90604 matches found
The vulnerability of the gfx_v9_0_hw_fini() function in the drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c driver for AMD GPU cores in Linux operating systems allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the gfxv90hwfini function in the drivers/gpu/drm/amd/amdgpu/gfxv90.c driver for AMD GPU cores in Linux operating systems is related to the use of a name with incorrect references. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...
The vulnerability of Proxmox Mail Gateway’s security mechanism, which stems from insufficient validation of input data, allows attackers to compromise the confidentiality and integrity of the protected information.
The vulnerability of Proxmox Mail Gateway, a security tool for email protection, is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker operating remotely to compromise the confidentiality and integrity of the protected information...
The vulnerability of Proxmox Mail Gateway’s security mechanism, which stems from insufficient validation of input data, allows attackers to compromise the confidentiality and integrity of the protected information.
The vulnerability of Proxmox Mail Gateway, a security tool for email protection, is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker operating remotely to compromise the confidentiality and integrity of the protected information...
The vulnerability of the KLogic SCADA system’s virtual controller “KASKAD” allows a intruder to gain unauthorized access to protected information.
The vulnerability of the KWebVision web visualization module in the “KASKAD” SCADA system relates to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow an intruder to gain unauthorized access to protected information...
The vulnerability of the KLogic SCADA system’s virtual controller “KASKAD” allows a intruder to increase their privileges and delete arbitrary files.
The vulnerability of the KLogic SCADA system “KASKAD” virtual controller is related to incorrect external control of the file name or file path. Exploiting this vulnerability can allow a malicious actor to increase their privileges and delete arbitrary files...
The vulnerability of the Microsoft Office software package arises from the use of unreliable input data during security decision-making, allowing attackers to circumvent existing security restrictions.
The vulnerability of the Microsoft Office suite is related to the use of unreliable input data during security decision-making. Exploiting this vulnerability can allow attackers to circumvent existing security restrictions...
The vulnerability of Remote Desktop Services (RDS) for Windows operating systems allows attackers to escalate their privileges.
The vulnerability of Remote Desktop Services RDS for Windows operating systems is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...
Vulnerability of the ManifestParser and AmazonS3 classes in the Git version control system for the Java Eclipse JGit language, allowing attackers to perform XXE attacks
The vulnerability of the ManifestParser and AmazonS3 classes in the Git version control system, implemented in the Java Eclipse JGit framework, is related to an incorrect limitation on XML references to external objects. Exploiting this vulnerability allows a malicious actor to perform XXE attack...
The vulnerability of the node-tar library on the Node.js software platform allows attackers to disclose sensitive information that should be protected.
The vulnerability of the node-tar library on the Node.js software platform is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by the library...
The vulnerability of the expand() function in the juliangruber/brace-expansion library of the Node.js software platform allows a malicious actor to cause a service failure.
The vulnerability of the expand function in the juliangruber/brace-expansion library of the Node.js software platform is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the `foregroundChild()` function in the Node.js software platform’s file and directory searching library, which allows a hacker to execute arbitrary code.
The vulnerability of the foregroundChild function in the Node.js software platform’s file and directory searching library is related to the improper handling of the shell parameter in .bat and .cmd files. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability in the web interface for controlling microprogrammed industrial control switches WAGO 852 allows a hacker to bypass existing security mechanisms and execute arbitrary code.
The vulnerability of the web-based interface for controlling Microprogramming Software Industrial Control Switches WAGO 852 is related to the use of a rigidly encrypted cryptographic key. Exploiting this vulnerability allows an attacker to bypass existing security mechanisms and execute arbitrary...
The vulnerability of the data type processing function in PostgreSQL database management systems allows attackers to access memory bytes of the server and obtain confidential information.
The vulnerability of the oidvector data type processing function in the PostgreSQL database management system is related to reading beyond the buffer memory boundaries. Exploiting this vulnerability can allow an attacker to access server memory bytes and gain access to confidential information...
The vulnerability of the exynos_clkout_probe() function in the drivers/clk/samsung/clk-exynos-clkout.c driver for the Samsung Exynos clocking controller in the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the exynosclkoutprobe function in the drivers/clk/samsung/clk-exynos-clkout.c driver for the Samsung Exynos clock controller in the Linux operating system is related to improper initialization of resources. Exploiting this vulnerability could allow a remote attacker to...
The vulnerability of the f2fsPutSuper() function in the fs/f2fs/super.c module of the F2FS file system in Linux operating systems allows a hacker to cause a service failure.
The vulnerability of the f2fsPutSuper function in the fs/f2fs/super.c module of the F2FS file system in Linux systems is related to errors during link counters updates. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerabilities of the functions virtio_queue_rqs() and virtblk_poll() in the drivers/block/virtio_blk.c module of the Linux kernel’s block devices driver allow attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerabilities of the functions virtioqueuerqs and virtblkpoll in the drivers/block/virtioblk.c module of the Linux kernel’s block devices driver are related to the reutilization of previously released memory. Exploiting these vulnerabilities could allow an attacker to compromise the...
The vulnerability of Proxmox Mail Gateway’s security mechanism, which stems from insufficient validation of input data, allows attackers to compromise the confidentiality and integrity of the protected information.
The vulnerability of Proxmox Mail Gateway, a security tool for email communication, is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker operating remotely to compromise the confidentiality and integrity of the protected information...
The vulnerability of the PDO driver for Firebird database management systems, a programming language interpreter for PHP, allows attackers to execute SQL injections.
The vulnerability of the PDO driver for the Firebird database management system, which is written in the PHP programming language, is related to the lack of protective measures taken against the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute SQL injections...
The vulnerability of the KWebVision web visualization module in the “KASKAD” SCADA system allows a intruder to gain unauthorized access to the system.
The vulnerability of the KWebVision web visualization module in the “KASKAD” SCADA system relates to the use of a password hash instead of a password for authentication. Exploiting this vulnerability could allow an intruder to gain unauthorized access to the system...
The vulnerability of the KLogic SCADA system’s virtual controller “KASCAD” allows a intruder to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the KLogic SCADA system “KASCAD” lies in the insufficient limitation on authentication attempts. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the KLogic SCADA system “KASKAD”’s virtual controller allows a intruder to execute arbitrary code.
The vulnerability of the KLogic SCADA system “KASKAD”’s virtual controller is related to an incorrect limitation on the path name to the catalog. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code...
The vulnerability of the Remote Access Connection Manager (RASMan) service on the Windows operating system allows a hacker to induce a service failure.
The vulnerability of the Remote Access Connection Manager RASMan service in the Windows operating system is related to pointer aliasing. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of desktop window managers in Windows operating systems allows attackers to increase their privileges.
The vulnerability of desktop window managers in Windows operating systems is related to errors in data type mixing. Exploiting this vulnerability can allow an attacker to gain increased privileges...
The vulnerability of the JSON data processing library Json-smart, related to uncontrolled recursion, allows attackers to trigger a service failure.
The vulnerability of the JSON data processing library Json-smart is related to uncontrolled recursion. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the toFixed() function in the JavaScript environment of Rhino allows a malicious actor to cause a service failure.
The vulnerability of the toFixed function in the JavaScript environment of Rhino is related to uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the API-endpoint /api/domains/<domainid>/users/<userid>/aliases in VK WorkMail’s corporate email service allows a hacker to circumvent the limit on the number of aliases assigned to a user.
The vulnerability of the API-endpoint /api/domains//users//aliases for VK WorkMail corporate email involves synchronization errors when using a shared resource. Exploiting this vulnerability allows an attacker to circumvent the limit on the number of aliases assigned to a user...
The vulnerability of the juliangruber/brace-expansion library on the Node.js software platform, which allows a hacker to trigger a service failure.
The vulnerability of the juliangruber/brace-expansion library on the Node.js software platform is related to the use of a regular expression with inefficient computational complexity. Exploiting this vulnerability could allow an attacker to cause service failures remotely...
The vulnerability of the pgcrypto component in the PostgreSQL database management system allows a hacker to execute arbitrary code.
The vulnerability of the pgcrypto component in the PostgreSQL database management system is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the a7xx_patch_pwrup_reglist() function in the drivers/gpu/drm/msm/adreno/a6xx_gpu.c source code of the Direct Rendering Infrastructure (DRI) kernel module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the a7xxpatchpwrupreglist function in the drivers/gpu/drm/msm/adreno/a6xxgpu.c file, a part of the Direct Rendering Infrastructure DRI kernel driver for the Linux operating system, is related to the use of pointers. Exploiting this vulnerability could allow an attacker to cau...
The vulnerability of the kimage_mapSegment() function in the kernel/kexecCore.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the kimagemapSegment function in the kernel/kexecCore.c module of the Linux operating system is related to the distribution of resources without any restrictions or regulations. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrit...
The vulnerability of the io.netty.handler.codec.http.HttpRequestEncoder component in the Netty networking framework allows a attacker to replace the URL address.
The vulnerability of the io.netty.handler.codec.http.HttpRequestEncoder component in the Netty networking framework is related to the failure to handle CRLF sequences when processing the HttpRequestEncoder parameter. Exploiting this vulnerability allows a remote attacker to replace the URL addres...
The vulnerability of the felix_change_tag_protocol() function in the drivers/net/dsa/ocelot/felix.c module of the DSA kernel driver for the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the felixchangetagprotocol function in the drivers/net/dsa/ocelot/felix.c file of the DSA kernel driver in the Linux operating system is related to the assignment of pointers. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity,...
The vulnerability of Proxmox Mail Gateway’s security mechanism, which stems from insufficient validation of input data, allows attackers to compromise the confidentiality and integrity of the protected information.
The vulnerability of Proxmox Mail Gateway, a security tool for email protection, is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker operating remotely to compromise the confidentiality and integrity of the protected information...
The vulnerability of the KWebVision web visualization module in the “KASKAD” SCADA system allows a intruder to gain unauthorized access to the system.
The vulnerability of the KWebVision web visualization module in the “KASKAD” SCADA system is related to the lack of authentication for critical functions. Exploiting this vulnerability could allow an intruder to gain unauthorized access to the system...
The vulnerability of the KWebVision web visualization module in the “KASKAD” SCADA system allows a intruder to gain unauthorized access to the system.
The vulnerability of the KWebVision web visualization module in the “KASKAD” SCADA system is related to insufficient protection of registration data. Exploiting this vulnerability could allow an intruder to gain unauthorized access to protected information...
The vulnerability of the KLogic SCADA system’s virtual controller “KASCAD” allows a intruder to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the KLogic SCADA system “KASKAD”’s virtual controller is related to bypassing authentication by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected...
The vulnerability of the LERS UCHOT dispatching system, related to incorrect code generation, allows a intruder to execute arbitrary codes.
The vulnerability of the LERS dispatching system is related to incorrect code generation management. Exploiting this vulnerability allows a remote attacker to generate arbitrary codes...
The vulnerability of the MSHTML component in Windows operating systems allows attackers to bypass security measures.
The vulnerability of the MSHTML component in Windows operating systems is related to a breach of data protection mechanisms. Exploiting this vulnerability allows an attacker to bypass security functions remotely...
The vulnerability of the command-line interface of the Node.js software platform allows attackers to escalate their privileges and execute arbitrary code.
The vulnerability of the command-line interface of the Node.js software platform is related to the improper assignment of permissions for critical resources. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code...
The vulnerability of the diff library (jsdiff) in the Node.js software platform, which allows a hacker to cause a service failure.
The vulnerability of the diff library jsdiff in the Node.js software platform is related to an uncontrolled resource consumption during the processing of the parsePatch parameter. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the pg_trgm component in the PostgreSQL database management system allows attackers to enhance their privileges.
The vulnerability of the pgtrgm component in the PostgreSQL database management system is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...
The vulnerability of the evaluation function for extension Intarray in the PostgreSQL database management system allows a hacker to execute arbitrary code in the context of the current user.
The vulnerability of the selectivity evaluation function in the Intarray extension of the PostgreSQL database management system is related to insufficient checking of the specified data type for input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the...
The vulnerability of the h2v2_merged_upsample_internal() function in the libjpeg-turbo library, which allows a hacker to trigger a service failure
The vulnerability of the h2v2mergedupsampleinternal function in the libjpeg-turbo library is related to writing beyond buffer boundaries. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the ieee80211_probe_client() function in the net/mac80211/cfg.c module of the mac80211 stack in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the ieee80211probeclient function in the net/mac80211/cfg.c module of the mac80211 stack in the Linux operating system is related to incorrect validation of input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
The vulnerability of the attempt_restore_of_faulty_devices() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the attemptrestoreoffaultydevices function in the Linux operating system is related to reading memory outside the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...
The vulnerabilities of the functions qla2x00_async_login_sp_done(), qla2x00_adisc_sp_done(), and qla2x00_prli_sp_done() in the driver module drivers/scsi/qla2xxx/qla_init.c, which is part of the Linux operating system’s SCSI device support driver. These vulnerabilities allow a hacker to cause a service failure.
The vulnerabilities of the functions qla2x00asyncloginspdone, qla2x00adiscspdone, and qla2x00prlispdone in the driver module drivers/scsi/qla2xxx/qlainit.c are related to code errors. Exploiting these vulnerabilities can allow an attacker to cause a service failure...
The vulnerability of the pm8001_chip_reg_dev_req() function in the drivers/scsi/pm8001/pm8001_hwi.c module of the Linux SCSI device support driver allows a hacker to cause a service failure.
The vulnerability of the pm8001chipregdevreq function in the drivers/scsi/pm8001/pm8001hwi.c module of the Linux SCSI device support driver is related to the distribution of resources without any restrictions or regulation. Exploiting this vulnerability could allow a attacker to cause service...
The vulnerability of the __fbnic_open() function in the drivers/net/ethernet/meta/fbnic/fbnic_netdev.c file of the Linux kernel’s network adapter driver allows a hacker to cause a service failure.
The vulnerability of the fbnicopen function in the drivers/net/ethernet/meta/fbnic/fbnicnetdev.c file of the Linux kernel’s network adapter driver module is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the dmabufexp_from_pages() function in the drivers/xen/gntdev-dmabuf.c driver code of the Linux kernel’s page buffer device driver allows a attacker to cause a service failure.
The vulnerability of the dmabufexpfrompages function in the drivers/xen/gntdev-dmabuf.c driver for Linux kernel-based device buffer devices is related to the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the hns_roce_v2_init() function in the drivers/infiniband/hw/hns/hns_roce_hw_v2.c file of the Linux operating system’s InfiniBand driver module allows a attacker to cause a service failure.
The vulnerability of the hnsrocev2init function in the drivers/infiniband/hw/hns/hnsrocehwv2.c file of the Linux operating system’s InfiniBand driver is related to the re-release of previously released memory. Exploiting this vulnerability could allow a attacker to cause a service failure...