90709 matches found
The vulnerability of the Grafana monitoring and observation platform lies in the redirection of the URL to an unreliable website, allowing attackers to perform cross-site scripting attacks (XSS).
The vulnerability of the Grafana monitoring and observation platform is related to the redirection of the URL to an unreliable website. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...
The vulnerability of the set of embedded sub-catalogs on FTP or HTTP servers in the Fedora Repository arises from the use of default credentials, allowing unauthorized access to protected information.
The vulnerability related to the collection of embedded sub-catalogs on FTP or HTTP servers of the Fedora Repository involves the use of default credentials. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
The vulnerability of the e1000 component in the Device emulation software for hardware support by QEMU allows a hacker to induce a maintenance failure.
The vulnerability of the e1000 component in the QEMU hardware emulation software is related to buffer overflow in the stack. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerability of the Windows Shell component in Windows operating systems allows attackers to perform spoofing attacks.
The vulnerability of the Windows Shell component in Windows operating systems is related to incorrect path name restrictions. Exploiting this vulnerability can allow attackers to perform spoofing attacks...
The vulnerability of the Internet Connection Sharing (ICS) function of the Windows operating system, which allows a hacker to disclose protected information
The vulnerability of the Internet Connection Sharing ICS function in the Windows operating system is related to the execution of operations outside the buffer boundaries. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by this function...
The vulnerability of Netgear Orbi Wi-Fi systems’ microprogramming software, related to insufficient validation of input data, allows attackers to execute arbitrary codes.
The vulnerability of Netgear Orbi Wi-Fi systems’ microprogramming software is related to insufficient validation of input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the futimes() function on the Node.js programming platform allows a hacker to gain access to modify files.
The vulnerability of the futimes function on Node.js platforms is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to gain access and modify files...
The vulnerability of the pskCallback() and ALPNCallback() functions on the Node.js software platform allows a hacker to induce a service failure.
The vulnerability of the pskCallback and ALPNCallback functions on the Node.js software platform is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerability of the strcpy() function in the microprogrammed software for UTT 520W routers allows a hacker to cause a service failure.
The vulnerability of the strcpy function in the UTT 520W router software lies in the fact that the operation’s output goes beyond the buffer boundaries during the processing of the timestart parameter. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of the vobsub_get_subpic_duration() function on the GPAC multimedia platform allows a hacker to trigger a service failure.
The vulnerability of the vobsubgetsubpicduration function on the GPAC multimedia platform is related to the execution of operations outside the buffer in memory when processing SUB-files. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the sub_65B5C() function in the microprogramming software for Tenda AX1806 allows a hacker to cause a service failure.
The vulnerability of the sub65B5C function in the microprogrammed software of the Tenda AX1806 router lies in the fact that the operation’s output goes beyond the buffer boundaries in memory when processing the cloneType parameter. Exploiting this vulnerability can allow an attacker to cause a...
The vulnerability of the fromAdvSetMacMtuWan() function in the Tenda AX3 Wi-Fi router software allows a hacker to trigger a service failure.
The vulnerability of the fromAdvSetMacMtuWan function in the Tenda AX3 Wi-Fi router software lies in the fact that the operation’s results are stored outside of the buffer in memory when processing the mac2 parameter. Exploiting this vulnerability could allow an attacker to cause a service failur...
The vulnerability of Google Chrome’s Digital Credentials component allows a perpetrator to compromise the integrity of the protected information.
The vulnerability of Google Chrome’s Digital Credentials component is related to an improper limitation on the visible layers of the user interface. Exploiting this vulnerability could allow a malicious actor to compromise the integrity of the protected information...
The vulnerability of the Remote Procedure Call component in the Windows operating system, which allows a hacker to disclose protected information
The vulnerability of the Remote Procedure Call component in the Windows operating system is related to an error in reallocating previously released memory when processing the IDL file. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by...
The vulnerability of the Incoming Goods Suite registration method, related to the redirection of the URL to an unreliable website, allows attackers to perform cross-site scripting attacks (XSS).
The vulnerability of the Incoming Goods Suite registration method is related to the redirection of the URL to an unreliable website. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...
The system’s vulnerability regarding data collection and automation process control in Delta Electronics DIAView, due to the lack of authentication for critical functions, allows unauthorized individuals to gain unauthorized access to the system.
The vulnerability of the Delta Electronics DIAView system for data collection and automation process control is related to the lack of authentication for critical functions. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to the system...
The vulnerability of the Docker Desktop platform for developing and delivering container applications lies in its ability to disclose information through registration files, allowing an attacker to expose protected information.
The vulnerability of the Docker Desktop platform for developing and delivering container applications is related to the disclosure of information through registration files. Exploiting this vulnerability can allow an attacker to disclose the protected information...
The vulnerability in the handling of relative pathnames for directories on FTP or HTTP servers in the Fedora Repository allows attackers to delete any files from the file system. This vulnerability stems from errors in processing relative pathnames related to directories.
The vulnerability related to the collection of embedded sub-directories on FTP or HTTP servers in the Fedora Repository is linked to errors in processing relative pathnames to directories. Exploiting this vulnerability could allow a malicious actor to delete arbitrary files from the file system b...
The vulnerability of the built-in web server for Kyocera Command Center RX devices relates to the disclosure of information, which allows a perpetrator to disclose confidential information.
The vulnerability of the built-in web server for Kyocera Command Center RX devices is related to the disclosure of information. Exploiting this vulnerability can allow a malicious actor to disclose confidential information remotely...
The vulnerability of the TPM hardware security module in Windows operating systems allows attackers to disclose protected information.
The vulnerability of the TPM hardware security module in Windows operating systems is related to the execution of operations outside the buffer boundaries. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by the TPM module...
The vulnerability of the “Remote Assistance” tool for Windows operating systems, which allows a hacker to bypass security restrictions
The vulnerability of the “Remote Assistance” tool for Windows operating systems is related to a breach of data protection mechanisms. Exploiting this vulnerability can allow an attacker to circumvent security restrictions...
The vulnerability of Netgear Orbi Wi-Fi systems’ microprogramming software, related to insufficient validation of input data, allows attackers to execute arbitrary codes.
The vulnerability of Netgear Orbi Wi-Fi systems’ microprogramming software is related to insufficient validation of input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of Netgear Orbi Wi-Fi systems’ microprogramming software, related to authentication procedures that allow intruders to escalate their privileges.
The vulnerability of Netgear Orbi Wi-Fi systems’ microprogramming software is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow attackers, operating remotely, to increase their privileges...
The vulnerability of the strcpy() function in the microprogramming software for UTT 520W routers allows a hacker to cause a service failure.
The vulnerability of the strcpy function in the UTT 520W router software lies in the fact that the operation’s output goes beyond the buffer boundaries during the processing of the wepkey1 parameter. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of the strcpy() function in the microprogramming software for UTT 520W routers allows a hacker to cause a service failure.
The vulnerability of the strcpy function in the UTT 520W router software lies in the fact that the operation’s output goes beyond the buffer boundaries during the processing of the ssid parameter. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of the sub_65A28() function in the microprogramming software of the Tenda AX1806 router allows a hacker to cause a service failure.
The vulnerability of the sub65A28 function in the Tenda AX1806 router’s microprogramming system is related to the operation of writing data outside the buffer in memory when processing the parameter serviceName. Exploiting this vulnerability can allow an attacker to cause a service failure remote...
The vulnerability of the sub_65A28() function in the microprogramming software of the Tenda AX1806 router allows a hacker to cause a service failure.
The vulnerability of the sub65A28 function in the Tenda AX1806 router’s microprogramming system is related to the operation of writing data outside the buffer in memory when processing the parameter serverName. Exploiting this vulnerability can allow a remote attacker to cause service failures...
The vulnerability of the dump_ttxt_sample() function on the multimedia platform GPAC allows a hacker to trigger a service failure.
The vulnerability of the dumpttxtsample function on the GPAC multimedia platform is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the sub_65B5C() function in the microprogramming software for Tenda AX1806 allows a hacker to cause a service failure.
The vulnerability of the sub65B5C function in the microprogrammed software of the Tenda AX1806 router lies in the fact that the operation’s output goes beyond the buffer boundaries in memory when processing the mac parameter. Exploiting this vulnerability can allow a remote attacker to cause a...
The vulnerability of the fromAdvSetMacMtuWan() function in the Tenda AX3 Wi-Fi router software allows a hacker to trigger a service failure.
The vulnerability of the fromAdvSetMacMtuWan function in the Tenda AX3 Wi-Fi router software lies in the fact that the operation’s results are stored outside of the buffer in memory when processing the wanMTU2 parameter. Exploiting this vulnerability could allow a remote attacker to cause service...
The vulnerability of the fromAdvSetMacMtuWan() function in the Tenda AX3 Wi-Fi router software allows a hacker to trigger a service failure.
The vulnerability of the fromAdvSetMacMtuWan function in the Tenda AX3 Wi-Fi router software lies in the fact that the operation’s results are stored outside of the buffer in memory when processing the wanSpeed2 parameter. Exploiting this vulnerability could allow a remote attacker to cause a...
The vulnerability of the fromAdvSetMacMtuWan() function in the Tenda AX3 Wi-Fi router software allows a hacker to trigger a service failure.
The vulnerability of the fromAdvSetMacMtuWan function in the Tenda AX3 Wi-Fi router software lies in the fact that the operation’s output goes beyond the buffer in memory when processing the cloneType2 parameter. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the 3D model texturing program Adobe Substance 3D Designer, related to the occurrence of operations outside the buffer boundaries in memory, allows attackers to exploit the protected information.
The vulnerability of the 3D model texturing program Adobe Substance 3D Designer lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to disclose confidential information...
The vulnerability of the ghi_dmx Declare_Opid_Bin() function on the multimedia platform GPAC, which allows a hacker to execute arbitrary code or cause service failures.
The vulnerability of the ghidmx Declareopidbin function on the GPAC multimedia platform is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause service failures...
The system’s vulnerability for data collection and automation process control in Delta Electronics DIAView, due to the lack of measures taken to clean data at the management level, allows a perpetrator to execute arbitrary commands.
The vulnerability of the Delta Electronics DIAView system for data collection and automation process control is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows attackers to execute arbitrary commands...
The vulnerability of the sub_4C408() function in the microprogramming software of Tenda AX1806 allows a hacker to cause a service failure.
The vulnerability of sub4C408 in the microprogramming software of Tenda AX1806 is related to buffer overflow attacks based on a stack. Exploiting this vulnerability can allow an attacker to cause a service failure by sending a specially crafted request...
The vulnerability of the avi_parse_input_file() function on the GPAC multimedia platform allows a hacker to trigger a service failure.
The vulnerability of the aviparseinputfile function on the GPAC multimedia platform is related to the output of the operation beyond the buffer boundaries in memory when processing avi format files. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of the Demon Routing Protocol Daemon (RPD) in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause a service failure.
The vulnerability of the Demon Routing Protocol Daemon RPD in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to the occurrence of operations outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of the Mattermost instant messaging application, related to the distribution of resources without restrictions and regulations, allows a hacker to cause a service failure.
The vulnerability of the Mattermost instant messaging application is related to the distribution of resources without any restrictions or regulations. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the Apache Airflow network software relates to the disclosure of information through registration files, allowing a hacker to disclose protected information.
The vulnerability of the Apache Airflow network software relates to the disclosure of information through registration files. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...
The vulnerability in Mozilla Firefox, Firefox ESR, email clients Thunderbird, and Thunderbird ESR arises from the execution of operations beyond the buffer in memory, allowing an attacker to execute arbitrary code.
The vulnerability in Mozilla Firefox, Firefox ESR, email clients Thunderbird, and Thunderbird ESR relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Incoming Goods Suite registration method, related to insufficient protection of operational data, allows a perpetrator to gain unauthorized access to the protected information.
The vulnerability of the Incoming Goods Suite registration tool is related to insufficient protection of operational data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...
The vulnerability of the strcpy() function in the microprogrammed software for UTT 520W routers allows a hacker to cause a service failure.
The vulnerability of the strcpy function in the UTT 520W router software lies in the fact that the operation’s output goes beyond the buffer boundaries during the processing of the ssid parameter. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of the clipboard management function in the terminal session of Windows Clipboard Server operating systems allows attackers to enhance their privileges.
The vulnerability of the clipboard management function in the terminal session of Windows Clipboard Server operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of the Substance 3D Stager software lies in its reliance on memory after it is freed, allowing an attacker to execute arbitrary code.
The vulnerability of the Substance 3D Stager software relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the Node.js software platform, related to errors in cross-border deletion of critical data, allows attackers to compromise the confidentiality and integrity of the protected information.
The vulnerability of the Node.js software platform is related to errors in cross-border deletion of critical data. Exploiting this vulnerability can allow an attacker to compromise the confidentiality and integrity of the protected information...
The vulnerability of the Node.js software platform, related to errors in handling exception states, allows a violator to trigger a service failure.
The vulnerability of the Node.js software platform is related to an error in handling exceptional states. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerability of the Adobe Substance 3D Modeler software for 3D modeling lies in pointer assignment errors, which can allow attackers to trigger a service failure.
The vulnerability of the Adobe Substance 3D Modeler software for 3D modeling is related to pointer assignment errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of software for online simulation and optimization of AVEVA Process Optimization processes, related to the transmission of critical information in open text, allows a perpetrator to carry out a “man-in-the-middle” type attack.
The vulnerability of software for online simulation and optimization of AVEVA Process Optimization processes lies in the transmission of critical information in open text. Exploiting this vulnerability can allow a remote attacker to execute a “man-in-the-middle” type attack...
The vulnerability of Google Chrome’s Blink rendering module allows a hacker to gain access to and delete data.
The vulnerability of Google Chrome’s Blink rendering module is related to errors in the implementation of security checks for standard elements. Exploiting this vulnerability can allow an attacker to gain access and delete data by using a specially created HTML page...