Vulnerability of the Server component: The Oracle MySQL Server database management system’s packaging, which allows a hacker to trigger a service failure.

The vulnerability of the Oracle MySQL Server database management system component involves the exhaustion of memory resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions through network packets...

The vulnerability of the Device Settings module in the LibreNMS network monitoring system allows a violator to perform cross-site scripting attacks.

The vulnerability of the Device Settings module in the LibreNMS network monitoring system is related to the lack of protective measures taken for the website structure when processing the Display Name field. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting...

The vulnerability of component E1 in the IOT Orchestrator Security application of JD Edwards EnterpriseOne allows a perpetrator to gain unauthorized access to the device.

The vulnerability of component E1 in the JD Edwards EnterpriseOne Orchestrator Security application relates to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to the device through HTTP requests...

The vulnerability of microprogrammed programmable logic controllers ABB FBXi, FBVi, FBTi, and CBXi arises from incorrect handling of file names for PHP functions like include or require. This allows attackers to exploit their privileges and execute arbitrary code.

The vulnerability of microprogrammed programmable logic controllers ABB FBXi, FBVi, FBTi, and CBXi is related to incorrect handling of file names for PHP functions like include or require. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code...

The vulnerability of the Security component of the Oracle Communications Order and Service Management system allows a perpetrator to gain read, modify, add, or delete access to data, or cause a partial service disruption.

The vulnerability of the Security component of the Oracle Communications Order and Service Management system is related to a data source validation error. Exploiting this vulnerability may allow an attacker, operating remotely, to gain read, modify, add, or delete access to data, or cause a parti...

The vulnerability of the Web Access component of the Oracle Primavera P6 Enterprise Project Portfolio Management application allows a attacker to gain read access to data or modify data.

The vulnerability of the Web Access component of the Oracle Primavera P6 Enterprise Project Portfolio Management application is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to gain read access to data or modify data through HTTP...

The vulnerability of the online business analytics service IBM Cognos Analytics, related to unlimited uploading of dangerous types of files, allows a perpetrator to upload any type of files.

The vulnerability of the online business analytics service IBM Cognos Analytics relates to the unlimited uploading of dangerous types of files. Exploiting this vulnerability could allow a malicious actor to upload any type of files remotely...

The vulnerability of the OTRS request processing system, related to incorrect handling of HTTP request headers, allows a hacker to upload arbitrary files.

The vulnerability of the OTRS request processing system is related to the improper handling of HTTP request headers due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to upload arbitrary files...

The vulnerability in the web application for managing and administering the SAP Commerce Backoffice platform, related to the lack of protective measures for the website structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of the web application for managing and administering the SAP Commerce Backoffice platform is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of the vduse_vdpa_get_config() function in the vDPA driver of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the vdusevdpagetconfig function in the vDPA driver, located in the drivers/vdpa/vdpauser/vdusedev.c file of the Linux kernel, involves reading memory beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of Ivanti Connect Secure (formerly Pulse Connect Secure) and Ivanti Policy Secure network access control tools arises from the improper assignment of permissions for critical resources. This allows attackers to increase their privileges.

The vulnerability of Ivanti Connect Secure formerly Pulse Connect Secure and Ivanti Policy Secure network access control tools is related to the improper assignment of permissions for critical resources. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability in the web-based interface for managing software for network deployment and security management in HPE Aruba Networking Fabric Composer allows attackers to execute cross-site scripting attacks.

The vulnerability in the web-based interface for managing software for network deployment and security management in HPE Aruba Networking Fabric Composer is related to the lack of protective measures for the web page structure. Exploiting this vulnerability could allow a malicious actor to carry...

The vulnerability in the web-based interface for managing software for network deployment and security management in HPE Aruba Networking Fabric Composer allows a malicious actor to escalate their privileges, gain access to protected information, and modify system settings.

The vulnerability of the web-based interface for managing software for network deployment and security management in HPE Aruba Networking Fabric Composer is related to access control errors. Exploiting this vulnerability can allow an attacker to enhance their privileges, gain access to protected...

The vulnerability in the web interface for managing software for network deployment and security management in HPE Aruba Networking Fabric Composer allows a malicious actor to alter system settings.

The vulnerability in the web-based management interface for network deployment and security management in HPE Aruba Networking Fabric Composer is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor to remotely modify system settings...

Vulnerability of functions cs_dsp_coeff_parse_string(), cs_dsp_coeff_parse_int(), cs_dsp_coeff_parse_coeff(), and cs_dspParse_coeff() (drivers/firmware/cirrus/cs_dsp.c) in the Linux operating system’s kernel, which allows a hacker to cause a service failure.

The vulnerability of the functions csdspcoeffparsestring, csdspcoeffparseint, csdspcoeffparsecoeff, and csdspParsecoeff drivers/firmware/cirrus/csdsp.c in the Linux operating system’s kernel is related to the execution of operations outside of memory buffers. Exploiting this vulnerability can all...

The vulnerability of the toshiba_acpi driver (driver/platform/x86/toshiba_acpi.c) in the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the toshibaacpi driver driver/platform/x86/toshibaacpi.c in the Linux kernel is related to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...

The vulnerability of the Install component of the Oracle Analytics software solution allows a hacker to gain privileged access to the infrastructure.

The vulnerability of the Install component of the Oracle Analytics software solution is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow an attacker to gain privileged access to the infrastructure...

The vulnerability of the Admin Screens and Grants UI components of the Oracle Workflow system allows a malicious individual to gain read access to data or to modify, add, or delete data.

The vulnerability of the Admin Screens and Grants UI component of the Oracle Workflow system relates to improper storage of permissions. Exploiting this vulnerability can allow an attacker, operating remotely, to gain read access to data or to modify, add, or delete data through HTTP requests...

The vulnerability of Oracle Communications’ Order and Service Management system, related to improper storage of permissions, allows a perpetrator to compromise the confidentiality and integrity of the protected information.

The vulnerability of Oracle Communications Order and Service Management system is related to improper storage of permissions. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality and integrity of the protected information...

The vulnerability of the Connector/Python environment component in Oracle Application Express software allows a attacker to read and modify data, or cause a service failure.

The vulnerability of the Connector/Python component in Oracle Application Express application development software relates to unlimited resource allocation or throttling. Exploiting this vulnerability can allow a malicious actor to gain read and write access to data, or cause service failures...

The vulnerability of the Oracle Financial Services Behavior Detection Platform component in the bank analytics system’s simulation model for Oracle Financial Services Applications allows a perpetrator to compromise the confidentiality and integrity of the protected information.

The vulnerability of the Oracle Financial Services Behavior Detection Platform component in the bank analytics system’s simulation model exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality and integrity of...

The vulnerability of microprogrammed software for programmable logic controllers ABB FBXi, FBVi, FBTi, and CBXi lies in the lack of origin verification in WebSockets. This allows attackers to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerability of microprogrammed programmable logic controllers ABB FBXi, FBVi, FBTi, and CBXi is related to the lack of origin verification in WebSockets. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain unauthorized access to protected...

The vulnerability of the General component in Oracle Application Express development environment allows a attacker to compromise the confidentiality and integrity of the protected information.

The vulnerability of the General component in Oracle Application Express development relates to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to influence the confidentiality and integrity of protected information through HTTP requests...

The vulnerability of the Kibana data visualization service, related to unlimited resource distribution, allows a perpetrator to cause a service failure.

The vulnerability of the Kibana data visualization service is related to the unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause a service failure by sending a specially crafted request...

The vulnerability of the ppp_read() and ppp_write() functions (drivers/net/ppp/ppp_generic.c) in the Linux operating system’s PPP kernel driver allows a hacker to cause a service failure.

The vulnerability of the pppread and pppwrite functions drivers/net/ppp/pppgeneric.c in the Linux kernel-based PPP driver is related to insufficient input data validation. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the functions sock_set_flag() and spin_unlock() (net/ipv4/udp.c) in the Linux kernel’s UDP component allows a attacker to cause a service failure.

The vulnerabilities of the functions socksetflag and spinunlock net/ipv4/udp.c in the Linux kernel’s UDP component are related to resource management errors. Exploiting these vulnerabilities could allow an attacker to cause a service failure...

The vulnerability of the radeon_gem_va_update_vm() function (drivers/gpu/drm/radeon/radeon_gem.c) in the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the radeongemvaupdatevm function drivers/gpu/drm/radeon/radeongem.c in the Linux kernel is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...

Vulnerability of the Server component: Security: Privileges of the Oracle MySQL Server database management system, allowing attackers to gain read access to data, modify data, or obtain privileged access.

The vulnerability of the Server component, specifically Security: Privileges of the Oracle MySQL Server database management system, relates to reading data beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker, operating remotely, to gain read access to data, modify...

Vulnerability of the Server component: The Optimizer component of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Oracle MySQL Server component of the database management system’s optimizer is related to the exhaustion of memory resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions through network packets...

The vulnerability of the Design Tools component of the JD Edwards EnterpriseOne Tools system, which manages enterprise resources, allows a perpetrator to gain access to read, modify, add, or delete data.

The vulnerability of the Design Tools component of the JD Edwards EnterpriseOne Tools system’s resource management system is related to the absence of authentication. Exploiting this vulnerability allows a malicious actor to gain access to read, modify, add, or delete data through HTTP requests...

The vulnerability of the Panel Processor component in the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a hacker to gain read access to data.

The vulnerability of the Panel Processor component in the Oracle PeopleSoft Enterprise PeopleTools business application suite relates to reading data beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to gain access to data reading through HTTP requests...

The vulnerability of the SSL-VPN portal for FortiOS operating systems allows a hacker to induce a service failure.

The vulnerability of the SSL-VPN portal for FortiOS operating systems is related to the assignment of the zero pointer. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...

The vulnerability of Schneider Electric EcoStruxure Power Build Rapsody software for designing and configuring electrical systems lies in the fact that operations may occur outside the buffer boundaries of memory, allowing an attacker to execute arbitrary code.

The vulnerability of Schneider Electric EcoStruxure Power Build Rapsody software for designing and configuring electrical systems lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of microprogrammed software in programmable logic controllers ABB FBXi, FBVi, FBTi, and CBXi lies in the ability to disclose information through registration files in the log files. This allows attackers to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerability of microprogrammed logic controllers such as ABB FBXi, FBVi, FBTi, and CBXi relates to the disclosure of information through registration files in the log files. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain unauthorized access t...

The vulnerability of SAP Document Builder in creating and managing documents, related to deficiencies in the authorization process, allows attackers to escalate their privileges.

The vulnerability of SAP Document Builder, a tool for creating and managing documents, is related to deficiencies in its authentication procedures. Exploiting this vulnerability could allow attackers to gain increased privileges remotely...

The vulnerability of the Four-Faith F3x36 microprogrammed router server lies in the lack of authentication for a critical function, allowing an attacker to modify the device’s configuration.

The vulnerability of the Four-Faith F3x36 microprogrammed router software server lies in the lack of authentication for a critical function. Exploiting this vulnerability allows an attacker to remotely modify the device’s configuration by sending specially crafted HTTP requests...

The vulnerability of the ABB ASPECT-Enterprise system for managing technological processes, as well as the micro-program software used for controllers of the ABB MATRIX and NEXUS series, stems from the use of rigidly encrypted account data. This vulnerability allows a perpetrator to execute arbitrary codes.

The vulnerability of the ABB ASPECT-Enterprise system for managing technological processes, as well as the microsoftware used for controllers of the ABB MATRIX and NEXUS series, stems from the use of rigidly encoded account data. Exploiting this vulnerability could allow a malicious actor to...

The vulnerability of the i40e_xdp_setup() function (drivers/net/ethernet/intel/i40e/i40e_main.c) in the Linux kernel driver for the i40e driver allows a hacker to cause a service failure.

The vulnerability of the i40exdpsetup function drivers/net/ethernet/intel/i40e/i40emain.c in the Linux kernel driver for the i40e chip is related to improper resource locking. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the check_access() function in the system for launching and managing large language multimodal systems (LoLLMS) allows a perpetrator to gain access to read, modify, or delete data, or to cause service failures.

The vulnerability of the checkaccess function in the system for launching and managing large language multimodal systems LoLLMS is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to gain read, modify, or delete access to data, or to cau...

The vulnerabilities of the ReSharper plugin of the Microsoft Visual Studio software, the cross-platform integrated development environment from JetBrains called Rider, the performance profiler dotTrace, and the ETW Host Service at the kernel and application level, related to improper process management, allow attackers to gain elevated privileges.

The vulnerabilities of the ReSharper plugin of the Microsoft Visual Studio software, the cross-platform integrated development environment from JetBrains called Rider, the performance profiler dotTrace, and the kernel-level and application-level Event Tracking Service Host Service are related to...

The vulnerability in the web-based interface for managing software for network deployment and security management in HPE Aruba Networking Fabric Composer allows attackers to execute cross-site scripting attacks.

The vulnerability in the web-based interface for managing software for network deployment and security management in HPE Aruba Networking Fabric Composer is related to the lack of protective measures for the web page structure. Exploiting this vulnerability could allow a malicious actor to carry...

The vulnerability of the CommuniGate Pro mail server, related to buffer overflows in the stack, allows a hacker to execute arbitrary code.

The vulnerability of the CommuniGate Pro mail server is related to buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Vulnerabilities of functions nf_tables_rule_release(), nft_chain_validate(), nft_chain_validate_hooks(), and nft_validate_register_store() (net/netfilter/nf_tables_api.c) in the netfilter component of the Linux operating system’s kernel, which allow a hacker to cause a service failure.

The vulnerabilities of the functions nftablesrulerelease, nftchainvalidate, nftchainvalidatehooks, and nftvalidateregisterstore net/netfilter/nftablesapi.c in the netfilter component of the Linux operating system are related to insufficient input validation. Exploitation of these vulnerabilities...

The vulnerability of the usb_parse_endpoint() function (drivers/usb/core/config.c) in the Linux kernel USB driver allows a hacker to induce a service failure.

The vulnerability of the usbparseendpoint function drivers/usb/core/config.c in the Linux kernel USB driver is related to insufficient input data validation. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the nilfsDotdot() function in the nilfs2 file system of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the nilfsDotdot function in the nilfs2 file system of the Linux operating system is related to incorrect error handling. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the sclp_init() function (drivers/s390/char/sclp.c) in the Linux operating system allows a malicious actor to cause a service failure.

The vulnerability of the sclpinit function drivers/s390/char/sclp.c in the Linux operating system kernel is related to resource management errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the hci_unregister_dev() function (net/bluetooth/hci_core.c) in the Linux operating system’s Bluetooth kernel driver allows a attacker to cause a service failure.

The vulnerability of the hciunregisterdev function net/bluetooth/hcicore.c in the Linux operating system’s Bluetooth kernel driver is related to improper resource locking. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the Skia graphic library used by Google Chrome and Microsoft Edge allows attackers to execute arbitrary code or cause service interruptions.

The vulnerability of the Skia graphic library used by Google Chrome and Microsoft Edge is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause a service failure through a specially created HTML page...

The vulnerability of the Core server component of Oracle WebLogic Server allows a attacker to trigger a service failure.

The vulnerability of the Core server component of Oracle WebLogic Server is related to the exhaustion of memory resources. Exploiting this vulnerability can allow a malicious actor to cause service failures through HTTP requests...

Vulnerability of the Server component: Security: Privileges of the Oracle MySQL Server database management system, allowing attackers to gain read access to data, modify data, or obtain privileged access.

The vulnerability of the Server component, specifically the Security: Privileges section of the Oracle MySQL Server database management system, is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows a malicious actor to gain read access to data, modify...