90709 matches found
The vulnerability of the Dell ECS storage platform, related to insufficient protection of operational data, allows a perpetrator to disclose protected information.
The vulnerability of the Dell ECS storage platform is related to insufficient protection for operational data. Exploiting this vulnerability could allow an attacker to disclose protected information...
The vulnerability of the Dell ECS storage platform, related to the storage of information in an open manner, allows a perpetrator to disclose the protected information.
The vulnerability of the Dell ECS storage platform lies in the fact that information is stored in an open manner. Exploiting this vulnerability could allow an attacker to disclose the protected information...
The vulnerability of the Pi-hole advertising blocking app arises from the failure to take measures to neutralize special elements used in the operating system’s command set. This allows a violator to execute arbitrary code.
The vulnerability of the Pi-hole ad-blocking application is related to the failure to take measures to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Android Frameworks Base repository of the Android operating system allows attackers to enhance their privileges.
The vulnerability of the NotificationStation.java file in the Android operating system is related to a violation of data protection mechanisms. Exploiting this vulnerability can allow an attacker, who operates remotely, to enhance their privileges...
The vulnerability of the Settings component in Android operating systems allows attackers to increase their privileges.
The vulnerability of the Android operating system’s Settings component is related to incorrect external manipulation of the file name or path during data loading. Exploiting this vulnerability can allow an attacker to gain increased privileges...
The vulnerability of the centralized management system, Multi-Stack Controller (MSC), related to bypassing authentication by using an alternative path or channel, allows attackers to circumvent existing security mechanisms.
The vulnerability of the centralized management system, the Multi-Stack Controller MSC, relates to bypassing authentication by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to circumvent existing security mechanisms remotely...
The vulnerability of the REST API component of the RedCheck scanning agent allows attackers to execute attacks such as Man-in-the-middle (MITM) attacks, SSL Striping, and passive interceptors like Firesheep.
The vulnerability of the REST API component of the RedCheck scanning agent is related to the absence of the HTTP Strict-Transport-Security HSTS header. Exploiting this vulnerability allows a malicious actor to carry out attacks such as Man-in-the-middle MITM attacks, SSL Striping, and passive...
The vulnerability of the Core component in Oracle VM VirtualBox allows a hacker to gain access to, read, modify, or delete protected information.
The vulnerability of the Core component in Oracle VM VirtualBox is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain access to, read, modify, or delete protected information...
The vulnerability of Adobe Dreamweaver HTML editor stems from deficiencies in the authentication process. This allows attackers to circumvent existing security restrictions and execute arbitrary code.
The vulnerability of Adobe Dreamweaver HTML editor is related to deficiencies in the authentication process. Exploiting this vulnerability allows an attacker to bypass existing security restrictions and execute arbitrary code...
The vulnerability in the modules kernel/sched/cpudeadline.c, kernel/sched/cpudeadline.h, and kernel/sched/deadline.c of the Linux operating system’s kernels allows a hacker to trigger a service failure.
The vulnerability in the modules kernel/sched/cpudeadline.c, kernel/sched/cpudeadline.h, and kernel/sched/deadline.c of the Linux operating system is related to improper locking of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the nr_sendmsg() function in the net/netrom/nr_out.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the nrsendmsg function in the net/netrom/nrout.c module of the Linux operating system is related to the lack of memory release after the effective lifespan of the function has ended. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the hfsplus package for working with the HFS+ file system in Linux kernels allows a attacker to cause a service failure or disclose sensitive information.
The vulnerability of the hfsplus package for working with the HFS+ file system in Linux operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause service failures or expose sensitive information...
The vulnerability of the fsl_otgremove() function in the drivers/usb/phy/phy-fsl-usb.c module of the Linux kernel allows a malicious actor to gain increased privileges.
The vulnerability of the fslotgremove function in the drivers/usb/phy/phy-fsl-usb.c module of the Linux kernel relates to the possibility of using memory after it is freed. Exploiting this vulnerability could allow an attacker to gain increased privileges...
The vulnerability of the software for centralized logging, analysis, and storage of logs by Graylog, related to deficiencies in authentication procedures, allows attackers to escalate their privileges.
The vulnerability of the Graylog log collection, analysis, and storage software lies in the deficiencies of the authentication process. Exploiting this vulnerability allows a malicious actor to enhance their privileges remotely...
The vulnerability of industrial remote access systems mymbCONNECT24 and mbCONNECT24, the VPN portal myREX24, and the virtual server myREX24.virtual lies in the absence of authentication for a critical function, which allows attackers to disclose protected information.
The vulnerabilities of industrial remote access systems mymbCONNECT24 and mbCONNECT24, the VPN portal myREX24, and the virtual server myREX24.virtual are related to the absence of authentication for critical functions. Exploiting these vulnerabilities could allow a malicious actor to inject code...
The vulnerability of the modular security alarm system Bosch MAP 5000, related to the use of cryptographic algorithms that contain defects, allows a intruder to carry out a “man-in-the-middle” attack.
The vulnerability of the Bosch MAP 5000 modular security alarm system lies in the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow a remote attacker to execute a “man-in-the-middle” attack...
The vulnerability of the f2fs_zero_range() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the f2fszerorange function in the Linux operating system is related to the unlimited distribution of resources. Exploiting this vulnerability could allow a perpetrator to cause a service failure...
The vulnerability of the Core component in Oracle VM VirtualBox allows a hacker to gain full control over the application.
The vulnerability of the Core component in Oracle VM VirtualBox is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to gain full control over the application...
The vulnerability of Adobe Dreamweaver HTML editor lies in insufficient validation of input data, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Dreamweaver HTML editor is related to insufficient validation of entered data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the check_lock_range() function in the fs/smb/server/vfs.c module of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the checklockrange function in the fs/smb/server/vfs.c module of the Linux operating system, where resources are blocked incorrectly. Exploiting this vulnerability could allow a attacker to cause service failures...
The vulnerability of the f2fs_recover_fsync_data() function in the fs/f2fs/super.c module of the F2FS file system support module for Linux operating systems allows a hacker to trigger a service failure.
The vulnerability of the f2fsrecoverfsyncdata function in the fs/f2fs/super.c module of the F2FS file system support for Linux operating systems is related to the lack of a check on the return value. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of industrial remote access systems mymbCONNECT24 and mbCONNECT24, the VPN portal myREX24, and the virtual server myREX24.virtual, related to inconsistencies in responses to incoming requests, allows attackers to disclose protected information.
The vulnerabilities of industrial remote access systems mymbCONNECT24 and mbCONNECT24, the VPN portal myREX24, and the virtual server myREX24.virtual are related to inconsistencies in the responses to incoming requests. Exploiting these vulnerabilities can allow a malicious actor to disclose...
The vulnerability of industrial remote access systems mymbCONNECT24 and mbCONNECT24, the VPN portal myREX24, and the virtual server myREX24.virtual lies in their ability to bypass authentication by using a user-controlled key. This allows attackers to circumvent existing security restrictions and gain access to another user’s account.
The vulnerabilities of industrial remote access systems mymbCONNECT24 and mbCONNECT24, the VPN portal myREX24, and the virtual server myREX24.virtual involve exploiting authentication processes by using user-controlled keys. Exploiting these vulnerabilities allows a malicious actor to bypass...
The vulnerability of the Apache Kyuubi distributed execution SQL query service, related to path traversal, allows attackers to bypass existing security mechanisms and gain unauthorized access to protected information.
The vulnerability of the Apache Kyuubi distributed execution service for SQL queries relates to path traversal. Exploiting this vulnerability allows a malicious actor to bypass existing security mechanisms and gain unauthorized access to protected information...
The vulnerability of the WifiScanModeActivity.java file in the Android operating system allows a hacker to increase their privileges.
The vulnerability of the WifiScanModeActivity.java file in the Android operating system is related to the lack of authentication. Exploiting this vulnerability can allow a hacker to gain increased privileges...
The vulnerability of the Bosch MAP 5000 modular security alarm system, related to insufficiently secure data encryption, allows a intruder to gain unauthorized access to protected information and control the system.
The vulnerability of the Bosch MAP 5000 modular security alarm system lies in the insufficiently secure data encryption. Exploiting this vulnerability could allow an intruder, operating remotely, to gain unauthorized access to protected information and control the system...
The vulnerability of the IntentResolver component in the Android operating system allows a hacker to gain unauthorized access to protected information.
The vulnerability of the Android operating system’s IntentResolver component is related to the lack of authentication. Exploiting this vulnerability can allow a malicious individual to gain unauthorized access to protected information...
The vulnerability of the centralized management system, Multi-Stack Controller (MSC), related to insufficient protection of registration data, allows a perpetrator to replace the cryptographic signature.
The vulnerability of the centralized management system, Multi-Stack Controller MSC, is related to insufficient protection of registration data. Exploiting this vulnerability could allow an attacker to replace the cryptographic signature...
The vulnerability of the N8n automation platform, related to access control errors, allows a perpetrator to circumvent existing security restrictions.
The vulnerability of the N8n automation platform is related to errors in access control. Exploiting this vulnerability can allow a malicious actor to bypass existing security restrictions remotely...
The vulnerability of the telnetd server in the Inetutils network programming package allows a hacker to bypass existing security mechanisms.
The vulnerability of the telnetd server in the Inetutils network programming package is related to improper elimination of arguments in the command when processing the USER variable. Exploiting this vulnerability allows a remote attacker to bypass existing security mechanisms by executing a...
The vulnerability of the Core component in Oracle VM VirtualBox allows a hacker to gain full control over the application.
The vulnerability of the Core component in Oracle VM VirtualBox is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain full control over the application...
The vulnerability of Adobe Dreamweaver HTML editor lies in insufficient validation of input data, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Dreamweaver HTML editor is related to insufficient validation of entered data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of Adobe Dreamweaver HTML editor arises from the lack of measures taken to eliminate special elements, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Dreamweaver HTML editor is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows an attacker to execute arbitrary code...
The vulnerability of the hfs_bnode_get() function in the fs/hfsplus/bnode.c module of the toolset for working with the HFS+ file system hfsplus in Linux’s operating systems allows a hacker to cause a service failure.
The vulnerability of the hfsbnodeget function in the fs/hfsplus/bnode.c module of the Linux toolset for working with the HFS+ file system in Linux’s operating systems is related to errors during link counter updates. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the f2fs_write_cache_pages() function in the fs/f2fs/data.c module of the F2FS file system support in Linux’s kernel allows a hacker to cause a service failure.
The vulnerability of the f2fswritecachepages function in the fs/f2fs/data.c module of the F2FS file system support in Linux operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of applications for blocking advertisements and Pi-hole internet trackers relates to the lack of measures taken to protect the structure of web pages. This allows a violator to execute arbitrary code.
The vulnerability of the application for blocking advertisements and Pi-hole internet trackers is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the SAP NetWeaver Enterprise Portal software integration platform lies in the insufficient protection of the website structure, which allows attackers to execute arbitrary code.
The vulnerability of the SAP NetWeaver Enterprise Portal software integration platform is related to insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the SAP Fiori App web application, related to the falsification of cross-site requests, allows a hacker to compromise the integrity of the protected information.
The vulnerability of the SAP Fiori App relates to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to compromise the integrity of the protected information...
The vulnerability of the Business Server Pages Application, related to the lack of authentication, allows a perpetrator to gain unauthorized access to confidential information.
The vulnerability of the Business Server Pages Application is related to the lack of authentication. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to confidential information...
The vulnerability of the centralized management system, Multi-Stack Controller (MSC), related to the possibility of bypassing access control mechanisms, allows a perpetrator to circumvent existing security measures and gain access to internal network segments.
The vulnerability of the centralized management system, Multi-Stack Controller MSC, is related to the possibility of bypassing access control mechanisms. Exploiting this vulnerability allows a malicious actor to circumvent existing security measures and gain access to internal network segments...
The vulnerability of the OpenCode artificial intelligence-based software development agent lies in the lack of authentication for a critical function, allowing attackers to execute arbitrary code.
The vulnerability of the OpenCode artificial intelligence-based software development agent lies in the lack of authentication for critical functions. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability in the drivers/input/touchscreen/ti_am335x_tsc.c driver for the touchscreen interface (TSC) of the ti_am33x_tsc component of the Linux operating system allows a hacker to cause a system failure or disclose sensitive information.
The vulnerability in the drivers/input/touchscreen/tiam335xtsc.c driver for the touchscreen interface TSC of the tiam33xtsc component of the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability can allow an attacker to cause system...
The vulnerability of the `ocfs2_find_victim_chain()` function in the `fs/ocfs2/suballoc.c` component of the OCFS2 file system support in Linux’s kernel allows a malicious actor to cause service failure.
The vulnerability of the ocfs2findvictimchain function in the fs/ocfs2/suballoc.c component of the OCFS2 file system support in Linux’s kernel involves the use of an uninitialized variable. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability in the driver module/spi/spi-fsl-spi.c of the Freescale Communication Processor (CPM) kernel of the Linux operating system allows a hacker to cause a service failure.
The vulnerability in the driver module/spi/spi-fsl-spi.c of the Freescale Communication Processor CPM kernel of the Linux operating system is related to the copying of buffers without checking the input data. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the bnxt_rx_xdp() function in the drivers/net/ethernet/broadcom/bnxt/bnxt_xdp.c file of the Broadcom bnxt_en network adapter driver for Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the bnxtrxxdp function in the drivers/net/ethernet/broadcom/bnxt/bnxtxdp.c file of the Broadcom bnxten network adapter driver for Linux operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to...
The vulnerability of the `remove_pending()` function in the `net/handshake` component, which is part of the Linux kernel-level security session establishment mechanism, allows a attacker to cause a service failure.
The vulnerability of the removepending function in the net/handshake component, which is part of the Linux kernel-level security session establishment mechanism, is related to errors during link counter updates. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability in the fs/notify/fsnotify.c module of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability in the fs/notify/fsnotify.c module of the Linux operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the ibmpex_high_low_store() function in the drivers/hwmon/ibmpex.c module of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the ibmpexhighlowstore function in the drivers/hwmon/ibmpex.c module of the Linux kernel is related to synchronization errors when using shared resources „Race Conditions“. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the get_meter_levels_from_urb() function in the sound/usb/mixer_us16x08.c module of the Linux kernel allows a hacker to trigger a service failure.
The vulnerability of the getmeterlevelsfromurb function in the sound/usb/mixerus16x08.c file of the Linux kernel is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the moment.js agent’s RedCheck component allows a hacker to gain access to files on the server beyond the expected localization directory.
The vulnerability of the moment.js agent’s RedCheck component is related to an incorrect path limit for the access-controlled directory. Exploiting this vulnerability could allow a malicious actor to gain access to files on the server beyond the expected directory location...