The vulnerability in the checkBan.js script of the LibreChat artificial intelligence-based platform allows a violator to trigger a service denial.

The vulnerability of the checkBan.js script on the LibreChat AI-based platform involves an uncontrolled consumption of resources. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability of the spk_ttyio_receive_buf2() function in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the spkttyioreceivebuf2 function in the Linux operating system is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of IBM Concert Software’s artificial intelligence-based automation tools lies in the insufficient protection of sensitive data. This allows attackers to gain unauthorized access to protected information.

The vulnerability of IBM Concert Software’s artificial intelligence-based automation tools stems from insufficient protection of operational data due to the use of incompatible policies. Exploiting this vulnerability can allow unauthorized actors to gain unauthorized access to protected informati...

The vulnerability of the net/mac80211 component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the net/mac80211 component in the Linux operating system’s kernel is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the io_init_wq_offload() function in the io_uring.c component of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the ioinitwqoffload function in the iouring.c component of the Linux kernel relates to improper memory release before deleting the last reference. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the driver_register() function in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the driverregister function in the Linux operating system’s kernel is related to improper memory release before deleting the last pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the subflow_error_report() component in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the subflowerrorreport component in the Linux operating system is related to insufficient blocking mechanisms. Exploiting this vulnerability could allow an attacker to trigger a service failure...

The vulnerability of the fib6_nh_flush_exceptions() function in the net/ipv6/route.c component of the Linux operating system allows a attacker to cause a service failure.

The vulnerability of the fib6nhflushexceptions function in the net/ipv6/route.c component of the Linux operating system is related to reading data from the buffer beyond its allowable limits. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the enic_hard_start_xmit() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the enichardstartxmit function in the Linux operating system is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the `siw_alloc_mr()` function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the siwallocmr function in the Linux operating system is related to the use of memory after it has been freed. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the data loading function from the arxiv scientific article archive in the GPT Academic machine learning application allows a hacker to perform an SSRF attack.

The vulnerability of the data loading function in the arxiv scientific article application for machine learning GPT Academic is related to insufficient verification of incoming requests. Exploiting this vulnerability could allow a malicious actor to execute an SSRF attack remotely...

The vulnerability of the server console for managing Fortinet FortiClient Enterprise Management Server programs allows a perpetrator to execute a brute-force attack.

The vulnerability of the server console for managing Fortinet FortiClient Enterprise Management Server EMS is related to the lack of authentication attempt limits. Exploiting this vulnerability allows a malicious actor to execute a brute-force attack remotely...

The vulnerability of the queued_write_lock_slowpath() function in the locking/qrwlock.c component of the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the queuedwritelockslowpath function in the locking/qrwlock.c component of the Linux operating system’s kernel is related to the disclosure of information in the erroneous data area. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the lpspi_prepare_xfer_hardware() function in the drivers/spi/spi-fsl-lpspi.c component of the Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the lpspipreparexferhardware function in the drivers/spi/spi-fsl-lpspi.c component of the Linux kernel is related to a resource leak. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability in the `drivers/accessibility/speakup/spk_ttyio.c` component of the Linux kernel allows a malicious actor to trigger a service failure.

The vulnerability in the drivers/accessibility/speakup/spkttyio.c component of the Linux kernel relates to the release of an incorrect pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the `snd_usb_pcm_has_fixed_rate()` function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the sndusbpcmhasfixedrate function in Linux kernel is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Adobe Bridge file manager, caused by a loss of precision for an integer, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Bridge file manager arises from a loss of precision for a whole number. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user, using a specially created file...

The vulnerability of the microprogramming software of the Rockwell Automation PowerMonitor 1000 monitoring and control device, related to buffer overflow in dynamic memory, allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the microprogramming software of the Rockwell Automation PowerMonitor 1000 monitoring and control device is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or cause a service failure...

The vulnerability of the IBM Robotic Process Automation software installer allows a perpetrator to enhance their privileges.

The vulnerability of the IBM Robotic Process Automation software installer is related to errors in inherited permissions. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the IBM Sterling Secure Proxy proxy server stems from the improper validation of specified input types, allowing attackers to execute arbitrary commands.

The vulnerability of the IBM Sterling Secure Proxy proxy server is related to incorrect validation of the specified data type during input processing. Exploiting this vulnerability could allow a malicious actor to execute arbitrary commands remotely...

The vulnerability of the EVStgOfflineOpns service for archiving corporate information in Vault Enterprise allows a perpetrator to execute arbitrary code.

The vulnerability of the EVStgOfflineOpns service on the corporate information archiving platform Vault Enterprise is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted data...

The vulnerability of the IBM Sterling Secure Proxy proxy server arises from the improper assignment of permissions for the critical resource. This allows a malicious actor to gain unauthorized access to read, modify, or delete data.

The vulnerability of the IBM Sterling Secure Proxy proxy server is related to the improper assignment of permissions for the critical resource. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to read, modify, or delete data...

The vulnerability of the File Entity module in the Drupal CMS system, which allows attackers to disclose protected information

The vulnerability of the Drupal File Entity CMS system is related to the disclosure of information during data transmission. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected information...

The vulnerability of the PT MC components of the security control systems—PT MaxPatrol SIEM, PT MaxPatrol VM, PT MaxPatrol EDR, PT MaxPatrol Carbon, and PT MaxPatrol O2—allows attackers to enhance their privileges.

The vulnerability of the PT MaxPatrol SIEM, PT MaxPatrol VM, PT MaxPatrol EDR, PT MaxPatrol Carbon, and PT MaxPatrol O2 security control components is related to improper authentication. Exploiting this vulnerability can allow attackers, operating remotely, to gain increased privileges...

Microsoft Edge’s vulnerability related to access control errors allows attackers to escalate their privileges.

The vulnerability of Microsoft Edge is related to access control errors. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

The vulnerability of the autologin.cgi and hotspotlogin.cgi scripts of Teltonika’s RUT955 router software allows a hacker to execute arbitrary commands with root privileges.

The vulnerabilities of the autologin.cgi and hotspotlogin.cgi scripts in Teltonika’s RUT955 router microprogramming software exist due to the lack of measures to neutralize these special elements. Exploiting these vulnerabilities allows a malicious actor to execute arbitrary commands with root...

The vulnerability of MacOS operating systems, related to state management errors, allows a perpetrator to trigger a service failure.

The vulnerability of MacOS operating systems is related to state management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability in the dllog.cgi script of D-Link DIR-878 microprogramming devices allows a hacker to gain unauthorized access to protected information.

The vulnerability of the dllog.cg script in D-Link DIR-878 router microprogramming software is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Navigation function in Google Chrome and Microsoft Edge allows a hacker to bypass existing security restrictions and perform a substitution of the user interface.

The vulnerability of the Navigation function in Google Chrome and Microsoft Edge relates to bypassing authentication through spoofing. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions and replace the user interface with a specially created HTML...

The vulnerability of the Metrics component in Google Chrome and Microsoft Edge allows a hacker to execute arbitrary code.

The vulnerability of the Metrics component in Google Chrome and Microsoft Edge relates to reading data beyond the permitted range in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code using a specially created HTML page...

Vulnerability of microprogrammed software in PLANET Technology switches, related to buffer overflow in the stack, allowing a hacker to execute arbitrary code.

The vulnerability of PLANET Technology’s microprogrammed switching software is related to buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted HTTP request...

The vulnerability of SimpleHelp’s software for remote support lies in the insecure management of privileges, allowing a perpetrator to escalate their privileges.

The vulnerability of SimpleHelp’s software for remote support is related to insecure management of privileges. Exploiting this vulnerability allows a malicious actor to elevate their privileges to the root level...

The vulnerability of the BitLocker component of the Windows operating system, which allows a perpetrator to gain unauthorized access to protected information

The vulnerability of the BitLocker component of the Windows operating system is related to competitive access to resources a state of competition. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

The vulnerability of the PDF document viewing program Foxit PDF Reader (formerly Foxit Reader) lies in its memory usage after decompression. This allows a hacker to execute arbitrary code.

The vulnerability of the PDF document viewing program Foxit PDF Reader formerly Foxit Reader relates to the use of memory after deallocation. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code using a specially created JavaScript script...

The vulnerability of the QuTS operating systems and QTS network devices allows unauthorized access to protected information with root privileges, due to insufficient handling of format lines.

The vulnerability of the QuTS operating systems and QTS network devices involves insufficient handling of the format string. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information with root privileges...

The vulnerability of the Substance 3D Stager software lies in the possibility of an operation going beyond the buffer boundaries in memory, allowing a hacker to execute arbitrary code.

The vulnerability of the Substance 3D Stager software relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user, using a specially created malware file...

The vulnerability of the Navigation function in Google Chrome and Microsoft Edge allows attackers to escalate their privileges.

The vulnerability of the Navigation function in Google Chrome and Microsoft Edge exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability can allow a malicious actor to enhance their privileges through a specially created HTML page...

The vulnerability of the Azure Database for PostgreSQL Flexible Server’s database management system lies in the lack of measures taken at the control level to clean data. This allows attackers to execute arbitrary code and increase their privileges.

The vulnerability of the Azure Database for PostgreSQL Flexible Server database management system is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code and increase their...

The vulnerability of the Adobe Framemaker desktop publishing system arises from buffer overflows in the stack, allowing an attacker to execute arbitrary code.

The vulnerability of the desktop publishing system Adobe Framemaker arises from an overflow in the buffer of the stack. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user, using a specially created file...

The vulnerability of the IBM Safer Payments security measure lies in its ability to allow unlimited distribution of resources, which enables a perpetrator to trigger a service failure.

The vulnerability of the IBM Safer Payments security tool is related to the unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability of the telnetd daemon in the microprogramming-based router software of Tenda AC8, AC10, and AC18 allows a hacker to execute arbitrary commands.

The vulnerability of the telnetd microprogramming system for Tenda AC8, AC10, and AC18 routers is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the EVTaskGuardian service of the Vault Enterprise platform for archiving corporate information allows a perpetrator to execute arbitrary code.

The vulnerability of the EVTaskGuardian service, a platform for archiving corporate information in Vault Enterprise, is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted data...

The vulnerability of the formSetDevNetName() function (implemented in the goform/SetDevNetNam library) in the Tenda A15 router software allows a attacker to execute arbitrary code or cause service interruptions.

The vulnerability of the formSetDevNetName function implemented in the goform/SetDevNetNam microprogramming environment for Tenda A15 routers is related to the issue where the operation’s output goes beyond the buffer boundaries in memory when processing the mac parameter. Exploiting this...

The vulnerability of the iwl_mvm_send_recovery_cmd function in the drivers/net/wireless/intel/iwlwifi/mvm/fw.c file of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the iwlmvmsendrecoverycmd function in the drivers/net/wireless/intel/iwlwifi/mvm/fw.c module of the Linux kernel is related to the copying of buffers without checking the input data. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the Skia graphic library used by Google Chrome and Microsoft Edge allows attackers to perform cross-site scripting attacks.

The vulnerability of the Skia graphic library in Google Chrome and Microsoft Edge is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created HTML page...

The vulnerability of the `saveRequestFiles` function in the Fastify JavaScript software framework allows a hacker to trigger a service failure.

The vulnerability of the saveRequestFiles function in the Fastify JavaScript software framework is related to the use of incorrect authentication tokens due to unlimited resource distribution. Exploiting this vulnerability could allow a malicious actor to cause service failures by sending special...

The vulnerability of SimpleHelp’s software for remote support stems from an incorrect limitation on the path to the restricted-access directory, allowing a perpetrator to disclose protected information.

The vulnerability of SimpleHelp’s software for remote support is related to an incorrect limitation on the path to the restricted-access directory. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...

The vulnerability of the software used for developing and executing applications in the ABAP language on the SAP NetWeaver Application Server ABAP lies in the lack of measures taken to protect the SQL query structure. This allows attackers to execute arbitrary code.

The vulnerability of the software used for developing and executing applications in the ABAP language on the SAP NetWeaver Application Server ABAP is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitra...

The vulnerability of the Command Line Interface (CLI) of the Fortinet FortiClient security device allows a perpetrator to increase their privileges and execute arbitrary code.

The vulnerability of the Command Line Interface CLI of the Fortinet FortiClient security device relates to bypassing the authentication process by using an alternative path or channel. Exploiting this vulnerability allows an attacker to enhance their privileges and execute arbitrary code by sendi...

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management allows a perpetrator to gain access to read, modify, and delete data.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management involves the use of open redirection. Exploiting this vulnerability could allow an attacker to gain read, modify, and delete access to data...