The vulnerability of the br_dev_xmit() function in the net/bridge/br_device.c module of the Linux operating system allows a attacker to compromise the confidentiality and accessibility of the protected information.

The vulnerability of the brdevxmit function in the net/bridge/brdevice.c file of the Linux operating system is related to the use of an uninitialized variable. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility of the protected information...

The vulnerability of the data export function of the Kyocera Net Viewer software, a monitoring and control device for multifunctional devices, allows a perpetrator to disclose protected information.

The vulnerability of the data export function of the Kyocera Net Viewer monitoring and control software relates to insufficient protection of registration data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information remotely...

The vulnerability of the me_huge_page() function in the mm/memory-failure.c module of the Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the mehugepage function in the mm/memory-failure.c module of the Linux kernel is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a system failure...

The vulnerability of the cidr2cidr() function, a processor for PCAP files, in the tcpprep editing and playback utility for PCAP files, allows a malicious actor to cause a service failure.

The vulnerability of the cidr2cidr function, a processor for PCAP files, in the tcpprep editing and playback utility for PCAP files, Tcpreplay, is related to an uncontrolled, exploitable flaw. Exploiting this vulnerability could allow an attacker, operating remotely, to cause service interruption...

The vulnerability of the JSON-RPC API function of the Cisco Crosswork Network Services Orchestrator (NSO) and ConfD software, which is used by the web-based management interfaces for Cisco Optical Site Manager and Gigabit VPN routers Cisco RV340 Dual WAN, allows a malicious actor to escalate their privileges.

The vulnerability of the JSON-RPC API function of the Cisco Crosswork Network Services Orchestrator NSO and ConfD software, which is used by the Cisco Optical Site Manager and Gigabit VPN routers Cisco RV340 Dual WAN control web interfaces, is related to incorrect authentication checks in the API...

The vulnerability of the content_security_policy function in the Action Pack interpreter for Ruby allows attackers to perform cross-site scripting (XSS) attacks.

The vulnerability of the contentsecuritypolicy function in the Action Pack interpreter for Ruby is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a malicious actor, operating remotely, to perform cross-site scripting attacks...

The vulnerability of the mgmt_mesh_foreach() function in the net/bluetooth/mgmt_util.c module of operating systems running on Linux allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information, or cause service failures.

The vulnerability of the mgmtmeshforeach function in the net/bluetooth/mgmtutil.c module of Linux operating systems is related to iterating over an inappropriate list called mgmtpending, which contains elements of type struct mgmtpendingCmd instead of struct mgmtmeshtx. Exploiting this...

The vulnerability of the set_device_flags() function in the net/bluetooth/mgmt.c module of Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the setdeviceflags function in the net/bluetooth/mgmt.c module of Linux kernel relates to the unlocking of a mutex that has not been unlocked before. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the Selenium Server’s distributed test execution tool, related to the manipulation of cross-site requests, allows a attacker to perform a CSRF attack.

The vulnerability of the Selenium Server Grid distributed testing tool is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to perform a CSRF attack remotely...

The vulnerability of the getMimeType function in the Voyager PHP framework Laravel allows a hacker to execute arbitrary code.

The vulnerability of the getMimeType function in the Voyager PHP framework Laravel relates to the unlimited loading of files of a dangerous type. Exploiting this vulnerability allows an attacker to execute arbitrary code, provided that the user opens a specially crafted file...

The vulnerability of the Voyager PHP-framework Laravel, related to the lack of protection for website structure, allows attackers to perform cross-site scripting (XSS) attacks.

The vulnerability of the Voyager PHP framework Laravel is related to the lack of security measures for website structure protection. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting XSS attacks remotely...

The vulnerability of the Voyager PHP framework Laravel, related to errors in handling relative pathnames to directories, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Voyager PHP-framework Laravel relates to errors in handling relative pathnames to directories. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

The vulnerability of the nilfs_segctor_prepare_write() function in the fs/nilfs2/segment.c file of the Linux operating system’s kernel’s file system, nilfs2, allows a malicious actor to cause a service failure.

The vulnerability of the nilfssegctorpreparewrite function in the fs/nilfs2/segment.c file of the Linux kernel’s file system nilfs2 is related to improper locking mechanisms. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the gsm_dlci_config() function in the TTY driver (drivers/tty/n_gsm.c) of the Linux kernel allows a hacker to increase their privileges.

The vulnerability of the gsmdlciconfig function in the TTY driver drivers/tty/ngsm.c of the Linux kernel is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the i915_gem_object_is_shrinkable() function in the DRM driver (drivers/gpu/drm/i915/gem/i915_gem_object.h) of the Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the i915gemobjectisshrinkable function in the DRM driver drivers/gpu/drm/i915/gem/i915gemobject.h of the Linux kernel is related to improper control of resource identifiers. Exploiting this vulnerability could allow a hacker to cause service failures...

The vulnerability of the read_hexstring() function in the tcprewrite editor for editing and replaying PCAP files, allows a hacker to cause a service failure.

The vulnerability of the readhexstring function in the tcprewrite tool for editing and replaying PCAP files involves pointer manipulation. Exploiting this vulnerability could allow an attacker to cause service interruptions remotely...

The vulnerability of the tcpedit_dlt_cleanup() function in the PCAP-file editor tcprewrite, a utility for editing and replaying PCAP files, allows a malicious actor to cause a service failure.

The vulnerability of the tcpeditdltcleanup function in the PCAP-file editor tcprewrite, as well as in the PCAP-file editing and playback utilities Tcpreplay, is related to an uncontrolled and exploitable flaw. Exploiting this vulnerability could allow a malicious actor to cause service...

The vulnerability of the udmabuf_vm_fault() function in the udmabuf driver (drivers/dma-buf/udmabuf.c) in Linux kernel allows a attacker to compromise data integrity or cause service failures.

The vulnerability of the udmabufvmfault function in the udmabuf driver drivers/dma-buf/udmabuf.c in Linux operating systems is related to a flaw in the counting of the number of references to pages stored in memory. Exploiting this vulnerability can allow an attacker to compromise data integrity ...

The vulnerability of the ScadaServer/ScadaServer/ScadaServerEngine/MainLogic.cs file in the SCADA system for developing automation control systems. This vulnerability allows a perpetrator to compromise the integrity of protected information.

The vulnerability of the ScadaServer/ScadaServer/ScadaServerEngine/MainLogic.cs file in SCADA systems for the development of automation systems is related to weak password requirements. Exploiting this vulnerability could allow a malicious actor to compromise the integrity of protected informatio...

The vulnerability of the dedicated agent function in Cisco IOS XR software allows a hacker to induce a service failure.

The vulnerability of the dedicated agent function in Cisco IOS XR software is related to insufficient checks on the source of the communication channel. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the asynchronous network library Tornado, related to uncontrolled resource consumption, allows a hacker to cause a service failure.

The vulnerability of the asynchronous network library Tornado is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the ea_get() function in the JFS file system (fs/jfs/xattr.c) of Linux operating systems allows a malicious actor to gain unauthorized access to protected information or cause service failures.

The vulnerability of the eaget function in the JFS file system driver fs/jfs/xattr.c in Linux operating systems is related to incorrect handling of data read from a damaged file system. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cau...

The vulnerability in the implementation of the Bluetooth Mesh technology in the net/bluetooth/mgmt.c module of Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information, or cause service failures.

The vulnerability of the runtimers function in the net/bluetooth/mgmt.c module of Linux operating systems is related to the use of memory after it is freed during the processing of the struct hcidev object. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

The vulnerability of the SmartCard Authentication component in the SolarWinds DameWare Mini Remote Control software allows a intruder to execute arbitrary codes.

The vulnerability of the SmartCard Authentication component in the SolarWinds DameWare Mini Remote Control software lies in the lack of a proper mechanism for verifying the source of the credential. Exploiting this vulnerability could allow an attacker to execute arbitrary commands by sending a...

The vulnerability of the pci_prop_intr_map() function in the drivers/pci/of_property.c module of the Linux kernel driver for PCI buses allows a hacker to cause a service failure.

The vulnerability of the pcipropintrmap function in the drivers/pci/ofproperty.c module of the Linux kernel’s PCI driver is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a system failure...

The vulnerability of the parse_endpoints() function in the tcprewrite editing tool and the Tcpreplay tool for editing and replaying PCAP files allows a hacker to cause a service failure.

The vulnerability of the parseendpoints function in the tcprewrite editing tool for PCAP files, as well as in the Tcpreplay tool for editing and replaying PCAP files, is related to pointer manipulation. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

The vulnerability of the AutoGPT library, related to its failure to take measures to neutralize special elements, allows a violator to bypass the restrictions on shell commands.

The vulnerability of the AutoGPT library is related to the failure to take measures to neutralize certain elements. Exploiting this vulnerability allows a remote attacker to bypass the restrictions in the botnet’s command list...

The vulnerability of the System-to-Intermediate System Protocol Handler component in Cisco IOS XR allows a attacker to trigger a Denial-of-Service Attack (DoS).

The vulnerability of the System-to-Intermediate System Protocol Handler component in Cisco IOS XR software is related to insufficient validation of input packets of the IS-IS protocol. Exploiting this vulnerability can allow a malicious actor to trigger a Denial-of-Service attack...

The vulnerability of Asterisk management systems, related to deficiencies in access control, allows attackers to escalate their privileges.

The vulnerability of Asterisk management systems is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to gain increased privileges...

Vulnerability of functions bonding_init() and bonding_exit() in the driver drivers/net/bonding/bond_main.c of the Linux kernel, allowing a hacker to cause a service failure

The vulnerability of the functions bondinginit and bondingexit in the drivers/net/bonding/bondmain.c file of the Linux kernel’s bonding driver is related to resource management errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the rt6_probe() function in the net/ipv6/route.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the rt6probe function in the net/ipv6/route.c module of the Linux operating system is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the CFileNameAttr::Parse() function in the NtfsHandler.cpp file of the 7-Zip archive tool allows a hacker to load arbitrary files and gain unauthorized access to protected information.

The vulnerability of the CFileNameAttr::Parse function in the NtfsHandler.cpp file of the 7-Zip archive processor is related to the occurrence of operations outside the buffer in memory, due to incorrect processing of two-byte elements in the NTFS file system. Exploiting this vulnerability allows...

The vulnerability of Zyxel network device software of the CPE series exists due to the lack of measures taken to neutralize special elements used in the operating system commands. This allows attackers to execute arbitrary commands.

The vulnerability of Zyxel network devices of the CPE series exists due to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands with privileges as “supervisor” or...

The vulnerability of the Strapi content management system, related to the lack of protective measures for web pages, allows a hacker to execute arbitrary JavaScript code.

The vulnerability of the CMS Strapi content management platform, related to the lack of security measures for web pages. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code by loading a specially crafted PDF file remotely...

The vulnerability of the Firebird software components “Population Cancer Registry” and “Hospital Cancer Registry” allows attackers to elevate their privileges to the level of system administrators.

The vulnerability of the Firebird software components “Population Cancer Registry” and “Hospital Cancer Registry” is related to the possibility of connecting to the database during the reproduction of the key hash. Exploiting this vulnerability allows a malicious actor to elevate their privileges...

The vulnerabilities of the "Population Cancer Registry" and "Hospital Cancer Registry" software allow attackers to carry out attacks using brute-force methods.

The vulnerabilities of the “Population Cancer Registry” and “Hospital Cancer Registry” software are related to insufficient restrictions on authentication attempts. Exploiting these vulnerabilities allows a remote attacker to carry out an attack using brute-force methods...

The vulnerability of the server software for managing Elastic Agent agents, known as Elastic Fleet Server, stems from deficiencies in access control. This allows a malicious individual to disclose sensitive information that is protected by this system.

The vulnerability of the server software for managing Elastic Agent agents in Elastic Fleet Server is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information...

The vulnerability of the network authentication protocol used by the Firebird software components, “Population Cancer Registry” and “Hospital Cancer Registry,” allows attackers to intercept traffic.

The vulnerability of the network authentication protocol used by the Firebird software’s “Population Cancer Registry” and “Hospital Cancer Registry” components is related to the use of a insecure authentication method called LegacyAuth. Exploiting this vulnerability allows a malicious actor to...

The vulnerability of the Kibana data visualization service, related to deficiencies in access control, allows a perpetrator to compromise the confidentiality of the protected information.

The vulnerability of the Kibana data visualization service is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to compromise the confidentiality of the protected information...

The vulnerability of the web interface of the microprogramming software for routers EDIMAX BR-6476AC allows a hacker to enhance their privileges and execute arbitrary commands.

The vulnerability of the web interface of EDIMAX BR-6476AC microprogrammed software routers lies in the falsification of inter-site requests due to incorrect processing of special symbols. Exploiting this vulnerability allows a remote attacker to enhance their privileges and execute arbitrary...

The vulnerability of the Firebird software components “Population Cancer Registry” and “Hospital Cancer Registry” allows attackers to disclose protected information.

The vulnerability of the Firebird software components “Population Cancer Registry” and “Hospital Cancer Registry” is related to the shared storage of passwords with decryption tools. Exploiting this vulnerability can allow an attacker to disclose the protected information...

The vulnerability of the IBM MQ Operator software, which manages containerized environments, stems from the use of cryptographic algorithms that contain defects. This allows attackers to exploit these vulnerabilities to disclose protected information.

The vulnerability of the IBM MQ Operator, a software tool for managing containerized environments, is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose protected information...

The vulnerability of the amoCRM cloud-based customer relationship management system lies in the lack of measures taken to protect the website structure, allowing attackers to perform cross-site scripting attacks (XSS).

The vulnerability of the amoCRM customer relationship management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

The vulnerability of Microsoft Edge browser (based on Chromium) relates to information representation errors in the user interface, allowing attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Edge based on Chromium is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform spear-phishing attacks...

The vulnerability of the Briefcase Module component in the Zimbra Collaboration Suite email management system allows a attacker to perform XSS attacks.

The vulnerability of the Briefcase Module component in the Zimbra Collaboration Suite email management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

The vulnerability of the software for managing traffic in hybrid and multi-cloud environments, such as VMware Avi Load Balancer, stems from insufficient measures taken to protect the SQL query structure. This allows attackers to gain access to the internal database.

The vulnerability of the software for managing traffic in hybrid and multi-cloud environments of VMware Avi Load Balancer is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow a malicious actor to gain access to the internal database...

The vulnerability of the web interface of the microprogramming software for routers EDIMAX BR-6476AC allows a hacker to enhance their privileges and execute arbitrary commands.

The vulnerability of the web interface of the microprogrammed software router EDIMAX BR-6476AC is related to the lack of measures taken for data cleaning at the management level. Exploiting this vulnerability can allow a malicious actor to enhance their privileges and execute arbitrary commands...

The vulnerability of TeamViewer’s software for remote control of computers allows attackers to increase their privileges.

The vulnerability of TeamViewer’s remote control software relates to the improper elimination of arguments in a command sequence. Exploiting this vulnerability can allow an attacker to enhance their privileges by introducing specially crafted arguments...

The vulnerability of the Root Certificate Handler component of the software solution for secure remote access to data in Palo Alto Networks’ GlobalProtect App allows a malicious actor to escalate their privileges.

The vulnerability of the Root Certificate Handler component in the software for secure remote access to data in the Palo Alto Networks GlobalProtect App is related to errors in the certificate validation process. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability in the module/loaders/loader_ico.c component of the Imlib2 image processing library allows a attacker to cause a service failure.

The vulnerability in the modules/loaders/loaderico.c component of the Imlib2 image processing library is related to reading data beyond the allowable buffer size. Exploiting this vulnerability could allow a remote attacker to cause a service failure...