Lucene search
K
Bdu FstecRecent

90709 matches found

BDU FSTEC
BDU FSTEC
added 2026/01/28 12:0 a.m.2 views

Vulnerabilities of functions memalign(), posix_memalign(), aligned_alloc(), valloc(), and pvalloc() in the GNU C Library, which allow attackers to execute arbitrary code, cause system failures, or disclose sensitive information.

The vulnerability of the functions memalign, posixmemalign, alignedalloc, valloc, and pvalloc in the GNU C Library is related to integer overflow. Exploiting this vulnerability can allow an attacker to cause service failures or disclose confidential information...

8.4CVSS7.3AI score0.00352EPSS
Exploits1References10Affected Software13
BDU FSTEC
BDU FSTEC
added 2026/01/28 12:0 a.m.4 views

The vulnerability of the mchp_eic_domain_alloc() function in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the mchpeicdomainalloc function in the Linux operating system is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow an attacker to cause a service failure...

6.1CVSS5.8AI score0.00161EPSS
Exploits0References11Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/01/28 12:0 a.m.2 views

The vulnerability of the timer_delete_sync() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the timerdeletesync function in the Linux operating system’s kernel is related to insufficient locking mechanisms. Exploiting this vulnerability could allow an attacker to cause a service failure...

6.2CVSS6AI score0.00165EPSS
Exploits0References12Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/01/28 12:0 a.m.3 views

The vulnerability of the Exim mail server, related to overflowing buffers in dynamic memory, allows a hacker to cause a service failure.

The vulnerability of the Exim mail server is related to overflowing buffers in dynamic memory. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

10CVSS5.8AI score0.00411EPSS
Exploits0References4Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.2 views

The vulnerability of the graphical user interface of the FortiSandbox threat detection and mitigation system allows a perpetrator to perform cross-site scripting attacks.

The vulnerability of the graphical user interface of the FortiSandbox threat detection and mitigation system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...

6.4CVSS5.9AI score0.05638EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.3 views

The vulnerability of the cloud-based platform for managing and protecting Microsoft Entra ID (formerly Azure Active Directory) relates to authentication procedures that allow attackers to escalate their privileges.

The vulnerability of the cloud-based platform for managing and protecting Microsoft Entra ID formerly Azure Active Directory is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...

9.3CVSS5.7AI score0.00497EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.5 views

The vulnerability of the Core component in Oracle VM VirtualBox allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Core component in Oracle VM VirtualBox is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

6CVSS6.7AI score0.00236EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.4 views

The vulnerability of the Core component in Oracle VM VirtualBox allows a hacker to gain full control over the application.

The vulnerability of the Core component in Oracle VM VirtualBox is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain full control over the application...

7.5CVSS7.1AI score0.00198EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.4 views

The vulnerability of the Core component in Oracle VM VirtualBox allows a hacker to gain full control over the application.

The vulnerability of the Core component in Oracle VM VirtualBox is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain full control over the application...

8.2CVSS7.1AI score0.00196EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.3 views

The vulnerability of TP-Link Omada network gateways’ microprogramming software relates to the use of one-way hashing with predictable random data. This allows attackers to gain unauthorized access to confidential information.

The vulnerability of TP-Link Omada network gateways’ microprogramming software is related to the use of one-way hashing with predictable random data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to confidential information...

5.3CVSS5.8AI score0.00201EPSS
Exploits0References2Affected Software6
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.3 views

The vulnerability of the setWizardCfg() function in the POST Request Handler component of the TOTOLINK NR1800X router’s software allows a hacker to induce a service failure.

The vulnerability of the setWizardCfg function in the POST Request Handler component of the TOTOLINK NR1800X router microprogramming system is related to the issue of data being written outside of the buffer in memory when processing the ssid parameter. Exploiting this vulnerability could allow a...

9CVSS7.5AI score0.00773EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.1 views

Kaspesky Secure Mail Gateway (Positive results) (No. 7 dated January 27, 2026, 17:48:47)

...

5.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.2 views

Kaspesky Secure Mail Gateway (Positive Results) (No. 10 dated January 27, 2026 at 17:48:48)

...

5.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.1 views

Kaspesky Secure Mail Gateway (Positive Results) (No. 12 dated January 27, 2026, 17:48:48)

...

5.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.2 views

The vulnerability of the Microsoft Office suite arises from the use of unreliable input data during security decision-making, allowing attackers to bypass existing security mechanisms.

The vulnerability of the Microsoft Office suite is related to the use of unreliable input data during security decision-making. Exploiting this vulnerability can allow attackers to bypass existing security mechanisms...

7.8CVSS7.5AI score0.72152EPSS
Exploits12References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.3 views

The vulnerability of the FortiExtender signal booster’s microprogramming software arises from the lack of measures taken to neutralize special elements used in the operating system’s command set. This allows attackers to execute arbitrary commands.

The vulnerability of the FortiExtender signal booster software lies in the lack of measures taken to neutralize special elements used in the operating system’s commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

9CVSS6.1AI score0.01585EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.2 views

The vulnerability of Microsoft 365 Copilot’s intelligent virtual assistant, related to improper validation of specified types of input data, allows attackers to disclose protected information.

The vulnerability of Microsoft 365 Copilot’s intelligent virtual assistant is related to improper validation of the specified type of input data. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

9.4CVSS5.7AI score0.00809EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.4 views

The vulnerability of the Core component in Oracle VM VirtualBox allows a hacker to gain full control over the application.

The vulnerability of the Core component in Oracle VM VirtualBox is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain full control over the application...

8.2CVSS7.1AI score0.00196EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.1 views

Kaspesky Secure Mail Gateway (Positive results) (No. 1 from January 27, 2026 at 17:48:46)

...

5.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.2 views

Kaspesky Secure Mail Gateway (Positive Results) (No. 9 dated January 27, 2026, 17:48:47)

...

5.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.4 views

The vulnerability of the SSL-VPN technology for FortiOS operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the SSL-VPN technology for FortiOS operating systems is related to incorrect session duration settings. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information remotely...

5.6CVSS5.7AI score0.00285EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.5 views

The vulnerability of Microsoft Copilot Studio, a graphical tool for creating and supporting artificial intelligence, relates to insufficient data cleaning at the management level. This vulnerability allows an attacker to disclose protected information.

The vulnerability of Microsoft Copilot Studio’s graphical tool for creating and supporting artificial intelligence is related to the lack of data cleansing measures at the control level. Exploiting this vulnerability can allow a remote attacker to disclose protected information...

7.8CVSS6.1AI score0.01402EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.2 views

The vulnerability of the Core component in Oracle VM VirtualBox allows a hacker to gain full control over the application.

The vulnerability of the Core component in Oracle VM VirtualBox is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain full control over the application...

8.2CVSS7.1AI score0.00264EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.3 views

The vulnerability of the Microsoft account, related to the failure to protect the structure of the web page, allows a hacker to replace the user’s account data.

The vulnerability of the Microsoft account is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to replace the user’s credentials remotely...

9.4CVSS5.8AI score0.0037EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.3 views

The vulnerability of Sangfor Endpoint Detection and Response (EDR) software lies in its failure to neutralize special elements used in the operating system’s command set. This allows attackers to execute arbitrary code.

The vulnerability of Sangfor Endpoint Detection and Response EDR software relates to the failure to take measures to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS6.1AI score0.06969EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.5 views

The vulnerability of the fromGetWifiGuestBasic() function in the microprogrammed software for TOTOLINK NR1800X routers allows a intruder to cause a service failure.

The vulnerability of the fromGetWifiGuestBasic function in the microprogrammed routing software TOTOLINK NR1800X is related to the operation that goes beyond the buffer in memory when processing the guestWrlPwd parameter. Exploiting this vulnerability could allow a remote attacker to cause servic...

9CVSS7.5AI score0.01103EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.2 views

Kaspesky Secure Mail Gateway (Positive results) (No. 2 dated January 27, 2026, 17:48:46)

...

5.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.1 views

Kaspesky Secure Mail Gateway (Positive results) (No. 3 dated January 27, 2026, 17:48:46)

...

5.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.2 views

Kaspesky Secure Mail Gateway (Positive results) (No. 4 dated January 27, 2026 at 17:48:47)

...

5.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.2 views

Kaspesky Secure Mail Gateway (Positive Results) (No. 5 dated January 27, 2026, 17:48:47)

...

5.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.1 views

Kaspesky Secure Mail Gateway (Positive Results) (No. 6 dated January 27, 2026, 17:48:47)

...

5.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.4 views

The vulnerability of the user interface for authenticating the software platform used to manage identification data from ZITADEL allows a perpetrator to carry out an SSRF attack.

The vulnerability of the user interface for authenticating identity data on the ZITADEL software platform is related to insufficient checking of incoming requests with the header x-zitadel-forward-host. Exploiting this vulnerability could allow a malicious actor to perform an SSRF attack remotely...

9.3CVSS7.2AI score0.0046EPSS
Exploits2References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.5 views

The vulnerability of the rest-api-get and rest-api-set configurations in FortiOS operating systems allows attackers to enhance their privileges.

The vulnerability of the rest-api-get and rest-api-set configurations in FortiOS systems relates to the disclosure of information through registration files. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

7.1CVSS5.7AI score0.00362EPSS
Exploits0References2Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.4 views

The vulnerability of the Core component in Oracle VM VirtualBox allows a hacker to gain full control over the application.

The vulnerability of the Core component in Oracle VM VirtualBox is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain full control over the application...

8.2CVSS7.1AI score0.00264EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.7 views

The vulnerability of the Azure Front Door cloud service, a software platform of Microsoft Azure, allows attackers to escalate their privileges.

The vulnerability of Azure Front Door, a software platform under Microsoft Azure, is related to access control errors. Exploiting this vulnerability could allow an attacker to increase their privileges remotely...

10CVSS5.7AI score0.00781EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.5 views

The vulnerability of the Camera component in Microprogramming Software for Samsung Exynos processors models 1330, 1380, 1480, 2400, 1580, and 2500 allows attackers to disclose protected information and cause system failures.

The vulnerability of the Camera component in Microprogramming Software for Samsung Exynos processors models 1330, 1380, 1480, 2400, 1580, and 2500 is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to disclose sensitive information and cause...

7.1CVSS5.7AI score0.00111EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.2 views

Kaspesky Secure Mail Gateway (Positive Results) (No. 8 dated January 27, 2026, 17:48:47)

...

5.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.2 views

The vulnerability of the CLI command-line interface of the Fortinet FortiManager device management tool and the Fortinet FortiAnalyzer security event monitoring and analysis tool allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the CLI command-line interface of the Fortinet FortiManager device management software and the Fortinet FortiAnalyzer security event monitoring and analysis tool is related to key management errors. Exploiting this vulnerability can allow an attacker to gain unauthorized acce...

6CVSS5.8AI score0.00099EPSS
Exploits0References2Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.4 views

The vulnerability of the Core component in Oracle VM VirtualBox allows a hacker to gain full control over the application.

The vulnerability of the Core component in Oracle VM VirtualBox is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain full control over the application...

7.5CVSS7.1AI score0.00198EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.4 views

The vulnerability of the Azure Resource Manager service and the software platform of Microsoft Azure allows attackers to escalate their privileges.

The vulnerability of the Azure Resource Manager deployment and management service in Microsoft Azure is related to access control errors. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...

9.9CVSS5.7AI score0.00609EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.4 views

The vulnerability of the setWanCfg() function in the POST Request Handler component of the TOTOLINK NR1800X router’s microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the setWanCfg function in the POST Request Handler component of the TOTOLINK NR1800X router microprogramming system is related to the lack of measures taken to clean data at the management level when processing the Hostname parameter. Exploiting this vulnerability can allow a...

6.5CVSS6.8AI score0.03212EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.2 views

Kaspesky Secure Mail Gateway (Positive Results) (No. 11 dated January 27, 2026, 17:48:48)

...

5.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2026/01/27 12:0 a.m.3 views

The vulnerability of the graphical user interface of the FortiSandbox threat detection and mitigation system allows a perpetrator to execute arbitrary commands.

The vulnerability of the graphical user interface of the FortiSandbox threat detection and mitigation system is related to the failure to take measures to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a remote attacker to execute...

9CVSS6.1AI score0.11196EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/01/26 12:0 a.m.4 views

The vulnerability of the NETMRI monitoring software lies in its authentication procedures’ deficiencies, which allow attackers to circumvent existing security restrictions.

The vulnerability of the NETMRI monitoring software relates to deficiencies in its authentication procedures. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions remotely...

6.5CVSS5.7AI score0.34188EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/26 12:0 a.m.3 views

The vulnerability of Microsoft SharePoint Server and Microsoft SharePoint Enterprise Server packages lies in insufficient data validation, which allows attackers to perform cross-site scripting attacks.

The vulnerability of Microsoft SharePoint Server and Microsoft SharePoint Enterprise Server programs is related to insufficient data validation. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

5.5CVSS5.5AI score0.06984EPSS
Exploits0References4Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/01/26 12:0 a.m.3 views

The vulnerability of the Microsoft Outlook email client, related to the activation of functions from an unverified controlled area, allows a perpetrator to execute arbitrary code.

The vulnerability of the Microsoft Outlook email client is related to the inclusion of functions from an unverified and uncontrolled area. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

8.7CVSS6AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/26 12:0 a.m.6 views

The vulnerability of the set_qosMib_list() function in Tenda AC8 router software allows a hacker to trigger a service failure.

The vulnerability of the setqosMiblist function in the Tenda AC8 router’s microprogramming software lies in the ability to write data beyond the buffer in memory during the processing of the list parameter. Exploiting this vulnerability could allow a malicious actor to cause service failure...

7.8CVSS7.2AI score0.00682EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/26 12:0 a.m.3 views

The vulnerability of the Microsoft Outlook email client, related to the unlimited loading of dangerous types of files, allows attackers to bypass existing security mechanisms and load any files they desire.

The vulnerability of the Microsoft Outlook email client relates to the unlimited loading of dangerous files. Exploiting this vulnerability allows a malicious actor to bypass existing security mechanisms and load arbitrary files...

7.9CVSS5.9AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/26 12:0 a.m.1 views

The vulnerability of the Microsoft Outlook email client, related to the lack of protective measures for the website structure, allows attackers to execute arbitrary code.

The vulnerability of the Microsoft Outlook email client is related to the lack of security measures for the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

7.7CVSS6AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/26 12:0 a.m.1 views

The vulnerability of the Ethereum Cosmos EVM virtual machine, related to incorrect code generation, allows a violator to execute arbitrary code.

The vulnerability of the Ethereum Cosmos EVM virtual machine is related to incorrect code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code...

8.5CVSS6.1AI score
Exploits0References1Affected Software1
Total number of security vulnerabilities90709