The vulnerability of the fromPptpUserSetting() function in the /goform/PPTPUserSetting file of the Tenda FH451 router’s software allows a attacker to execute arbitrary code or cause a service failure.

The vulnerability of the fromPptpUserSetting function in the /goform/PPTPUserSetting file of the Tenda FH451 router’s microprogramming system is related to buffer overflow during the processing of the delno parameter. Exploiting this vulnerability allows an attacker to execute arbitrary code or...

The vulnerability in the module drivers/firmware/arm_ffa/bus.c of Linux operating systems allows a hacker to cause a service failure.

The vulnerability in the drivers/firmware/armffa/bus.c module of Linux operating systems is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of the eir_get_service_data() function in the Linux operating system allows a hacker to induce a service failure.

The vulnerability of the eirgetservicedata function in the Linux operating system is related to a pointer swapping error. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the formSafeEmailFilter() function in the microprogramming software for Tenda FH451 allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the formSafeEmailFilter function in the Tenda FH451 router software lies in the issue of the operation being executed outside the buffer in memory when processing the page parameter. Exploiting this vulnerability can allow a malicious actor to cause service failures or execut...

The vulnerability of the formSetWanDhcpplus() function in D-Link DIR-513 router software allows a hacker to induce a service failure.

The vulnerability of the formSetWanDhcpplus function in the microprogramming software for D-Link DIR-513 is related to the operation of writing data outside of the buffer in memory when processing the curTime parameter. Exploiting this vulnerability could allow a remote attacker to cause a servic...

The vulnerability of the recvSlaveUpgstatus() function in the MQTT service of the TOTOLink T6 microprogramming system allows a attacker to execute arbitrary code.

The vulnerability of the recvSlaveUpgstatus function in the MQTT service of the TOTOLink T6 mesh-system’s micro-programming system is related to the issue of operations going out of the buffer in memory when processing the parameter s. Exploiting this vulnerability allows a malicious actor to...

The vulnerability of the formLanSetupRouterSettings() function in D-Link DIR-513 router microprogramming software, a built-in web server, allows a hacker to cause a service failure.

The vulnerability of the formLanSetupRouterSettings function in the embedded web server of D-Link’s DIR-513 router software is related to the issue where data is written out of the buffer into memory when processing the curTime parameter. Exploiting this vulnerability could allow a remote attacke...

The vulnerability of the mod_proxy module in the Apache HTTP Server allows a hacker to perform an SSRF attack.

The vulnerability of the modproxy module in the Apache HTTP Server is related to insufficient validation of requests at the server side. Exploiting this vulnerability allows a malicious actor to perform an SSRF attack remotely...

Vulnerability of the NetworkServlet.restoreDatabase() function in the system for centrally managing network devices and ports of the Advantech iView, allowing a perpetrator to gain unauthorized access to protected information.

The vulnerability of the NetworkServlet.restoreDatabase function in the system for centrally managing network devices and ports of the Advantech iView platform is related to the implementation or modification of arguments. Exploiting this vulnerability could allow an attacker to gain unauthorized...

The vulnerability of the NetworkServlet.processImportRequest() function in the system for centrally managing network devices and ports of the Advantech iView platform allows a hacker to disclose protected information.

The vulnerability of the NetworkServlet.processImportRequest function in the system for centrally managing network devices and ports of the Advantech iView platform is related to an incorrect restriction on the path to the restricted directory. Exploiting this vulnerability could allow a maliciou...

The vulnerability of the API interface of the boiler controller MyHeat GO allows a hacker to gain unauthorized access to the controller.

The vulnerability of the API interface of the boiler control controller MyHeat GO is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to the controller...

The vulnerability of the OneDrive file sharing service for the macOS operating system arises from the insecure management of privileges, allowing an attacker to elevate their privileges to root user level.

The vulnerability of the OneDrive file sharing service for the macOS operating system is related to insecure management of privileges. Exploiting this vulnerability could allow an attacker to elevate their privileges to the root user level...

The vulnerability of AMD’s microprogramming software for processors lies in the insufficient protection of operational data, which allows attackers to disclose protected information.

The vulnerability of AMD’s microprogramming software is related to insufficient protection of operational data. Exploiting this vulnerability can allow attackers to disclose protected information...

The vulnerability of the formSetMacFilterCfg() (/goform/setMacFilterCfg) function in the Tenda AC7 router’s microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the formSetMacFilterCfg function /goform/setMacFilterCfg in the Tenda AC7 router software lies in the issue of the operation exceeding the buffer boundaries in memory when processing the deviceList parameter. Exploiting this vulnerability allows a remote attacker to execute...

The vulnerability of the mod_ssl function in the Apache HTTP Server allows attackers to compromise the integrity of the protected information.

The vulnerability of the modssl function in the Apache HTTP Server is related to the lack of measures to neutralize special control elements. Exploiting this vulnerability allows a malicious actor to compromise the integrity of the protected information from a remote location...

The vulnerability of the NetworkServlet.backupDatabase() function in the system for centrally managing network devices and ports of the Advantech iView platform allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the NetworkServlet.backupDatabase function in the system for centrally managing network devices and ports of the Advantech iView family is related to the implementation or modification of arguments. Exploiting this vulnerability could allow an attacker to gain unauthorized...

The vulnerability of the TIA Administrator software development environment, related to access control deficiencies, allows attackers to escalate their privileges and execute arbitrary code.

The vulnerability of the TIA Administrator software development environment is related to lack of access control. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...

The vulnerability of the API interface of the boiler controller MyHeat GO allows a hacker to gain unauthorized access to the controller.

The vulnerability of the API interface of the MyHeat GO boiler controller is related to the use of default login credentials. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to the controller by using the standard login credentials...

The vulnerability of the Strategic Planner Starter App component in the Oracle Application Express development environment allows a hacker to gain full control over the application.

The vulnerability of the Strategic Planner Starter App component in the Oracle Application Express development environment is related to the redirection of URLs to an unreliable website. Exploiting this vulnerability can allow a malicious actor to gain full control over the application...

The vulnerability of the k3_udma_glue_reset_rx_chn() function in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the k3udmaglueresetrxchn function in Linux operating systems is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Java-Script templater Nunjacks in the PROTECH system for analysis and monitoring of production processes allows attackers to execute arbitrary code and gain increased privileges.

The vulnerability of the Java-Script templater Nunjacks in the PROTECH production analysis and monitoring system exists due to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and gain increased privileges...

The vulnerability of the fromqossetting() function in the /goform/qossetting file of the Tenda FH451 router’s microprogramming system allows a hacker to execute arbitrary code or cause service failures.

The vulnerability of the fromqossetting function in the /goform/qossetting file of the Tenda FH451 router’s microprogramming system is related to buffer overflow when processing the page parameter. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service failure...

The vulnerability of the libsavsvc.so library in Android operating systems allows a hacker to trigger a service failure.

The vulnerability of the libsavsvc.so library in Android operating systems is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the LeAudioService service in Android operating systems allows a hacker to gain access to read and modify data.

The vulnerability of the LeAudioService service on Android operating systems is related to access control errors. Exploiting this vulnerability can allow an attacker to gain access to read and modify data...

The vulnerability of the Networking component of the Oracle Java SE software platform and the Oracle GraalVM virtual machine allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Networking component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine is related to access control deficiencies. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protecte...

The vulnerability of Android operating systems’ isemtelephony services allows attackers to gain unauthorized access to protected information.

The vulnerability of IsemTelephony operating systems for Android is related to access control errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Alerts & IRM platform’s notification service for monitoring and surveillance allows a perpetrator to disclose protected information.

The vulnerability of the Alerts & IRM platform’s notification service for monitoring and surveillance in Grafana relates to insufficient protection of operational data when connected to the DingDing contact point. Exploiting this vulnerability can allow a malicious actor to disclose protected...

The vulnerability of the Data Loss Prevention module of Trend Micro Apex One and Apex One as a Service allows a perpetrator to execute arbitrary code.

The vulnerability of the Data Loss Prevention module in Trend Micro Apex One and Apex One as a Service antivirus software is related to an uncontrolled element in the search process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute arbitrary code using a...

The vulnerability of the fromWizardHandle()/goform/WizardHandle function in the Tenda FH451 router software allows a hacker to induce a service failure.

The vulnerability of the fromWizardHandle/goform/WizardHandle function in the Tenda FH451 router’s microprogramming system is related to reading data beyond the buffer boundaries in memory when processing the PPW parameter. Exploiting this vulnerability can allow a malicious actor to cause servic...

The vulnerability of the recvSlaveStaInfo() function in the MQTT service of the TOTOLink T6 microprogramming system allows a attacker to execute arbitrary code.

The vulnerability of the recvSlaveStaInfo function in the MQTT service of the TOTOLink T6 mesh-system’s microprogramming system is related to the issue of the operation going beyond the buffer in memory when processing the dest parameter. Exploiting this vulnerability allows a remote attacker to...

The vulnerability of the “Add Mycode” function in the MyBB forum creation software allows a hacker to gain unauthorized access to protected information.

The vulnerability of the “Add Mycode” function in the MyBB forum creation software is related to insufficient validation of requests on the server side. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Mail function in the MyBB forum creation software allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Mail function in the MyBB forum creation software is related to insufficient testing of requests on the server side. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of Zoom, a video conferencing software, related to the falsification of cross-site requests, allows attackers to disclose protected information.

The vulnerability of Zoom video conferencing software is related to the manipulation of inter-site requests. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

The vulnerability of the config.xml file in TP-Link Archer C50 Wi-Fi routers allows a hacker to gain unauthorized access to protected information.

The vulnerability of the config.xml file in TP-Link Archer C50 Wi-Fi routers lies in the use of strictly encrypted credentials. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to protected information from a remote location...

The vulnerability of the Work Provider Administration component of the application for accessing, organizing, and interacting with various types of work in the Oracle Universal Work Queue system—a business automation solution from Oracle E-Business Suite—allows a malicious actor to gain access to read, modify, add, or delete data.

The vulnerability of the Work Provider Administration component of the application for accessing, organizing, and interacting with various types of work in the Oracle Universal Work Queue system, a business automation solution from Oracle E-Business Suite, is related to deficiencies in access...

The vulnerability of Trend Micro Worry-Free Business Security (WFBS) and Worry-Free Business Security Services (WFBSS) lies in the lack of authentication for a critical function, allowing attackers to gain full control over the application.

The vulnerability of Trend Micro Worry-Free Business Security WFBS and Worry-Free Business Security Services WFBSS lies in the lack of authentication for a critical function. Exploiting this vulnerability can allow an attacker, operating remotely, to gain full control over the application...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to trigger a service failure.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to a numerical overflow condition. Exploiting this vulnerability could allow an attacker to cause a service failure through a specially crafted HTML page...

The vulnerability of the setDiagnosisCfg() function in the cstecgi.cgi script of the mesh-system TOTOLink T6 software allows a intruder to execute arbitrary code.

The vulnerability of the setDiagnosisCfg function in the cstecgi.cgi script of the mesh-system TOTOLink T6 software is related to the issue of the operation exceeding the buffer boundaries in memory when processing the ip parameter. Exploiting this vulnerability allows a remote attacker to execut...

The vulnerability of the libsavsvc.so library in Android operating systems allows a hacker to trigger a service failure.

The vulnerability of the libsavsvc.so library in Android operating systems relates to the reading of data beyond the buffer boundaries in memory during the decoding of headers. Exploiting this vulnerability can allow an attacker to cause a service failure...

The software’s vulnerability related to accessing analytics and planning tools in the IBM Analytics Content Hub allows unauthorized users to upload any type of files. This vulnerability enables attackers to upload arbitrary files.

The vulnerability of the software for accessing analytics and planning tools in the IBM Analytics Content Hub is related to the ability to download files of a malicious nature without limitation. Exploiting this vulnerability could allow a malicious actor to download any files as desired...

The software’s vulnerability regarding access to analytics and planning tools in the IBM Analytics Content Hub, due to deficiencies in the error reporting mechanism, allows attackers to disclose sensitive information.

The vulnerability of the software for accessing analytics and planning tools in the IBM Analytics Content Hub is related to deficiencies in the reporting mechanism for errors. Exploiting this vulnerability can allow a malicious actor to disclose protected information...

The vulnerability of the sub_41F0FC function in the /H5/webgl.data file of the D-Link DI-7003GV2 router’s microprogramming software, which allows a hacker to disclose confidential information

The vulnerability of the sub41F0FC function in the /H5/webgl.data file of the D-Link DI-7003GV2 router’s microprogramming system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to disclose confidential information remotely...

The vulnerability of the urls.py component of the Mobile Security Framework (MobSF), which allows a hacker to trigger a service failure.

The vulnerability of the urls.py component of the Mobile Security Framework MobSF relates to improper validation of the specified data type during input processing. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

The vulnerability of the Import a Theme function in the MyBB forum creation software allows a hacker to gain unauthorized access to protected information.

The vulnerability of the “Import a Theme” function in the MyBB forum creation software is related to insufficient validation of requests on the server side. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the ConvertFromJson method in the monitoring and security management tool Trend Micro Apex Central allows a attacker to execute arbitrary code in the context of NETWORK SERVICE.

The vulnerability of the ConvertFromJson method in the Trend Micro Apex Central security monitoring and management tool is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code in the context of NETWORK SERVICE...

The vulnerability of the Install component of the Oracle Java SE software platform allows a perpetrator to gain full control over the application.

The vulnerability of the Install component of the Oracle Java SE software platform is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain full control over the application...

The vulnerability of the Suricata intrusion detection and prevention system, due to the unlimited distribution of resources, allows an intruder to trigger a service failure.

The vulnerability of the Suricata intrusion detection and prevention system is related to the unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service failures...

The vulnerability of the Kubernetes Image Builder software lies in its use of hard-coded credentials, which allows an attacker to gain access to the virtual machine.

The vulnerability of the Kubernetes Image Builder software lies in the use of strictly encrypted credentials. Exploiting this vulnerability could allow a malicious actor to gain access to the virtual machine remotely...

The vulnerability of the lxmldbc_system() function (/htdocs/cgibin) in the D-Link DIR-816L router’s software allows a hacker to execute arbitrary code.

The vulnerability of the lxmldbcsystem function /htdocs/cgibin of the D-Link DIR-816L router’s software is related to the lack of measures taken at the control level to clean data. Exploiting this vulnerability can allow an attacker operating remotely to execute arbitrary code...

The vulnerability of the System Time module in the D-LINK DIR-818LW router’s software management web interface allows a hacker to execute arbitrary commands.

The vulnerability of the System Time module in the D-LINK DIR-818LW router’s software management web interface is related to the lack of measures taken to neutralize special elements during the processing of the NTP Server parameter. Exploiting this vulnerability allows a remote attacker to execu...