74701 matches found
The vulnerability in the web-based interface for managing software for network deployment and security management in HPE Aruba Networking Fabric Composer allows attackers to execute cross-site scripting attacks.
The vulnerability in the web-based interface for managing software for network deployment and security management in HPE Aruba Networking Fabric Composer is related to the lack of protective measures for the web page structure. Exploiting this vulnerability could allow a malicious actor to carry...
The vulnerability of the function DVPSSoftcopyVOI_PList::createFromImage() in the library for working with DICOM format allows a perpetrator to execute arbitrary code.
The vulnerability of the DVPSSoftcopyVOIPList::createFromImage function in the library for working with DICOM format is related to incorrect data type conversion. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the i40e_xdp_setup() function (drivers/net/ethernet/intel/i40e/i40e_main.c) in the Linux kernel driver for the i40e driver allows a hacker to cause a service failure.
The vulnerability of the i40exdpsetup function drivers/net/ethernet/intel/i40e/i40emain.c in the Linux kernel driver for the i40e chip is related to improper resource locking. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the CommuniGate Pro mail server, related to buffer overflows in the stack, allows a hacker to execute arbitrary code.
The vulnerability of the CommuniGate Pro mail server is related to buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the functions sock_set_flag() and spin_unlock() (net/ipv4/udp.c) in the Linux kernel’s UDP component allows a attacker to cause a service failure.
The vulnerabilities of the functions socksetflag and spinunlock net/ipv4/udp.c in the Linux kernel’s UDP component are related to resource management errors. Exploiting these vulnerabilities could allow an attacker to cause a service failure...
The vulnerability of the `alloc_dispatch_log_kmem_cache()` function (arch/powerpc/platforms/pseries/setup.c) in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the allocdispatchlogkmemcache function arch/powerpc/platforms/pseries/setup.c in the Linux operating system is related to the lack of memory release after the effective lifespan has ended. Exploiting this vulnerability can allow an attacker to trigger a service failure...
Vulnerability of functions cs_dsp_coeff_parse_string(), cs_dsp_coeff_parse_int(), cs_dsp_coeff_parse_coeff(), and cs_dspParse_coeff() (drivers/firmware/cirrus/cs_dsp.c) in the Linux operating system’s kernel, which allows a hacker to cause a service failure.
The vulnerability of the functions csdspcoeffparsestring, csdspcoeffparseint, csdspcoeffparsecoeff, and csdspParsecoeff drivers/firmware/cirrus/csdsp.c in the Linux operating system’s kernel is related to the execution of operations outside of memory buffers. Exploiting this vulnerability can all...
The vulnerability of the usb_parse_endpoint() function (drivers/usb/core/config.c) in the Linux kernel USB driver allows a hacker to induce a service failure.
The vulnerability of the usbparseendpoint function drivers/usb/core/config.c in the Linux kernel USB driver is related to insufficient input data validation. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the InnoDB component of the MySQL Database Server management system, which allows a hacker to cause a service failure.
The vulnerability of the InnoDB component in the MySQL Database Management System is related to the exhaustion of memory resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions through network packets...
Vulnerability of the Server component: The Oracle MySQL Server database management system’s packaging, which allows a hacker to trigger a service failure.
The vulnerability of the Oracle MySQL Server database management system component involves the exhaustion of memory resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions through network packets...
Vulnerability of the Server component: The Information Schema of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.
Vulnerability of the Server component: The information schema of the Oracle MySQL Server database management system is related to the exhaustion of memory resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions through network packets...
The vulnerability of the nilfsDotdot() function in the nilfs2 file system of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the nilfsDotdot function in the nilfs2 file system of the Linux operating system is related to incorrect error handling. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the CoreMedia component in operating systems such as macOS, iOS, iPadOS, watchOS, tvOS, and visionOS allows a hacker to trigger a service failure.
The vulnerability of the CoreMedia component in operating systems such as macOS, iOS, iPadOS, watchOS, tvOS, and visionOS is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of PackageKit for macOS operating systems, which allows a hacker to increase their privileges
The vulnerability of PackageKit for macOS operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...
Vulnerability of the Server: Thread Pooling component of the Oracle MySQL Server database management system, which allows attackers to cause service interruptions.
The vulnerability of the Server:Thread Pooling component of the Oracle MySQL Server database management system is related to the exhaustion of memory resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions through network packets...
The vulnerability of the OpenSearch component in the PeopleSoft Enterprise PeopleTools business application suite allows a attacker to cause a system crash or trigger a service failure.
The vulnerability of the OpenSearch component in the PeopleSoft Enterprise PeopleTools business application suite is related to the exhaustion of memory resources. Exploiting this vulnerability can allow an attacker to cause a system crash or trigger service failures through HTTP requests...
The vulnerability of the CoreAudio component in operating systems such as macOS, iOS, iPadOS, watchOS, tvOS, and visionOS allows a hacker to trigger a service failure.
The vulnerability of the CoreAudio component in macOS, iOS, iPadOS, watchOS, tvOS, and visionOS stems from insufficient testing of unusual or exceptional states. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the FaceTime video/audio call technology in macOS operating systems allows attackers to disclose protected information.
The vulnerability of the FaceTime video/audio call technology in macOS operating systems lies in the insecure storage of confidential information. Exploiting this vulnerability could allow an attacker to disclose protected information...
The vulnerability of iCloud’s service for macOS operating systems, related to errors in the use of standard permissions, allows a perpetrator to execute arbitrary code.
The vulnerability of the iCloud service for macOS operating systems is related to errors in the use of standard permissions. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the AirPlay implementation in operating systems such as macOS, iOS, iPadOS, watchOS, tvOS, and visionOS allows a attacker to cause a service failure.
The vulnerability of the AirPlay technology’s implementation in operating systems such as macOS, iOS, iPadOS, watchOS, tvOS, and visionOS is related to data type conversion errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending specially crafte...
The vulnerability of the AirPlay implementation in operating systems such as macOS, iOS, iPadOS, tvOS, and visionOS allows a attacker to execute arbitrary code.
The vulnerability of the AirPlay implementation in operating systems such as macOS, iOS, iPadOS, tvOS, and visionOS is related to errors in data type mixing. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...
The vulnerability of the Core server component of Oracle WebLogic Server allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Oracle WebLogic Server application server’s Core component is related to the absence of authentication procedures. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability in the implementation of the SMB protocol on macOS operating systems allows a perpetrator to trigger a service failure.
The vulnerability of the SMB protocol implementation in macOS lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the ARKit interface allows attackers to trigger a service failure on operating systems such as macOS, iOS, iPadOS, tvOS, and visionOS.
The vulnerability of the ARKit interface in operating systems such as macOS, iOS, iPadOS, tvOS, and visionOS is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the web service for transmitting information through temporary links, Password Pusher, due to weak password requirements, allows attackers to carry out brute-force attacks.
The vulnerability of the web service for transmitting information through temporary links, Password Pusher, is related to weak password requirements. Exploiting this vulnerability can allow a remote attacker to carry out a brute-force attack...
The vulnerability of the Web Services component of the Oracle Hyperion Data Relationship Management data management application allows a perpetrator to gain full control over the application.
The vulnerability of the Web Services component of the Oracle Hyperion Data Relationship Management data management application relates to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow an attacker, operating remotely, to gain full control over the...
The vulnerability of the Agile Integration Services component of the Oracle Agile PLM Framework’s product lifecycle management software allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Agile Integration Services component of the Oracle Agile PLM Framework management software lifecycle management system is related to the improper assignment of permissions for a critical resource. Exploiting this vulnerability allows an attacker to influence the...
The vulnerability of the Photos storage service in operating systems macOS, which allows a perpetrator to disclose protected information
The vulnerability of Photos storage in macOS operating systems is related to the exposure of information through mismatches. Exploiting this vulnerability can allow an attacker to disclose protected information remotely...
The vulnerability of the command-line image editing tool Sips in macOS operating systems allows a hacker to trigger a service failure.
The vulnerability of the command-line image editing tool Sips in macOS operating systems is related to the unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the Login Window component in operating systems running on macOS allows attackers to compromise the confidentiality and integrity of the protected information.
The vulnerability of the Login Window component in operating systems running macOS is related to an incorrect definition of symbolic links before accessing the file. Exploiting this vulnerability can allow attackers to compromise the confidentiality and integrity of the protected information...
Vulnerability of macOS operating systems, allowing attackers to disclose sensitive information
The vulnerability of Spotlight search engine in macOS operating systems is related to the insecure storage of confidential information. Exploiting this vulnerability can allow an attacker to disclose protected information...
The vulnerability of the AppleMobileFileIntegrity component in macOS operating systems allows attackers to increase their privileges.
The vulnerability of the AppleMobileFileIntegrity component in macOS operating systems is related to deficiencies in the authentication mechanism. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the web service for transmitting information through temporary links, Password Pusher, due to improper session management, allows attackers to gain unauthorized access to the system.
The vulnerability of the web service for transmitting information through temporary links, Password Pusher, is related to improper session management. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to the system...
The vulnerability of the AirPlay implementation in operating systems such as macOS, iOS, iPadOS, watchOS, tvOS, and visionOS allows a attacker to trigger a service failure or execute arbitrary code.
The vulnerability of the AirPlay implementation in operating systems such as macOS, iOS, iPadOS, watchOS, tvOS, and visionOS stems from the operation of data beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures or execute arbitrary code...
Vulnerability of the Server: Optimizer component of the MySQL database management system, which allows a hacker to cause a service failure.
The vulnerability of the Server: Optimizer component of the MySQL database management system is related to the improper assignment of permissions for a critical resource. Exploiting this vulnerability may allow an attacker to cause service interruptions remotely...
Vulnerability of the Server component: Security: Privileges of the MySQL Server database management system, which allows attackers to gain unauthorized access to confidential information.
The vulnerability of the MySQL Server component’s Security: Privileges section is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow an attacker to gain unauthorized access to confidential information...
The vulnerability of the Access and Security component of the Oracle Hyperion Data Relationship Management data management application allows a attacker to access protected information.
The vulnerability of the Access and Security component of the Oracle Hyperion Data Relationship Management data management application relates to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to protected...
The vulnerability of the AirPlay implementation in operating systems macOS, iOS, and iPadOS allows a hacker to trigger a service failure.
The vulnerability of the AirPlay implementation in macOS, iOS, and iPadOS relates to pointer manipulation. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the WebKit component in the Safari browser on operating systems macOS, iOS, iPadOS, tvOS, and visionOS allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the WebKit component in the Safari browser on macOS, iOS, iPadOS, tvOS, and visionOS operating systems is related to the absence of authentication procedures. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information remote...
The vulnerability of the AirPlay implementation in operating systems such as macOS, iOS, iPadOS, watchOS, tvOS, and visionOS allows a attacker to trigger a service failure.
The vulnerability of the AirPlay implementation in operating systems such as macOS, iOS, iPadOS, watchOS, tvOS, and visionOS lies in the fact that the operation data is stored outside of the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...
Vulnerability of operating systems macOS, iOS, iPadOS, and the Safari browser, related to information representation errors in the user interface, allowing attackers to perform spear-phishing attacks
The vulnerabilities of operating systems such as macOS, iOS, iPadOS, and the Safari browser are related to information representation errors in the user interface. Exploiting these vulnerabilities can allow attackers to perform spear-phishing attacks remotely...
The vulnerability of the Install component of the software tool for managing the life cycle of products in the Oracle Agile PLM Framework allows a perpetrator to disclose protected information.
The vulnerability of the Install component of the software lifecycle management tool for Oracle Agile PLM Framework relates to deficiencies in the authentication mechanism. Exploiting this vulnerability allows a malicious actor to disclose sensitive information through HTTP requests...
The vulnerability of the InnoDB component of the MySQL Database Server allows a attacker to gain read, modify, or delete access to data, or to cause a service failure.
The vulnerability of the InnoDB component in the MySQL Database Management System is related to the lack of authentication for a critical function. Exploiting this vulnerability can allow an attacker to gain read, modify, or delete access to data, or cause service interruptions...
The vulnerability of the Service Requests component of the Oracle Customer Care software solution in the Oracle E-Business Suite, which allows a perpetrator to compromise the confidentiality and integrity of the protected information.
The vulnerability of the Service Requests component in the Oracle Customer Care software of the Oracle E-Business Suite lies in the lack of an authentication mechanism. Exploiting this vulnerability allows a malicious actor to manipulate the confidentiality and integrity of protected information...
The vulnerability of the One Identity Manager’s control mechanism for user identification, access rights, and security policies, related to the insecure direct object reference (IDOR), allows attackers to escalate their privileges.
The vulnerability of the User Identification, Access Rights, and Security Policies management tool, One Identity Manager, is related to an insecure direct reference to an object IDOR due to a bypass of authentication using data that are assumed to be immutable. Exploiting this vulnerability can...
The vulnerability of the Couchbase Server, a NoSQL database management system, arises from improper permission storage. This allows attackers to increase their privileges.
The vulnerability of Couchbase Server, a NoSQL database management system, is related to improper permission storage. Exploiting this vulnerability can allow an attacker to enhance their privileges remotely...
The vulnerability of the CMSimple content management system’s link validation function allows attackers to perform SSRF attacks.
The vulnerability of the CMSimple content management system’s link validation function is related to insufficient protection of operational data. Exploiting this vulnerability could allow a malicious actor to carry out an SSRF attack remotely...
The vulnerability of the log.php script in the CMSimple content management system allows a hacker to gain unauthorized access to protected information and execute arbitrary code.
The vulnerability of the CMSimple content management system is related to incorrect restrictions on the path to the restricted catalog. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information by sending a specially crafted GET request...
The vulnerability of the application software interface of the Cisco Identity Services Engine (ISE) management platform, related to deficiencies in the data deserialization mechanism, allows a perpetrator to execute arbitrary commands.
The vulnerability of the application programming interface of the Cisco Identity Services Engine ISE management platform relates to deficiencies in the data deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by sending a specially craft...
The vulnerability of the backup file loading function of the CMSimple system allows a perpetrator to gain unauthorized access to protected information and execute arbitrary code.
The vulnerability of the backup file loading function of the CMSimple content management system is related to the improper assignment of permissions for a critical resource. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected informati...