74701 matches found
The vulnerability of Microsoft Edge browser, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.
The vulnerability of Microsoft Edge is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform spear-phishing attacks...
The vulnerability of the SNMP protocol implementation in Cisco IOS and IOS XE operating systems allows a intruder to trigger a service failure.
The vulnerability of SNMP protocol implementations in Cisco IOS and IOS XE operating systems stems from operations that go beyond buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to cause service interruptions by sending specially crafted requests...
The vulnerability of the ets_class_from_arg() function in the net/sched/sch_ets.c module of the net/sched subsystem of the Linux operating system allows a hacker to gain unauthorized access to protected information.
The vulnerability of the etsclassfromarg function in the net/sched/schets.c module of the net/sched subsystem of the Linux operating system lies in the handling of buffer overflow attacks. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
Vulnerability of the qt2_process_read_urb() function in the drivers/usb/serial/quatech2.c module – The driver for supporting USB devices of the Linux operating system, which allows a hacker to cause a service failure.
Vulnerability of the qt2processreadurb function in the drivers/usb/serial/quatech2.c module – The driver for supporting USB devices in Linux operating systems contains errors in its code. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the storvsc_on_io_completion() function in the drivers/scsi/storvsc_drv.c module of the Linux operating system’s SCSI device support driver allows a hacker to cause a service failure.
The vulnerability of the storvsconiocompletion function in the drivers/scsi/storvscdrv.c module of the Linux SCSI device support driver leads to uncontrolled resource consumption. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the dip_ctx() function in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the dipctx function in the Linux operating system’s kernel is related to improper validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the process_string() function in the kernel/trace/traceevents.c module of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the processstring function in the kernel/trace/traceevents.c module of the Linux operating system is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the AmdPspP2CmboxV2 driver of AMD’s microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the AmdPspP2CmboxV2 microprogramming software driver for AMD processors is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the driver for the Google Virtual Ethernet Module (gve) in Linux kernel drivers/net/ethernet/google/gve/gve_main., allows a hacker to cause a service failure.
The vulnerability of the Google Virtual Ethernet Module gve driver in Linux operating systems is related to pointer manipulation. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of the sctp_association_init() function in the Linux operating system’s kernel allows a hacker to execute arbitrary code.
The vulnerability of the sctpassociationinit function in the Linux operating system’s kernel is related to integer overflow. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability of the Xerox Workplace Suite server management interface allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Xerox Workplace Suite print server management interface is related to deficiencies in the authentication process when processing Host headers. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the Xerox Workplace Suite print server, related to the improper use of standard permissions, allows a malicious actor to gain access to read, modify, or delete data.
The vulnerability of the Xerox Workplace Suite print management server is related to the incorrect use of standard permissions. Exploiting this vulnerability can allow an attacker to gain read, modify, or delete access to data remotely...
The vulnerability of the Microsoft Dynamics 365 Sales resource planning software server lies in insufficient validation of requests on the server side, allowing attackers to increase their privileges.
The vulnerability of the Microsoft Dynamics 365 Sales resource planning software server relates to insufficient validation of requests on the server side. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...
Microsoft Edge’s vulnerability, related to improper security checks for standard elements, allows attackers to perform spear-phishing attacks.
The vulnerability of Microsoft Edge relates to improper security checks for standard elements. Exploiting this vulnerability can allow attackers to carry out spear-phishing attacks...
The vulnerability of Microprogrammed Software in HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed printers arises from buffer overflow in the stack, allowing attackers to execute arbitrary code and gain elevated privileges.
The vulnerability of Microprogrammed Software in HP LaserJet Pro, EHP LaserJet Enterprise, and HP LaserJet Managed printers is related to buffer overflow in the stack. Exploiting this vulnerability allows an attacker to execute arbitrary code and increase their privileges by sending data in...
The vulnerability of the Internal Users module of the Wazuh intrusion detection and prevention system allows attackers to circumvent existing security restrictions, gain unauthorized access to protected information, and enhance their privileges.
The vulnerability of the Internal Users module of the Wazuh intrusion detection and prevention system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions, gain unauthorized access to protected information, a...
The vulnerability of Microprogrammed Software in HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed printers arises from the execution of operations outside of the buffer in memory. This allows attackers to execute arbitrary code and gain elevated privileges.
The vulnerability of Microprogrammed Software in HP LaserJet Pro, EHP LaserJet Enterprise, and HP LaserJet Managed printers is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code and increase thei...
The vulnerability of the SNMP protocol implementation in Cisco IOS and IOS XE operating systems allows a intruder to trigger a service failure.
The vulnerability of SNMP protocol implementations in Cisco IOS and IOS XE operating systems stems from operations that go beyond buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures by sending specially crafted requests...
Vulnerability of the vfio_platform_read_mmio() function in the drivers/vfio/platform/vfio_platform_common.c file – A driver for supporting platforms with VFIO devices in the Linux operating system, which allows a hacker to cause a service failure.
Vulnerability of the vfioplatformreadmmio function in the drivers/vfio/platform/vfioplatformcommon.c file – The Linux kernel’s VFIO device support driver has vulnerabilities in its code. Exploiting this vulnerability could allow an attacker to cause system failures...
The vulnerability of the Xerox Workplace Suite print management server, related to the use of rigidly encrypted credentials, allows a intruder to gain unauthorized access to protected information.
The vulnerability of the Xerox Workplace Suite print management server is related to the use of rigidly encoded credentials. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of Intel Server Board’s microprogramming software is related to buffer overflow in dynamic memory, which allows attackers to exploit their privileges.
The vulnerability of microprogrammed software on Intel Server Board motherboards is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the Xerox Workplace Suite print server, related to incorrect path name restrictions for restricted access directories, allows attackers to gain read, modify, or delete access to data.
The vulnerability of the Xerox Workplace Suite print management server is related to an incorrect restriction on the path to the restricted catalog. Exploiting this vulnerability can allow a malicious actor to gain read, modify, or delete access to data...
The vulnerability of the Breast software lies in the lack of measures taken to neutralize special elements in cookies used in the operating system’s command. This allows attackers to execute arbitrary code.
The vulnerability of the Breast software lies in the lack of measures taken to neutralize special elements in cookies used by the operating system. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending specially crafted POST requests...
The vulnerability of the zswap_pool_create() function in the mm/zswap.c module of the Linux kernel’s memory management subsystem allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the zswappoolcreate function in the mm/zswap.c module of the Linux kernel’s memory management subsystem is related to the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
The vulnerability of the IBM QRadar SIEM system, related to the transmission of critical information in plaintext, allows a perpetrator to execute a “man-in-the-middle” type attack.
The vulnerability of the IBM QRadar SIEM event collection and analysis system is related to the transmission of critical information in plaintext. Exploiting this vulnerability could allow a malicious actor to execute a “man-in-the-middle” type attack...
The vulnerability of Broadcom P225p NetXtreme-E Dual-port 10Gb/25Gb Ethernet PCIe Adapter and Broadcom NetXtreme-E family Ethernet controllers is related to access control bugs, allowing attackers to gain access to protected information.
The vulnerability of the Broadcom P225p NetXtreme-E dual-port 10Gb/25Gb Ethernet PCIe adapter and Broadcom NetXtreme-E family Ethernet controllers is related to access control bugs. Exploiting this vulnerability can allow attackers to gain access to protected information...
The vulnerability of Broadcom P225p NetXtreme-E dual-port 10Gb/25Gb Ethernet PCIe adapters and Broadcom NetXtreme-E family Ethernet controllers is related to buffer overflow in the stack. This allows attackers to trigger a service failure.
The vulnerability of Broadcom P225p NetXtreme-E dual-port 10Gb/25Gb Ethernet PCIe adapters and Broadcom NetXtreme-E family Ethernet controllers is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the memcg_write_event_control() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the memcgwriteeventcontrol function in the Linux operating system is related to improper initialization. Exploiting this vulnerability can allow an attacker to cause a service failure...
Vulnerability of components of the Linux operating system’s kernel, net/mlx5e, which allows a hacker to cause a service failure
The vulnerability of the net/mlx5e components in the Linux operating system’s kernel is related to improper locking mechanisms. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the mptcp component in Linux kernel, which allows a hacker to cause a service failure
The vulnerability of the mptcp component in Linux operating systems is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the rtla/osnoise components in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the fs/netfs/fscachecookie component of the Linux operating system’s kernel is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the setSSServer() function in the cstecgi.cgi script of the TOTOLINK X5000R router’s microprogramming software allows a hacker to execute arbitrary commands.
The vulnerability of the setSSServer function in the cstecgi.cgi script of the TOTOLINK X5000R router’s microprogramming system is related to the lack of measures to sanitize input data when processing parameters such as password, port, and timeout. Exploiting this vulnerability allows a remote...
The vulnerability of the CGI script VirtualServer.asp in the microprogramming software for D-Link DSL-3782 allows a hacker to execute arbitrary commands.
The vulnerability of the CGI script VirtualServer.asp in the D-Link DSL-3782 router microprogramming system is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary...
The vulnerability of the SPID.AspNetCore.Authentication library in the ASP.NET Core software platform allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the SPID.AspNetCore.Authentication library in the ASP.NET Core software platform is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information by sending specially crafted...
The vulnerability of the IBM Sterling File Gateway file server, related to deficiencies in access control, allows attackers to increase their privileges.
The vulnerability of the IBM Sterling File Gateway is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...
Vulnerability of the v3d_irq() function in the drivers/gpu/drm/v3d/v3d_irq.c module – This driver provides support for the Direct Rendering Infrastructure (DRI) of the Linux operating system’s kernel. It allows a hacker to cause a service failure.
Vulnerability of the v3dirq function in the drivers/gpu/drm/v3d/v3dirq.c module – The Linux kernel’s Direct Rendering Infrastructure DRI driver support code contains errors. Exploiting this vulnerability could allow an attacker to cause a system failure...
The vulnerability of the kernel component of the Linux operating system, which allows a hacker to cause a service failure
The vulnerability of the kernel component of the Linux operating system is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Mobile Security Framework (MobSF) for mobile application security research lies in an incorrect pathname limitation, which allows a malicious actor to gain unauthorized access for reading, deleting protected information, and executing arbitrary code.
The vulnerability of the Mobile Security Framework MobSF for mobile application security research is related to an incorrect restriction on the path name to the directory. Exploiting this vulnerability could allow a remote attacker to gain unauthorized access to read, delete protected information...
The vulnerability of the Breast software lies in the lack of validation for user attribute input data. This allows attackers to carry out XSS attacks.
The vulnerability of the Breast software lies in the lack of validation for the input data of user attributes. Exploiting this vulnerability allows a remote attacker to carry out XSS attacks...
The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to access control errors, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to access control errors. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
Vulnerabilities of components related to new firmware and kernel drivers of the Linux operating system, which allow attackers to cause system failures
The vulnerability of components related to Linux kernel’s new firmware is related to improper error handling. Exploiting this vulnerability can allow an attacker to cause service failures...
Vulnerability eliminated
...
The vulnerability in the function PLT_FileMediaServerDelegate::ExtractResourcePath() of the file PltHttpServer.cpp in the software development library Platinum UPnP SDK allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the PLTFileMediaServerDelegate::ExtractResourcePath function in the pltHttpServer.cpp file of the software development library, Platinum UPnP SDK, is related to an incorrect limitation on the path name for directories with restricted access. Exploiting this vulnerability coul...
The vulnerability of the mmc component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the mmc component in the Linux operating system’s kernel is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the bpf component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the bpf component in the Linux operating system’s kernel is related to read misses beyond the boundary. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of Cobalt Ashlar-Vellum’s parametric automated design and 3D modeling software lies in the inability to properly manage memory boundaries during data writing. This allows a malicious actor to execute arbitrary code.
The vulnerability of the Cobalt Ashlar-Vellum software for parametric automated design and 3D modeling lies in the issue of writing beyond buffer boundaries in memory during the processing of XE format files. Exploiting this vulnerability allows an attacker to execute arbitrary code...
Vulnerability eliminated
...
The vulnerability of the vsock component in the Linux operating system’s kernel, which allows a hacker to cause a service failure
The vulnerability of the vsock component in the Linux operating system’s kernel is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the KONG microprogramming software for Broadcom P225p NetXtreme-E dual-port 10Gb/25Gb Ethernet PCIe adapters and Broadcom NetXtreme-E family Ethernet controllers allows a malicious actor to execute arbitrary code and cause system failures.
The vulnerability of the KONG microprogramming software-based Broadcom P225p NetXtreme-E dual-port 10Gb/25Gb Ethernet PCIe adapter relates to buffer overflow attacks. Exploiting this vulnerability allows an attacker to execute arbitrary code and cause system failures...
The vulnerability of the `close_range()` function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the closerange function in the Linux operating system’s kernel is related to incorrect calculations. Exploiting this vulnerability can allow an attacker to cause a service failure...