synaptics Audio Driver for Windows operating systems allows attackers to exploit their privileges.
The vulnerability of the CxUIUSvc64.exe and CxUIUSvc32.exe drivers of the Synaptics Audio Driver for Windows operating systems is related to access control errors. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the microprogrammed software of Edimax AC1200 Wi-Fi 5 BR-6476AC routers lies in the copying of buffers without checking the size of the input data. This allows a hacker to trigger a service failure or execute arbitrary commands.
The vulnerability of the microprogrammed software of Edimax AC1200 Wi-Fi 5 BR-6476AC routers lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow a malicious actor to cause service failures or execute arbitrary commands remotely...
The vulnerability of Zoom’s video conferencing software, related to improper handling of user actions, allows attackers to disclose sensitive information.
The vulnerability of Zoom video conferencing software is related to improper handling of user actions. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...
The vulnerability of the software installer for Zoom video conferencing allows a hacker to disclose protected information.
The vulnerability of the software installer for Zoom video conferencing relates to the improper assignment of ownership rights. Exploiting this vulnerability can allow a perpetrator to disclose protected information...
The vulnerability in the web interface of the FortiOS operating system and the FortiProxy proxy server, which allows a hacker to gain unauthorized access to protected information.
The vulnerability in the web interface for operating system management software FortiOS and the proxy server used for protecting against Internet attacks FortiProxy is related to errors in processing hypertext links. Exploiting this vulnerability can allow a malicious actor to gain unauthorized...
The vulnerability of the CLI component of Fortinet’s FortiAP-S, FortiAP-W2, and FortiAP software solutions allows attackers to execute arbitrary commands.
The vulnerability of the CLI component of Fortinet’s FortiAP-S/W2 and FortiAP products exists due to the failure to take measures to neutralize the special elements used in the operating system commands. Exploiting this vulnerability can allow an attacker to execute arbitrary commands...
The vulnerability of the Node.js software platform, related to the lack of memory release after the effective lifespan, allows a hacker to trigger a service failure.
The vulnerability of the Node.js software platform lies in the lack of memory release after the effective lifespan of the application. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the Open Asset Import Library’s 3D model import library (Assimp) relates to buffer overflow attacks, allowing attackers to cause service failures.
The vulnerability of the Open Asset Import Library Assimp for importing 3D models is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of Google Chrome’s user interface allows a perpetrator to replace the user interface.
The vulnerability of Google Chrome’s user interface is related to an improper limitation on the visible layers of the user interface. Exploiting this vulnerability allows a malicious actor to replace the user interface with a specially created HTML page...
The vulnerability of Google Chrome, related to errors in the user interface’s information representation, allows a perpetrator to replace the user interface.
The vulnerability of Google Chrome relates to errors in information representation by the user interface. Exploiting this vulnerability allows a malicious actor to replace the user interface with a specially created HTML page...
The vulnerability of the JavaScript script handler interface of Google Chrome’s V8 engine allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the JavaScript script handler interface of Google Chrome’s V8 engine is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of AnyDesk’s remote access and management software lies in the improper definition of symbolic links before accessing files. This allows attackers to disclose sensitive information that should be protected.
The vulnerability of AnyDesk remote access and management software is related to the improper definition of symbolic links before accessing files. Exploiting this vulnerability can allow attackers to disclose protected information...
The vulnerability of microprogrammed multifunctional devices (MFUs) such as Versalink, Phaser, and WorkCentre, related to deficiencies in authentication procedures, allows attackers to disclose protected information.
The vulnerability of microprogrammed multifunctional devices such as Versalink, Phaser, and WorkCentre is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose protected information...
The vulnerability of Microsoft Edge browser, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.
The vulnerability of Microsoft Edge is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform spear-phishing attacks...
The vulnerability of the memory management block for IOMMU operations in AMD’s microprogramming software for processors allows attackers to circumvent security restrictions and compromise the integrity of the protected information.
The vulnerability of the memory management block for IOMMU operations in AMD microprogramming systems is related to incorrect input of configuration data. Exploiting this vulnerability can allow attackers to circumvent security restrictions and compromise the integrity of protected information...
The vulnerability of the Apache OFBiz resource planning software lies in the improper elimination of special elements used in the template, allowing a hacker to execute arbitrary code.
The vulnerability of the Apache OFBiz resource planning software lies in the improper elimination of certain elements used in the template. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the DCM files on the medical image and data management system, as well as the Sante PACS Server, allows a perpetrator to trigger a service failure.
The vulnerability of the DCM files on the medical image and data management system, as well as those on the Sante PACS Server, is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
The vulnerability in the WebTransport component of Mozilla Firefox, Firefox ESR, and the Thunderbird email client allows a hacker to induce a service failure.
The vulnerability of the WebTransport component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the possibility of using memory after it is freed. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...
The vulnerability of Cobalt Ashlar-Vellum’s software-based parametric automated design and 3D modeling capabilities lies in its ability to exploit memory after release, allowing an attacker to execute arbitrary code.
The vulnerability of Cobalt Ashlar-Vellum’s parametric automated design and 3D modeling software lies in its ability to exploit memory after it is freed. Exploiting this vulnerability allows an attacker to execute arbitrary code within the context of the current process...
The vulnerability of the Cobalt Ashlar-Vellum software for parametric automated design and 3D modeling lies in errors related to data type mixing, allowing a hacker to execute arbitrary code.
The vulnerability of the Cobalt Ashlar-Vellum software for parametric automated design and 3D modeling is related to errors in data type mixing. Exploiting this vulnerability could allow an attacker to execute arbitrary code within the context of the current process...
The vulnerability of Cobalt Ashlar-Vellum’s software for parametric automated design and 3D modeling lies in its ability to read data beyond the buffer limit in memory, allowing an attacker to execute arbitrary code.
The vulnerability of Cobalt Ashlar-Vellum software for parametric automated design and 3D modeling lies in the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code within the context of the current process...
The vulnerability of Cobalt Ashlar-Vellum’s parametric automated design and 3D modeling software lies in the use of an uninitialized variable, which allows a hacker to execute arbitrary code.
The vulnerability of Cobalt Ashlar-Vellum software for parametric automated design and 3D modeling is related to the use of an uninitialized variable. Exploiting this vulnerability could allow a attacker to execute arbitrary code within the context of the current process...
The vulnerability of the Windows USB Video Class System Driver for operating systems allows a hacker to elevate their privileges to a system-level level.
The vulnerability of the Windows USB Video Class System Driver for Windows operating systems is related to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow an attacker to elevate their privileges to a system-level level...
The vulnerability of the Windows Core Messaging component in Windows operating systems allows a perpetrator to elevate their privileges to a system-level level.
The vulnerability of the Windows Core Messaging component in Windows operating systems is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow an attacker to elevate their privileges to a system-level level...
The vulnerability of the Azure Promptflow application development tool, related to insufficient spatial partitioning, allows a hacker to execute arbitrary code.
The vulnerability of the Azure Promptflow application development tool is related to insufficient spatial separation. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of Zoom’s video conferencing software relates to the possibility of exploiting memory after it is freed, allowing an attacker to cause a service failure.
The vulnerability of Zoom video conferencing software relates to the possibility of exploiting memory after it is freed. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the Fortinet FortiManager software, which is used for centralized device management, as well as the FortiAnalyzer security event monitoring and analysis tools, stems from insecure privilege management. This allows attackers to escalate their privileges.
The vulnerability of the Fortinet FortiManager software, which is used for centralized device management, as well as the FortiAnalyzer security monitoring and analysis tools, is related to insecure privilege management. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the Google Chrome browser’s Media component, which allows a hacker to execute arbitrary code.
The vulnerability of the Google Chrome browser’s Media component is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted HTML page...
The vulnerability of the AMD CPU ROM microprogramming system’s loader allows a perpetrator to compromise the confidentiality and integrity of the protected information.
The vulnerability of AMD CPU ROM microprogramming software’s loader is related to errors in checking the cryptographic signature. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and integrity of the protected information...
The vulnerability of the FileUtil.extract() function in the library for creating, deploying, and executing MLeap machine learning models allows a hacker to execute arbitrary code.
The vulnerability of the FileUtil.extract function in the library responsible for creating, deploying, and executing MLeap machine learning models is related to an incorrect restriction on the path to the restricted-access directory. Exploiting this vulnerability could allow a malicious actor to...
The vulnerability of the System Management Mode (SMM) mode of AMD microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the System Management Mode SMM mode of AMD microprogramming processor software is related to insufficient checking of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the DCM files on the medical image and data management system, as well as the Sante PACS Server, allows a perpetrator to trigger a service failure.
The vulnerability of the DCM files on the medical image and data management system, as well as those on the Sante PACS Server, is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
The vulnerability of the DCM files on the medical image and data management system, as well as the Sante PACS Server, allows a hacker to record these files in the context of the current user.
The vulnerability of the DCM files on the medical image and data management system, as well as those on the Sante PACS Server, is related to incorrect restrictions on the path name for accessing the restricted catalog. Exploiting this vulnerability allows a malicious actor to write files under th...
The vulnerability of the Cobalt Ashlar-Vellum software for parametric automated design and 3D modeling lies in errors related to data type mixing, allowing a hacker to execute arbitrary code.
The vulnerability of the Cobalt Ashlar-Vellum software for parametric automated design and 3D modeling is related to errors in data type mixing. Exploiting this vulnerability could allow an attacker to execute arbitrary code within the context of the current process...
The vulnerability of the Cobalt Ashlar-Vellum software for parametric automated design and 3D modeling lies in errors related to data type mixing, allowing a hacker to execute arbitrary code.
The vulnerability of the Cobalt Ashlar-Vellum software for parametric automated design and 3D modeling is related to errors in data type mixing. Exploiting this vulnerability could allow an attacker to execute arbitrary code within the context of the current process...
The vulnerability of the DirectX component in Windows operating systems, which allows a hacker to cause a system failure
The vulnerability of the DirectX component in Windows operating systems is related to the swapping of the zero pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the NTFS file system of the Windows operating system, which allows a perpetrator to disclose protected information
The vulnerability of the NTFS file system in Windows operating systems relates to operations that go beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected information...
The vulnerability of the Windows USB Video Class System Driver for operating systems allows a hacker to elevate their privileges to a system-level level.
The vulnerability of the Windows USB Video Class System Driver for Windows operating systems is related to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow an attacker to elevate their privileges to a system-level level...
The vulnerability of Zoom Apps software products is related to the overflowing buffer in dynamic memory, which allows a malicious actor to trigger a service failure.
The vulnerability of Zoom Apps software products is related to overflowing buffers in dynamic memory. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...