The vulnerability of the software products of the LLC “NPO ‘MIR’, related to the use of cryptographic algorithms containing defects, allows attackers to execute an attack using brute-force methods.

The vulnerability of the software products developed by LLC “NPO ‘MIR’ lies in the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability allows a remote attacker to execute an attack using brute-force methods...

The vulnerability of the OPC Server implementation in MIR and SCADA systems, related to the transmission of data in an open manner, allows attackers to disclose protected information.

The vulnerability of the OPC Server implementation and the MIIR SCADA system is related to the transmission of data in an open manner. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

The vulnerability of the do_repack_createinstallmedia function in Parallels Desktop hypervisors allows a hacker to increase their privileges.

The vulnerability of the dorepackcreateinstallmedia function in Parallels Desktop hypervisors is related to synchronization errors when using a shared resource “Race Situation”. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability of software solutions that support the process of closing, consolidating, and generating reports for IBM Cognos Controller and IBM Controller lies in the lack of a data deserialization mechanism. This allows attackers to execute arbitrary commands.

The vulnerabilities of the software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller are related to deficiencies in the data deserialization mechanism. Exploiting these vulnerabilities can allow an attacker to execute arbitrary...

The vulnerability of software for creating and running NVIDIA Container Toolkit containers, as well as software for managing NVIDIA GPU resources, relates to synchronization errors when using shared resources. This “race condition” allows a malicious actor to execute code.

The vulnerability of the software for creating and running NVIDIA Container Toolkit containers, as well as the NVIDIA GPU Operator resource management software, is related to synchronization errors when using shared resources. Exploiting this vulnerability allows a remote attacker to execute...

The vulnerability of the Windows operating system’s Search service allows a perpetrator to escalate their privileges.

The vulnerability of the Windows operating system’s Search service is related to improper code generation management. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the Windows operating system’s Telephony Service allows a perpetrator to execute arbitrary code.

The vulnerability of the Windows Operating System’s Telephony Service is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

The vulnerability of Microsoft Office, Excel, and Microsoft 365 Apps for Enterprise packages lies in their ability to exploit memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Office, Excel, and Microsoft 365 Apps for Enterprise packages is related to the possibility of using memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of the Microsoft COM Server component of the Windows operating system, which allows a hacker to disclose protected information

The vulnerability of the Microsoft COM Server component of the Windows operating system is related to the use of an uninitialized resource. Exploiting this vulnerability could allow an attacker to disclose sensitive information that is protected by security measures...

The vulnerability of the software products developed by LLC “NPO ‘MIR’ lies in the fact that confidential information is stored in unencrypted form in memory, allowing an intruder to gain unauthorized access to the protected information.

The vulnerability of the software products developed by LLC “NPO ‘MIR’ lies in the storage of confidential information in unencrypted form in memory. Exploiting this vulnerability could allow an intruder to gain unauthorized access to the protected information...

The vulnerability of the software products of the LLC “NPO ‘MIR’, related to incorrect authorization, allows a perpetrator to increase their privileges.

The vulnerability of the software products developed by OOO “NPO “MIR” is related to incorrect authorization. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the software products of the LLC “NPO ‘MIR’ lies in the insufficient limitation on the number of authentication attempts, allowing a perpetrator to carry out an attack using brute-force methods.

The vulnerability of the software products developed by LLC “NPO ‘MIR’ lies in the insufficient limitation on the number of authentication attempts. Exploiting this vulnerability allows a malicious actor to carry out an attack using brute-force methods...

The vulnerability of the HTTP protocol implementation in the software products of the LLC “NPO “MIR” lies in the transmission of data in an open manner, which allows attackers to disclose protected information.

The vulnerability of the HTTP protocol implementation in software products of the LLC “NPO ‘MIR’” lies in the transmission of data in an open manner. Exploiting this vulnerability can allow a malicious actor to disclose the protected information remotely...

The vulnerability of the get_parentControl_list_Info() function in the Tenda AC10 router software allows a attacker to execute arbitrary code or cause a service failure.

The vulnerability of the getparentControllistInfo function in the Tenda AC10 router microprogramming system is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause service failures...

The vulnerability of the command-line interface of Cisco IOS XR allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the command-line interface of Cisco IOS XR systems is related to improper validation of arguments passed to a specific CLI command. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Installer component for Windows operating systems allows attackers to increase their privileges.

The vulnerability of the Installer component for Windows operating systems is related to an incorrect definition of the reference before accessing the file. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the MIR CT-51 controller, related to the disclosure of information during data transmission, allows a intruder to enhance their privileges.

The vulnerability of the MIR KT-51 controller is related to the disclosure of information during data transmission. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain increased privileges...

The vulnerability of the Telnet protocol implementation for the MIR KT-51 controller and the MIR controller configuration tool, related to the transmission of data in an open manner, allows a perpetrator to disclose the protected information.

The vulnerability of the Telnet protocol implementation for the MIR KT-51 controller and the MIR controller configuration software is related to the transmission of data in an open manner. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

The vulnerability of the FTP protocol implementation of the MIR KT-51 controller and the MIR controller configuration tool, related to the transmission of data in an open manner, allows a perpetrator to disclose protected information.

The vulnerability of the FTP protocol implementation in the MIR KT-51 software controller and the MIR controller configuration tool lies in the transmission of data in an open manner. Exploiting this vulnerability allows a malicious actor to disclose the protected information...

The vulnerability of the software products of the LLC “NPO ‘MIR’, related to the use of weak protection for database data, allows attackers to disclose the protected information.

The vulnerability of the software products developed by LLC “NPO ‘MIR’ lies in the use of weak protection for database credentials. Exploiting this vulnerability could allow an attacker, operating remotely, to disclose the protected information...

The vulnerability of the web management console of the IP-ATC Agat CU-7214, related to the lack of measures taken to protect the SQL query structure, allows a hacker to execute arbitrary SQL code.

The vulnerability of the IP-ATC Agat CU-7214 web management console relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary SQL code...

The vulnerability of the delFacebookPic() function in the Tenda W18E router software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the delFacebookPic function in the Tenda W18E router software is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause a service failure...

The vulnerability of the initAdminUser() function in Tenda W18E router software allows a hacker to bypass security restrictions and gain increased privileges.

The vulnerability of the initAdminUser function in the Tenda W18E router software lies in the deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and enhance their privileges by sending specially crafted HTTP requests...

The vulnerability in the VERM_AJAX_functions.php script of the software for managing call centers allows a violator to execute arbitrary code.

The vulnerability of the VERMAJAXfunctions.php software for the Vicidial call processing center is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

The vulnerability of the PAN-OS operating system lies in its inability to neutralize special elements used in the operating system’s commands. This allows attackers to circumvent security restrictions, enhance their privileges, and execute arbitrary commands.

The vulnerability of the PAN-OS operating system is related to the lack of measures taken to neutralize special elements used in the operating system’s commands. Exploiting this vulnerability allows a malicious actor to bypass security restrictions, enhance their privileges, and execute arbitrary...

The vulnerability of the Prometheus Remote Write plugin for collecting and processing Fluent Bit logs, related to the assignment of a zero pointer, allows a malicious actor to trigger a service failure.

The vulnerability of the Prometheus Remote Write plugin for collecting and processing Fluent Bit logs is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure by sending a specially crafted HTTP request...

The vulnerability of the Microsoft Digest Authentication (wDigest) authentication mechanism in Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the Microsoft Digest Authentication wDigest authentication mechanism in Windows operating systems is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code remotely...

The vulnerability of the Internet Connection Sharing (ICS) function in Windows operating systems allows a hacker to cause a service failure.

The vulnerability of the Internet Connection Sharing ICS function in Windows operating systems is related to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

The vulnerability of the Core Messaging component in Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the Core Messaging component in Windows operating systems is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability of the setLoginPassword() function in the Tenda W18E router software allows a hacker to bypass security restrictions and change the administrator password.

The vulnerability of the setLoginPassword function in the Tenda W18E router software is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and change the administrator password by sending a specially crafted POST reque...

The vulnerability of the Adobe Experience Manager content and media data management system lies in the insufficient protection of website structures, allowing attackers to carry out cross-site scripting attacks.

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of the setSchedWifi() function in the microprogramming software for Tenda AC10 allows a hacker to execute arbitrary code or cause service failure.

The vulnerability of the setSchedWifi function in the Tenda AC10 router’s microprogramming software lies in the fact that the operation results are stored outside of the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause service failur...

The vulnerability of the dev_kfree_skb_any() function (drivers/net/ethernet/google/gve/gve_rx_dqo.c) in the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the devkfreeskbany function drivers/net/ethernet/google/gve/gverxdqo.c in the Linux kernel is related to the repeated release of memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the SAP Permit to Work (PTW) security and labor protection system, related to insufficient protection of operational data, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the SAP Permit to Work PTW security and labor protection system is related to insufficient protection of operational data. Exploiting this vulnerability can allow an unauthorized attacker to gain unauthorized access to protected information...

The vulnerability affects the implementation of the Lightweight Directory Access Protocol (LDAP) on Windows operating systems, allowing attackers to execute arbitrary code.

The vulnerability of the LDAP protocol implementation on the Windows operating system arises due to synchronization errors when using a shared resource. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the PAN-OS operating system, related to the unencrypted storage of credentials, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the PAN-OS operating system is related to the unencrypted storage of credentials. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to protected information...

The vulnerability of the software products of the LLC “NPO “MIR” is related to the presence of vulnerabilities in the borrowed components. This vulnerability allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the software products developed by LLC “NPO ‘MIR’ is related to the presence of vulnerabilities in the borrowed components. Exploiting these vulnerabilities could allow attackers who operate remotely to compromise the confidentiality, integrity, and accessibility of the...

The vulnerability of the software products of the LLC “NPO ‘MIR’, related to the unencrypted storage of account data, allows a perpetrator to disclose protected information.

The vulnerability of the software products developed by LLC “NPO ‘MIR’ lies in the unencrypted storage of account data. Exploiting this vulnerability could allow an attacker to disclose the protected information...

Vulnerability of the functions amdgpu_vkms_prepare_fb() and amdgpu_vkms_cleanup_fb() (drivers/gpu/drm/amd/amdgpu/amdgpu_vkms.c) in the Linux operating system kernel, allowing a hacker to cause service interruptions

The vulnerabilities of the functions amdgpuvkmspreparefb and amdgpuvkmscleanupfb drivers/gpu/drm/amd/amdgpu/amdgpuvkms.c in the Linux operating system’s kernel are related to pointer manipulation. Exploiting these vulnerabilities can allow an attacker to cause service interruptions...

The vulnerability of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller, related to the use of cryptographic algorithms containing vulnerabilities, allows attackers to gain unauthorized access to protected information.

The vulnerabilities of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller are related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting these vulnerabilities can allow unauthorized actors to...

The vulnerability of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller lies in the lack of authentication procedures. This allows attackers to bypass security restrictions and gain access to read and modify data.

The vulnerabilities of the software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller are related to deficiencies in the authentication process. Exploiting these vulnerabilities can allow an attacker to bypass security...

The vulnerability in the web interfaces of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller allows attackers to carry out cross-site scripting attacks and gain unauthorized access to protected information.

The vulnerability of web interfaces of software solutions that support closing, consolidation, and reporting processes for IBM Cognos Controller and IBM Controller is related to insufficient protection of the web page structure. Exploiting this vulnerability allows an attacker to perform cross-si...

The vulnerability of Visual Studio Code’s JS Debug editor, related to vulnerabilities in access control, allows attackers to escalate their privileges.

The vulnerability of Visual Studio Code’s JS Debug editor for source code editing is related to deficiencies in access control. Exploiting this vulnerability could allow attackers to enhance their privileges...

The vulnerability of the org.springframework.web.multipart package in the Spring Web framework allows attackers to re-write files stored in web server directories.

The vulnerability of the org.springframework.web.multipart package in the Spring Web framework is related to an incorrect restriction on the path to the restricted directory. Exploiting this vulnerability could allow a malicious actor to re-upload files stored in the web server’s directory from a...

The vulnerability of the replace_special_char() function in the microprogramming software of the D-Link DAP-1320 wireless signal amplifier allows a intruder to trigger a service failure.

The vulnerability of the replacespecialchar function in the D-Link DAP-1320 wireless signal amplifier software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause malfunctions in the device...

The vulnerability of the formexeCommand() function in the Tenda AC6 router’s microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the formexeCommand function in the Tenda AC6 router’s microprogramming software is related to incorrect code generation during the processing of the cmdinput parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the setIpQosRules() function in TOTOLINK CP450 router software allows a intruder to cause a service failure.

The vulnerability of the setIpQosRules function in TOTOLINK CP450 router software lies in the issue of the operation exceeding the buffer in memory when processing the comment parameter. Exploiting this vulnerability could allow an attacker to cause service interruptions...

The vulnerability of the getSaveConfig() function in TOTOLINK CP450 router microprogramming software allows a hacker to induce a service failure.

The vulnerability of the getSaveConfig function in TOTOLINK CP450 router microprogramming software is related to the issue of the operation going beyond the buffer in memory when processing the httphost parameter. Exploiting this vulnerability could allow a remote attacker to cause service...

The vulnerability of the setPortForwardRules() function in TOTOLINK CP450 router microprogramming software allows a hacker to trigger a service failure.

The vulnerability of the setPortForwardRules function in TOTOLINK CP450 router microprogramming software is related to the issue of the operation going beyond the buffer in memory when processing the comment parameter. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the set_ws_action() function in the microprogramming software of the D-Link DAP-1320 wireless signal booster allows a intruder to trigger a service failure.

The vulnerability of the setwsaction function in the microprogramming software of the D-Link DAP-1320 wireless signal amplifier is related to the output of operations that go beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause a service failure...