74701 matches found
The vulnerability of Google Chrome, related to errors in the user interface’s information representation, allows a perpetrator to replace the user interface.
The vulnerability of Google Chrome relates to errors in information representation by the user interface. Exploiting this vulnerability allows a malicious actor to replace the user interface with a specially created HTML page...
The vulnerability of microprogramming software in embedded Qualcomm chips, related to unverified array indexing, allows a hacker to execute arbitrary code, cause system failures, or gain unauthorized access to protected information.
The vulnerability of microprogramming software in embedded Qualcomm chips is related to unverified array indexing. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code, cause service failures, or gain unauthorized access to protected information...
The vulnerability of the memory management block for IOMMU operations in AMD’s microprogramming software for processors allows attackers to circumvent security restrictions and compromise the integrity of protected information.
The vulnerability of the memory management block for IOMMU operations in AMD microprogramming systems is related to incorrect input of configuration data. Exploiting this vulnerability can allow attackers to circumvent security restrictions and compromise the integrity of protected information...
The vulnerability of the PAN-OS OpenConfig Plugin in the PAN-OS operating system, related to the failure to eliminate special elements, allows a perpetrator to execute arbitrary commands.
The vulnerability of the PAN-OS OpenConfig Plugin in the PAN-OS operating system is related to the failure to take measures to neutralize specific elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the System Management Mode (SMM) mode of AMD microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the System Management Mode SMM mode of AMD microprogramming processor software is related to insufficient checking of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the Substance 3D Sampler software for creating textures and materials for 3D models lies in its ability to read data beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.
The vulnerability of the Substance 3D Sampler software for creating textures and materials for 3D models involves reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code within the context of the current user...
The vulnerability of Apple Maps’ mapping service affects operating systems such as macOS, iOS, iPadOS, and watchOS, allowing attackers to gain unauthorized access to protected information.
The vulnerability of the Apple Maps mapping service in operating systems such as macOS, iOS, iPadOS, and watchOS is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
Vulnerabilities of the functions nft_lookup_init(), nf_tables_fill_setelem(), and nft_validate_register_store() in the Linux operating system, allowing a hacker to cause a service failure
The vulnerabilities of the functions nftlookupinit, nftablesfillsetelem, and nftvalidateregisterstore in the Linux operating system are related to type mixing errors. Exploiting these vulnerabilities can allow an attacker to cause service failures...
The vulnerability of the cxacru_bind() function in the USB driver (drivers/usb/atm/cxacru.c) of the Linux kernel allows a hacker to induce a service failure.
The vulnerability of the cxacrubind function in the USB driver drivers/usb/atm/cxacru.c of the Linux kernel is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the ftruncate() function in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the ftruncate function in the Linux operating system’s kernel is related to errors in the processing of input data during syntax analysis of code. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the sqfs_size function in the U-Boot loader allows a hacker to execute arbitrary code.
The vulnerability of the sqfssize function in the U-Boot loader is related to an uncontrolled recursion. Exploiting this vulnerability could allow a hacker to execute arbitrary code...
The vulnerability of the Microsoft Office suite relates to the possibility of exploiting memory after deallocation, allowing an attacker to execute arbitrary code.
The vulnerability of the Microsoft Office suite is related to the possibility of using memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability of Microsoft Cross-Device operating system services allows attackers to elevate their privileges to a system-level level.
The vulnerability of Microsoft Cross-Device operating system services is related to access control errors. Exploiting this vulnerability can allow attackers to elevate their privileges to a system-level level...
Vulnerability of Windows operating system control consoles, allowing attackers to circumvent existing security restrictions
The vulnerability of Windows operating system consoles is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to bypass existing security restrictions...
The vulnerability in the isolated environment of the Web Content module of the Web pages displayed by the Safari browser and the visionOS, iOS, iPadOS, macOS operating systems allows a hacker to execute arbitrary code.
The vulnerability of the isolated Web Content module in the WebKit browser of Safari and the operating systems VisionOS, iOS, iPadOS, and macOS lies in the ability to write code outside of the allocated memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by...
Vulnerability of the cfg80211_wext_siwscan() function (net/wireless/scan.c) in the Linux kernel, allowing a hacker to cause a service failure
The vulnerability of the cfg80211wextsiwscan function net/wireless/scan.c in the Linux kernel is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the ata_host_release() function in the ATA driver’s code (drivers/ata/libata-core.c), located in the Linux kernel, allows a hacker to trigger a service failure.
The vulnerability of the atahostrelease function in the ATA port driver drivers/ata/libata-core.c of the Linux kernel is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
Vulnerability of the __xdp_reg_mem_model() function (net/core/xdp.c) in the Linux operating system kernel, which allows a hacker to cause a service failure
The vulnerability of the xdpregmemmodel function net/core/xdp.c in the Linux operating system’s kernel is related to the unlimited distribution of resources. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the functions ili9881c_prepare() and ili9881c_unprepare() in the driver (drivers/gpu/drm/panel/panel-ilitek-ili9881c.c) of the Linux kernel allows a hacker to induce a service failure.
The vulnerability of the functions ili9881cprepare and ili9881cunprepare in the driver drivers/gpu/drm/panel/panel-ilitek-ili9881c.c of the Linux kernel is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the U-Boot loader, related to integer overflows, allows attackers to influence the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the U-Boot loader is related to a numerical overflow condition. Exploiting this vulnerability can allow an attacker to influence the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the Microsoft Office suite relates to the possibility of exploiting memory after deallocation, allowing an attacker to execute arbitrary code.
The vulnerability of the Microsoft Office suite is related to the possibility of using memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability of the ext4fs_read_symlink function in the U-Boot loader allows a attacker to influence the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the ext4fsreadsymlink function in the U-Boot loader is related to a potential overflow condition. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the Inspector component in the Google Chrome browser allows a hacker to execute arbitrary code or trigger a service denial.
The vulnerability of the Inspector component in the Google Chrome browser relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause a service failure...
The vulnerability in the kernel of operating systems such as macOS, iOS, iPadOS, tvOS, and watchOS allows attackers to escalate their privileges and execute arbitrary code.
The vulnerability of the kernel in operating systems such as macOS, iOS, iPadOS, tvOS, and watchOS is related to the repeated release of memory. Exploiting this vulnerability can allow an attacker to increase their privileges and execute arbitrary code...
The vulnerabilities of the functions rdma_restrack_init() and type2str() in the InfiniBand driver (drivers/infiniband/core/restrack.c) of the Linux operating system allow a hacker to cause a service failure.
The vulnerabilities of the functions rdmarestrackinit and type2str in the InfiniBand driver drivers/infiniband/core/restrack.c of the Linux kernel are related to insufficient input validation. Exploiting these vulnerabilities could allow an attacker to cause a service failure...
Vulnerability of the null_validate_conf() function (drivers/block/null_blk/main.c) in the Linux operating system kernel, allowing a hacker to trigger a service failure
The vulnerability of the nullvalidateconf function drivers/block/nullblk/main.c in the Linux kernel is related to pointer dereferencing. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the WebHMI component of the EcoStruxure Power Automation System User Interface (EcoSUI) and the EcoStruxure Microgrid Operation Large (EMO-L) system, which allows a hacker to gain unauthorized access to the device.
The vulnerability of the WebHMI component of the SCADA system EcoStruxure Power Automation System User Interface EcoSUI and the EcoStruxure Microgrid Operation Large EMO-L system for optimizing distributed energy resources is related to insecure initialization of the resources. Exploiting this...
The vulnerability of the MFlash secure data exchange platform lies in the lack of mechanisms for neutralizing elements related to CSV files, allowing attackers to execute arbitrary commands.
The vulnerability of the MFlash secure messaging platform is related to the lack of mechanisms for neutralizing elements related to CSV files. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the MFlash secure data exchange platform lies in the lack of protective measures for the website structure, allowing attackers to execute arbitrary code.
The vulnerability of the MFlash secure messaging platform is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by injecting specially crafted HTML code...
The vulnerability of the MFlash secure data exchange platform, related to the,。
The vulnerability of the MFlash secure data exchange platform relates to the manipulation of cross-site requests. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...
The vulnerability of the recv_pyobj method in the Llama Stack framework, which is used for working with large language models (LLMs), allows a attacker to execute arbitrary code.
The vulnerability of the recvpyobj method in the Llama Stack framework for working with large language models is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a specially crafted JSON file...
The vulnerabilities of the functions bme680_compensate_temp(), bme680_compensate_press(), and bme680_compensate_humid() in the IIO driver (drivers/iio/chemical/bme680_core.c) of the Linux operating system allow a hacker to cause a service failure.
The vulnerabilities of the functions bme680compensatetemp, bme680compensatepress, and bme680compensatehumid in the IIO driver drivers/iio/chemical/bme680core.c of the Linux kernel are related to the execution of operations outside of the buffer in memory. Exploiting these vulnerabilities can allo...
The vulnerability of the functions dwc3_suspend_common() and dwc3_resume_common() in the Linux kernel’s USB driver (drivers/usb/dwc3/core.c) allows a hacker to induce a service failure.
The vulnerability of the dwc3suspendcommon and dwc3resumecommon functions in the Linux kernel’s USB driver drivers/usb/dwc3/core.c is related to the use of pointers. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the HMI SCADA system of the power automation system, EcoStruxure Power Automation System User Interface (EPAS-UI), related to deficiencies in authentication procedures, allows a intruder to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the HMI SCADA system of the electric power automation system, EcoStruxure Power Automation System User Interface EPAS-UI, is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow attackers to compromise the confidentiality, integrity,...
The vulnerability of the NTFS file system in Windows operating systems allows a perpetrator to execute arbitrary code.
The vulnerability of the NTFS file system in Windows operating systems is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by mounting a specially crafted VHD image...
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code or cause service interruptions.
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to type conversion errors. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service failures...
The vulnerability of the MFlash secure data exchange platform lies in its insufficient authentication attempt limitation, which allows a perpetrator to gain unauthorized access to the platform.
The vulnerability of the MFlash secure messaging platform is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to the platform...
The vulnerability of the MFlash secure data exchange platform lies in the lack of protective measures for the website structure, allowing attackers to execute arbitrary code.
The vulnerability of the MFlash secure messaging platform is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the administration panel by injecting specially crafted HTML code...
The vulnerabilities of the functions ocfs2_extend_trans() and ocfs2_dio_end_io_write() in the cluster file system OCFS2 of the Linux operating system allow a hacker to cause a service failure.
The vulnerabilities of the ocfs2extendtrans and ocfs2dioendiowrite functions in the OCFS2 cluster file system of the Linux operating system are related to resource management errors. Exploiting these vulnerabilities can allow an attacker to cause service failures...
The vulnerability of the Git-based software platform for collaborative code development in GitLab Enterprise Edition allows a hacker to bypass authentication using a user-controlled key, enabling them to disclose sensitive information that should be protected.
The vulnerability of the Git-based software platform for collaborative code development in GitLab Enterprise Edition relates to the bypassing of authentication using a key controlled by the user. Exploiting this vulnerability allows a malicious actor, operating remotely, to disclose sensitive...
The vulnerability of the IBM Sterling File Gateway file server lies in its use of files and directories accessible from external parties, allowing an intruder to gain unauthorized access to protected information.
The vulnerability of the IBM Sterling File Gateway relates to the use of files and directories accessible to external parties. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...
Vulnerability of the j1939_xtp_rx_rts_session_new() function (net/can/j1939/transport.c) in the Linux operating system kernel, which allows a hacker to trigger a service failure
The vulnerability of the j1939xtprxrtssessionnew function located in net/can/j1939/transport.c in the Linux operating system is related to incorrect error handling. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the create_pinctrl() function (drivers/pinctrl/core.c) in the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the createpinctrl function drivers/pinctrl/core.c in the Linux kernel is related to improper locking of resources. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the application layer in real-time database content management system SQL Directus, related to bypassing authentication using a user-controlled key, allows attackers to gain access to the user’s account.
The vulnerability of the application layer in real-time content management system SQL Directus relates to bypassing authentication by using a user-controlled key. Exploiting this vulnerability could allow an attacker to gain access to the user account...
The vulnerability of the Telemetry component of TP-Link Tapo P125M and Kasa KP125M software devices allows a intruder to gain unauthorized access to protected information.
The vulnerability of the Telemetry component in the microprogramming software of TP-Link Tapo P125M and Kasa KP125M lies in the lack of protection for operational data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to the protected...
The vulnerability of the sqfs_resolve_symlink function in the U-Boot loader allows a hacker to influence the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the sqfsresolvesymlink function in the U-Boot loader is related to integer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the sqfs inode_size function in the U-Boot loader allows a attacker to influence the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the sqfs inodesize function in the U-Boot loader is related to integer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
Vulnerability of Windows operating systems, related to incorrect definition of symbolic links before accessing a file, allowing attackers to exploit their privileges.
The vulnerability of Windows operating systems is related to the incorrect definition of symbolic links before accessing a file. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the Debug Mode mode in the Laravel PHP framework allows attackers to perform cross-site scripting attacks.
The vulnerability of the Debug Mode mode in the Laravel PHP framework is related to the lack of protective measures for the web page structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code or cause service interruptions.
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to type conversion errors. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service failures...