90709 matches found
The vulnerability of UEFI microprogramming on ASRock motherboard based on Intel 500, 600, 700, and 800 chipsets allows a hacker to perform DMA attacks and circumvent existing security restrictions.
The vulnerability of UEFI microprogramming on ASRock motherboard based on Intel 500, 600, 700, and 800 chipsets is related to a violation of data protection mechanisms. Exploiting this vulnerability allows an attacker to perform DMA attacks and circumvent existing security restrictions...
The vulnerability of UEFI microprogramming on MSI motherboards based on Intel 600 and 700 chipsets allows a hacker to perform DMA attacks and circumvent existing security restrictions.
The vulnerability of UEFI microprogramming on MSI motherboards based on Intel 600 and 700 chipsets is related to a violation of data protection mechanisms. Exploiting this vulnerability allows an attacker to perform DMA attacks and circumvent existing security restrictions...
The vulnerability of UEFI microprogramming on ASUS motherboard based on Intel B460, B560, B660, B760, H410, H510, H610, H470, Z590, Z690, Z790, W480, W680 chipsets allows a hacker to perform a DMA attack and circumvent existing security restrictions.
The vulnerability of UEFI microprogramming on ASUS motherboard based on Intel B460, B560, B660, B760, H410, H510, H610, H470, Z590, Z690, Z790, W480, and W680 chipsets is related to access control deficiencies. Exploiting this vulnerability allows an attacker to perform DMA attacks and circumvent...
The vulnerability of the Motorola SM56 Modem WDM Driver (SmSerl64.sys) on the Windows operating system allows a hacker to bypass existing security restrictions, enhance their own capabilities, execute arbitrary code, and disclose sensitive information.
The vulnerability of the Motorola SM56 Modem WDM Driver SmSerl64.sys for the Windows operating system relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to bypass existing security restrictions, elevate their...
The vulnerability of the FortiExtender signal booster’s microprogramming software arises from the lack of measures taken to neutralize special elements used in the operating system’s command set. This allows attackers to execute arbitrary commands.
The vulnerability of the FortiExtender signal booster software lies in the lack of measures taken to neutralize special elements used in the operating system’s commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the CLI command-line interface of the Fortinet FortiManager device management tool and the Fortinet FortiAnalyzer security event monitoring and analysis tool allows a malicious individual to gain unauthorized access to protected information.
The vulnerability of the CLI command-line interface of the Fortinet FortiManager device management software and the Fortinet FortiAnalyzer security event monitoring and analysis tool is related to key management errors. Exploiting this vulnerability can allow an attacker to gain unauthorized acce...
The vulnerability of Microsoft 365 Copilot’s intelligent virtual assistant, related to improper validation of specified types of input data, allows attackers to disclose protected information.
The vulnerability of Microsoft 365 Copilot’s intelligent virtual assistant is related to improper validation of the specified type of input data. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...
The vulnerability of the cloud-based platform for managing and protecting Microsoft Entra ID (formerly Azure Active Directory) relates to authentication procedures that allow attackers to escalate their privileges.
The vulnerability of the cloud-based platform for managing and protecting Microsoft Entra ID formerly Azure Active Directory is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...
The vulnerability of the Core component in Oracle VM VirtualBox allows a hacker to gain full control over the application.
The vulnerability of the Core component in Oracle VM VirtualBox is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain full control over the application...
The vulnerability of the Core component in Oracle VM VirtualBox allows a hacker to gain full control over the application.
The vulnerability of the Core component in Oracle VM VirtualBox is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain full control over the application...
The vulnerability of the Microsoft account, related to the failure to protect the structure of the web page, allows a hacker to replace the user’s account data.
The vulnerability of the Microsoft account is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to replace the user’s credentials remotely...
The vulnerability of the Azure Front Door cloud service, a software platform of Microsoft Azure, allows attackers to escalate their privileges.
The vulnerability of Azure Front Door, a software platform under Microsoft Azure, is related to access control errors. Exploiting this vulnerability could allow an attacker to increase their privileges remotely...
The vulnerability of Sangfor Endpoint Detection and Response (EDR) software lies in its failure to neutralize special elements used in the operating system’s command set. This allows attackers to execute arbitrary code.
The vulnerability of Sangfor Endpoint Detection and Response EDR software relates to the failure to take measures to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Kaspesky Secure Mail Gateway (Positive results) (No. 1 from January 27, 2026 at 17:48:46)
...
Kaspesky Secure Mail Gateway (Positive results) (No. 4 dated January 27, 2026 at 17:48:47)
...
Kaspesky Secure Mail Gateway (Positive Results) (No. 6 dated January 27, 2026, 17:48:47)
...
Kaspesky Secure Mail Gateway (Positive Results) (No. 10 dated January 27, 2026 at 17:48:48)
...
The vulnerability of the Microsoft Office suite arises from the use of unreliable input data during security decision-making, allowing attackers to bypass existing security mechanisms.
The vulnerability of the Microsoft Office suite is related to the use of unreliable input data during security decision-making. Exploiting this vulnerability can allow attackers to bypass existing security mechanisms...
The vulnerability of the graphical user interface of the FortiSandbox threat detection and mitigation system allows a perpetrator to execute arbitrary commands.
The vulnerability of the graphical user interface of the FortiSandbox threat detection and mitigation system is related to the failure to take measures to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a remote attacker to execute...
The vulnerability of the SSL-VPN technology for FortiOS operating systems allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the SSL-VPN technology for FortiOS operating systems is related to incorrect session duration settings. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information remotely...
The vulnerability of the Core component in Oracle VM VirtualBox allows a hacker to gain full control over the application.
The vulnerability of the Core component in Oracle VM VirtualBox is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain full control over the application...
The vulnerability of the Core component in Oracle VM VirtualBox allows a hacker to gain full control over the application.
The vulnerability of the Core component in Oracle VM VirtualBox is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain full control over the application...
The vulnerability of the setWizardCfg() function in the POST Request Handler component of the TOTOLINK NR1800X router’s software allows a hacker to induce a service failure.
The vulnerability of the setWizardCfg function in the POST Request Handler component of the TOTOLINK NR1800X router microprogramming system is related to the issue of data being written outside of the buffer in memory when processing the ssid parameter. Exploiting this vulnerability could allow a...
Kaspesky Secure Mail Gateway (Positive results) (No. 3 dated January 27, 2026, 17:48:46)
...
The vulnerability of the user interface for authenticating the software platform used to manage identification data from ZITADEL allows a perpetrator to carry out an SSRF attack.
The vulnerability of the user interface for authenticating identity data on the ZITADEL software platform is related to insufficient checking of incoming requests with the header x-zitadel-forward-host. Exploiting this vulnerability could allow a malicious actor to perform an SSRF attack remotely...
The vulnerability of the graphical user interface of the FortiSandbox threat detection and mitigation system allows a perpetrator to perform cross-site scripting attacks.
The vulnerability of the graphical user interface of the FortiSandbox threat detection and mitigation system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...
The vulnerability of the Core component in Oracle VM VirtualBox allows a hacker to gain unauthorized access to protected information.
The vulnerability of the Core component in Oracle VM VirtualBox is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability of the Azure Resource Manager service and the software platform of Microsoft Azure allows attackers to escalate their privileges.
The vulnerability of the Azure Resource Manager deployment and management service in Microsoft Azure is related to access control errors. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...
The vulnerability of the Camera component in Microprogramming Software for Samsung Exynos processors models 1330, 1380, 1480, 2400, 1580, and 2500 allows attackers to disclose protected information and cause system failures.
The vulnerability of the Camera component in Microprogramming Software for Samsung Exynos processors models 1330, 1380, 1480, 2400, 1580, and 2500 is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to disclose sensitive information and cause...
The vulnerability of the fromGetWifiGuestBasic() function in the microprogrammed software for TOTOLINK NR1800X routers allows a intruder to cause a service failure.
The vulnerability of the fromGetWifiGuestBasic function in the microprogrammed routing software TOTOLINK NR1800X is related to the operation that goes beyond the buffer in memory when processing the guestWrlPwd parameter. Exploiting this vulnerability could allow a remote attacker to cause servic...
Kaspesky Secure Mail Gateway (Positive results) (No. 7 dated January 27, 2026, 17:48:47)
...
Kaspesky Secure Mail Gateway (Positive Results) (No. 9 dated January 27, 2026, 17:48:47)
...
Kaspesky Secure Mail Gateway (Positive Results) (No. 8 dated January 27, 2026, 17:48:47)
...
Kaspesky Secure Mail Gateway (Positive Results) (No. 12 dated January 27, 2026, 17:48:48)
...
The vulnerability of the rest-api-get and rest-api-set configurations in FortiOS operating systems allows attackers to enhance their privileges.
The vulnerability of the rest-api-get and rest-api-set configurations in FortiOS systems relates to the disclosure of information through registration files. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...
The vulnerability of Microsoft Copilot Studio, a graphical tool for creating and supporting artificial intelligence, relates to insufficient data cleaning at the management level. This vulnerability allows an attacker to disclose protected information.
The vulnerability of Microsoft Copilot Studio’s graphical tool for creating and supporting artificial intelligence is related to the lack of data cleansing measures at the control level. Exploiting this vulnerability can allow a remote attacker to disclose protected information...
The vulnerability of the Core component in Oracle VM VirtualBox allows a hacker to gain full control over the application.
The vulnerability of the Core component in Oracle VM VirtualBox is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain full control over the application...
The vulnerability of TP-Link Omada network gateways’ microprogramming software relates to the use of one-way hashing with predictable random data. This allows attackers to gain unauthorized access to confidential information.
The vulnerability of TP-Link Omada network gateways’ microprogramming software is related to the use of one-way hashing with predictable random data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to confidential information...
Kaspesky Secure Mail Gateway (Positive results) (No. 2 dated January 27, 2026, 17:48:46)
...
Kaspesky Secure Mail Gateway (Positive Results) (No. 5 dated January 27, 2026, 17:48:47)
...
Kaspesky Secure Mail Gateway (Positive Results) (No. 11 dated January 27, 2026, 17:48:48)
...
The vulnerability of the Core component in Oracle VM VirtualBox allows a hacker to gain full control over the application.
The vulnerability of the Core component in Oracle VM VirtualBox is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain full control over the application...
The vulnerability of the setWanCfg() function in the POST Request Handler component of the TOTOLINK NR1800X router’s microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the setWanCfg function in the POST Request Handler component of the TOTOLINK NR1800X router microprogramming system is related to the lack of measures taken to clean data at the management level when processing the Hostname parameter. Exploiting this vulnerability can allow a...
The vulnerability of the setSchedWifi() function in Tenda AC8 router software allows a hacker to execute arbitrary code or cause service interruptions.
The vulnerability of the setSchedWifi function in Tenda AC8 router microprogramming software lies in the possibility of writing data beyond the buffer in memory when processing the parameters schedStartTime and schedEndTime. Exploiting this vulnerability could allow a remote attacker to execute...
The vulnerability of the save_virtualser_data() function in Tenda AC8 router software allows a hacker to induce a service failure.
The vulnerability of the savevirtualserdata function in Tenda AC8 router microprogramming software lies in the ability to write data beyond the buffer into memory during the processing of the list parameter. Exploiting this vulnerability could allow a remote attacker to cause service interruption...
The vulnerability of the Ethereum Cosmos EVM virtual machine, related to incorrect code generation, allows a violator to execute arbitrary code.
The vulnerability of the Ethereum Cosmos EVM virtual machine is related to incorrect code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code...
The vulnerability of the mariadb-dump component of the MariaDB database management system allows a hacker to execute arbitrary code.
The vulnerability of the mariadb-dump component of the MariaDB database management system is related to an incorrect limitation on the path name to the directory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
Vulnerability of Microsoft Excel, Microsoft Office, and Microsoft 365 Apps for Enterprise software packages, allowing a hacker to execute arbitrary code.
The vulnerability of Microsoft Excel, Microsoft Office, and Microsoft 365 Apps for Enterprise programs is related to the use of an untrusted pointer. Exploiting this vulnerability can allow attackers to execute arbitrary code by sending a specially crafted malicious file...
The vulnerability of the graphical interface of the QGIS QWC2 web application, which allows a hacker to execute arbitrary code.
The vulnerability of the graphical interface of the QGIS QWC2 web application is related to the lack of protective measures for the structure of the web page. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the sub_4012A0() function in the /cgi-bin/login.cgi script of the Wavlink WL-NU516U1 wireless USB printer software allows a hacker to execute arbitrary commands.
The vulnerability of the sub4012A0 function in the /cgi-bin/login.cgi script of the Wavlink WL-NU516U1 wireless USB printer software is related to the lack of data cleaning measures at the control level when processing the ipaddr parameter. Exploiting this vulnerability allows an attacker to...