90709 matches found
The vulnerability of SolarWinds IT infrastructure management software’s Web Help Desk system, related to deficiencies in authentication procedures, allows attackers to bypass security restrictions and gain unauthorized access to protected information.
The vulnerability of the SolarWinds IT infrastructure management software’s Web Help Desk component is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow an attacker to bypass security restrictions and gain unauthorized access to protected information...
The vulnerability of SolarWinds IT infrastructure management software’s Web Help Desk system, which stems from the use of strictly encrypted user credentials, allows a hacker to escalate their privileges.
The vulnerability of SolarWinds IT infrastructure management software’s Web Help Desk component is related to the use of strictly encrypted user credentials. Exploiting this vulnerability could allow a malicious actor to gain increased privileges remotely...
The vulnerability of Tenda W30E wireless Wi-Fi routers’ microprogramming software, related to the lack of measures taken to protect the website structure, allows attackers to carry out cross-site scripting attacks.
The vulnerability of the microprogrammed wireless Wi-Fi router Tenda W30E is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...
The vulnerability of the microprogramming software for Rockwell Automation’s ArmorStart LT distributed controllers, related to uncontrolled resource consumption, allows a intruder to trigger a service failure.
The vulnerability of the microprogramming software in Rockwell Automation’s ArmorStart LT distributed controllers is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of Vivotek IP7137 micro-programmed IP cameras arises from incorrect restrictions on the path name to the restricted access directory. This allows intruders to gain unauthorized access to protected information.
The vulnerability of Vivotek IP7137 micro-programmed software cameras is related to incorrect restrictions on the path name to the restricted access directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the container management system and the Incus virtual machine manager, related to the failure to take measures to neutralize CRLF sequences, allows a perpetrator to execute arbitrary commands.
The vulnerability of the container management system and the virtual machine manager Incus is related to the failure to take measures to neutralize CRLF sequences. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the microprogramming software for Rockwell Automation’s ArmorStart LT distributed controllers, related to uncontrolled resource consumption, allows a intruder to trigger a service failure.
The vulnerability of the microprogramming software in Rockwell Automation’s ArmorStart LT distributed controllers is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the configuration mechanism for MAC address filtering in the web interface of D-Link DIR-615 software lies in its ability to allow attackers to execute arbitrary commands.
The vulnerability of the mechanism for configuring the MAC address filter configuration on D-Link DIR-615 web interfaces for microprogrammed router software is related to the failure to take measures to neutralize certain elements. Exploiting this vulnerability allows a malicious actor to execute...
The vulnerability of the WebView component for displaying web pages in Google Chrome allows a hacker to execute arbitrary code.
The vulnerability of the WebView component of Google Chrome’s browser lies in the lack of authentication. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created Chrome extension from a remote location...
The vulnerability of the blk_mq_{add,del}_queue_tag_set() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the blkmqadd,delqueuetagset function in the Linux operating system is related to errors during thread locking. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the I2C MOST driver in the Linux operating system allows a hacker to execute arbitrary code.
The vulnerability of the I2C MOST driver in the Linux operating system is related to the assignment of the zero pointer. Exploiting this vulnerability allows an attacker to execute arbitrary code...
The vulnerability of the API Team Manager web hosting cPanel control interface allows a hacker to upload arbitrary files and increase their privileges.
The API Team Manager web hosting control panel has a vulnerability due to incorrect path name restrictions for the restricted directory. Exploiting this vulnerability allows an attacker to write arbitrary files and elevate their privileges to the root level...
The vulnerability of UEFI microprogramming on MSI motherboards based on Intel 600 and 700 chipsets allows a hacker to perform DMA attacks and circumvent existing security restrictions.
The vulnerability of UEFI microprogramming on MSI motherboards based on Intel 600 and 700 chipsets is related to a violation of data protection mechanisms. Exploiting this vulnerability allows an attacker to perform DMA attacks and circumvent existing security restrictions...
The vulnerability of the Rust Binder driver for inter-process interaction in Linux kernel allows a hacker to trigger a service failure.
The vulnerability of the Rust Binder driver for inter-process interaction in Linux kernel relates to incorrect resource locking. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the GNU Wget2 download manager, related to incorrect path name restrictions for restricted directories, allows a perpetrator to expose protected information and compromise the system.
The vulnerability of the GNU Wget2 download manager is related to incorrect restrictions on the path to the restricted directory. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information and compromise the system...
The vulnerability of the LivewireFilemanagerComponent.php component of the Livewire Filemanager, which allows a hacker to execute unauthorized code.
The vulnerability of the LivewireFilemanagerComponent.php file manager in Livewire Filemanage allows for unlimited downloading of files of a malicious type. Exploiting this vulnerability could enable a remote attacker to execute arbitrary code by sending a specially created malicious PHP file...
The vulnerability in the script/cgi-bin/admin/setparam.cgi of the Vivotek IP7137 microprogramming system allows a intruder to gain unauthorized access to protected information.
The vulnerability of the /cgi-bin/admin/setparam.cgi script of the Vivotek IP7137 microprogrammed camera software is related to the failure to eliminate certain special elements during the processing of the systemntpIt parameter. Exploiting this vulnerability could allow an attacker, operating...
The vulnerability of the Real-Time Streaming Protocol (RTSP) implementation of Vivotek IP7137 software, which allows a intruder to gain unauthorized access to protected information.
The vulnerability of the Real-Time Streaming Protocol RTSP implementation of Vivotek IP7137 software-based IP cameras is related to the absence of authentication for a critical function. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to...
The vulnerability of the microprogramming software for Rockwell Automation’s ArmorStart LT distributed controllers, related to uncontrolled resource consumption, allows a intruder to trigger a service failure.
The vulnerability of the microprogramming software in Rockwell Automation’s ArmorStart LT distributed controllers is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the fuse component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the fuse component in the Linux operating system’s kernel is related to errors during link counter updates. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the microprogramming software for Rockwell Automation’s ArmorStart LT distributed controllers, related to uncontrolled resource consumption, allows a intruder to trigger a service failure.
The vulnerability of the microprogramming software in Rockwell Automation’s ArmorStart LT distributed controllers is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the node-tar library on the Node.js software platform allows attackers to bypass existing security mechanisms.
The vulnerability of the node-tar library in the Node.js software platform is related to an incorrect limitation on the path name for the directory. Exploiting this vulnerability could allow a malicious actor to bypass existing security mechanisms when unpacking a specially crafted TAR archive...
The vulnerability of the microprogramming software for Rockwell Automation’s ArmorStart LT distributed controllers, related to uncontrolled resource consumption, allows a intruder to trigger a service failure.
The vulnerability of the microprogramming software in Rockwell Automation’s ArmorStart LT distributed controllers is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the microprogramming software for Rockwell Automation’s ArmorStart LT distributed controllers, related to uncontrolled resource consumption, allows a intruder to trigger a service failure.
The vulnerability of the microprogramming software in Rockwell Automation’s ArmorStart LT distributed controllers is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
Vulnerability of the web interface for managing microprogramming software in Tenda F3 routers, which allows a hacker to disclose protected information
The vulnerability of the web interface for managing microprogrammed wireless routers Tenda F3 relates to the transmission of account data in an unencrypted form. Exploiting this vulnerability allows a malicious actor to disclose protected information by sending specially crafted packets...
The vulnerability in the lib/NSSDropoff.php web application script for transferring ZendTo files allows a hacker to execute arbitrary commands.
The vulnerability in the lib/NSSDropoff.php web application for transferring files of the ZendTo format exists due to the lack of measures taken to neutralize special elements used in the operating system’s command processing when handling the tmpname parameter. Exploiting this vulnerability allo...
The vulnerability of UEFI microprogramming on GIGABYTE motherboards based on Intel and AMD chipsets allows a hacker to perform DMA attacks and circumvent existing security restrictions.
The vulnerability of UEFI microprogramming on GIGABYTE motherboards based on Intel and AMD chipsets is related to a violation of data protection mechanisms. Exploiting this vulnerability allows an attacker to perform DMA attacks and circumvent existing security restrictions...
The vulnerability of UEFI microprogramming on ASRock motherboard based on Intel 500, 600, 700, and 800 chipsets allows a hacker to perform DMA attacks and circumvent existing security restrictions.
The vulnerability of UEFI microprogramming on ASRock motherboard based on Intel 500, 600, 700, and 800 chipsets is related to a violation of data protection mechanisms. Exploiting this vulnerability allows an attacker to perform DMA attacks and circumvent existing security restrictions...
The vulnerability of the libtpms library, which stems from the use of cryptographic algorithms containing defects, allows attackers to gain unauthorized access to confidential information.
The vulnerability of the libtpms library is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow an attacker to gain unauthorized access to confidential information...
The vulnerability of the Motorola SM56 Modem WDM Driver (SmSerl64.sys) on the Windows operating system allows a hacker to bypass existing security restrictions, enhance their own capabilities, execute arbitrary code, and disclose sensitive information.
The vulnerability of the Motorola SM56 Modem WDM Driver SmSerl64.sys for the Windows operating system relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to bypass existing security restrictions, elevate their...
The vulnerability of Tenda W30E wireless Wi-Fi routers’ microprogramming software, related to the manipulation of inter-site requests, allows a hacker to execute a CSRF attack.
The vulnerability of the microprogrammed wireless Wi-Fi routers Tenda W30E relates to the manipulation of inter-site requests. Exploiting this vulnerability allows a remote attacker to execute a CSRF attack...
The vulnerability of the microprogramming software for Rockwell Automation’s ArmorStart LT distributed controllers, related to uncontrolled resource consumption, allows a intruder to trigger a service failure.
The vulnerability of the microprogramming software in Rockwell Automation’s ArmorStart LT distributed controllers is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the microprogramming software for Rockwell Automation’s ArmorStart LT distributed controllers, related to uncontrolled resource consumption, allows a intruder to trigger a service failure.
The vulnerability of the microprogramming software in Rockwell Automation’s ArmorStart LT distributed controllers is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the FortiCloud SSO authentication mechanism affects operating systems based on FortiOS, the Fortinet FortiManager device management software, the FortiAnalyzer event monitoring and analysis software, and the FortiProxy proxy server used for protecting against internet attacks. This vulnerability allows a perpetrator to gain unauthorized access to the device.
The vulnerability of the FortiCloud SSO authentication mechanism affects operating systems based on FortiOS, the Fortinet FortiManager device management software, the FortiAnalyzer event monitoring and analysis software, and the FortiProxy proxy server used for protecting against internet attacks...
The vulnerability of the CMS message handler in the OpenSSL cryptographic library allows a hacker to execute arbitrary code.
The vulnerability of the CMS message handler in the OpenSSL cryptographic library relates to the writing beyond buffer boundaries during initialization vector processing. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending specially crafted packets...
The vulnerabilities of the tika-core, tika-pdf-module, and tika-parsers modules in the Apache Tika content discovery and analysis framework allow attackers to perform XXE attacks.
The vulnerability of the tika-core, tika-pdf-module, and tika-parsers modules in the Apache Tika content discovery and analysis framework is related to an incorrect limitation on XML links to external objects. Exploiting this vulnerability allows a malicious actor to perform XXE attacks by sendin...
The vulnerability of the starfive_hash_digest() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the starfivehashdigest function in the Linux operating system is related to the lack of a mechanism for data type conversion. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of Vivotek IP7137 micro-programmed IP cameras, which stems from the use of a default password, allows intruders to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of Vivotek IP7137 micro-programmed camera software is related to the use of a default password. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the container management system and the virtual machine manager Incus, related to incorrect restrictions on the path name to the catalog, allows a perpetrator to execute arbitrary commands.
The vulnerability of the container management system and the virtual machine manager Incus is related to an incorrect limitation on the path name to the catalog. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the microprogramming software for Rockwell Automation’s ArmorStart LT distributed controllers, related to uncontrolled resource consumption, allows a intruder to trigger a service failure.
The vulnerability of the microprogramming software in Rockwell Automation’s ArmorStart LT distributed controllers is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of UEFI microprogramming on ASUS motherboard based on Intel B460, B560, B660, B760, H410, H510, H610, H470, Z590, Z690, Z790, W480, W680 chipsets allows a hacker to perform a DMA attack and circumvent existing security restrictions.
The vulnerability of UEFI microprogramming on ASUS motherboard based on Intel B460, B560, B660, B760, H410, H510, H610, H470, Z590, Z690, Z790, W480, and W680 chipsets is related to access control deficiencies. Exploiting this vulnerability allows an attacker to perform DMA attacks and circumvent...
The vulnerability of the N8n automation platform, related to improper code generation management, allows a hacker to compromise the system.
The vulnerability of the N8n automation platform for work processes is related to incorrect code generation management. Exploiting this vulnerability can allow a remote attacker to compromise the system...
The vulnerability of the mt7615_mcu_wtbl_sta_add() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the mt7615mcuwtblstaadd function in the Linux operating system is related to a potential memory leak. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the rtl8180_init_rx_ring() function in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the rtl8180initrxring function in the Linux operating system is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the NFS component in Linux operating systems allows a hacker to trigger a service failure.
The vulnerability of the NFS component in Linux operating systems is related to the improper assignment of privileges. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the devlink component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the devlink component in the Linux operating system’s kernel is related to the dereferencing of a pointer whose expiration time has expired. Exploiting this vulnerability can allow an attacker to trigger a service failure...
The vulnerability of the put_user() function in the Linux operating system’s kernel allows a hacker to execute arbitrary code.
The vulnerability of the putuser function in the Linux operating system’s kernel is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability of the SEV-SNP security mechanism implemented in AMD’s graphics processor software allows attackers to compromise the integrity of the protected information.
The vulnerability of the SEV-SNP security mechanism implemented in AMD’s graphics processors is related to the execution of operations outside of the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the integrity of the protected information...
The vulnerability of the push_nsh() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the pushnsh function in the Linux operating system’s kernel is related to reading memory beyond the allocated buffer. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the btrfs_log_new_name() function in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the btrfslognewname function in the Linux operating system kernel is related to errors during the update of the link counters. Exploiting this vulnerability can allow an attacker to cause a service failure...