90604 matches found
The vulnerability of the software platform for numerical modeling and analysis of products in Simcenter Nastran, as well as the pre-processor Simcenter Femap, arises from reading data beyond the acceptable range in memory. This vulnerability allows a hacker to execute arbitrary code.
The vulnerability of the software platform for numerical modeling and analysis of Simcenter Nastran products, as well as the pre-processor Simcenter Femap, lies in the ability to read data beyond the acceptable range in memory. Exploiting this vulnerability allows an attacker to execute arbitrary...
The vulnerability of the software platform for numerical modeling and analysis of products in Simcenter Nastran, as well as the pre-processor Simcenter Femap, arises from reading data beyond the acceptable range in memory. This vulnerability allows a hacker to execute arbitrary code.
The vulnerability of the software platform for numerical modeling and analysis of Simcenter Nastran products, as well as the pre-processor Simcenter Femap, lies in the ability to read data beyond the acceptable range in memory. Exploiting this vulnerability allows an attacker to execute arbitrary...
The vulnerability of the software platform for numerical modeling and analysis of products in Simcenter Nastran, as well as the pre-processor Simcenter Femap, arises from reading data beyond the acceptable range in memory. This vulnerability allows a hacker to execute arbitrary code.
The vulnerability of the software platform for numerical modeling and analysis of Simcenter Nastran products, as well as the pre-processor Simcenter Femap, lies in the ability to read data beyond the acceptable range in memory. Exploiting this vulnerability allows an attacker to execute arbitrary...
The vulnerability of the kube-apiserver component, a software component for managing clusters of virtual machines in Kubernetes, allows a attacker to cause a service failure.
The vulnerability of the kube-apiserver component, which is part of the Kubernetes cluster management software, is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a remote attacker to cause service failures...
The vulnerability of the Explore Traces component of the Grafana monitoring and observation platform allows a hacker to execute arbitrary JavaScript code.
The vulnerability of the Explore Traces component of the Grafana monitoring and observation platform relates to the lack of security measures for the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary JavaScript code...
The vulnerability of the Grafana monitoring and observation platform, related to information disclosure, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Grafana monitoring and observation platform is related to the disclosure of information. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability in the libvpx component of Mozilla Firefox, Firefox ESR, and the Thunderbird email client allows a hacker to induce a service failure.
The vulnerability of the libvpx component in Mozilla Firefox, Firefox ESR, and the Thunderbird email client is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to cause a service failure remotely...
The vulnerability of the multi_ssid function in the /cgi-bin/wireless.cgi file of the Wavlink WL-WN579A3 router’s microprogramming system allows a hacker to execute arbitrary commands.
The vulnerability of the multissid function in the /cgi-bin/wireless.cgi file of the Wavlink WL-WN579A3 router microprogramming system is related to the lack of measures taken to neutralize data at the control level. Exploiting this vulnerability could allow a remote attacker to execute arbitrary...
The vulnerability of the /cgi-bin/login.cgi file in the microprogramming software for Wavlink routers WL-WN579A3 allows a hacker to execute arbitrary commands.
The vulnerability of the /cgi-bin/login.cgi file in the microprogramming software for Wavlink WL-WN579A3 is related to the lack of measures taken to neutralize data at the control level. Exploiting this vulnerability could allow a remote attacker to execute arbitrary commands...
The vulnerability of the XWiki platform, a tool for creating collaborative web applications. XWiki allows attackers to execute a type of attack known as CSS Injection.
The vulnerability of the XWiki platform, a tool for creating collaborative web applications, lies in an improper limitation on the visible layers of the user interface. Exploiting this vulnerability could allow a malicious actor to carry out a type of CSS injection attack, with the assistance of...
The vulnerability of the attach_default_qdiscs() function in the net/sched/sch_generic.c module of the net/sched/sch subsystem of the Linux operating system’s kernel allows a attacker to cause a service failure.
The vulnerability of the attachdefaultqdiscs function in the net/sched/schgeneric.c module of the network scheduling subsystem of the Linux operating system’s kernel is related to improper memory release. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...
The vulnerability of the record_func_key() function in the kernel/bpf/verifier.c module, part of the BPF interpreter support for the Linux operating system’s kernel, allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the recordfunckey function in the kernel/bpf/verifier.c module, which is part of the BPF interpreter support in the Linux operating system’s kernel, involves reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the...
The vulnerability of the storvsc_probe() function in the drivers/scsi/storvsc_drv.c file of the Linux operating system’s SCSI device driver module allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the storvscprobe function in the drivers/scsi/storvscdrv.c file of the Linux SCSI device driver module is related to the occurrence of mutual locking. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...
The vulnerability of the hugetlb_mcopy_atomic_pte() function in the mm/hugetlb.c module of the Linux kernel’s memory-management subsystem allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the hugetlbmcopyatomicpte function in the mm/hugetlb.c module of the Linux kernel’s memory-management subsystem is related to operations that go beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...
The vulnerability of the wb inode_writeback_end() function in the fs/fs-writeback.c file of the Linux kernel file system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the wb inodewritebackend function in the fs/fs-writeback.c file of the Linux kernel file system is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...
The vulnerability of Notepad++, a text editor, is related to the use of an insecure search path, allowing attackers to execute arbitrary code.
The vulnerability of the Notepad++ text editor is related to the use of an insecure search path. Exploiting this vulnerability allows a hacker to execute arbitrary code using a specially crafted executable file...
The vulnerability of the dma_resv_add_fence() function in the drivers/dma-buf/dma-resv.c file of two Linux kernel cores may allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the dmaresvaddfence function in the drivers/dma-buf/dma-resv.c file of two Linux kernels is related to the reutilization of previously released memory. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility ...
The vulnerabilities of the functions ucsi_init() and ucsi_unregister() in the driver drivers/usb/typec/ucsi/ucsi.c file of the UCSI driver for the Linux operating system allow a malicious actor to cause service failure remotely.
The vulnerability of the functions ucsiinit and ucsiunregister in the UCSI driver’s drivers/usb/typec/ucsi/ucsi.c file is related to the assignment of the NULL pointer. Exploiting this vulnerability could allow a remote attacker to cause service failure...
The vulnerability of the `firmwareUploadUnregister()` function in the `drivers/base/firmwareLoader/sysfsUpload.c` file of the Linux kernel’s device drivers module allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the firmwareUploadUnregister function in the drivers/base/firmwareLoader/sysfsUpload.c file of the Linux kernel’s device drivers module is related to the re-use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality...
The vulnerability of the check_func_arg() function in the kernel/bpf/verifier.c module, which is part of the BPF interpreter support for the Linux operating system’s kernel, allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the checkfuncarg function in the kernel/bpf/verifier.c module, which is part of the BPF interpreter support for the Linux operating system’s kernel, relates to the lack of checking for the returned value. Exploiting this vulnerability could allow a remote attacker to compromi...
The vulnerability of the dma_resv_get_fences() function in the drivers/dma-buf/dma-resv.c module of the Linux operating system, which allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the dmaresvgetfences function in the drivers/dma-buf/dma-resv.c module of the Linux operating system is related to the execution of a loop without sufficient limitation on its execution count. Exploiting this vulnerability could allow an attacker to compromise the...
The vulnerability of the avs_dsp_receive_rx() function in the sound module/soc/intel/avs/ipc.c file, which is part of the Linux operating system’s SoC audio support, allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the avsdspreceiverx function in the sound/soc/intel/avs/ipc.c module of the Linux operating system’s SoC audio support is related to the copying of buffers without checking the size of the input data a classic buffer overflow attack. Exploiting this vulnerability could allow ...
The vulnerability of the ovl_permission() function in the fs/overlayfs/inode.c file of the Overlayfs file system in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the ovlpermission function in the fs/overlayfs/inode.c file of the Overlayfs file system in the Linux operating system is related to the dereferencing of the NULL pointer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
The vulnerability of the `generate_lfp_data_ptrs()` function in the `drivers/gpu/drm/i915/display/intel_bios.c` file of the DRI driver for the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the generatelfpdataptrs function in the drivers/gpu/drm/i915/display/intelbios.c file, a part of the Direct Rendering Infrastructure DRI driver for the Linux operating system’s kernel, is related to improper memory release. Exploiting this vulnerability could allow an attacke...
The vulnerability of the vec_set_vector_length() function in the arch/arm64/kernel/fpsimd.c module allows a hacker to cause a system failure in the ARM 64-bit kernel support of the Linux operating system.
The vulnerability of the vecsetvectorlength function in the arch/arm64/kernel/fpsimd.c module of the Linux operating system’s ARM 64-bit kernel architecture is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to...
The vulnerability of the sof_es8336remove() function in the sound module of the sound/soc/intel/boards/sof_es8336.c file, which is part of the Linux operating system’s SoC kernel support for audio, allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the sofes8336remove function in the sound/soc/intel/boards/sofes8336.c file relates to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected...
The vulnerability of the bfq_exit_icq_bfqq() function in the block/bfq-iosched.c module exposes the block-level kernel support of the Linux operating system, allowing a hacker to trigger a service failure.
The vulnerability of the bfqexiticqbfqq function in the block/bfq-iosched.c module, which supports the block-level kernel in Linux operating systems, relates to the reutilization of previously released memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the r5l_logFlushEndio() function in the drivers/md/raid5-cache.c module of the Linux driver for multiple device types (RAID and LVM) allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the r5llogFlushEndio function in the drivers/md/raid5-cache.c module of the Linux device driver for multiple devices RAID and LVM is related to the race condition that occurs when a shared resource is used. Exploiting this vulnerability could allow an attacker to compromise t...
The vulnerability of the dev_add_physical_location() function in the drivers/base/physical_location.c file of the Linux kernel device driver module allows a attacker to cause a service failure.
The vulnerability of the devaddphysicallocation function in the drivers/base/physicallocation.c file of the Linux kernel device driver module is related to improper memory release. Exploiting this vulnerability could allow an attacker to cause a system failure...
The vulnerability of the rxrpc_wait_to_be_connected() function in the net/rxrpc/sendmsg.c module, which supports RxRPC session sockets in Linux kernels, allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the rxrpcwaittobeconnected function in the net/rxrpc/sendmsg.c module, which supports RxRPC session sockets in Linux operating systems, is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to compromise the...
The vulnerability of the tgl_get_bw_info() function in the drivers/gpu/drm/i915/display/intel_bw.c file of the Direct Rendering Infrastructure (DRI) driver for the Linux operating system allows a malicious actor to cause a service failure.
The vulnerability of the tglgetbwinfo function in the drivers/gpu/drm/i915/display/intelbw.c file, a part of the Direct Rendering Infrastructure DRI driver for the Linux operating system, involves the dereferencing of a NULL pointer. Exploiting this vulnerability could allow an attacker to cause ...
The vulnerability of the igb_enable_sriov() function in the drivers/net/ethernet/intel/igb/igb_main.c file of the Intel Ethernet network adapter driver for the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the igbenablesriov function in the drivers/net/ethernet/intel/igb/igbmain.c file of the Linux kernel’s Ethernet network adapter driver is related to state management errors. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, an...
The vulnerability of the vmem_map_init() function in the arch/s390/mm/vmem.c module of the S390 platform support for Linux’s operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the vmemmapinit function in the arch/s390/mm/vmem.c module of the S390 platform support for the Linux operating system is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
The vulnerability of H3C Magic B3 network devices’ microprogramming software lies in the copying of buffers without checking the size of the input data. This allows a malicious actor to execute arbitrary code.
The vulnerability of H3C Magic B3 network devices’ microprogramming software relates to the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the software platform based on Git for collaborative code development in GitLab Enterprise Edition (EE) stems from the lack of authentication procedures, which allow unauthorized users to gain unauthorized access to the AI model settings.
The vulnerability of the Git-based software platform for collaborative code development in GitLab Enterprise Edition is related to the absence of authentication procedures. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to the AI model...
The vulnerability of the /goform/set_ddns file in the DDNS Service component of the D-link DIR-823X router’s microprogramming system allows a attacker to execute arbitrary commands.
The vulnerability of the /goform/setddns file of the DDNS Service component of the D-link DIR-823X router microprogramming system is related to the failure to take measures to neutralize special elements during the processing of the parameters ddnsType/ddnsDomainName/ddnsUserName/ddnsPwd...
The vulnerability of the recovery environment in Dell SupportAssist OS Recovery, related to the creation of temporary files with insecure permissions, allows a malicious individual to escalate their privileges and expose sensitive information.
The vulnerability of the recovery environment in Dell SupportAssist OS Recovery relates to the creation of temporary files with insecure permissions. Exploiting this vulnerability can allow an attacker to enhance their privileges and expose sensitive information...
The vulnerability of the Dell Data Lakehouse storage platform, related to access control errors, allows attackers to escalate their privileges.
The vulnerability of the Dell Data Lakehouse storage platform is related to access control errors. Exploiting this vulnerability could allow an attacker to increase their privileges remotely...
The vulnerability of the graphical interface of Netgear WiFi Range Extender software lies in the lack of authentication procedures, which allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the graphical interface of Netgear WiFi Range Extender software-related microprogramming devices is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibilit...
The vulnerability of the graphical interface of Netgear WiFi Range Extender software lies in the lack of authentication procedures, which allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the graphical interface of Netgear WiFi Range Extender software-related microprogramming devices is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibilit...
The vulnerability of the /cgi-bin/DownloadFlash file of the Web Management Interface component of the Tenda AC21 microprogramming system allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the /cgi-bin/DownloadFlash file of the Web Management Interface component of the Tenda AC21 microprogramming system for routers is related to errors in information processing. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access...
The vulnerability of the software for rapid display and access to information about clients in Znuny arises from the absence of the “HttpOnly” flag in session cookies. This allows attackers to gain unauthorized access to protected information.
The vulnerability of the software for rapid display and access to information about clients in Znuny is related to the absence of the “HttpOnly” flag in session cookie files. Exploiting this vulnerability can allow a hacker to gain unauthorized access to protected information...
The vulnerability of the multi-platform web solution for creating Scada systems, Scada-LTS, is related to insufficient verification of the authenticity of executed requests. This allows attackers to bypass security restrictions and carry out CSRF attacks.
The vulnerability of the multi-platform web solution for creating Scada systems is related to insufficient verification of the authenticity of executed requests. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and perform CSRF attacks...
The vulnerability of AMD’s microprogrammed graphics processor software, related to errors in processing input data, allows attackers to compromise the integrity of protected information.
The vulnerability of AMD’s microprogrammed graphics software is related to errors in processing input data. Exploiting this vulnerability can allow a remote attacker to compromise the integrity of protected information...
The vulnerability of the SEV microprogramming software components of AMD graphics processors allows attackers to compromise the integrity of protected information.
The vulnerability of the SEV microprogramming software for AMD graphics processors is related to improper prevention of bit modification of the lock bits. Exploiting this vulnerability can allow an attacker to compromise the integrity of the protected information...
The vulnerability of the AMD Secure Processor microprogramming software for graphics processors allows a hacker to gain unauthorized access to protected information.
The vulnerability of AMD Secure Processor microprogramming software for graphics processors relates to unreliable pointer aliasing. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...
The vulnerability of the trusted operating system for microprogrammed graphics processors from AMD allows a hacker to trigger a service failure.
The vulnerability of the trusted operating system for AMD graphics processors’ microprogramming software is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a perpetrator to cause service failures...
The vulnerability of the memory control block for IOMMU operations in AMD’s microprogramming software for processors allows attackers to circumvent security restrictions and compromise the integrity of the protected information.
The vulnerability of the memory management block for IOMMU operations in AMD microprogramming systems is related to incorrect input of configuration data. Exploiting this vulnerability can allow attackers to circumvent security restrictions and compromise the integrity of protected information...
The vulnerability of SMM communication buffers in AMD’s microprogrammed graphics processors allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of SMM communication buffers in AMD graphics processor microprogramming systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and accessibility of protected...
The vulnerability of AMD’s SMM microprogramming system for graphics processors allows attackers to execute arbitrary code.
The vulnerability of AMD’s SMM microprogramming graphics processor driver is related to writing beyond buffer boundaries. Exploiting this vulnerability can allow an attacker to execute arbitrary code...