90604 matches found
The vulnerability of the lookup_ioctl() function in the drivers/md/dm-ioctl.c module of the support for multiple devices (RAID and LVM) in the Linux kernel allows a attacker to cause a service failure.
The vulnerability of the lookupioctl function in the drivers/md/dm-ioctl.c module of the Linux support driver for multiple devices such as RAID and LVM is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the __mcheck_cpu_apply_quirks() function in the arch/x86/kernel/cpu/mce/core.c module, which is part of the Linux operating system’s x86 kernel support, allows a hacker to trigger a service failure.
The vulnerability of the mcheckcpuapplyquirks function in the arch/x86/kernel/cpu/mce/core.c module, which is part of the Linux operating system’s x86 kernel support, involves improper disabling or release of resources. Exploiting this vulnerability can allow an attacker to trigger a service...
The vulnerability of the path-to-regexp transformation library arises from the inefficient computational complexity of regular expressions, allowing attackers to trigger a service failure.
The vulnerability of the path-to-regexp transformation library is related to the inefficient computational complexity of regular expressions. Exploiting this vulnerability can allow an attacker to cause a service failure by overloading the CPU...
The vulnerability of the _regulator_do_enable() function in the drivers/regulator/core.c module of the Linux kernel’s voltage and current regulators driver module allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the regulatordoenable function in the drivers/regulator/core.c module of the Linux kernel’s voltage and current regulators driver relates to integer overflow or cyclic shift vulnerabilities. Exploiting this vulnerability could allow an attacker to compromise the...
The vulnerability of the ext4_truncate() function in the fs/ext4/inode.c module of the Ext4 file system in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the ext4truncate function in the fs/ext4/inode.c file of the Ext4 file system in the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
The vulnerability of the OnAssocReq() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the OnAssocReq function in the Linux operating system’s kernel is related to buffer overflow based on a stack. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the fromSetWifiGusetBasic() function in Tenda AC8 router software allows a hacker to execute arbitrary code.
The vulnerability of the fromSetWifiGusetBasic function in the Tenda AC8 router’s microprogramming software is related to the copying of buffers without checking the size of the input data when processing the shareSpeed parameter. Exploiting this vulnerability allows a remote attacker to execute...
The vulnerability of the sanity_check_curseg() function in the Linux operating system allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the sanitycheckcurseg function in the Linux operating system’s kernel is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the radeon_atombios_fini() function in the drivers/gpu/drm/radeon/radeon_device.c driver of the Direct Rendering Infrastructure (DRI) graphics card for Linux kernel cores allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the radeonatombiosfini function in the drivers/gpu/drm/radeon/radeondevice.c file of the DRI graphics card driver for Linux operating systems is related to the distribution of resources without any restrictions or regulation. Exploiting this vulnerability could allow an...
The vulnerability of the Rule Based Authorization Plugin for the Apache Solr search engine allows a perpetrator to send arbitrary HTTP requests.
The vulnerability of the Rule Based Authorization Plugin for the Apache Solr search server is related to deficiencies in the authorization process. Exploiting this vulnerability allows a malicious actor to send arbitrary HTTP requests remotely...
The vulnerability of the sja1105_table_delete_entry() function in the drivers/net/dsa/sja1105/sja1105_static_config.c file of the NXP SJA1105 series switch driver for the Linux operating system allows a attacker to access protected information or cause a service failure.
The vulnerability of the sja1105tabledeleteentry function in the drivers/net/dsa/sja1105/sja1105staticconfig.c module of the NXP SJA1105 series switch driver for the Linux operating system is related to reading memory beyond the allocated buffer. Exploiting this vulnerability could allow an...
The vulnerability of the jfs_link() function in the fs/jfs/namei.c file of the JFS file system in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the jfslink function in the fs/jfs/namei.c file of the JFS file system in Linux operating systems is related to the pointer manipulation. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...
The vulnerability of the pot_hole() function in the Linux operating system’s kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the pothole function in the Linux operating system’s kernel is related to copying buffers without checking the size of the input data a classic buffer overflow attack. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and...
The vulnerability of the formSetWanDiag() function in the Tenda G300-F router’s microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the formSetWanDiag function in the Tenda G300-F router’s microprogramming software is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted request...
Vulnerability of the platform for creating individual web applications in CRM. The vulnerability lies in the lack of measures to protect the SQL query structure, allowing attackers to execute arbitrary code.
The vulnerability of the platform for creating individual web applications in CRM involves the failure to implement measures to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the convert___skb_to_skb() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the convertskbtoskb function in the Linux operating system’s kernel is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the optc1_enable_optc_clock() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the optc1enableoptcclock function in the Linux operating system is related to incomplete cleanup of temporary or auxiliary resources. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...
The vulnerability of the MFlash file-sharing platform, which allows for unlimited downloading of malicious files, enables a hacker to execute arbitrary code.
The vulnerability of the MFlash file-sharing platform lies in its ability to allow unlimited downloading of malicious files. Exploiting this vulnerability could enable a remote attacker to execute arbitrary code...
The vulnerability of the Symfony software platform for developing and managing web applications stems from insufficient validation of input data, allowing attackers to compromise data integrity.
The vulnerability of the Symfony software platform for developing and managing web applications is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to compromise the integrity of data...
The vulnerability of the node_http2 components in the Node.js software platform allows a attacker to cause a service failure.
The vulnerability of the nodehttp2 components in the Node.js software platform is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of the kdc/do_tgs_req.c component of the Kerberos authentication protocol allows a attacker to induce a service failure.
The vulnerability of the kdc/dotgsreq.c component of the Kerberos authentication protocol is related to pointer arithmetic errors. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the WMI_TXSTATUS_EVENTID command in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the WMITXSTATUSEVENTID command in the Linux operating system’s kernel is related to the simultaneous execution using shared resources with incorrect synchronization. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the iwl_txq_reclaim() function in the drivers/net/wireless/intel/iwlwifi/queue/tx.c file of the Intel wireless driver module for Linux operating systems allows a hacker to cause a service failure.
The vulnerability of the iwltxqreclaim function in the drivers/net/wireless/intel/iwlwifi/queue/tx.c file of the Intel wireless driver for Linux operating systems is related to improper locking of resources. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the show_ipi_list() function in the arch/loongarch/kernel/smp.c module, which is part of the LoongArch architecture support for the Linux operating system, allows a attacker to cause a service failure.
The vulnerability of the showipilist function in the arch/loongarch/kernel/smp.c module, which is part of the LoongArch architecture support for the Linux operating system, involves a buffer overflow based on a stack. Exploiting this vulnerability could allow an attacker to trigger a service...
The vulnerability of the __hfs_bnode_create() function in the fs/hfs/bnode.c module of the Linux kernel file system allows a attacker to cause a service failure.
The vulnerability of the hfsbnodecreate function in the fs/hfs/bnode.c file of the Linux kernel file system is related to the distribution of resources without any restrictions or regulations. Exploiting this vulnerability could allow a perpetrator to cause service failures...
The vulnerability of the rcutasks_rude_wait_gp() function in the kernel/rcu/tasks.h module of the Linux operating system allows a attacker to trigger a service failure.
The vulnerability of the rcutasksrudewaitgp function in the kernel/rcu/tasks.h module of the Linux operating system is related to state management errors. Exploiting this vulnerability could allow an attacker to trigger a service failure...
The vulnerability of the Duo Workflow Service component, a service for interacting with external LLM-providers like GitLab AI Gateway, allows a perpetrator to execute arbitrary code.
The vulnerability of the Duo Workflow Service component, a service for interacting with external LLM-providers like GitLab AI Gateway, is related to improper code generation management. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending specially crafted request...
The vulnerability of the ipc_msg_send_request() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the ipcmsgsendrequest function in the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability in the web interface of the Fortinet FortiClient Enterprise Management Server (EMS) allows a perpetrator to execute arbitrary commands.
The vulnerability of the web interface of the Fortinet FortiClient Enterprise Management Server EMS lies in the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by sending specially crafted HTTP requests...
The vulnerability of the `ntfs_read inode_mount()` function in the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the ntfsread inodemount function in the Linux operating system is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
Vulnerability of the platform for creating individual web applications in CRM. The leader involved in this issue is related to the failure to protect the structure of the web page, allowing attackers to execute arbitrary code.
The vulnerability of the platform for creating individual web applications in CRM involves failing to take measures to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the DestroyImage function in the MagickCore/image.c component of the console image editing tool ImageMagick allows a hacker to cause a service failure.
The vulnerability of the DestroyImage function in the MagickCore/image.c component of the ImageMagick console graphic editor is related to insufficient validation of input data. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...
The vulnerability of the Dnsmasq DNS server, related to errors in the implementation of security checks for standard elements, allows attackers to compromise the integrity of data.
The vulnerability of the Dnsmasq DNS server is related to errors in the implementation of security checks for standard elements. Exploiting this vulnerability allows a malicious actor to compromise the integrity of data...
The vulnerability of the MontageImageCommand function in the MagickWand/montage.c component of the ImageMagick console graphics editor allows a hacker to cause a service failure.
The vulnerability of the MontageImageCommand function in the MagickWand/montage.c component of the ImageMagick console graphics editor is related to the failure to release resources after the expiration of their useful lifespan. Exploiting this vulnerability could allow a malicious actor to cause...
The vulnerabilities of Node.js’s HTTP components, which allow attackers to trigger service failures
The vulnerability of Node.js’s HTTP components is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a remote attacker to cause service failures...
The vulnerability of the Kerberos authentication protocol, related to the lack of use of the assert() function, allows a attacker to cause a service failure.
The vulnerability of the Kerberos authentication protocol is related to the insufficient use of the assert function. Exploiting this vulnerability can allow a malicious actor to cause a service failure...
The vulnerabilities of the Buffer.fill() and Bufferalloc() functions in the Node.js software platform allow attackers to cause service failures.
The vulnerability of the Buffer.fill and Bufferalloc functions in the Node.js software platform is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the kvm_get_mode() function in the arch/arm64/include/asm/kvm_host.h support module for the 64-bit ARM processor in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the kvmgetmode function in the arch/arm64/include/asm/kvmhost.h support module for the 64-bit ARM processor-based Linux operating system is related to operations involving resources after their expiration. Exploiting this vulnerability could allow an attacker to cause a servi...
The vulnerability of the gfs2_show_options() function in the fs/gfs2/super.c file of the GFS2 file system in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the gfs2showoptions function in the fs/gfs2/super.c file of the GFS2 file system in the Linux operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the mpi_cmp_ui() function in the lib/crypto/mpi/mpi-cmp.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the mpicmpui function in the lib/crypto/mpi/mpi-cmp.c module of the Linux operating system is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Metro Development Server lies in its lack of measures to neutralize special elements, allowing attackers to execute arbitrary code.
The vulnerability of the Metro Development Server is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted POST request...
The vulnerability of the raid0_run() function (drivers/md/raid0.c) and raid10_run() function (drivers/md/raid10.c) in the Linux kernel allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the raid0run function drivers/md/raid0.c and raid10run function drivers/md/raid10.c in the Linux kernel is related to buffer overflow based stack-based attacks. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility...
The vulnerability of the swap inode_boot_loader() function in the fs/ext4/ioctl.c file of the Ext4 file system in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the swapinodebootloader function in the fs/ext4/ioctl.c file of the Ext4 file system in the Linux operating system is related to incorrect initialization of resources. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
The vulnerability of the fc_exch_abts_resp() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the fcexchabtsresp function in the Linux operating system is related to the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...
The vulnerability of the si_parse_power_table() function in the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the siparsepowertable function in the Linux operating system is related to the repeated release of previously released memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the bcmgenetdesc_rx() function in the drivers/net/ethernet/broadcom/genet/bcmgenet.c file of the Ethernet network adapter driver for Broadcom-based Linux operating systems allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the bcmgenetdescrx function in the drivers/net/ethernet/broadcom/genet/bcmgenet.c file of the Broadcom Ethernet network adapter driver for the Linux operating system is related to the distribution of resources without any restrictions or regulation. Exploiting this...
The vulnerability of the `__ieee80211_scan_completed()` function in the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the ieee80211scancompleted function in the Linux operating system is related to the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the ReadMVGImage function in the coders/mvg.c component of the console image editing tool ImageMagick allows a hacker to cause a service failure.
The vulnerability of the ReadMVGImage function in the coders/mvg.c component of the console image editing tool ImageMagick involves the failure to release resources after their useful period has ended. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...
The vulnerability of the GetImagePixelCache function in the MagickCore/cache.c component of the console image editing tool ImageMagick allows a hacker to cause a service failure.
The vulnerability of the GetImagePixelCache function in the MagickCore/cache.c component of the console image editing tool ImageMagick is related to the failure to release resources after their useful period has ended. Exploiting this vulnerability could allow a malicious actor to cause service...
The vulnerability of the UCS-2 encoding in the Node.js software platform, which allows a hacker to trigger a service failure.
The vulnerability of the UCS-2 encoding format in the Node.js software platform is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to cause a service failure remotely...