The vulnerability of the ParsePKCS1PrivateKey function in the crypto/x509 library for the Go programming language allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the ParsePKCS1PrivateKey function in the crypto/x509 library for the Go programming language is related to incorrect processing of syntactically incorrect structures. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to...

The vulnerability of the Linux operating system’s kernel, related to synchronization errors, allows a hacker to cause a service failure.

The vulnerability of the Linux operating system’s kernel is related to synchronization errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the kernel component of the Linux operating system, which allows a hacker to cause a service failure

The vulnerability of the kernel component of the Linux operating system is related to a memory leak. Exploiting this vulnerability can allow an attacker to cause a system failure...

The vulnerability of the SCSI component in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the SCSI component in the Linux operating system is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the f2fs component of the Linux operating system’s kernel, which allows a hacker to cause a service failure

The vulnerability of the f2fs component of the Linux operating system’s kernel is related to improper blocking mechanisms. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the lua_resume component in the ldo.c script interpreter of Lua allows a hacker to cause a service failure.

The vulnerability of the luaresume component in the ldo.c script interpreter of Lua is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Centreon-web component of the Centreon software for monitoring IT infrastructure allows a perpetrator to influence the confidentiality, accessibility, and integrity of the protected information.

The vulnerability of the centreon-web component of the IT infrastructure monitoring software relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to influence the confidentiality, accessibility, and integrity of the protect...

The vulnerability of the WebSocket module in Node.js operating systems on FortiOS and proxy servers, which allows attackers to elevate privileges to the “super-admin” level.

The vulnerability of the WebSocket module in Node.js operating systems on FortiOS and FortiProxy proxy servers relates to bypassing the authentication process by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to elevate their privileges to “super-admi...

The vulnerability of the NVRAM Variable Handler in operating systems like MacOS allows a intruder to gain unauthorized access to protected information.

The vulnerability of the NVRAM Variable Handler component in MacOS systems is related to access control deficiencies. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

The vulnerability of the Password Autofill component in operating systems such as visionOS, iOS, iPadOS, MacOS, and watchOS allows attackers to read and write arbitrary files.

The vulnerability of the Password Autofill component in the visionOS, iOS, iPadOS, MacOS, and watchOS operating systems is related to the absence of authentication. Exploiting this vulnerability allows attackers to read and write arbitrary files...

The vulnerability of the NVRAM Variable Handler in macOS operating systems allows a hacker to read and write arbitrary files.

The vulnerability of the NVRAM Variable Handler component in MacOS systems is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows an attacker to read and write arbitrary files...

The vulnerability of MacOS operating systems, related to the lack of protection for service data, allows attackers to gain unauthorized access to protected information.

The vulnerability of MacOS operating systems is related to the lack of protection for operational data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of operating systems visionOS, iOS, iPadOS, MacOS, watchOS, and tvOS, related to writing beyond the memory buffer, allows attackers to damage memory.

The vulnerabilities of the operating systems visionOS, iOS, iPadOS, MacOS, watchOS, and tvOS are related to writing beyond the buffer boundaries of memory. Exploiting these vulnerabilities can allow attackers to corrupt memory...

Vulnerability of operating systems such as iOS, iPadOS, tvOS, MacOS, watchOS, and visionOS, due to errors in state management, allows attackers to gain unauthorized access to protected information.

The vulnerabilities of operating systems such as iOS, iPadOS, tvOS, macOS, watchOS, and visionOS are related to state management errors. Exploiting these vulnerabilities can allow a malicious actor to gain access to confidential information...

The vulnerability of the zram_meta_alloc() function in the zram module of Linux operating systems allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the zrammetaalloc function in the zram module of Linux operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

The vulnerability of macOS operating systems, related to the insecure storage of confidential information, allows attackers to gain unauthorized access to protected data.

The vulnerability of macOS operating systems lies in the insecure storage of confidential information. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to protected information...

The vulnerability of the ActionDispatch component in the Ruby on Rails software framework, which allows a hacker to trigger a service failure.

The vulnerability of the ActionDispatch component in the Ruby on Rails software framework is related to insufficient validation of data entered by users. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

The vulnerability of the ext4 kernel component in the Linux operating system, which allows a hacker to cause a service failure

The vulnerability of the ext4 kernel component in the Linux operating system is related to improper error handling. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Linux operating system’s kernel component allows a hacker to cause a service failure.

The vulnerability of the Linux operating system’s kernel component is related to improper locking mechanisms. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Linux operating system’s kernel, related to incorrect resource blocking, allows a hacker to trigger a service failure.

The vulnerability of the Linux operating system’s kernel is related to improper locking of resources. Exploiting this vulnerability can allow a perpetrator to cause service failures...

The vulnerability of the SCSI component in the Linux operating system allows a hacker to increase their privileges.

The vulnerability of the SCSI component in the Linux operating system is related to the operation of the process beyond the memory buffer boundaries. Exploiting this vulnerability can allow an attacker to gain elevated privileges...

The vulnerability of component AsoC in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of component AsoC in the Linux operating system’s kernel is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the vsock_*_has_data() function in the net/vmw_vsock/af_vsock.c module of Linux kernel allows a hacker to induce a service failure.

The vulnerability of the vsockhasdata function in the net/vmwvsock/afvsock.c module of the Linux kernel is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the get_imix_entries() function in the net/core/pktgen.c module of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the getimixentries function in the net/core/pktgen.c module of the Linux kernel is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the mlx5 driver (drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.c) in Linux operating systems, which allows a hacker to cause a service failure.

The vulnerability of the mlx5 driver drivers/net/ethernet/mellanox/mlx5/core/enaccel/ipsec.c in Linux operating systems is related to incorrect resource locking. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of the cifs component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the cifs component in the Linux operating system’s kernel is related to the pointer to NULL. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerabilities of Kaspersky Anti-Virus SDK for Windows, Kaspersky Security for Virtualization Light Agent, Kaspersky Endpoint Security for Windows, Kaspersky Small Office Security, Kaspersky for Windows (Standard, Plus, Premium), Kaspersky Free, Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Security Cloud, Kaspersky Safe Kids, and Kaspersky Anti-Ransomware Tool are related to a full-width overflow vulnerability, which allows an attacker to write arbitrary data and cause service interruptions.

The vulnerabilities of Kaspersky Anti-Virus SDK for Windows, Kaspersky Security for Virtualization Light Agent, Kaspersky Endpoint Security for Windows, Kaspersky Small Office Security, Kaspersky for Windows Standard, Plus, Premium, Kaspersky Free, Kaspersky Anti-Virus, Kaspersky Internet Securit...

The vulnerability of JavaScript script handlers in Google Chrome browsers allows attackers to partially compromise the accessibility of protected information.

The vulnerability of JavaScript script handlers in Google Chrome browsers relates to reading beyond the buffer boundary. Exploiting this vulnerability allows a malicious actor to partially compromise the accessibility of protected information through a specially crafted HTML page...

The vulnerability of Zyxel network device software of the CPE series exists due to the lack of measures taken to neutralize special elements used in the operating system commands. This allows attackers to execute arbitrary commands.

The vulnerability of Zyxel network devices of the CPE series exists due to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands with privileges as “supervisor” or...

The vulnerability of VMware Aria Operations for Logs, a tool for analyzing network logs, stems from the lack of security measures taken to protect the website structure. This vulnerability allows attackers to inject and execute arbitrary code in users’ browsers, within the context of the vulnerable website.

The vulnerability of the VMware Aria Operations for Logs network log analysis tool exists due to the lack of security measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to inject and execute arbitrary code into the user’s browser context throug...

The vulnerability of the AP4_StdcFileByteStream::ReadPartial() function in the ISO-MP4 Bento4 file reading and writing library allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the AP4StdcFileByteStream::ReadPartial function in the ISO-MP4 Bento4 file reading and writing library is related to the occurrence of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity,...

The vulnerability of Zyxel CPE series network device microprogramming software lies in the use of rigidly encrypted login credentials, which allows attackers to execute arbitrary codes.

The vulnerability of Zyxel network device software of the CPE series is related to the use of rigidly encrypted login credentials. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely, using the default login credentials...

The vulnerability of the Purchasing component in the Oracle PeopleSoft Enterprise SCM Purchasing application allows a hacker to gain read-only access to data or modify data.

The vulnerability of the Purchasing component in Oracle PeopleSoft Enterprise SCM Purchasing is related to incorrect authorization. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain read access to data or modify data using HTTP requests...

The vulnerability of JavaScript script handlers in Google Chrome browsers allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of JavaScript script handlers in Google Chrome browsers is related to buffer overflow in the “cull” mechanism. Exploiting this vulnerability allows a malicious actor to partially compromise the confidentiality, integrity, and accessibility of the protected information through a...

The vulnerability of the VMware Aria Operations for Logs network log analysis tool arises due to the lack of security measures taken to protect the website structure. This allows attackers to escalate their privileges and execute arbitrary code.

The vulnerability of the VMware Aria Operations for Logs network log analysis tool is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor, operating remotely, to perform certain operations from the perspective of a user administrating the syst...

The vulnerability of the StorageKit component for macOS operating systems allows attackers to escalate their privileges.

The vulnerability of the StorageKit component for macOS operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the Passwords component in the Safari browser for macOS operating systems allows a hacker to bypass security restrictions.

The vulnerability of the Passwords component in the Safari browser on macOS operating systems involves the disclosure of information through registration log files. Exploiting this vulnerability can allow a malicious actor to bypass security restrictions remotely...

The vulnerability of the Security component of the Oracle Communications Order and Service Management system allows a perpetrator to disclose protected information.

The vulnerability of the Security component of the Oracle Communications Order and Service Management system is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information through HTTP requests...

The vulnerability of the kauth_cred_proc_update() function in the operating system kernels of macOS and iPadOS allows a hacker to trigger a service failure.

The vulnerability of the kauthcredprocupdate function in the macOS and iPadOS operating systems is related to synchronization errors when using a shared resource a “race condition”. This occurs when an operation goes beyond the buffer in memory. Exploiting this vulnerability can allow a remote...

The vulnerability of the application and service integration tool based on the Matrix protocol, Matrix Hookshot, arises from insufficient checking of unusual or exceptional states, allowing a hacker to trigger a service failure.

The vulnerability of the application and service integration tool based on the Matrix Protocol, Matrix Hookshot, is related to insufficient checking of unusual or exceptional states during connection to the GitHub platform. Exploiting this vulnerability can allow a remote attacker to cause servic...

The vulnerability of the Java VM component of the Oracle Database Server management system allows a hacker to gain access to read data or modify data.

The vulnerability of the Java VM component of the Oracle Database Server management system is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to gain read access to data or modify data using network packets...

The vulnerability of the InnoDB component in the Oracle Database Server system allows a hacker to gain privileged access, modify data, or cause service failures.

The vulnerability of the InnoDB component in the Oracle Database Server system is related to deficiencies in the authentication process. Exploiting this vulnerability can allow a malicious actor to gain privileged access, modify data, or cause service failures through network packets...

The vulnerability of the VMware Aria Operations for Logs network log analysis tool, related to insecure privilege management, allows an attacker to perform certain operations in the context of the administrative user.

The vulnerability of the VMware Aria Operations for Logs network log analysis tool is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to perform certain operations from the perspective of a user administrating the system remotely...

The vulnerability of the monitoring tool for VMware Aria Operations, related to the lack of protection for service data, allows a perpetrator to disclose the protected information.

The vulnerability of the monitoring tool for VMware Aria Operations relates to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected information...

The vulnerability of the profapi.dll library in the Discord messaging system allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the profapi.dll library in the Discord instant messaging system is related to the use of an unreliable search path. Exploiting this vulnerability could allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the IBM Sterling File Gateway file server, which stems from inconsistencies in the responses to incoming requests, allows attackers to gain unauthorized access to protected information.

The vulnerability of the IBM Sterling File Gateway file server is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

The vulnerability of the WebKit component in iOS operating systems, iPadOS, tvOS, macOS, watchOS, visionOS, and the Safari browser allows a hacker to trigger a service failure.

The vulnerability of the WebKit component in iOS, iPadOS, tvOS, macOS, watchOS, visionOS operating systems, and the Safari browser is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

The vulnerability of the JDBC_PING configuration of the Infinispan data storage software allows a hacker to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerability of the JDBCPING configuration in the Infinispan data storage software is related to the disclosure of information through registration files in the log files. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain unauthorized access to...

The vulnerability of the `alloc_dispatch_log_kmem_cache()` function (arch/powerpc/platforms/pseries/setup.c) in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the allocdispatchlogkmemcache function arch/powerpc/platforms/pseries/setup.c in the Linux operating system is related to the lack of memory release after the effective lifespan has ended. Exploiting this vulnerability can allow an attacker to trigger a service failure...

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to execute arbitrary code or cause service interruptions.

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure through a specially crafted HTML page...