90604 matches found
The vulnerability of the GSSAPI driver standard of MongoDB Go Driver allows attackers to influence the integrity of the protected information.
The vulnerability of the GSSAPI driver standard in the MongoDB Go Driver is related to buffer overflows in dynamic memory. Exploitation of this vulnerability could allow a malicious actor to compromise the integrity of protected information by reading one byte beyond the allocated dynamic memory...
The vulnerability of Visiology BI’s data analytics system, which stems from the use of a strictly encrypted cryptographic key, allows attackers to compromise the confidentiality and integrity of the protected information.
The vulnerability of Visiology BI data analytics systems lies in the use of a strictly encrypted cryptographic key. Exploiting this vulnerability could allow an attacker, operating remotely, to compromise the confidentiality and integrity of the protected information...
The vulnerability of Visiology BI’s data analytics system, which stems from the use of strictly encrypted accounting data, allows attackers to gain unauthorized access to protected information.
The vulnerability of Visiology BI data analytics systems lies in the use of strictly encrypted accounting data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the SCADA system’s web server, Yokogawa FAST/TOOLS, allows a intruder to execute arbitrary code.
The vulnerability of the Yokogawa FAST/TOOLS SCADA system’s web server is related to improper security checks for standard elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the OPTIONS method from a remote location...
The vulnerability of the Yokogawa FAST/TOOLS SCADA system, related to improper security checks for standard elements, allows a intruder to execute arbitrary codes.
The vulnerability of the Yokogawa FAST/TOOLS SCADA system is related to improper security checks for standard components. Exploiting this vulnerability allows a malicious actor operating remotely to execute arbitrary code...
The vulnerability of the Yokogawa FAST/TOOLS SCADA system lies in the lack of measures to eliminate invalid symbols in website identifiers. This allows attackers to carry out XSS attacks.
The vulnerability of the Yokogawa FAST/TOOLS SCADA system is related to the failure to take measures to eliminate unacceptable symbols in the identification fields of web pages. Exploiting this vulnerability allows a remote attacker to carry out XSS attacks...
The vulnerability of the Yokogawa FAST/TOOLS SCADA system, related to improper security checks for standard elements, allows attackers to carry out phishing attacks.
The vulnerability of the Yokogawa FAST/TOOLS SCADA system is related to improper security checks for standard components. Exploiting this vulnerability allows a malicious actor to carry out phishing attacks from a remote location...
The vulnerability of the Yokogawa FAST/TOOLS SCADA system, related to improper security checks for standard elements, allows a intruder to disclose protected information.
The vulnerability of the Yokogawa FAST/TOOLS SCADA system is related to improper security checks for standard components. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose sensitive information through specially crafted queries...
The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks allows a hacker to gain unauthorized access to protected information.
The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks relates to the lack of security measures for SQL query structures. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information...
The vulnerability of the Siemens SINEC NMS network management system for monitoring industrial networks lies in its uncontrolled search mechanism, which allows a intruder to execute arbitrary commands with administrator privileges.
The vulnerability of the Siemens SINEC NMS network management system for monitoring industrial networks is related to an uncontrolled element in the search process. Exploiting this vulnerability could allow a attacker to execute arbitrary code with administrator privileges using a specially craft...
The vulnerability of TP-Link Tapo C260 IP camera’s microprogramming software lies in the incorrect limitation of the path name to the directory. This allows a intruder to gain unauthorized access to the protected information.
The vulnerability of TP-Link Tapo C260 IP camera’s microprogramming software is related to an incorrect limitation on the path name to the directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of TP-Link Tapo C260’s microprogrammed software lies in the lack of measures to neutralize specific elements, allowing intruders to execute arbitrary codes.
The vulnerability of TP-Link Tapo C260 IP camera’s microprogramming software is related to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using certain POST requests...
Vulnerability eliminated
...
The vulnerability of Visiology BI systems for business data analytics, related to the disclosure of information, allows attackers to gain unauthorized access to protected data.
The vulnerability of Visiology BI data analytics systems is related to the disclosure of information. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the PRINTXPERT 3 development system for printing control and management lies in the exposure of information, allowing attackers to obtain information about the accounts being used.
The vulnerability of the PRINTXPERT 3 development system for printing control and management is related to the disclosure of information. Exploiting this vulnerability can allow a malicious actor, operating remotely, to obtain information about the accounts being used...
The vulnerability of the PRINTXPERT 3 development system for control and management involves the disclosure of information, allowing an intruder to gain unauthorized access to protected information.
The vulnerability of the PRINTXPERT 3 development system for printing control and management is related to the exposure of information. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the BPM platform for comprehensive process automation with ELMA365 allows a hacker to implement HTML payloads without being able to execute the scripts.
The vulnerability of the BPM platform for comprehensive process automation by ELMA365 is related to insufficient filtering and protection measures for the website structure. Exploiting this vulnerability allows a malicious actor to execute HTML payloads without the ability to execute scripts...
The vulnerability of Visiology BI’s data analytics system, related to uncontrolled resource consumption, allows a hacker to cause a service failure.
The vulnerability of Visiology BI data analytics systems is related to uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the PRINTXPERT 3 development system regarding control and management involves the disclosure of information, allowing attackers to obtain information about the accounts being used.
The vulnerability of the PRINTXPERT 3 development system for printing control and management is related to the disclosure of information. Exploiting this vulnerability can allow a malicious actor, operating remotely, to obtain information about the accounts being used...
The vulnerability of Visiology BI systems for business data analytics, related to the disclosure of information, allows attackers to gain unauthorized access to protected data.
The vulnerability of Visiology BI data analytics systems is related to the disclosure of information. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the Windows operating system’s kernel, which allows a hacker to disclose protected information
The vulnerability of the Windows operating system’s kernel is related to the exposure of information through registration files. Exploiting this vulnerability can allow an attacker to disclose the protected information...
The vulnerability of the Windows operating system’s kernel allows attackers to enhance their privileges.
The vulnerability of the Windows operating system’s kernel is related to overflow in the dynamic memory buffer. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of Microsoft Exchange Server servers, related to errors in information representation by the user interface, allows attackers to perform spear-phishing attacks.
The vulnerability of Microsoft Exchange Server servers is related to errors in information representation by the user interface. Exploiting this vulnerability can allow attackers to perform spear-phishing attacks remotely...
The vulnerability of the Ivanti Endpoint Manager software management tool relates to bypassing authentication by using an alternative path or channel. This allows a perpetrator to disclose authentication credentials.
The vulnerability of the Ivanti Endpoint Manager software management tool relates to bypassing authentication by using an alternative path or channel. Exploiting this vulnerability can allow a malicious actor to disclose authentication credentials...
The vulnerability of Autodesk Fusion’s 3D model development software lies in the lack of measures taken to protect the structure of web pages. This allows attackers to disclose protected information and execute arbitrary code.
The vulnerability of Autodesk Fusion’s 3D model development software relates to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability can allow a malicious actor to disclose protected information and execute arbitrary code when a user opens a specially...
The vulnerability of the graphical user interface of Fortinet FortiOS operating systems allows a hacker to redirect users to any desired URL address.
The vulnerability of the graphical user interface of Fortinet FortiOS operating systems is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a malicious actor to redirect users to any desired URL address...
The vulnerability of the File input component in Google Chrome allows a hacker to replace the user interface.
The vulnerability of the File input component in Google Chrome relates to information representation errors in the user interface. Exploiting this vulnerability could allow an attacker to replace the user interface with a specially created HTML page...
The vulnerabilities of Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM), related to reading data outside of the allowed range in memory, allow attackers to gain unauthorized access to protected information.
The vulnerability of Intel Active Management Technology AMT and Intel Standard Manageability ISM is related to reading data outside of the allowed range in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability of the ESXi base microprogramming system driver for Intel 800 Series network controllers allows a hacker to gain unauthorized access to protected information.
The vulnerability of the ESXi base microprogramming system software for Intel 800 Series network controllers is related to improper resource release. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability of NVIDIA’s graphics driver series—NVS, Quadro, NVIDIA RTX, GeForce—is related to pointer aliasing, which allows attackers to trigger service failures.
The vulnerabilities of NVIDIA’s graphics driver families—NVS, Quadro, NVIDIA RTX, GeForce—are related to pointer manipulation. Exploiting these vulnerabilities can allow attackers to trigger service failures...
The vulnerability of the ws_user_gerList() function in the pwg.users.php script of the Piwigo content management system allows a hacker to perform SQL injections.
The vulnerability of the wsusergerList function in the pwg.users.php script of the Piwigo content management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to perform SQL injections...
The vulnerability of the AI agent OpenClaw (formerly known as ClawdBot or MoltBot) arises from the lack of validation for incoming requests, allowing a malicious actor to gain unauthorized access to the system and execute arbitrary code.
The vulnerability of the AI agent OpenClaw formerly known as ClawdBot or MoltBot is related to the lack of validation for the correctness of the requests received. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to the system and execute...
The vulnerability of the Updater component of the Arcane container management cloud platform allows a hacker to execute arbitrary code.
The vulnerability of the Updater component of the Arcane container management cloud platform is related to the failure to take measures to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the _bfd_elf_slurp_version_tables() function in the bfd/elf.c component of the GNU Binutils development environment allows a attacker to cause a service failure.
The vulnerability of the bfdelfslurpversiontables function in the bfd/elf.c component of the GNU Binutils development environment is related to the execution of operations outside of the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to cause service...
The vulnerability of the GnuPG program for encrypting information and creating electronic digital signatures lies in the fact that it allows for writing beyond the buffer boundaries, enabling a hacker to cause a service failure.
The vulnerability of the GnuPG program for encrypting information and creating electronic digital signatures lies in the writing beyond the buffer boundaries. Exploiting this vulnerability could allow a hacker to cause a service failure...
The vulnerability of the Windows operating system’s kernel allows attackers to enhance their privileges.
The vulnerability of the Windows operating system’s kernel is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the HTTP.sys driver on Windows operating systems, which allows attackers to increase their privileges
The vulnerability of the Windows operating system’s kernel is related to the swapping of an unreliable pointer. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the WinSock driver in Windows operating systems allows attackers to increase their privileges.
The vulnerability of the WinSock driver in Windows operating systems relates to the possibility of using memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the HTTP.sys driver on Windows operating systems, which allows attackers to increase their privileges
The vulnerability of the Windows operating system’s kernel is related to the swapping of an unreliable pointer. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the libbfd.c component of the GNU Binutils development environment allows a hacker to trigger a service failure.
The vulnerability of the libbfd.c component in the GNU Binutils development environment is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of Microsoft Excel spreadsheet editors in Microsoft Office products and Microsoft 365 Apps for Enterprise allows a perpetrator to disclose protected information.
The vulnerability of Microsoft Excel spreadsheet editors within the Microsoft Office and Microsoft 365 Apps for Enterprise software packages is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow attackers to disclose sensitive information that is protecte...
The vulnerability of the Azure HDInsights data analytics service, related to the lack of protective measures for website structures, allows attackers to carry out spear-phishing attacks.
The vulnerability of the Azure HDInsights data analytics service is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to perform spear-phishing attacks remotely...
The vulnerability of the command-line interface of Fortinet FortiOS operating systems allows a hacker to execute arbitrary code.
The vulnerability of the command-line interface in Fortinet FortiOS operating systems is related to insufficient handling of format strings. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of Fortinet FortiOS operating systems arises from insufficient verification of the source of the communication channel, allowing attackers to gain unauthorized access to protected information.
The vulnerability of Fortinet FortiOS operating systems is related to insufficient verification of the source of the communication channel. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information by sending specially crafted requests...
The vulnerability of the SSL-VPN network interface function in Fortinet FortiOS operating systems allows attackers to bypass existing security mechanisms.
The vulnerability of SSL-VPN network gateways in Fortinet FortiOS operating systems is related to information disclosure. Exploiting this vulnerability allows a malicious actor to bypass existing security mechanisms by sending specially crafted HTTP requests...
The vulnerability of the Git-based software platform for collaborative code development on GitLab arises from the lack of protective measures for website structures, allowing attackers to execute arbitrary code.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from a lack of source verification mechanisms. This allows attackers to gain unauthorized access to protected information.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to a lack of source verification mechanisms. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of Google Chrome’s WebGPU component, which allows a hacker to trigger a service failure.
The vulnerability of Google Chrome’s WebGPU component relates to reading beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause a service failure through a specially created HTML page...
The vulnerability of the Animation component in the Google Chrome browser allows a perpetrator to compromise the confidentiality of protected information.
The vulnerability of the Animation component in Google Chrome browser is related to the disclosure of information. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality of protected information through a specially created HTML page...
The vulnerability of Imagination’s microprogramming software for graphics processors allows a hacker to extract data from the local memory of the GPU.
The vulnerability of Imagination’s microprogramming graphics software is related to improper handling of insufficient resolutions or privileges. Exploiting this vulnerability could allow an attacker to extract data from the GPU’s local memory...