The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management allows a perpetrator to gain access to read, modify, and delete data.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management involves the use of open redirection. Exploiting this vulnerability could allow an attacker to gain read, modify, and delete access to data...

The vulnerability of the graphical interface of the microprogramming software for the FortiRecorder surveillance system allows a intruder to read arbitrary files.

The vulnerability of the graphical interface of the microprogramming software for the video surveillance system FortiRecorder is related to errors in processing the relative path to the directory. Exploiting this vulnerability allows a malicious actor to read arbitrary files by sending specially...

The vulnerability of the Substance 3D Stager software lies in the possibility of an operation going beyond the buffer boundaries in memory, allowing a hacker to execute arbitrary code.

The vulnerability of the Substance 3D Stager software-related 3D design software is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a hacker to execute arbitrary code in the context of the current user, using a specially created...

The vulnerability of the Substance 3D Stager software lies in the overflow of buffers in dynamic memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Substance 3D Stager software lies in the overflow of memory buffer in dynamic memory. Exploiting this vulnerability allows a hacker to execute arbitrary code in the context of the current user, using a specially created malicious file...

The vulnerability of the Compositing component in Google Chrome and Microsoft Edge browsers allows attackers to replace the user interface.

The vulnerability of the Compositing component in Google Chrome and Microsoft Edge exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to replace the user interface with a specially created HTML page...

The vulnerability of the Microsoft OneNote note-taking software for the Mac OS allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft OneNote software for the Mac OS relates to incorrect restrictions on file names and other resources. Exploiting this vulnerability could allow a perpetrator to execute arbitrary code...

The vulnerability of the Microsoft.SqlServer.XEvent.Configuration.dll file in the Microsoft SQL Server relational database management system allows a attacker to execute arbitrary code.

The vulnerability of the Microsoft.SqlServer.XEvent.Configuration.dll file in the Microsoft SQL Server database management system is related to the use of an insecure search path. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially created DLL...

The vulnerability of the Azure Database for PostgreSQL Flexible Server’s database management system lies in the lack of measures taken at the control level to clean data. This allows attackers to execute arbitrary code and increase their privileges.

The vulnerability of the Azure Database for PostgreSQL Flexible Server database management system is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code and increase their...

The vulnerability in the web interface of the industrial process visualization and control system, mySCADA myPRO Runtime, and the mySCADA myPRO Manager platform, allows a perpetrator to execute arbitrary code.

The vulnerability of the web interface of the industrial process visualization and control system, mySCADA myPRO Runtime, and the mySCADA myPRO Manager platform, is related to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this...

The vulnerability of the professional video editing software Adobe Premiere Pro, caused by buffer overflows in the queue, allows a hacker to execute arbitrary code.

The vulnerability of the professional video editing software Adobe Premiere Pro stems from buffer overflows in the queue. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user, using a specially created file...

The vulnerability of the EVStgOfflineOpns service on the Vault Enterprise platform for archiving corporate information allows a perpetrator to execute arbitrary code.

The vulnerability of the EVStgOfflineOpns service of the corporate information archiving platform Vault Enterprise is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted data...

The vulnerability of the EVExchangeWebServicesProxy service of the Vault Enterprise platform for archiving corporate information allows a perpetrator to execute arbitrary code.

The vulnerability of the EVExchangeWebServicesProxy service of the Vault Enterprise platform for archiving corporate information is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially craft...

The vulnerability of the Gatekeeper component of the macOS operating system, related to access control errors, allows a perpetrator to influence the integrity of data.

The vulnerability of the Gatekeeper component in the macOS operating system is related to access control errors. Exploiting this vulnerability could allow a perpetrator to influence the integrity of data...

The vulnerability of the ASUS AiCloud cloud platform, related to the lack of measures taken to clean data at the management level, allows a perpetrator to execute arbitrary commands.

The vulnerability of the ASUS AiCloud cloud platform lies in the lack of measures taken at the management level to clean data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

The vulnerability of the macOS operating system, related to access control errors, allows a perpetrator to influence data integrity.

The vulnerability of the macOS operating system is related to access control errors. Exploiting this vulnerability can allow an attacker to influence data integrity...

The vulnerability of MediaTek’s microprogramming software lies in buffer overflows in the stack, allowing attackers to execute arbitrary code.

The vulnerability of MediaTek’s microprogramming software is related to buffer overflow in the stack. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to replace the user interface.

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to replace the user interface with a specially created HTML page...

The vulnerability of the Tracing component in Google Chrome and Microsoft Edge allows attackers to execute cross-site scripting attacks.

The vulnerability of the Tracing component in Google Chrome and Microsoft Edge is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created HTML page...

The vulnerability of the client authenticity verification mechanism in Microsoft Digest operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the client authenticity verification mechanism in Microsoft Digest operating systems for Windows is related to the use of unsafe mechanisms for processing authentication data in the operating system’s memory. Exploiting this vulnerability allows a remote attacker to execute...

Vulnerability of Microsoft Office package applications, Microsoft 365 Apps for Enterprise, and Microsoft Access database management systems, related to buffer overflows in dynamic memory, allowing attackers to execute arbitrary code.

The vulnerability of Microsoft Office packages, Microsoft 365 Apps for Enterprise, and the Microsoft Access database management system is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the web interface of Microprogramming Software for WI-Fi routers from Sharp allows a hacker to elevate their privileges and execute arbitrary commands.

The vulnerability of the web interface of Microprogramming Software-based Wi-Fi routers from Sharp is related to insufficient protection of operational data during code debugging. Exploiting this vulnerability can allow a remote attacker to enhance their privileges and execute arbitrary commands...

The vulnerability of SAP NetWeaver AS ABAP and SAP ABAP Platform integration platforms, related to insufficient protection of operational data, allows attackers to gain unauthorized access to protected information.

The vulnerability of SAP NetWeaver AS ABAP and SAP ABAP Platform integration platforms is related to insufficient protection of operational data. Exploiting this vulnerability can allow unauthorized actors to gain unauthorized access to protected information...

The vulnerability of the Apache Superset data visualization software lies in its flawed error reporting mechanism, which allows attackers to gain unauthorized access to protected information.

The vulnerability of Apache Superset’s data visualization software is related to deficiencies in the error reporting mechanism. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the GraphQL Query Handler component of the software platform based on Git, which is used for collaborative code development in GitLab EE/CE, allows a perpetrator to access confidential information.

The vulnerability of the GraphQL Query Handler component in the Git-based software platform, which is used for collaborative code development in GitLab EE/CE, is related to the absence of authentication. Exploiting this vulnerability allows a malicious actor to gain access to confidential...

The vulnerability of the QuTS operating systems and QTS network devices allows unauthorized access to protected information with root privileges, due to insufficient handling of format lines.

The vulnerability of the QuTS operating systems and QTS network devices involves insufficient handling of the format string. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information with root privileges...

The vulnerability of the Substance 3D Stager software lies in buffer overflows in the stack, allowing an attacker to execute arbitrary code.

The vulnerability of the Substance 3D Stager software lies in buffer overflow attacks within the stack. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user, using a specially created malicious file...

The vulnerability of the privacy protection function of Fenced Frames in Google Chrome and Microsoft Edge allows attackers to gain unauthorized access to protected information.

The vulnerability of the Privacy-Fenced Frames function in Google Chrome and Microsoft Edge exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially...

The vulnerability of the Payments component in Google Chrome and Microsoft Edge allows a hacker to bypass existing security restrictions and perform a substitution of the user interface.

The vulnerability of the Payments component in Google Chrome and Microsoft Edge involves exploiting authentication bypass techniques. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions and replace the user interface with a specially created HTML pa...

The vulnerability of the Extensions component in Google Chrome and Microsoft Edge browsers allows attackers to bypass existing security restrictions and perform substitution attacks on user interfaces.

The vulnerability of the Extensions component in Google Chrome and Microsoft Edge involves bypassing authentication through spoofing. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions and replace the user interface...

The vulnerability of the Adobe Photoshop graphic editor lies in its uncontrolled search path, which allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Photoshop graphic editor is related to an uncontrolled element in the search process. Exploiting this vulnerability can allow a hacker to execute arbitrary code...

Vulnerability of the UI module for business management in Bitrix24 and the 1C-Bitrix content management system: A module that allows attackers to execute arbitrary code

Vulnerability of the UI module for business management in Bitrix24 and the 1C-Bitrix website content management system: Website management involves failing to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a speciall...

The vulnerability of the IBM Voice Gateway, a integration tool for voice and multimedia services, arises from the lack of measures taken to neutralize special elements used in XML. This vulnerability allows attackers to enhance their privileges.

The vulnerability of the IBM Voice Gateway, a integration tool for voice and multimedia services, is related to the lack of measures taken to neutralize special elements used in XML. Exploiting this vulnerability can allow attackers to enhance their privileges remotely...

The vulnerability of the microprogramming software of the Rockwell Automation PowerMonitor 1000 device, caused by buffer overflows, allows a hacker to trigger a maintenance failure.

The vulnerability of the microprogramming software of the Rockwell Automation PowerMonitor 1000 monitoring and control device is caused by buffer overflow. Exploiting this vulnerability can allow a malicious actor to cause a service failure remotely...

The vulnerability of the EVMonitoring service of the Vault Enterprise platform for archiving corporate information allows a perpetrator to execute arbitrary code.

The vulnerability of the EVMonitoring service of the Vault Enterprise platform for archiving corporate information is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted data...

The vulnerability of the MonitoringMiddleTier service of the Vault Enterprise platform for archiving corporate information allows a perpetrator to execute arbitrary code.

The vulnerability of the MonitoringMiddleTier server service of the Vault Enterprise platform for archiving corporate information is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially...

Microsoft Edge’s vulnerability, related to deficiencies in access control, allows attackers to escalate their privileges.

The vulnerability of Microsoft Edge relates to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the Network Stack module in Qualcomm’s embedded software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the Network Stack module in Qualcomm’s embedded software lies in the copying of buffers without checking the size of the input data during the processing of IPA structures. Exploiting this vulnerability can allow an attacker to execute arbitrary code or cause system failures...

The vulnerability of the Four-Faith F3x24 router’s microprogramming software, related to the lack of authentication, allows a hacker to execute arbitrary code.

The vulnerability of the Four-Faith F3x24 router’s microprogramming software is related to the absence of authentication. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Cleo Harmony, VLTrader, and LexiCom software platforms lies in their ability to allow unlimited loading of dangerous files, enabling attackers to execute arbitrary code.

The vulnerability of the software platforms Cleo Harmony, VLTrader, and LexiCom is related to the unlimited loading of dangerous files. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Samsung Smart Switch data transfer service for the Android operating system allows a hacker to influence the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Samsung Smart Switch data transfer service for the Android operating system is related to errors in verifying the cryptographic signature. Exploiting this vulnerability allows a malicious actor to influence the confidentiality, integrity, and accessibility of the protecte...

The vulnerability of the libsaped.so library in Android operating systems allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the libsaped.so library in Android operating systems of Samsung mobile devices relates to the use of memory after deallocation. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

The vulnerability of microprogrammed software in PLANET Technology switches arises from the failure to take measures to neutralize special elements, allowing attackers to execute arbitrary code.

The vulnerability of PLANET Technology’s microprogrammed software exists due to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created malicious HTTP request...

The vulnerability of microprogrammed software in PLANET Technology switches, related to a countable loss of significance, allows attackers to trigger a service failure.

The vulnerability of PLANET Technology’s microprogrammed software is related to a countable degree of significance loss. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures through a specially created malicious HTTP request...

The vulnerability of the software used for developing and executing applications in the ABAP language on the SAP NetWeaver Application Server ABAP lies in the lack of authentication procedures. This allows attackers to increase their privileges.

The vulnerabilities of the software used for developing and executing applications in the ABAP language on the SAP NetWeaver Application Server ABAP are related to deficiencies in the authentication process. Exploiting these vulnerabilities can allow attackers, operating remotely, to increase the...

The vulnerability of the Remote Support remote support tool and the Privileged Remote Access remote access tool lies in the lack of measures taken to neutralize special elements used in the operating system’s command set. This allows attackers to enhance their privileges and execute arbitrary commands.

The vulnerability of the BeyondTrust Remote Support and Privileged Remote Access software lies in the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute...

The vulnerability of the SAP NetWeaver Virus Scan Interface (NW-VSI) programming integration platform for SAP NetWeaver Application Server ABAP and ABAP Platform allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the SAP NetWeaver Virus Scan Interface NW-VSI software integration platform for SAP NetWeaver Application Server ABAP and ABAP Platform is related to a flaw in the data protection mechanism. Exploiting this vulnerability allows an attacker to compromise the confidentiality,...

The vulnerabilities of the QuTS operating systems and QTS network devices from Qnap are related to errors in the certificate validation process, which allow attackers to trigger service interruptions.

The vulnerability of the QuTS operating systems and QTS network devices involves errors in the certificate validation process. Exploiting this vulnerability allows a malicious actor to cause service failures...

The vulnerability of the Substance 3D Stager software lies in the possibility of an operation going beyond the buffer boundaries in memory, allowing a hacker to execute arbitrary code.

The vulnerability of the Substance 3D Stager software relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a hacker to execute arbitrary code in the context of the current user, using a specially created malicious file...

The vulnerability of the Frames component in Google Chrome and Microsoft Edge allows attackers to bypass existing security restrictions and perform substitution attacks on user interfaces.

The vulnerability of the Frames component in Google Chrome and Microsoft Edge involves bypassing authentication through spoofing. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions and replace the user interface with a specially created HTML page...

The vulnerability of the application programming interfaces of Google Chrome and Microsoft Edge allows a hacker to bypass existing security restrictions and perform a substitution of the user interface.

The vulnerability of the application programming interfaces of Google Chrome and Microsoft Edge relates to the bypassing of authentication processes through spoofing techniques. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions and replace the use...