The vulnerability in the web interface of the Cisco AsyncOS operating system allows a hacker to escalate their privileges and execute arbitrary commands.

The vulnerability of the Cisco AsyncOS operating system’s web interface is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute arbitrary commands remotely...

The vulnerability of the cloud platform for business analytics and planning in IBM Planning Analytics allows a malicious actor to gain unauthorized access to the system by allowing unlimited upload of sensitive files.

The vulnerability of the cloud platform for business analytics and planning in IBM Planning Analytics is related to the unlimited uploading of dangerous files. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to the system by uploading a...

The vulnerability of the cloud platform for business analytics and planning in IBM Planning Analytics allows a malicious actor to gain unauthorized access to the system by allowing unlimited upload of sensitive files.

The vulnerability of the cloud platform for business analytics and planning in IBM Planning Analytics is related to the unlimited uploading of dangerous files. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to the system by uploading a...

The vulnerability of the Acronis True Image software for backup and data restoration lies in the lack of authentication for critical functions, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the Acronis True Image backup and recovery software relates to the absence of authentication for a critical function. Exploiting this vulnerability could allow an intruder to gain unauthorized access to protected information...

The vulnerability of the executable file Def.exe of the Interactive Graphical SCADA System (IGSS) module allows a intruder to gain unauthorized access to protected information or execute arbitrary code.

The vulnerability of the executable file Def.exe of the Interactive Graphical SCADA System IGSS module involves the execution of operations beyond the buffer limits in memory. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information or execute...

The vulnerability of the select-menu.php web system for the online reservation Multi Restaurant Table Reservation System allows a perpetrator to execute arbitrary code.

The vulnerability of the select-menu.php web system for the online reservation system of the Multi Restaurant Table Reservation System is related to the lack of measures taken to protect the SQL query structure when processing the table parameter. Exploiting this vulnerability allows an attacker ...

The vulnerability of the functions 0x8001E000() and 0x8001E004() of the system file IUProcessFilter.sys in the IObit Uninstaller uninstaller software allows a hacker to cause a service failure.

The vulnerability of the functions 0x8001E000 and 0x8001E004 of the system file IUProcessFilter.sys in the IObit Uninstaller uninstaller is related to pointer manipulation. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the application software interface of the Cisco Identity Services Engine (ISE) management platform allows a perpetrator to gain read, modify, or delete access to data.

The vulnerability of the application programming interface of the Cisco Identity Services Engine ISE management platform relates to incorrect restrictions on the path name to the restricted catalog. Exploiting this vulnerability could allow an attacker to gain read, modify, or delete access to da...

The vulnerability of the ECMP Dissector component in the Wireshark computer network traffic analyzer allows a hacker to cause a service failure.

The vulnerability of the ECMP Dissector component in the Wireshark computer network traffic analyzer is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to cause system failures...

The vulnerability of the clpctlWrapper command in the server and CloudPanel management panel allows a attacker to increase their privileges.

The vulnerability of the clpctlWrapper command in the server and CloudPanel management panel is related to an incorrect limitation on the path name to the restricted directory. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability of the DDNS service in the D-Link DIR-816 A2 router software allows a hacker to compromise the integrity of the protected information.

The vulnerability of the DDNS service in the D-Link DIR-816 A2 router software lies in its lack of access control mechanisms. Exploiting this vulnerability allows a malicious actor to compromise the integrity of the protected information...

The vulnerability of the Tray Monitor Service in backup and data recovery software on computers and servers running Acronis Agent and Acronis CyberProtect 16 allows attackers to enhance their privileges.

The vulnerability of the Tray Monitor Service in backup and data recovery software on Acronis Agent and Acronis CyberProtect 16 software for data protection involves deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability in the application software interface of the Cisco Identity Services Engine (ISE) management platform allows a perpetrator to upload files and gain access to read, modify, or delete data.

The vulnerability of the application programming interface of the Cisco Identity Services Engine ISE management platform is related to an incorrect restriction on the path name to the restricted catalog. Exploiting this vulnerability could allow a malicious actor to upload files and gain read,...

The vulnerability of the validateAgainstXSD method implemented in HPE Insight Remote Support, a software solution for remote monitoring, management, and support of servers and data storage systems, allows attackers to disclose sensitive information that should be protected.

The vulnerability of the validateAgainstXSD method implemented in HPE Insight Remote Support, a software solution for remote monitoring, management, and support of servers and data storage systems, is related to incorrect restrictions on XML references to external objects. Exploiting this...

The vulnerability of the pfifo_tail_enqueue() function (net/sched/sch_fifo.c) in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the pfifotailenqueue function net/sched/schfifo.c in the Linux operating system is related to a discrepancy in functionality according to the specification. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility o...

The vulnerability in the form2LocalAclEditcfg.cgi script of the ACL Handler component of the D-Link DIR-816 A2 router’s software, which allows a perpetrator to compromise the integrity of protected information.

The vulnerability of the form2LocalAclEditcfg.cgi script within the ACL Handler component of the D-Link DIR-816 A2 router software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to compromise the integrity of the protected information...

The vulnerability of the application software interface of the Cisco Identity Services Engine (ISE) platform allows a perpetrator to load files into any location within the operating system of the affected device.

The vulnerability of the application software interface of the Cisco Identity Services Engine ISE management platform is related to incorrect restrictions on the path name to the restricted catalog. Exploiting this vulnerability could allow a malicious actor to load files into any location within...

The vulnerability of Acronis Cyber Protect 16’s data protection software lies in its uncontrolled search path, which allows attackers to exploit their privileges.

The vulnerability of Acronis Cyber Protect 16 data protection software is related to an uncontrolled element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the setPasswordCfg function in the TOTOLINK X18 router microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the setPasswordCfg function in the TOTOLINK X18 router microprogramming system lies in the reading of data beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the netem_dequeue() function in the net/sched/sch_netem.c module of the Linux operating system’s network scheduling subsystem allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the netemdequeue function in the net/sched/schnetem.c module of the Linux operating system’s network scheduling subsystem is related to the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

The vulnerability in the form2AdvanceSetup.cgi script of the WiFi Settings Handler component of the D-Link DIR-816 A2 router’s microprogramming system allows a perpetrator to compromise the integrity of protected information.

The vulnerability of the form2AdvanceSetup.cgi script within the WiFi Settings Handler component of the D-Link DIR-816 A2 router software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to compromise the integrity of the protected information...

The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) management platform allows a perpetrator to execute cross-site scripting (XSS) attacks.

The vulnerability in the web interface of the Cisco Identity Services Engine ISE management platform for network policies is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting XSS attacks...

The vulnerability of the ipsec_road_asp function in D-Link DI-8003 router microprogramming software allows a attacker to cause a service failure.

The vulnerability of the ipsecroadasp function in D-Link DI-8003 router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service failure...

The vulnerability of the functions 0x8001E000(), 0x8001E00C(), 0x8001E004(), and 0x8001E010() of the system file IURegistryFilter.sys in the IObit Uninstaller uninstaller software allows a malicious actor to cause a service failure.

The vulnerability of the functions 0x8001E000, 0x8001E00C, 0x8001E004, and 0x8001E010 of the system file IURegistryFilter.sys in the IObit Uninstaller uninstaller software is related to pointer manipulation. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the SearchQueryUtils function in the software for managing identity and access control in Keycloak allows a hacker to trigger a service denial.

The vulnerability of the SearchQueryUtils function in the Keycloak identity and access management software relates to improper external control of the file name or path. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability of Acronis Cyber Protect 16’s data protection software lies in its incorrect session duration limits, which allow attackers to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerability of Acronis Cyber Protect 16 software-related data protection software is related to an incorrect session duration. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain unauthorized access to protected information...

The vulnerability of the Simple Network Management Protocol (SNMP) implementation in Cisco IOS, Cisco IOS XR, and Cisco IOS XE operating systems allows a attacker to trigger a service failure.

The vulnerability of the Simple Network Management Protocol SNMP implementation in Cisco IOS, Cisco IOS XR, and Cisco IOS XE operating systems is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service...

The vulnerability of the search.php script in the Real Estate Property Management System allows attackers to perform cross-site scripting attacks (XSS).

The vulnerability of the search.php script in the Real Estate Property Management System is related to the lack of measures taken to protect the web page structure when processing the PropertyName parameter. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting...

The vulnerability of the Libmodsecurity3 network firewall library for protecting web applications with ModSecurity allows attackers to circumvent existing security restrictions.

The vulnerability of the Libmodsecurity3 network firewall library for protecting web applications with ModSecurity is related to incorrect processing of HTML entities during decoding. Exploiting this vulnerability allows an attacker to bypass existing security restrictions by sending HTML entitie...

The vulnerability of the Azure Network Watcher VM Extension for Windows operating systems arises from an improper definition of the link before accessing a file. This allows attackers to escalate their privileges.

The vulnerability of the Azure Network Watcher VM Extension for Windows operating systems stems from an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability of the IBM InfoSphere Information Server software platform, related to the exposure of system data to a controlled area, allows an intruder to disclose protected information.

The vulnerability of the IBM InfoSphere Information Server software platform is related to the exposure of system data to an controlled area. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...

The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) management platform allows a perpetrator to carry out cross-site scripting attacks.

The vulnerability of the Cisco Identity Services Engine ISE web interface relates to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of Acronis Cyber Protect 16’s data protection software lies in its uncontrolled search path, which allows attackers to exploit their privileges.

The vulnerability of Acronis Cyber Protect 16 data protection software is related to an uncontrolled element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the encoding library for generating video streams with the libx264 library in the FFmpeg multimedia library lies in improper code generation control. This allows attackers to execute arbitrary code.

The vulnerability of the encoding library for generating video streams with the libx264 library in the FFmpeg multimedia library is related to improper handling of code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created AAC file...

The vulnerability of the M-Files Server platform, which is related to the use of files and directories accessible to external parties, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the M-Files Server platform for document automation involves the use of files and directories accessible to external parties. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Delegated License Service (DLS) component of the NVIDIA licensing system allows a perpetrator to gain unauthorized access to protected information and cause service failures.

The vulnerability of the Delegated License Service DLS component of NVIDIA’s licensing system lies in the absence of authentication procedures. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information and cause service...

The vulnerability of the organization’s software and management tools for personal and corporate notes in Notes Station, when used with QNAP network storage devices. This vulnerability stems from the lack of authenticity verification for a critical function, allowing attackers to execute arbitrary code.

The vulnerability of the organization’s software for managing personal and corporate notes in Notes Station, when used with QNAP network storage systems, stems from the lack of authenticity verification for a critical function. Exploiting this vulnerability could allow an attacker operating...

The vulnerability in the form2Dhcpd.cgi script of the DHCPD Setting Handler component of the D-Link DIR-816 A2 router’s microprogramming system allows a attacker to compromise the integrity of the protected information.

The vulnerability of the form2Dhcpd.cgi script within the DHCPD Setting Handler component of the D-Link DIR-816 A2 router’s microprogramming system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to compromise the integrity of the protecte...

The vulnerability in the form2AddVrtsrv.cgi script of the Virtual Service Handler component of the D-Link DIR-816 A2 router microprogramming system, which allows a attacker to compromise the integrity of protected information.

The vulnerability of the form2AddVrtsrv.cgi script of the Virtual Service Handler component in the D-Link DIR-816 A2 router microprogramming system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to compromise the integrity of the protected...

The vulnerability of the Proxy Header Handler component of the Keycloak identity and access management software allows a hacker to trigger a service failure.

The vulnerability of the Proxy Header Handler component of the Keycloak identity and access management software is related to shortcomings in HTTP request processing. Exploiting this vulnerability could allow a attacker to cause service failures...

The vulnerability of the MongoDB database management system, related to improper validation of consistency in input data, allows a attacker to cause service failures.

The vulnerability of the MongoDB database management system is related to improper validation of consistency in input data during index processing with the PrepareUnique parameter. Exploiting this vulnerability allows an attacker to cause service failures remotely...

The vulnerability of the software for data integration and analytics in Hitachi Vantara Pentaho Data Integration & Analytics lies in improper management of resource identifiers. This allows attackers to disclose sensitive information, gain elevated privileges, and execute arbitrary code.

The vulnerability of the Hitachi Vantara Pentaho Data Integration & Analytics software for data integration and analysis is related to improper management of resource identifiers. Exploiting this vulnerability can allow a malicious actor to disclose protected information, enhance their privileges...

The vulnerability of the libavformat library for multiplexing and demultiplexing media containers in the FFmpeg multimedia library allows a attacker to compromise the integrity of the protected information.

The vulnerability of the libavformat library, which is used for multiplexing and demultiplexing media containers in FFmpeg’s multimedia library, relates to pointer manipulation. Exploiting this vulnerability could allow an attacker to compromise the integrity of the protected information...

The vulnerability of D-Link DIR-816 router microprogramming software, related to the lack of protective measures for website structures, allows attackers to perform cross-site scripting (XSS) attacks.

The vulnerability of D-Link DIR-816 router’s microprogramming software is related to the lack of measures taken to protect the website structure during the processing of SSID identifiers. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

The vulnerability of Hitachi Vantara Pentaho Business Analytics Server’s server lies in the lack of security measures for the website structure, allowing attackers to carry out cross-site scripting (XSS) attacks.

The vulnerability of Hitachi Vantara Pentaho Business Analytics Server lies in the lack of security measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

The vulnerability of NETGEAR DGND2200 router microprogramming software, related to deficiencies in authentication procedures, allows attackers to circumvent existing security restrictions.

The vulnerability of NETGEAR DGND2200 router microprogramming software is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor to circumvent existing security restrictions by adding the line “?x=1.gif” to the URL address...

The vulnerability in the sysinfo.asp script of ASUS RT-N12E router microprogramming software allows attackers to perform cross-site scripting (XSS) attacks.

The vulnerability of the sysinfo.asp script in ASUS RT-N12E router microprogramming software is related to the lack of measures taken to protect the website structure when processing SSID identifiers. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks X...

The vulnerability of the `avformat_free_context()` function in the libavformat multimedia library of FFmpeg allows attackers to compromise the integrity of protected information.

The vulnerability of the avformatfreecontext function in the library for multiplexing and demultiplexing media containers in the libavformat multimedia library of FFmpeg is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to compromise the integrity of the...

The vulnerability of the audio/video filtering library libavfilter in the multimedia library FFmpeg allows a intruder to trigger a service failure.

The vulnerability of the audio/video filtering library libavfilter in the multimedia library FFmpeg is related to an uncontrolled and exploitable flaw. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

The vulnerability of TP-Link Archer c20 router’s microprogramming software, related to deficiencies in authentication procedures, allows attackers to circumvent existing security restrictions.

The vulnerability of TP-Link Archer c20 router’s microprogramming software is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions by adding the parameter “Referer: http://tplinkwifi.net” to the...