The vulnerability of the 3D model texturing program Adobe Substance 3D Designer, related to writing beyond the buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of the 3D model texturing program Adobe Substance 3D Designer lies in the writing of code beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

The vulnerability of the NCompress::NRar5::CDecoder method in the RAR5 archive decoder and 7-Zip compressor allows a hacker to trigger a service failure.

The vulnerability of the NCompress::NRar5::CDecoder decoder in the RAR5 archiver 7-Zip tool is related to the possibility of buffer overflow attacks. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the AES-XTS encryption algorithm implementation in single-Chip Microcontrollers ESP32-S2 and ESP32-S2F allows a attacker to compromise the confidentiality of the protected information.

The vulnerability of the AES-XTS encryption algorithm implemented in single-Chip Microcontrollers ESP32-S2 and ESP32-S2F is related to the number of surfaces that are vulnerable, with their quantitative measurement exceeding the desired maximum. Exploiting this vulnerability can allow attackers t...

The vulnerability of the Vnet/IP SCADA system’s interface of Yokogawa CENTUM VP allows a intruder to trigger a service failure.

The vulnerability of the Vnet/IP SCADA system of Yokogawa CENTUM VP is related to an uncontrolled and unauthorized access. Exploiting this vulnerability could allow a malicious actor to cause service interruptions by sending specially crafted packets...

The vulnerability of the Vnet/IP SCADA system’s interface of Yokogawa CENTUM VP allows a intruder to trigger a service failure.

The vulnerability of the Vnet/IP SCADA system of Yokogawa CENTUM VP is related to the incorrect processing of parameter length discrepancies. Exploiting this vulnerability allows a malicious actor to trigger a service failure by sending specially crafted packets...

The vulnerability of IDrive’s backup software lies in its lack of access control mechanisms, which allows attackers to escalate their privileges.

The vulnerability of IDrive backup software is related to deficiencies in access control. Exploiting this vulnerability could allow attackers to enhance their privileges...

The vulnerability of the software_node_get_reference_args() function in the Linux operating system allows a hacker to compromise the confidentiality of the protected information.

The vulnerability of the softwarenodegetreferenceargs function in the Linux operating system is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality of the protected information...

The vulnerability of the NArchive::NCom::CHandler::GetStream method in the 7-Zip archive processor’s Compound component allows a attacker to cause a service failure.

The vulnerability of the NArchive::NCom::CHandler::GetStream method in the 7-Zip compressor’s Compound archive handler is related to pointer swapping errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the `ets_unpack_flash_code_legacy` and `UartRxString` functions in single-Cortex microcontrollers ESP32-S2, ESP32-S2F, allows a hacker to execute arbitrary code.

The vulnerability of the etsunpackflashcodelegacy and UartRxString functions in single-Cortex-Microcontroller ESP32-S2 and ESP32-S2F is related to an exposed surface whose quantitative measurement exceeds the desired maximum. Exploiting this vulnerability can allow a attacker to execute arbitrary...

The vulnerability of the "Yandex.Telemost" video conference software for macOS allows a hacker to elevate their privileges and gain access to the device’s hardware resources.

The vulnerability of the "Yandex.Telemost" video conference software lies in the use of an unreliable search path. Exploiting this vulnerability can allow attackers to enhance their privileges and gain access to the device’s hardware resources...

The vulnerability of the Vnet/IP SCADA system’s interface of Yokogawa CENTUM VP allows a intruder to trigger a service failure.

The vulnerability of the Vnet/IP SCADA system of Yokogawa CENTUM VP is related to an uncontrolled and unauthorized access. Exploiting this vulnerability could allow a malicious actor to cause service interruptions by sending specially crafted packets...

The vulnerability of the software for organizing and managing knowledge bases and documentation, KBPublisher, arises from the lack of protective measures for website structures. This allows attackers to carry out XSS attacks.

The vulnerability of the software for organizing and managing knowledge bases and documentation, KBPublisher, is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks...

The vulnerability of the Yandex.Messenger for macOS, related to the use of an insecure search path, allows a hacker to elevate their privileges and gain access to the device’s hardware resources.

The vulnerability of the Yandex.Messenger for macOS relates to the use of an insecure search path. Exploiting this vulnerability can allow a hacker to gain increased privileges and access to the device’s hardware resources...

The vulnerability of Adobe Connect web conference software, related to deficiencies in the deserialization mechanism, allows attackers to execute arbitrary code.

The vulnerability of Adobe Connect web conference software is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the 3D model texturing program Adobe Substance 3D Designer, related to writing beyond buffer boundaries in memory, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the 3D model texturing program Adobe Substance 3D Designer lies in the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

The vulnerability of the JetBrains YouTrack project management and task management software, related to the lack of an authentication process that allows attackers to perform spear-phishing attacks.

The vulnerability of the JetBrains YouTrack project management and task management software is related to the absence of an authentication process. Exploiting this vulnerability allows a malicious actor to carry out spear-phishing attacks remotely...

The vulnerability of the smb_extract_folioq_to_rdma() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the smbextractfolioqtordma function in the Linux operating system is related to the violation of the buffer boundary. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the SDK – Software Development Kit for product lifecycle management software for Oracle Agile PLM Framework, allowing a perpetrator to access confidential information

The vulnerability of the SDK-Software Development Kit, a software tool for managing product lifecycles in Oracle Agile PLM Framework enterprises, is related to improper authentication. Exploiting this vulnerability can allow an attacker, operating remotely, to access confidential information...

The vulnerability of the Flash Cache component in single-Core Microcontrollers ESP32-S2, ESP32-S2F, allows a hacker to read the cached data again.

The vulnerability of the Flash Cache component in single-Core Microcontrollers ESP32-S2 and ESP32-S2F is related to improper protection against voltage spikes and clock speeds. Exploiting this vulnerability allows an attacker to reread cached data by triggering a reset pulse directly before...

The vulnerability of the HTML-to-PDF converter spipu/html2pdf allows a hacker to modify the logic of the application’s operation.

The vulnerability of the HTML-to-PDF converter in spipu/html2pdf is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to modify the application’s logic using specially created objects of arbitrary classes...

The vulnerability of the TTY driver in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the TTY driver in Linux operating systems is related to incorrect initialization of resources. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of the Alpha diagnostic automation tool lies in its uncontrolled search path, which allows attackers to exploit their privileges.

The vulnerability of the Alpha.diagnostics automation diagnostic tool is related to an uncontrollable element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability in the fs/f2fs/inode.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the fs/f2fs/inode.c module of the Linux operating system is related to mutual locking of execution threads. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Modbus programmable logic controller DELTA AS320T protocol allows a intruder to trigger a service failure or execute arbitrary code.

The vulnerability of the Modbus-programmable logical controller DELTA AS320T lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability allows an attacker to cause service failures or execute arbitrary code...

Yandex Music

...

The vulnerability of the Renesas Electronics RH850/F1L microcontroller, related to improper protection against voltage spikes and clock frequency fluctuations, allows a hacker to gain access to the protected information.

The vulnerability of the Renesas Electronics RH850/F1L microcontroller is related to improper protection against voltage spikes and clock frequency fluctuations. Exploiting this vulnerability can allow an attacker to gain access to the protected information...

The vulnerability of the GoldenDB database management system, related to deficiencies in access control, allows attackers to enhance their privileges and gain unauthorized access to protected information.

The vulnerability of the GoldenDB database management system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to enhance their privileges and gain unauthorized access to protected information by sending specially crafted queries...

The vulnerability of the functions xe_mmio_read() and xe_mmio_write() in the kernel module drivers/gpu/drm/xe/xepci.c of Linux operating systems allows a hacker to cause a service failure.

The vulnerability of the xemmioread and xemmiowrite functions in the drivers/gpu/drm/xe/xepci.c kernel module of Linux operating systems is related to improper initialization of resources. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of the `fbnic_mbx_map_msg()` function in the `drivers/net/ethernet/meta/fbnic/fbnic_fw.c` module of Linux kernel allows a hacker to cause a service failure.

The vulnerability of the fbnicmbxmapmsg function in the drivers/net/ethernet/meta/fbnic/fbnicfw.c file of Linux kernel leads to a recurrence of memory release. Exploiting this vulnerability could allow an attacker to cause a system failure...

The vulnerability of the driver module edac/igen6_edac.c in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the drivers/edac/igen6edac.c module in the Linux operating system is related to pointer manipulation. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Booco business automation platform lies in the improper limitation of the path name to the restricted access catalog. This allows attackers to create or overwrite files in the file system’s directories and execute arbitrary code.

The vulnerability of the Booco business automation platform is related to an incorrect restriction on the path name for restricted access catalogs. Exploiting this vulnerability allows a malicious actor to create or re-record files in file system catalogs and execute arbitrary code...

The vulnerability of the programmable logic controller DELTA AS320T, related to the presence of undocumented configuration commands, allows a intruder to cause malfunctions during maintenance.

The vulnerability of the programmable logic controller DELTA AS320T is related to the presence of undocumented configuration commands. Exploiting this vulnerability could allow a malicious actor to remotely cause a device to fail, forcing it to enter a standby mode...

The vulnerability of the GetScreen agent, a remote access platform, relates to insecure privilege management. This allows attackers to elevate their privileges to the root level.

The vulnerability of the remote access platform GetScreen Agent is related to insecure management of privileges. Exploiting this vulnerability can allow a hacker to elevate their privileges to the root level...

The vulnerability of the Vnet/IP SCADA system’s interface of Yokogawa CENTUM VP allows a intruder to trigger a service failure.

The vulnerability of the Vnet/IP SCADA system of Yokogawa CENTUM VP is related to an uncontrolled and unauthorized access. Exploiting this vulnerability could allow a malicious actor to cause service interruptions by sending specially crafted packets...

The vulnerability of Adobe Illustrator’s graphic editor, related to pointer naming errors, allows a hacker to trigger a service failure.

The vulnerability of Adobe Illustrator’s graphic editor is related to pointer assignment errors. Exploiting this vulnerability can allow attackers to trigger a service failure using a specially created malicious file...

The vulnerability of the ANGLE library in Google Chrome browser allows a hacker to bypass existing security restrictions.

The vulnerability of the ANGLE library in Google Chrome browsers arises from insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions by using a specially created HTML page...

The vulnerability of the nfs_return_empty_folio() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the nfsreturnemptyfolio function in the Linux operating system is related to errors during thread blocking. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the cs_dsp_mock_bin_bin_add_name_or_info() function in the drivers/firmware/cirrus/test/cs_dspMockBin.c module of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the csdspmockbinbinaddnameorinfo function in the drivers/firmware/cirrus/test/csdspMockBin.c module of the Linux kernel is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a system failure...

The vulnerability of the arch_bpf_trampoline_size() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the archbpftrampolinesize function in the Linux operating system is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to trigger a service failure...

The vulnerability of the dev_put() function in the net/atm/lec.c module of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the devput function in the net/atm/lec.c module of the Linux kernel is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the graphical interface of the Fortinet FortiSOAR software for coordinating the operation of cybersecurity systems and for managing real-time incident responses allows attackers to gain unauthorized access to protected information.

The vulnerability of the graphical interface of the software platform for coordinating the operation of cybersecurity systems and for managing real-time incident responses in Fortinet FortiSOAR is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability can...

The vulnerability of the embeddedAsarIntegrityValidation function and the onlyLoadAppFromAsar framework for writing Electron applications allows attackers to circumvent security restrictions and gain access to read and modify data.

The vulnerability of the embededAsarIntegrityValidation and onlyLoadAppFromAsar functions in the Electron application development framework is related to improper checking of integrity values. Exploiting this vulnerability can allow attackers to bypass security restrictions and gain access to rea...

The vulnerability of the power supply and bootrom memory systems in the Renesas Electronics RH850/F1L microcontroller allows a perpetrator to gain access to protected information.

The vulnerability of the power supply and the bootrom memory system of the Renesas Electronics RH850/F1L microcontroller is related to improper protection against voltage spikes and clock frequency failures. Exploiting this vulnerability can allow an attacker to gain access to the protected...

The vulnerability of the backup and recovery software for SyncBackTouch, related to deficiencies in access control, allows attackers to escalate their privileges.

The vulnerability of the backup and recovery software for SyncBackTouch is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the 3D model texturing program Adobe Substance 3D Designer, related to writing beyond buffer boundaries in memory, allows a hacker to gain unauthorized access to protected information.

The vulnerability of the 3D model texturing program Adobe Substance 3D Designer lies in the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

The vulnerability of the acpi_ps_complete_final_op() function in the drivers/acpi/acpica/psobject.c file of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the acpipscompletefinalop function in the drivers/acpi/acpica/psobject.c file of Linux kernels is related to the lack of memory release after the effective lifespan of the function has ended. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the GoldenDB database management system, related to insecure privilege management, allows attackers to elevate their privileges.

The vulnerability of the GoldenDB database management system is related to insecure management of privileges. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

The vulnerability of the FortiOS operating system’s SSL-VPN portal allows a hacker to cause a service failure.

The vulnerability of the SSL-VPN portal’s operating system FortiOS is related to operations that go beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...

The vulnerability of the web-based programmable logical controller DELTA AS320T allows a intruder to execute arbitrary code.

The vulnerability of the DELTA AS320T programmable logic controller web service is related to incorrect calculations of the size of the buffer space allocated. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

The vulnerability of Yandex.Disk’s cloud storage service for the iOS operating system, related to the use of an unreliable search path, allows a hacker to interrupt the search order in order to replace the executable file.

The vulnerability of Yandex.Disk’s cloud storage service for the iOS operating system is related to the use of an unreliable search path. Exploiting this vulnerability could allow a attacker to intercept the search order in order to replace the executable file with a malicious one...