74701 matches found
The vulnerability of the Apache Traffic Server web server, related to deficiencies in access control, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Apache Traffic Server web server is related to deficiencies in access control based on access control lists ACLs. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information...
The vulnerability of the rtlpciprobe() function in the drivers/net/wireless/realtek/rtlwifi/pci.c file of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the rtlpciprobe function in the drivers/net/wireless/realtek/rtlwifi/pci.c file of Linux kernel systems is related to the lack of memory release after the effective lifespan of the function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the max96712_probe() function in the driver of the MAX96712 deserializer (drivers/staging/media/max96712/max96712.c) in Linux operating systems allows a malicious actor to trigger a service failure.
The vulnerability of the max96712probe function in the MAX96712 driver’s deserialization library drivers/staging/media/max96712/max96712.c in Linux operating systems is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the `atomctrl_get_smc_sclk_range_table()` function in the DRM driver (drivers/gpu/drm/amd/pm/powerplay/hwmgr/ppatomctrl.c) in Linux kernel allows a malicious actor to trigger a service failure.
The vulnerability of the atomctrlgetsmcsclkrangetable function in the DRM driver drivers/gpu/drm/amd/pm/powerplay/hwmgr/ppatomctrl.c in Linux kernel systems is related to pointer manipulation. Exploiting this vulnerability could allow a attacker to cause a service failure...
Vulnerability of the functions rxrpc_abort_conn() and rxrpc_abort_calls() (net/rxrpc/conn_event.c) in Linux kernel, allowing a hacker to trigger a service failure
The vulnerability of the functions rxrpcabortconn and rxrpcabortcalls net/rxrpc/connevent.c in Linux kernel systems is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to trigger a service failure...
The vulnerability of the Qnap network device support automation system is related to errors in the authentication process. This error allows a malicious user to gain unauthorized access to the device.
The vulnerability of the Qnap network device support automation system is related to errors in the authentication process for certificates. Exploiting this vulnerability can allow an attacker to gain unauthorized access to the device remotely...
The vulnerability of the KWHotel software for hotel management lies in the lack of a mechanism to neutralize elements in the CSV file, allowing a hacker to trigger a service failure.
The vulnerability of the KWHotel hotel management software is related to the lack of mechanisms for neutralizing elements in the CSV file. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of TP-Link’s MQTT Broker and API gateway software for micro-programmed TP-Link devices like the KP125M and Tapo P125M allows a malicious actor to gain increased privileges.
The vulnerability of TP-Link’s MQTT broker and API gateway, which are part of the micro-programming software for TP-Link Kasa KP125M and Tapo P125M devices, is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remote...
The vulnerability of the software platform for developing and managing Adobe Commerce B2B, related to violations of secure design principles, allows attackers to enhance their privileges.
The vulnerability of the software platform for developing and managing Adobe Commerce B2B is related to the violation of secure design principles. Exploiting this vulnerability can allow a malicious actor, operating remotely, to enhance their privileges...
The vulnerability of software platforms for developing and managing online stores like Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in their lack of authentication mechanisms, which allow attackers to circumvent security restrictions.
The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to deficiencies in authentication mechanisms. Exploiting these vulnerabilities can allow attackers to bypass security restriction...
The vulnerability of the software platform for developing and managing Adobe Commerce B2B stores relates to deficiencies in authentication mechanisms, allowing attackers to circumvent existing security restrictions.
The vulnerability of the software platform for developing and managing Adobe Commerce B2B is related to deficiencies in authentication mechanisms. Exploiting this vulnerability could allow a malicious actor to circumvent existing security restrictions remotely...
The vulnerability of the telnet service provided by the microprogramming-based IP cameras from Smartwares, models CIP-37210AT and C724IP, allows a intruder to gain unauthorized access to protected information.
The vulnerability of the telnet service provided by the microprogramming-based IP cameras from Smartwares, models CIP-37210AT and C724IP, is related to the use of default login credentials. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
The vulnerability of the rtlpciprobe() function in the driver (drivers/char/ipmi/ipmb_dev_int.c) of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the rtlpciprobe function in the driver drivers/char/ipmi/ipmbdevint.c of the Linux kernel is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Intel RealSense D400 Series Universal Windows Platform (UWP) driver is related to an uncontrolled search path, which allows attackers to escalate their privileges.
The vulnerability of the Intel RealSense D400 Series Universal Windows Platform UWP driver is related to an uncontrolled element in the search process. Exploiting this vulnerability can allow attackers to gain increased privileges...
The vulnerability of the Wallos financial management web application, related to the lack of protective measures for the website structure, allows a hacker to execute arbitrary code.
The vulnerability of the Wallos financial management web application is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the ArcGIS Pro geospatial information system and the ArcGIS AllSource software for analyzing operational data, related to the use of an unreliable search path, allows a perpetrator to execute arbitrary commands.
The vulnerability of the ArcGIS Pro geospatial information system and the ArcGIS AllSource software for analyzing operational data is related to the use of an unreliable search path. Exploiting this vulnerability could allow a attacker to execute arbitrary commands by loading a specially created...
The vulnerability of the HCI interface of Espressif ESP32 microcontroller software allows attackers to circumvent existing security restrictions.
The vulnerability of the HCI interface in Espressif ESP32 microcontroller software lies in the presence of undocumented configuration commands. Exploiting this vulnerability can allow attackers to circumvent existing security restrictions...
The vulnerability of the Microprogrammed Software for IP Cameras from Smartwares, models CIP-37210AT and C724IP, arises from the lack of measures to sanitize input data at the control level. This allows intruders to execute arbitrary commands.
The vulnerability of the Microprogrammed Software for Smartwares CIP-37210AT and C724IP cameras is related to the lack of measures for cleaning incoming data at the control level. Exploiting this vulnerability could allow a remote attacker to execute arbitrary commands...
The vulnerability of the WhoDB database management system lies in the insufficient neutralization of special elements in data queries, allowing attackers to gain unauthorized access to protected information.
The vulnerability of the WhoDB database management system is related to the insufficient neutralization of special elements in data queries. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...
The vulnerability of the TSHttpTxnIntercept() function in the Apache Traffic Server allows a hacker to gain unauthorized access to protected information.
The vulnerability of the TSHttpTxnIntercept function in the Apache Traffic Server web server is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the IBM Security Verify Directory data integration tool lies in the insufficient checking of unusual or exceptional states, which allows a perpetrator to trigger a service failure.
The vulnerability of the IBM Security Verify Directory data integration tool is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the SAML (Security Assertion Markup Language) technology used in Git-based software platforms for collaborative code development on GitLab allows attackers to increase their privileges.
The vulnerability of the SAML Security Assertion Markup Language technology used in Git-based software platforms for collaborative code development on GitLab is related to deficiencies in the authentication process. Exploiting this vulnerability could allow attackers to increase their privileges...
The vulnerability of Edimax IC-7100 IP cameras’ microprogramming software lies in the lack of measures to neutralize special elements used in the operating system’s command set. This allows intruders to execute arbitrary code.
The vulnerability of the microprogrammed IP camera Edimax IC-7100 is related to the lack of measures taken to neutralize special elements used in the operating system’s command structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending specially crafted...
Vulnerability of the file src/include/OpenImageIO/fmath.h: 983 lines of the OpenImageIO image processing library, allowing a hacker to execute arbitrary code.
Vulnerability of the file src/include/OpenImageIO/fmath.h:983. The OpenImageIO image processing library involves buffer overflow exploits. Exploitation of this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the software platform for developing and managing Adobe Commerce B2B platforms, related to lack of access control, allows a hacker to bypass existing security restrictions and gain unauthorized access to protected information.
The vulnerability of the software platform for developing and managing Adobe Commerce B2B is related to lack of access control. Exploiting this vulnerability could allow a malicious actor to bypass existing security restrictions and gain unauthorized access to protected information...
The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B, related to lack of access control, allows attackers to bypass existing security restrictions and gain unauthorized access to protected information.
The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to lack of access control mechanisms. Exploiting these vulnerabilities can allow unauthorized actors to bypass existing security...
The vulnerability of the software platform for developing and managing Adobe Commerce B2B platforms, related to lack of access control, allows a hacker to bypass existing security restrictions and gain unauthorized access to protected information.
The vulnerability of the software platform for developing and managing Adobe Commerce B2B is related to lack of access control. Exploiting this vulnerability could allow a malicious actor to bypass existing security restrictions and gain unauthorized access to protected information...
The vulnerability of the Apache Traffic Server web server arises from discrepancies in functionality compared to the specifications. This allows attackers to compromise the accessibility of the protected information.
The vulnerability of the Apache Traffic Server web server is related to discrepancies in functionality according to the specification when processing the Expect header. Exploiting this vulnerability allows a remote attacker to compromise the accessibility of protected information...
The vulnerability of the functions usbg_cmd_work() and bot_cmd_work() in the USB driver (drivers/usb/gadget/function/f_tcm.c) of the Linux kernel allows a hacker to induce a service failure.
The vulnerability of the functions usbgcmdwork and botcmdwork in the USB driver drivers/usb/gadget/function/ftcm.c of the Linux kernel is related to the repeated release of memory. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the software platform for integrating Grafana Alerting VictorOps, related to information disclosure, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Grafana Alerting VictorOps software platform relates to the disclosure of information. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the ArcGIS Pro geospatial information system and the ArcGIS AllSource software for analyzing operational data, related to the use of an unreliable search path, allows a perpetrator to execute arbitrary commands.
The vulnerability of the ArcGIS Pro geospatial information system and the ArcGIS AllSource software for analyzing operational data is related to the use of an unreliable search path. Exploiting this vulnerability could allow a attacker to execute arbitrary commands by loading a specially created...
The vulnerability of the PAN-OS operating system, related to incorrect external management of file names or file paths, allows attackers to compromise the confidentiality of protected information.
The vulnerability of the PAN-OS operating system is related to incorrect external management of file names or file paths. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality of protected information...
The vulnerability of the microprogramming software of TP-Link Tapo P125M and Kasa KP125M lies in the insufficient protection of operational data, allowing attackers to execute a “man-in-the-middle” type attack.
The vulnerability of the microprogramming software of TP-Link Tapo P125M and Kasa KP125M lies in the insufficient protection of operational data. Exploiting this vulnerability could allow a remote attacker to execute a “man-in-the-middle” attack...
The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in their lack of access control mechanisms. This allows attackers to circumvent existing security restrictions and gain unauthorized access to protected information.
The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to lack of access control mechanisms. Exploiting these vulnerabilities can allow unauthorized actors to bypass existing security...
The vulnerability of the software platform for developing and managing Adobe Commerce B2B stores relates to deficiencies in authentication mechanisms, allowing attackers to circumvent existing security restrictions.
The vulnerability of the software platform for developing and managing Adobe Commerce B2B is related to deficiencies in authentication mechanisms. Exploiting this vulnerability could allow a malicious actor to circumvent existing security restrictions remotely...
The vulnerability of the reshardCollection command in the MongoDB database management system allows a attacker to compromise the integrity and accessibility of the protected information.
The vulnerability of the reshardCollection command in the MongoDB database management system is related to the reinsertion of data due to insufficient checks for unusual or exceptional states. Exploiting this vulnerability allows an attacker operating remotely to compromise the integrity and...
The vulnerability of Smartwares CIP-37210AT and C724IP IP cameras’ microprogramming software lies in the improper limitation of the path name to the restricted access directory. This allows intruders to gain unauthorized access to protected information.
The vulnerability of the Microprogrammed Software for Smartwares CIP-37210AT and C724IP cameras is related to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability could allow a intruder to gain unauthorized access to protected information...
The vulnerability of the uvc_status_init() function in the USB Video Class driver (drivers/media/usb/uvc/uvc_status.c) in Linux kernel allows a hacker to induce a service failure.
The vulnerability of the uvcstatusinit function in the USB Video Class driver drivers/media/usb/uvc/uvcstatus.c in Linux kernels is related to improper resource locking. Exploiting this vulnerability could allow a attacker to cause a service failure...
The vulnerability in the file src/include/OpenImageIO/detail/farmhash.h of the OpenImageIO image processing library allows a hacker to execute arbitrary code.
The vulnerability in the src/include/OpenImageIO/detail/farmhash.h file of the image processing library OpenImageIO is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of microprogrammed software in 3rd Generation Intel Xeon Scalable Processors allows a hacker to trigger a service failure.
The vulnerability of microprogrammed software in 3rd generation Intel Xeon Scalable processors is related to the lack of coordination between independent representations of the overall state. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of the rproc_alloc() function in the remoteproc driver (drivers/remoteproc/remoteproc_core.c) of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the rprocalloc function in the remoteproc driver drivers/remoteproc/remoteproccore.c in Linux operating systems is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the pam_access component in the access.conf file of the Linux-PAM authentication module allows a hacker to circumvent existing security restrictions and gain access to confidential information.
The vulnerability of the pamaccess component in the access.conf file of the Linux-PAM authentication module is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and gain access to confidential...
The vulnerability of the WhoDB database management system lies in its ability to exploit memory after it is freed, allowing an intruder to gain unauthorized access to protected information.
The vulnerability of the WhoDB database management system relates to the possibility of exploiting memory after it is freed. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the tools for configuring and integrating Intel Aptio V UEFI firmware in Intel NUC devices stems from access control flaws, allowing attackers to exploit these vulnerabilities to gain increased privileges.
The vulnerability of the tools for configuring and integrating Intel Aptio V UEFI firmware on Intel NUC devices is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of TP-LINK TL-WR841ND router’s microprogramming software lies in the fact that the operation output goes beyond the buffer in memory, allowing a hacker to cause a malfunction in the device.
The vulnerability of TP-LINK’s TL-WR841ND router’s microprogramming software lies in the fact that the operation is performed outside the buffer in memory when processing the ssid parameter. Exploiting this vulnerability allows a malicious actor to cause service failure by sending specially craft...
The vulnerability of the Python JSON Logger library, a programming language, arises from the inclusion of functions from an unverified and uncontrolled area. This allows attackers to execute arbitrary code.
The vulnerability of the Python JSON Logger library is related to the inclusion of functions from an unverified and uncontrolled area. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by deploying a specially crafted package...
The vulnerability of the IBM WebSphere Application Server’s web interface allows a perpetrator to execute arbitrary code and gain unauthorized access to protected information.
The vulnerability in the web interface of IBM WebSphere Application Server exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to execute arbitrary code and gain unauthorized access to protected information...
The vulnerability of the Apache Traffic Server web server, related to insufficient input validation, allows attackers to send hidden HTTP requests (HTTP Request Smuggling attack).
The vulnerability of the Apache Traffic Server web server is related to insufficient checks on input. Exploiting this vulnerability allows a malicious actor to send hidden HTTP requests remotely HTTP Request Smuggling attack...
The vulnerability of LLM-powered system startups like AnythingLLM, related to shortcomings in authentication procedures, allows attackers to gain unauthorized access to protected information.
The vulnerability of the LLM startup and management system, AnythingLLM, is related to deficiencies in the authentication process when processing the id parameter. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
The vulnerability in Mozilla Firefox, Firefox ESR, and email clients Thunderbird, Thunderbird ESR, is related to the operation of transferring data beyond the buffer in memory. This allows an attacker to cause a service failure.
The vulnerability in Mozilla Firefox, Firefox ESR, and the email client Thunderbird, Thunderbird ESR, is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service interruptions using specially created text...