Lucene search
K
Bdu FstecRecent

90709 matches found

BDU FSTEC
BDU FSTEC
added 2026/01/15 12:0 a.m.4 views

The vulnerability of the trusted execution environment allows for attacks on the Virtualization-Based Security (VBS) Enclave of Windows operating systems, enabling attackers to increase their privileges.

The vulnerability of the trusted execution environment for Virtualization-Based Security VBS in Windows operating systems is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow attackers to increase their privileges...

6.8CVSS6.4AI score0.00506EPSS
Exploits0References2Affected Software6
BDU FSTEC
BDU FSTEC
added 2026/01/15 12:0 a.m.4 views

The vulnerability of the Connected Devices Platform Service (CDPSvc) in Windows operating systems allows a hacker to increase their privileges.

The vulnerability of the Connected Devices Platform Service CDPSvc in Windows operating systems is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

7.8CVSS6AI score0.00532EPSS
Exploits0References2Affected Software13
BDU FSTEC
BDU FSTEC
added 2026/01/15 12:0 a.m.4 views

The vulnerability of the SMB server of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the SMB server for the Windows operating system is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow a remote attacker to increase their privileges...

7.5CVSS5.8AI score0.00784EPSS
Exploits0References2Affected Software20
BDU FSTEC
BDU FSTEC
added 2026/01/15 12:0 a.m.3 views

The vulnerability of the SMB server of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the SMB server for the Windows operating system is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...

7.5CVSS5.7AI score0.01154EPSS
Exploits0References2Affected Software24
BDU FSTEC
BDU FSTEC
added 2026/01/15 12:0 a.m.3 views

The vulnerability of the fromadvsetlanip() function in the Tenda AC10U router’s microprogramming software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the fromadvsetlanip function in the Tenda AC10U router’s microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure by sending a...

9CVSS8AI score0.02862EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.2 views

The vulnerability of the Microprogrammed Software of IPTV Stations Flamingo XL, related to deficiencies in access control, allows attackers to bypass the protection mechanisms of the sandbox environment, increase their privileges, and execute arbitrary commands.

The vulnerability of the Microprogrammed Software of IPTV Station Flamingo XL is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass the security mechanisms of the system, enhance their privileges, and execute arbitrary commands...

9CVSS6AI score0.00718EPSS
Exploits2References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.4 views

The vulnerability of the Telerik UI software for ASP.NET AJAX lies in its use of external control for selecting classes. This allows a malicious actor to trigger a service failure.

The vulnerability of the Telerik UI software for ASP.NET AJAX relates to the use of externally controlled input data for class selection. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS7.6AI score0.19057EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.3 views

The vulnerability of the Safe Access function in operating systems like SRM allows attackers to gain access to and modify files on a web page’s structure without any protection.

The vulnerability of the Safe Access function in SRM operating systems is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to and modify files with restricted access...

6.5CVSS5.8AI score0.00265EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.3 views

The vulnerability of the Remote Function Call interface on the SAP S/4HANA software platform allows a perpetrator to bypass security restrictions, execute arbitrary code, and gain full control over the system.

The vulnerability of the Remote Function Call interface on the SAP S/4HANA software platform is related to improper code generation. Exploiting this vulnerability allows a malicious actor to bypass security restrictions, execute arbitrary code, and gain full control over the system...

9.1CVSS6.4AI score0.00409EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.4 views

The vulnerability of the Reverse Proxy Server of Containous Traefik arises from incorrect restrictions on the path name to the restricted catalog, allowing attackers to disclose protected information.

The vulnerability of the Containous Traefik reverse proxy server is related to an incorrect restriction on the path name to the restricted catalog. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

7.6CVSS5.7AI score0.00829EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.4 views

The vulnerability of the Netigma application development platform, related to the lack of measures to protect the website structure, allows attackers to perform cross-site scripting attacks (XSS).

The vulnerability of the Netigma application development platform is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

8.9CVSS5.6AI score0.00252EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.4 views

The vulnerability of network monitoring software for PRTG Network Monitor lies in the lack of measures to neutralize special elements used in the operating system’s command line. This allows a hacker to execute arbitrary code.

The vulnerability of the network monitoring software PRTG Network Monitor lies in the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

9CVSS7.6AI score0.87173EPSS
Exploits12References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.4 views

The vulnerability of the TGZfname() function in the untgz utility from the zlib compression library allows a perpetrator to execute arbitrary code or cause a service failure.

The vulnerability of the TGZfname function in the untgz utility from the zlib compression library is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause service interruptions...

10CVSS7.9AI score0.0035EPSS
Exploits0References6Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.4 views

The vulnerability of the SMB Server component of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the SMB Server component of the Windows operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a remote attacker to increase their privileges...

7.5CVSS5.8AI score0.00731EPSS
Exploits0References2Affected Software20
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.2 views

The vulnerability of the Microsoft SharePoint Server software, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft SharePoint Server software is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS6AI score0.00774EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.4 views

The vulnerability of the Microsoft Office software package relates to the possibility of exploiting memory after deallocation, allowing an attacker to execute arbitrary code.

The vulnerability of the Microsoft Office suite relates to the possibility of using memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code by sending a specially created malicious file...

8.4CVSS6.1AI score0.00597EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.4 views

The vulnerability of Microsoft Office and Microsoft 365 Apps for Enterprise packages relates to an unreliable pointer assignment mechanism, which allows an attacker to execute arbitrary code.

The vulnerability of Microsoft Office and Microsoft 365 Apps for Enterprise packages is related to an unreliable pointer assignment mechanism. Exploiting this vulnerability allows attackers to execute arbitrary code by sending a specially crafted malicious file...

7.8CVSS6.1AI score0.00598EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.2 views

The vulnerability of the Windows Management Services management tool allows attackers to increase their privileges.

The vulnerability of the Windows Management Services management tool in Windows operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS5.8AI score0.00288EPSS
Exploits0References2Affected Software13
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.2 views

The vulnerability of the Windows Management Services management tool allows attackers to increase their privileges.

The vulnerability of the Windows Management Services management tool in Windows operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS5.8AI score0.00288EPSS
Exploits0References2Affected Software13
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.4 views

The vulnerability of the Windows RRAS operating system’s routing and remote access services allows a hacker to execute arbitrary code.

The vulnerability of the Windows RRAS routing and remote access service is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS6.4AI score0.01338EPSS
Exploits0References2Affected Software24
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.3 views

The vulnerability of Microsoft Office, Excel, and 365 Apps for Enterprise packages involves a calculated loss of significance, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Office, Excel, and 365 Apps for Enterprise packages is related to a countable amount of data loss. Exploiting this vulnerability allows an attacker to execute arbitrary code...

7.8CVSS6AI score0.0045EPSS
Exploits0References2Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.1 views

The vulnerability of the Windows File Explorer driver on Windows operating systems, allowing attackers to disclose protected information

The vulnerability of the Windows File Explorer in Windows operating systems is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to disclose protected information...

5.5CVSS5.7AI score0.00468EPSS
Exploits0References2Affected Software16
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.1 views

The vulnerability of the qs.parse() function in the string query analysis and conversion library allows a attacker to cause a service failure.

The vulnerability of the qs.parse function in the string query analysis and transformation library is related to memory exhaustion caused by insufficient checking of constraints for indexed records. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

7.8CVSS6.8AI score0.0041EPSS
Exploits1References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.2 views

The vulnerability of the Data Reporter component in Parallels Desktop hypervisor allows a hacker to enhance their privileges.

The vulnerability of the Data Reporter component in Parallels Desktop hypervisor software is related to an incorrect definition of symbolic links before accessing the file. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created link...

7.8CVSS7.1AI score0.00415EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.5 views

The vulnerability of the Remote Function Call interface of the SAP Landscape Transformation (SLT) software tool allows a attacker to circumvent security restrictions, execute arbitrary code, and gain full control over the system.

The vulnerability of the Remote Function Call interface of the SAP Landscape Transformation SLT software tool is related to improper code generation. Exploiting this vulnerability allows a malicious actor to bypass security restrictions, execute arbitrary code, and gain full control over the syst...

9.1CVSS6.4AI score0.00436EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.3 views

The vulnerability of Microchip SAM microcontrollers, related to improper protection against voltage spikes and clock frequencies, allows attackers to gain access to the protected information.

The vulnerability of Microchip SAM microcontrollers is related to improper protection against voltage spikes and clock frequency fluctuations. Exploiting this vulnerability can allow an attacker to gain access to the protected information...

6.3CVSS5.8AI score0.00209EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.4 views

The vulnerability of Perplexity AI platform, related to the disclosure of information through query strings, allows a intruder to gain unauthorized access to confidential information.

The vulnerability of the Perplexity AI platform relates to the disclosure of information through query strings. Exploiting this vulnerability could allow a remote attacker to gain unauthorized access to confidential information...

4.3CVSS5.8AI score0.00323EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.3 views

The vulnerability of the UART interface in NPort 5000 Series industrial server software allows a hacker to gain unauthorized access to internal debugging functions.

The vulnerability of the UART interface in NPort 5000 Series industrial server software-based applications is related to insufficient protection of service data during code debugging. Exploiting this vulnerability can allow attackers to gain unauthorized access to internal debugging functions...

7.2CVSS5.8AI score0.00221EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.2 views

The vulnerability of the REST Interface Version 2 interface of the SAP Identity Management tool allows a hacker to gain access to and modify user data.

The vulnerability of the REST Interface Version 2 interface of the SAP Identity Management tool relates to the improper elimination of certain elements in data requests during JNDI operations. Exploiting this vulnerability can allow an attacker to gain read and modify access to data by sending a...

5.5CVSS5.8AI score0.00171EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.2 views

The vulnerability of the microprogramming software in industrial cellular switches ICG-2510WG-LTE and ICG-2510W-LTE allows a hacker to gain control over the device.

The vulnerability of the microprogrammed software in industrial cellular switches ICG-2510WG-LTE and ICG-2510W-LTE is related to the absence of authentication for critical functions. Exploiting this vulnerability could allow a malicious actor to gain control over the device remotely...

10CVSS5.8AI score0.00782EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.4 views

The vulnerability of the User Management Engine component of the SAP NetWeaver Java Application Server web application server allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the User Management Engine component of the SAP NetWeaver Java Application Server web application server is related to insufficiently secure data encryption. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected...

3CVSS5.8AI score0.00122EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.5 views

The vulnerability of the strcpy() function in the /goform/formConfigCliForEngineerOnly file of the UTT 512W router microprogramming system, which allows a attacker to execute arbitrary code.

The vulnerability of the strcpy function in the /goform/formConfigCliForEngineerOnly file of the UTT 512W router microprogramming system is related to copying buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code by...

9CVSS7.7AI score0.00811EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.5 views

The vulnerability of the strcpy() function in the /goform/formFtpServerDirConfig file of the UTT 512W router software, which allows a attacker to execute arbitrary code.

The vulnerability of the strcpy function in the /goform/formFtpServerDirConfig file of the UTT 512W router microprogramming system is related to copying buffers without checking the size of the input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code by...

9CVSS7.7AI score0.00687EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.5 views

The vulnerability of the WalletService service on Windows operating systems allows a perpetrator to escalate their privileges.

The vulnerability of the WalletService service on Windows operating systems is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to gain increased privileges...

7.4CVSS5.8AI score0.00307EPSS
Exploits0References2Affected Software7
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.3 views

The vulnerability of the Agere Modem Driver for Windows operating systems allows attackers to exploit their privileges.

The vulnerability of the Agere Modem Driver for Windows operating systems is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to gain increased privileges...

7.8CVSS7.5AI score0.00452EPSS
Exploits1References3Affected Software25
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.4 views

The vulnerability of cw_acd on the local management platform FortiSwitchManager and the FortiOS operating systems allows a perpetrator to execute arbitrary commands.

The vulnerability of cwacd on the local management platform FortiSwitchManager and the FortiOS operating system is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by sending specially crafted...

8.1CVSS6.3AI score0.00746EPSS
Exploits1References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.4 views

The vulnerability of Microsoft Office and Microsoft 365 Apps for Enterprise applications relates to reading data beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Office and Microsoft 365 Apps for Enterprise packages is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code by sending a specially crafted malicious file...

8.4CVSS6.3AI score0.00486EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.3 views

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition, and Microsoft SharePoint Enterprise Server lies in the insufficient validation of requests on the server side, allowing attackers to disclose sensitive information.

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition, and Microsoft SharePoint Enterprise Server is related to insufficient testing of server-side requests. Exploiting this vulnerability can allow a malicious actor to disclose protected information...

5.5CVSS5.7AI score0.00293EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.3 views

The vulnerability of the trusted execution environment for Virtualization-Based Security (VBS) operating systems in Windows allows attackers to disclose sensitive information that is protected by this security mechanism.

The vulnerability of the trusted execution environment for Windows Virtualization-Based Security VBS operating systems is related to unreliable pointer aliasing. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by security measures...

6.2CVSS5.8AI score0.00412EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.4 views

The vulnerability of the Windows File Explorer driver on Windows operating systems, allowing attackers to disclose protected information

The vulnerability of the Windows File Explorer in Windows operating systems is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to disclose protected information...

5.5CVSS5.7AI score0.00466EPSS
Exploits1References2Affected Software16
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.3 views

The vulnerability of the Windows Management Services management tool allows attackers to increase their privileges.

The vulnerability of the Windows Management Services management tool in Windows operating systems is related to competitive access to resources race condition. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS5.8AI score0.00288EPSS
Exploits0References2Affected Software13
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.4 views

The vulnerability of the Win32 kernel subsystem in Windows operating systems allows attackers to increase their privileges.

The vulnerability of the Win32 kernel subsystem in Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS5.8AI score0.0045EPSS
Exploits0References2Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.2 views

The vulnerability of the Vasion Print Virtual Appliance Host and Print Application software for management, control, and process automation lies in the presence of unused code, which allows attackers to exploit their privileges and execute arbitrary code.

The vulnerability of the Vasion Print Virtual Appliance Host and Print Application software for process management, control, and organization is related to the presence of unused code. Exploiting this vulnerability can allow a remote attacker to enhance their privileges and execute arbitrary code...

10CVSS6.1AI score0.01322EPSS
Exploits1References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.3 views

The vulnerability of TeamViewer’s remote control software lies in the improper definition of the link before accessing the file. This allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of TeamViewer’s remote control software relates to the incorrect definition of the link before access to the file is granted. Exploiting this vulnerability can allow a malicious individual to gain unauthorized access to protected information...

4.7CVSS5.8AI score0.00129EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.7 views

The vulnerability of the Nimes Backup and Recovery software for automated backup and data recovery operations lies in its lack of measures to neutralize special elements used in the operating system commands. This allows attackers to execute arbitrary commands.

The vulnerability of the Nimes Backup and Recovery software for automated backup and data recovery operations is related to the lack of measures taken to neutralize special elements used in the operating system’s command line. Exploiting this vulnerability allows a malicious actor to execute...

10CVSS7.5AI score0.01307EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.3 views

The vulnerability of the network firewall for protecting web applications – ModSecurity – arises from insufficient validation of input data. This allows attackers to bypass the rules of the WAF.

The vulnerability of the network firewall for protecting web applications related to ModSecurity lies in insufficient validation of input data during the processing of the SecParseXmlIntoArgs parameter. Exploiting this vulnerability allows a malicious actor to bypass the rules of the WAF...

7.8CVSS7.4AI score0.00346EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.3 views

The vulnerability of the passPrompt() function in the USB Protection Service component of the MicroWorld eScan Antivirus antivirus software allows a hacker to execute arbitrary code.

The vulnerability of the passPrompt function in the USB Protection Service component of the MicroWorld eScan Antivirus antivirus software for Linux operating systems is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to...

5.3CVSS6.5AI score0.00335EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.3 views

The vulnerability of the SAP S/4HANA software platform, related to the failure to implement protective measures for SQL query structures, allows attackers to gain unauthorized access to protected information.

The vulnerability of the SAP S/4HANA software platform lies in the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to protected information by sending specially crafted SQL queries...

9.9CVSS6.1AI score0.00414EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.5 views

The vulnerability of the window manager for desktop workstations in Windows operating systems allows attackers to disclose protected information.

The vulnerability of the Desktop Window Manager DWM in Windows operating systems relates to the display of information. Exploiting this vulnerability can allow an attacker to reveal protected information displayed by the Desktop Window Manager...

5.5CVSS6.1AI score0.05028EPSS
Exploits5References4Affected Software20
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.3 views

The vulnerability of the Apache Struts software platform, related to the lack of authenticity checking for XML documents, allows attackers to execute XXE attacks.

The vulnerability of the Apache Struts software platform is related to the lack of authenticity checking for XML documents. Exploiting this vulnerability allows a malicious actor to perform XXE attacks remotely...

9.4CVSS6AI score0.23054EPSS
Exploits1References2Affected Software1
Total number of security vulnerabilities90709