The vulnerability of the platform’s management interface for deploying and managing LoadMaster applications allows a perpetrator to execute arbitrary commands.

The vulnerability of the platform’s management interface for deploying and managing LoadMaster applications is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using a specially created HTTP request...

The vulnerability of the platform’s management interface for deploying and managing LoadMaster applications allows a perpetrator to execute arbitrary commands.

The vulnerability of the platform’s management interface for deploying and managing LoadMaster applications is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using a specially created HTTP request...

The vulnerability of the setFixTools function in the microprogramming software for wireless Wi-Fi routers Tenda W30E allows a hacker to execute arbitrary commands.

The vulnerability of the setFixTools function in the microprogramming software for Tenda W30E wireless Wi-Fi routers lies in the reading of data beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the platform’s management interface for deploying and managing LoadMaster applications allows a perpetrator to execute arbitrary commands.

The vulnerability of the platform’s management interface for deploying and managing LoadMaster applications is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using a specially created HTTP request...

The vulnerability of the setUmountUSBPartition function in the microprogramming software for wireless Wi-Fi routers Tenda W30E allows a hacker to execute arbitrary commands.

The vulnerability of the setUmountUSBPartition function in the microprogramming software for Tenda W30E wireless Wi-Fi routers is related to reading data beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the verify_dnskey_rrset() function in the Hickory DNS client (formerly Trust-DNS) allows a attacker to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerability of the verifydnskeyrrset function in the Hickory DNS client formerly Trust-DNS is related to insufficient verification of data authenticity. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain unauthorized access to protected informati...

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to execute arbitrary code and trigger service failures.

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers is related to operations that go beyond buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service interruptions...

The vulnerability of the Navigation function in Google Chrome and Microsoft Edge browsers allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the Navigation function in Google Chrome and Microsoft Edge is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code or cause a service failure...

The vulnerability in the user interfaces of Google Chrome and Microsoft Edge allows a hacker to gain access to read, modify, and delete data.

The vulnerability in the user interfaces of Google Chrome and Microsoft Edge relates to improper security checks for standard elements. Exploiting this vulnerability can allow an attacker to gain access to, read, modify, and delete data...

The vulnerability of the web interface of microprogramming software for programmable logic controllers SIMATIC S7-1200 allows a attacker to perform a CSRF attack.

The vulnerability of the web interface of microprogramming software for programmable logic controllers SIMATIC S7-1200 is related to the of cross-site requests. Exploiting this vulnerability can allow a malicious actor to execute a CSRF attack remotely...

The vulnerabilities of the Generic Data Mapper, Engineering Adapter, and Engineering Interface modules of the software for designing, operating, and maintaining technological installations like COMOS, allow attackers to execute XXE attacks.

The vulnerability of the Generic Data Mapper, Engineering Adapter, and Engineering Interface modules of the COMOS software for designing, operating, and maintaining technological installations is related to a bug that restricts XML references to external objects. Exploiting this vulnerability cou...

The vulnerability of the Veeam Updater, a component of backup and recovery tools such as Veeam Backup for Salesforce, Veeam Backup for Nutanix AHV, and Veeam Backup for AWS, allows a perpetrator to carry out a “man-in-the-middle” attack.

The vulnerability of the Veeam Updater, a component of backup and recovery tools such as Veeam Backup for Salesforce, Veeam Backup for Nutanix AHPV, and Veeam Backup for AWS, relates to access to a channel from a non-endpoint location. Exploiting this vulnerability allows a remote attacker to...

The vulnerability of Mendix LDAP module in the deployment and application testing software platform of Mendix allows a hacker to bypass security restrictions.

The vulnerability of Mendix LDAP in the software deployment and application testing platform relates to the failure to eliminate special elements in LDAP requests. Exploiting this vulnerability allows a malicious actor to bypass security restrictions remotely...

The vulnerability in the software web interface for controlling power supply units like PowerChute Serial Shutdown allows a intruder to trigger a service failure.

The vulnerability in the software web interface for controlling power supply units like PowerChute Serial Shutdown is related to improper authentication. Exploiting this vulnerability could allow an attacker, operating remotely, to cause a service failure...

The vulnerability of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller lies in the lack of a mechanism for generating error reports. This allows attackers to gain unauthorized access to protected information.

The vulnerabilities of the software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller are related to deficiencies in the mechanism for generating error reports. Exploiting these vulnerabilities can allow unauthorized actors to...

The vulnerability in the web interface of the operating system PAN-OS allows a hacker to enhance their privileges.

The vulnerability in the web interface of the operating system PAN-OS is related to the lack of authentication checks for a critical function. Exploiting this vulnerability allows an attacker to enhance their privileges to execute PHP scripts by sending specially crafted HTTP requests...

The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from insufficient validation of requests on the server side. This allows a hacker to execute an SSRF attack.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to insufficient testing of server-side requests. Exploiting this vulnerability allows a malicious actor to perform an SSRF attack remotely...

The vulnerability of the web service for transmitting information through temporary links, Password Pusher, is related to incorrect session duration. This allows attackers to gain unauthorized access and disclose the protected information.

The vulnerability of the web service for transmitting information through temporary links, Password Pusher, is related to incorrect session duration. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access and disclose the protected information...

The vulnerability of the Ivanti Connect Secure and Ivanti Policy Secure access control tools lies in the lack of measures taken to protect the website structure. This allows attackers to enhance their privileges and perform cross-site scripting attacks.

The vulnerability of the Ivanti Connect Secure and Ivanti Policy Secure access control tools is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to enhance their privileges and perform cross-site scripting attacks...

The vulnerability of the Ivanti Connect Secure access control tool, related to reading data outside the buffer in memory, allows a intruder to execute arbitrary code.

The vulnerability of the Ivanti Connect Secure access control tool lies in the reading of data outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the eeh_pe_bus_get() function (arch/powerpc/kernel/eeh_pe.c) in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the eehpebusget function arch/powerpc/kernel/eehpe.c in the Linux operating system is related to improper locking of resources. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability in the apc_client_pin.cgi script of D-Link DIR-825 router software allows a hacker to execute arbitrary commands.

The vulnerability in the apcclientpin.cgi script of D-Link DIR-825 router microprogramming software exists due to the failure to implement measures to neutralize special elements used in the operating system’s command for processing the wpspin parameter. Exploiting this vulnerability allows a...

The vulnerability of the `cachefiles_ondemand_send_req()` function (fs/cachefiles/ondemand.c) in the Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the cachefilesondemandsendreq function fs/cachefiles/ondemand.c in the Linux kernel is related to incorrect resource locking. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the userfaultfd_api() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the userfaultfdapi function in the Linux operating system is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the user interface of Kubernets Rancher cluster management software allows a attacker to perform XSS attacks.

The vulnerability of the user interface of Kubernets Rancher cluster management software is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

The vulnerability of the `cachefiles_ondemand_clean_object()` function (fs/cachefiles/ondemand.c) in the Linux kernel allows a malicious actor to exploit their privileges.

The vulnerability of the cachefilesondemandcleanobject function fs/cachefiles/ondemand.c in the Linux kernel is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to enhance their privileges...

The vulnerability of the sk_msg_recvmsg() function (net/core/skmsg.c) in the skmsg component of the Linux operating system’s kernel allows a attacker to cause a service failure.

The vulnerability of the skmsgrecvmsg function net/core/skmsg.c in the skmsg component of the Linux operating system’s kernel is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the library collection on XWiki Commons, a platform for creating collaborative web applications. XWiki Platform: XWiki allows attackers to execute arbitrary code.

The vulnerability in the library collection of XWiki Commons, a platform for creating collaborative web applications, is related to improper escaping of the symbol. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the graphical interface of the software platform for coordinating the operation of (orchestrating) cybersecurity systems and for managing incident responses in real-time with Fortinet FortiSOAR allows a perpetrator to execute arbitrary code.

The vulnerability of the graphical interface of the software platform for coordinating the operation of cybersecurity systems and for managing real-time incident responses in Fortinet FortiSOAR is related to the absence of mechanisms for neutralizing elements related to CSV files. Exploiting this...

The vulnerability of the sub_422eb8 function in Linksys E8450 Wi-Fi routers allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the sub422eb8 function in Linksys E8450 Wi-Fi routers’ microprogramming software is related to the copying of buffers without checking the size of the input data during the processing of the strncpy parameter. Exploiting this vulnerability allows an attacker to execute...

The vulnerability of the JWT OmniAuth provider configuration on the software platform based on git, which allows a hacker to perform XSS attacks during collaborative code development on GitLab.

The vulnerability of the JWT OmniAuth provider configuration on the software platform based on Git, for collaborative code development on GitLab, is related to the exploitation of cross-site requests. Exploiting this vulnerability allows a malicious actor to carry out a Cross-Site Scripting XSS...

The vulnerability of the distributed database management system Apache Cassandra lies in its insecure handling of privileges, allowing attackers to elevate their own privileges.

The vulnerability of the distributed database management system Apache Cassandra lies in the insecure management of privileges. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

The vulnerability of the WLAN STA Driver software driver from MediaTek allows a hacker to execute arbitrary code.

The vulnerability of the WLAN STA Driver microprogramming software chip from MediaTek relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

The vulnerability of the TypeScript-based authentication library Better Auth, related to the lack of protective measures for website structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of the TypeScript-based authentication library Better Auth relates to the lack of measures taken to protect the website structure when processing the error parameter. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of the ieee802154_if_remove() function in the net/mac802154/iface.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the ieee802154ifremove function in the net/mac802154/iface.c module of the Linux kernel is related to an incorrect representation of the list of network devices, resulting from insufficient validation of input data. Exploiting this vulnerability could allow an attacker to cau...

The vulnerability of the software platform for developing and managing Adobe Commerce B2B platforms, related to deficiencies in authentication mechanisms, allows attackers to circumvent security restrictions.

The vulnerability of the software platform for developing and managing Adobe Commerce B2B is related to deficiencies in authentication mechanisms. Exploiting this vulnerability could allow a malicious actor to circumvent security restrictions from a remote location...

The vulnerability of the System Settings component in macOS operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the System Settings component in macOS operating systems relates to the exposure of password values in log files. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the IOMobileFrameBuffer component in operating systems such as MacOs, tvOs, watchOs, iPadOs, and iOS allows a perpetrator to influence data integrity.

The vulnerability of the IOMobileFrameBuffer component in operating systems such as MacOs, tvOS, watchOS, iPadOS, and iOS lies in reading data beyond the allowed range in memory. Exploiting this vulnerability can allow an attacker to compromise data integrity...

The vulnerability of the ICU operating system components in MacOs, visionOS, tvOS, watchOS, iPadOS, and iOS allows attackers to trigger service failures.

The vulnerability of ICU components in MacOs, visionOS, tvOS, watchOS, iPadOS, and iOS lies in reading data beyond the allowed range in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the QuartzCore component in operating systems such as MacOs, visionOS, tvOS, watchOS, iPadOS, and iOS allows a hacker to trigger a service failure.

The vulnerability of the QuartzCore component in operating systems such as MacOs, visionOS, tvOS, watchOS, iPadOS, and iOS is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

The vulnerability of the Face Gallery component in operating systems like watchOS and iOS allows a perpetrator to disclose protected information.

The vulnerability of the Face Gallery component in operating systems such as watchOS, iOS, and iPadOS is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

The vulnerability of the ASP TCP component on MacOs allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the ASP TCP component on MacOs systems is related to reading beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the IOMobileFrameBuffer component in operating systems such as MacOs, tvOs, watchOs, iPadOs, and iOS allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the IOMobileFrameBuffer component in operating systems such as MacOs, tvOS, watchOS, iPadOS, and iOS lies in the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and...

The vulnerability of the Accounts component in operating systems such as MacOs, iOS, and iPadOS allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Accounts component in MacOS, iOS, and iPadOS is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Messages component of the MacOS operating system allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Messages component in the MacOS operating system is related to the insecure storage of confidential information. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Security component of the MacOS operating system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Security component of the MacOS operating system is related to the insecure storage of confidential information. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the CoreMedia component in operating systems such as MacOs, iPadOS, VisionOS, iOS, WatchOS, and tvOS allows a hacker to trigger a service failure.

The vulnerability of the CoreMedia component in operating systems such as MacOs, iPadOS, VisionOS, iOS, WatchOS, and tvOS is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

The vulnerability of the Find My component in MacOS operating systems allows a perpetrator to disclose protected information.

The vulnerability of the Find My component in MacOS operating systems is related to insufficient protection of service data. Exploiting this vulnerability can allow attackers to disclose protected information...

The vulnerability of the formSetClientState function in the Tenda AC18 router software allows a attacker to trigger a service failure or execute arbitrary code.

The vulnerability of the formSetClientState function in the Tenda AC18 router software is related to buffer overflows in the stack when processing the limitSpeedUp parameter. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code using a specially...

The vulnerability in the form2Wan.cgi script of the D-Link DIR-816A router’s software allows a hacker to execute arbitrary code.

The vulnerability of the form2Wan.cgi script in the D-Link DIR-816A2 router software is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created HTTP POST request...