90279 matches found
The vulnerability of the software for calculating positions of individual RTLS transponders in the SIMATIC RTLS Locating Manager lies in the lack of a mechanism for verifying input data during backup scenarios. This allows a malicious actor to execute arbitrary code with SYSTEM privileges.
The vulnerability of the software for calculating positions of individual RTLS transponders in the SIMATIC RTLS Locating Manager is related to deficiencies in the mechanism for verifying input data during backup scenario execution. Exploiting this vulnerability could allow an attacker, operating...
The vulnerability of the Directum Web Agent component of the Directum RX system, which arises due to insufficient validation of input data, allows a perpetrator to execute arbitrary code.
The vulnerability of the Directum Web Agent component of the Directum RX system exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a specially crafted file...
The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.
The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the Directum HR Pro system, which exists due to insufficient verification of input data, allows a perpetrator to disclose protected information.
The vulnerability of the Directum HR Pro system exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to disclose protected information by sending a specially crafted POST request...
The vulnerability of the Directum RX ECM system, related to deficiencies in access control, allows a perpetrator to compromise data integrity.
The vulnerability of the Directum RX ECM system is related to deficiencies in access control. Exploiting this vulnerability could allow a remote attacker to compromise data integrity...
The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.
The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.
The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the inclusion of functions from an unverified and uncontrolled area. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
Blitz Identity Provider (Authentication server)
...
The vulnerability of the MmMapIoSpace() function in the ThrottleBlood.sys driver allows a hacker to escalate their privileges, execute arbitrary code, or cause a service failure.
The vulnerability of the MmMapIoSpace function in the ThrottleBlood.sys driver, as part of the ThrottleStop utility, is related to open IOCTLs with insufficient access control. Exploiting this vulnerability could allow an attacker to enhance their privileges, execute arbitrary code, or cause...
The vulnerability of the Kerberos protocol for Windows operating systems allows attackers to increase their privileges.
The vulnerability of the Kerberos protocol for Windows operating systems is related to errors in the mechanism for handling relative pathnames to the directory. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...
The vulnerability in the drivers/bluetooth/btnxpuart.c module of Linux operating systems allows a hacker to cause a service failure.
The vulnerability in the drivers/bluetooth/btnxpuart.c module of Linux operating systems is related to incorrect resource management. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerabilities in the net/bluetooth/eir.c and net/bluetooth/mgmt.c modules of Linux kernel allow a hacker to cause a service failure.
The vulnerability in the net/bluetooth/eir.c and net/bluetooth/mgmt.c modules of Linux kernel systems relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...
The vulnerability of the `btrfs_subpage_set_writeback()` function in the `fs/btrfs/subpage.c` file of the btrfs file system in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the btrfssubpagesetwriteback function in the fs/btrfs/subpage.c file of the btrfs file system in Linux kernels involves an uncontrolled and exploitable condition. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the smaps_hugetlb_range() function in the fs/proc/task_mmu.c module of the Linux kernel’s file system allows a hacker to cause a service failure.
The vulnerability of the smapshugetlbrange function in the fs/proc/taskmmu.c module of the Linux kernel’s file system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the io_region_allocate_pages() function in the io_uring/memmap.c module, a synchronous I/O interface for the Linux kernel, allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the ioregionallocatepages function in the iouring/memmap.c module, a component of the Linux kernel’s asynchronous I/O interface, involves the allocation of resources without any restrictions or regulation. Exploiting this vulnerability could allow an attacker to compromise th...
The vulnerability of the 7z-file processing mechanism of the ClamAV antivirus program allows a hacker to trigger a service failure.
The vulnerability of the 7z-file processing mechanism of the ClamAV antivirus program lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a malicious actor to cause service failure by sending a specially crafted file...
The vulnerability of the `move_normal_pmd()` and `move_normal_pud()` functions in the `mm/mremap.c` module of the Linux kernel’s memory management subsystem allows an attacker to compromise the accessibility of protected information.
The vulnerability of the movenormalpmd and movenormalpud functions in the mm/mremap.c module of the Linux kernel’s memory management subsystem is related to state management errors. Exploiting this vulnerability could allow an attacker to compromise the accessibility of protected information...
The vulnerability of the processing mechanism for DMG files in the ClamAV antivirus program allows a hacker to induce a service failure.
The vulnerability of the DMG-file processing mechanism in the ClamAV antivirus program lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a malicious actor, operating remotely, to cause service interruptions by sending a specially...
The vulnerability of the FSG-file processing mechanism in the ClamAV antivirus program allows a hacker to induce a service failure.
The vulnerability of the FSG-file processing mechanism in the ClamAV antivirus program lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a malicious actor, operating remotely, to cause service interruptions by sending a specially...
The vulnerability of the amdgpu_device_suspend() function in the drivers/gpu/drm/amd/amdgpu/amdgpu_device.c driver code allows a hacker to cause a service failure in AMD GPU cores supporting Direct Rendering Infrastructure (DRI) in Linux operating systems.
The vulnerability of the amdgpudevicesuspend function in the drivers/gpu/drm/amd/amdgpu/amdgpudevice.c driver, which is part of the DRI support module for AMD GPU cores in Linux operating systems, leads to a mutual locking condition. Exploiting this vulnerability can allow an attacker to cause a...
The vulnerability of the xe_migrate_access_memory() function in the drivers/gpu/drm/xe/xe_migrate.c module of the Direct Rendering Infrastructure (DRI) kernel driver of the Linux operating system allows a attacker to cause a service failure.
The vulnerability of the xemigrateaccessmemory function in the drivers/gpu/drm/xe/xemigrate.c module of the Direct Rendering Infrastructure DRI kernel of the Linux operating system is related to the reutilization of previously released memory. Exploiting this vulnerability can allow an attacker t...
The vulnerability of the `dc_get_det_buffer_size_from_state()` function in the `drivers/gpu/drm/amd/display/dc/core/dc.c` file of the Direct Rendering Infrastructure (DRI) driver for AMD graphics cards in Linux operating systems allows a malicious actor to cause a service failure.
The vulnerability of the dcgetdetbuffersizefromstate function in the drivers/gpu/drm/amd/display/dc/core/dc.c file of the Direct Rendering Infrastructure DRI driver for AMD graphics cards in Linux operating systems is related to pointer manipulation. Exploiting this vulnerability could allow an...
The vulnerability of the ALZ-file processing mechanism in the ClamAV antivirus program allows a hacker to induce a service failure.
The vulnerability of the ALZ-file processing mechanism in the ClamAV antivirus program lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a malicious actor, operating remotely, to cause service failure by sending a specially crafted fi...
The vulnerability of the xe_migrate_access_memory() function in the drivers/gpu/drm/xe/xe_migrate.c module of the Direct Rendering Infrastructure (DRI) kernel driver of the Linux operating system allows a attacker to cause a service failure.
The vulnerability of the xemigrateaccessmemory function in the drivers/gpu/drm/xe/xemigrate.c module of the Direct Rendering Infrastructure DRI driver for the Linux kernel is related to an uncontrolled, exploitable condition. Exploiting this vulnerability could allow a attacker to cause a service...
The vulnerability of the `eventinterrupt_wq_v10()` function in the `drivers/gpu/drm/amd/amdkfd/kfd_int_process_v10.c` driver file, a driver for supporting AMD Linux kernel-based graphics devices with Direct Rendering Infrastructure (DRI), allows a attacker to cause a service failure.
The vulnerability of the eventinterruptwqv10 function in the drivers/gpu/drm/amd/amdkfd/kfdintprocessv10.c driver, a driver for supporting Direct Rendering Infrastructure DRI in AMD graphics cards for Linux operating systems, is related to improper control of resource identifiers “resource...
The vulnerability of the `alloc_event_waiters()` function in the `drivers/gpu/drm/amd/amdkfd/kfd_events.c` file of the Direct Rendering Infrastructure (DRI) driver for AMD graphics cards in the Linux operating system allows a malicious actor to trigger a service failure.
The vulnerability of the alloceventwaiters function in the drivers/gpu/drm/amd/amdkfd/kfdevents.c file of the Direct Rendering Infrastructure DRI driver for AMD graphics cards in Linux operating systems is related to improper initialization. Exploiting this vulnerability could allow an attacker t...
The vulnerability of the mlx5hws_bwc_matcherMoveAllComplex() function in the drivers/net/ethernet/mellanox/mlx5/core/steering/hws/bwc_complex.c file of the Mellanox Ethernet network adapter driver for the Linux operating system allows a attacker to cause a service failure.
The vulnerability of the mlx5hwsbwcmatcherMoveAllComplex function in the drivers/net/ethernet/mellanox/mlx5/core/steering/hws/bwccomplex.c file of the Mellanox Ethernet network adapter driver for the Linux operating system is related to state management errors. Exploiting this vulnerability could...
The vulnerability of the ti_csi2rx_buffer_queue() function in the drivers/media/platform/ti/j721e-csi2rx/j721e-csi2rx.c driver module of the Linux kernel’s multimedia device support driver allows a attacker to cause a service failure.
The vulnerability of the ticsi2rxbufferqueue function in the drivers/media/platform/ti/j721e-csi2rx/j721e-csi2rx.c driver module of the Linux multimedia device support driver is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to...
The vulnerability of the InstallShield file processing mechanism used by the ClamAV antivirus software allows a hacker to trigger a service failure.
The vulnerability of the InstallShield file processing mechanism used by the ClamAV antivirus software is related to the unlimited distribution of resources. Exploiting this vulnerability allows a malicious actor, operating remotely, to cause service interruptions by sending a specially crafted...
The vulnerability in the web interface for managing micro-program software on NetComm NF20MESH allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the web interface for managing micro-program software on NetComm NF20MESH routers is related to the use of a rigidly encrypted cryptographic key. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the PE-file processing mechanism of the ClamAV antivirus program allows a hacker to induce a service failure.
The vulnerability of the PE-file processing mechanism in the ClamAV antivirus program lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a malicious actor to cause service failure by sending a specially crafted file...
The vulnerability of the deflate_compress() function in the crypto/deflate.c module of the Linux kernel’s cryptographic subsystem allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the deflatecompress function in the crypto/deflate.c module of the Linux kernel’s cryptographic subsystem is related to the improper implementation of the control flow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
The vulnerability of the msm_ioctl_gem_info_set_metadata() function in the drivers/gpu/drm/msm/msm_drv.c file of the Direct Rendering Infrastructure (DRI) driver module in the Linux operating system allows a attacker to cause a service failure.
The vulnerability of the msmioctlgeminfosetmetadata function in the drivers/gpu/drm/msm/msmdrv.c file of the Direct Rendering Infrastructure DRI driver in the Linux operating system is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failur...
The vulnerability of the ulpi_register() function in the drivers/usb/common/ulpi.c module of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the ulpiregister function in the drivers/usb/common/ulpi.c module of the Linux kernel involves the disclosure of confidential information. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the module_emit_plt_entry() function in the module arch/loongarch/kernel/module-sections.c, which is part of the LoongArch architecture support in the Linux operating system, allows a hacker to trigger a service failure.
The vulnerability of the moduleemitpltentry function in the module arch/loongarch/kernel/module-sections.c, which is part of the LoongArch architecture support for the Linux operating system, is related to the occurrence of mutual locking. Exploiting this vulnerability could allow an attacker to...
The vulnerability of the grab_extent_buffer() function in the fs/btrfs/extent_io.c module of the Btrfs file system support in the Linux operating system allows a attacker to cause a service failure.
The vulnerability of the grabextentbuffer function in the fs/btrfs/extentio.c module of the btrfs file system support in the Linux operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Cisco Catalyst Center (formerly Cisco DNA Center) network infrastructure management system, related to incorrect path name restrictions, allows attackers to gain unauthorized access to protected information.
The vulnerability of the Cisco Catalyst Center formerly Cisco DNA Center network infrastructure management system is related to incorrect restrictions on path names in the catalog. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected...
The vulnerability of the PESpin-file processing mechanism in the ClamAV antivirus program allows a hacker to induce a service failure.
The vulnerability of the PESpin-file processing mechanism in the ClamAV antivirus program lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a malicious actor to cause service failure by sending a specially crafted file...
The vulnerability of the SETUID file in VMware Fusion allows a perpetrator to elevate their privileges to the root level.
The vulnerability of the SETUID file in VMware Fusion is related to state management errors. Exploiting this vulnerability can allow an attacker to elevate their privileges to the root level...
The vulnerability of the Adobe Campaign Classic software platform, related to authentication errors, allows a perpetrator to execute arbitrary code.
The vulnerability of the Adobe Campaign Classic software platform for managing marketing campaigns is related to authentication errors. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code...
The vulnerability of the nxchmod.sh component of the NoMachine remote desktop access system allows a hacker to escalate their privileges.
The vulnerability of the nxchmod.sh component of the NoMachine remote desktop access system is related to the implementation or modification of arguments. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the Trust Protection Foundation’s key and certificate management mechanism lies in the insufficient checking of unusual or exceptional states. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the Trust Protection Foundation’s key management and certificate management mechanisms is related to insufficient checks for unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality, integrity, and accessibilit...
The vulnerability of the ANGLE library in Google Chrome and Microsoft Edge browsers allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the ANGLE library in Google Chrome and Microsoft Edge relates to memory corruption beyond the buffer boundaries. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause a service failure...
The vulnerability of the setIptvCfg() function in the /cgi-bin/cstecgi.cgi script of the TOTOLINK A3300R router’s microprogramming software allows a intruder to execute arbitrary commands.
The vulnerability of the setIptvCfg function in the /cgi-bin/cstecgi.cgi script of the TOTOLINK A3300R router’s microprogramming system is related to the failure to take measures to neutralize special elements during the processing of the vlanPriLan3 parameter. Exploiting this vulnerability allow...
The vulnerability of the setSyslogCfg() function in the /cgi-bin/cstecgi.cgi script of the TOTOLINK A3300R router’s microprogramming software allows a intruder to execute arbitrary commands.
The vulnerability of the setSyslogCfg function in the /cgi-bin/cstecgi.cgi script of the TOTOLINK A3300R router’s microprogramming system is related to the failure to take measures to neutralize special elements during the processing of the provided parameter. Exploiting this vulnerability allows...
The vulnerability of the fromAdvSetWan() function in the httpd daemon’s microprogramming software for Tenda F456 allows a attacker to execute arbitrary code or cause a service failure.
The vulnerability of the fromAdvSetWan function in the httpd daemon’s microprogramming-based router software Tenda F456 is related to the issue of the operation going beyond the buffer in memory when processing parameters like wanmode and PPPOepassword. Exploiting this vulnerability allows a remo...
The vulnerability of the ColdFusion software platform, related to insufficient validation of input data, allows attackers to escalate their privileges.
The vulnerability of the ColdFusion software platform is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker operating remotely to increase their privileges...
The vulnerability of the ColdFusion software platform, related to insufficient validation of input data, allows attackers to execute arbitrary code.
The vulnerability of the ColdFusion software platform is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the ColdFusion software platform, related to insufficient validation of input data, allows attackers to execute arbitrary code.
The vulnerability of the ColdFusion software platform is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the fromSafeUrlFilter() function in the httpd daemon of the microprogramming-based router software Tenda F456 allows a attacker to execute arbitrary code or cause a service failure.
The vulnerability of the fromSafeUrlFilter function in the httpd daemon of the microprogramming-based router software Tenda F456 is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or cause a...