90104 matches found
The vulnerability of the Directum HR Pro system, which exists due to insufficient verification of input data, allows a perpetrator to disclose protected information.
The vulnerability of the Directum HR Pro system exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to disclose protected information by sending a specially crafted POST request...
The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.
The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.
The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the inclusion of functions from an unverified and uncontrolled area. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the software for calculating positions of individual RTLS transponders in the SIMATIC RTLS Locating Manager lies in the lack of a mechanism for verifying input data during backup scenarios. This allows a malicious actor to execute arbitrary code with SYSTEM privileges.
The vulnerability of the software for calculating positions of individual RTLS transponders in the SIMATIC RTLS Locating Manager is related to deficiencies in the mechanism for verifying input data during backup scenario execution. Exploiting this vulnerability could allow an attacker, operating...
Blitz Identity Provider (Authentication server)
...
The vulnerability of the Directum Web Agent component of the Directum RX system, which arises due to insufficient validation of input data, allows a perpetrator to execute arbitrary code.
The vulnerability of the Directum Web Agent component of the Directum RX system exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a specially crafted file...
The vulnerability of the Directum RX ECM system, related to deficiencies in access control, allows a perpetrator to compromise data integrity.
The vulnerability of the Directum RX ECM system is related to deficiencies in access control. Exploiting this vulnerability could allow a remote attacker to compromise data integrity...
The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.
The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the MmMapIoSpace() function in the ThrottleBlood.sys driver allows a hacker to escalate their privileges, execute arbitrary code, or cause a service failure.
The vulnerability of the MmMapIoSpace function in the ThrottleBlood.sys driver, as part of the ThrottleStop utility, is related to open IOCTLs with insufficient access control. Exploiting this vulnerability could allow an attacker to enhance their privileges, execute arbitrary code, or cause...
The vulnerability of the Kerberos protocol for Windows operating systems allows attackers to increase their privileges.
The vulnerability of the Kerberos protocol for Windows operating systems is related to errors in the mechanism for handling relative pathnames to the directory. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...
The vulnerability in the drivers/bluetooth/btnxpuart.c module of Linux operating systems allows a hacker to cause a service failure.
The vulnerability in the drivers/bluetooth/btnxpuart.c module of Linux operating systems is related to incorrect resource management. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerabilities in the net/bluetooth/eir.c and net/bluetooth/mgmt.c modules of Linux kernel allow a hacker to cause a service failure.
The vulnerability in the net/bluetooth/eir.c and net/bluetooth/mgmt.c modules of Linux kernel systems relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...
The vulnerability of the Git-based software platform for collaborative code development in GitLab EE/CE lies in improper code generation management, allowing attackers to compromise the integrity of protected information.
The vulnerability of the Git-based software platform for collaborative code development in GitLab EE/CE is related to improper code generation management. Exploiting this vulnerability can allow a malicious actor to compromise the integrity of the protected information...
The vulnerability of the Git-based software platform for collaborative code development on GitLab EE/CE lies in the authentication procedures’ flaws, which allow unauthorized access to protected information by intruders.
The vulnerability of the Git-based software platform for collaborative code development in GitLab EE/CE is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the Mattermost instant messaging application, related to information disclosure, allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the Mattermost instant messaging application is related to the disclosure of information. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the NVIDIA Virtual GPU Manager driver, which allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the NVIDIA Virtual GPU Manager driver relates to the use of memory after it is released. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...
The vulnerability of the xmlHTMLPrintFileContext() function in the xmllint component of the Libxml2 library allows a attacker to disclose confidential information or enhance their privileges.
The vulnerability of the xmlHTMLPrintFileContext function in the xmllint component of the Libxml2 library is related to buffer overflows in dynamic memory. Exploiting this vulnerability could allow a malicious actor to disclose confidential information or gain elevated privileges...
The vulnerability of the Active Storage component of the Ruby on Rails software framework allows attackers to execute arbitrary code.
The vulnerability of the Active Storage component in the Ruby on Rails programming framework is related to insufficient checking of the intentions by the recipient of the broadcast message. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the final point /goform/getHomePageInfo of the microprogramming software for the Pix-Link LV-WR21Q router, which allows a hacker to trigger a service failure.
The vulnerability of the final point /goform/getHomePageInfo of the Pix-Link LV-WR21Q router’s microprogramming system is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the pre-processing processor Simcenter Femap, related to buffer overflow in dynamic memory, allows a hacker to execute arbitrary code.
The vulnerability of the pre-processing processor Simcenter Femap is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the rxe_qp_do_cleanup() function in the drivers/infiniband/sw/rxe/rxe_qp.c module of the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the rxeqpdocleanup function in the drivers/infiniband/sw/rxe/rxeqp.c module of the Linux operating system’s kernel involves pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the indx_read() function in the fs/ntfs3/index.c module of the NTFS file system in the Linux kernel allows a attacker to access protected information or cause service interruptions.
The vulnerability of the indxread function in the fs/ntfs3/index.c module of the NTFS file system in the Linux kernel is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to access protected information or cause service failures...
The vulnerability of the imxfb_probe() function in the drivers/video/fbdev/imxfb.c driver module allows a hacker to cause a service failure.
The vulnerability of the imxfbprobe function in the drivers/video/fbdev/imxfb.c driver for kernel-based graphics device drivers in the Linux operating system is related to the repeated release of previously released memory. Exploiting this vulnerability could allow an attacker to cause a service...
The vulnerability of the check_acpi_tpm2() function in the drivers/char/tpm/tpm_tis.c file of the Linux operating system’s alphabetic device driver module allows a attacker to cause a service failure.
The vulnerability of the checkacpitpm2 function in the drivers/char/tpm/tpmtis.c file of the Linux character device driver for TPM-based devices is related to improper memory release memory leak. Exploiting this vulnerability could allow an attacker to cause a system failure...
The vulnerability of the microprogramming software of the SIMATIC CN 4100 communication gateway, related to unlimited distribution of resources, allows a intruder to cause a service failure.
The vulnerability of the MICROprogramming software for the SIMATIC CN 4100 communication gateway is related to the unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the authentication mechanism of the SAML-based NetScaler ADC controller (formerly Citrix ADC) and the NetScaler Gateway virtual environment access control system (formerly Citrix Gateway) allows a attacker to cause service interruptions.
The vulnerability of the SAML authentication mechanism for NetScaler ADC formerly Citrix ADC and the NetScaler Gateway virtual environment access control system formerly Citrix Gateway is related to reading data beyond the allowed range in memory. Exploiting this vulnerability could allow a...
The vulnerability of the mport_cdev_open() function in the drivers/rapidio/devices/rio_mport_cdev.c file of the RapidIO driver for the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the mportcdevopen function in the drivers/rapidio/devices/riomportcdev.c file of the RapidIO driver for the Linux operating system is related to errors during the update of the pointer counters. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the ext4_xattr inode_create() function in the fs/ext4/xattr.c module of the Ext4 file system in the Linux operating system allows a attacker to cause a service failure.
The vulnerability of the ext4xattr inodecreate function in the fs/ext4/xattr.c module of the Ext4 file system in the Linux operating system is related to the failure to release resources after their useful lifespan has ended. Exploiting this vulnerability could allow an attacker to cause service...
Vulnerability of the dmc620_pmu_init() function in the drivers/perf/arm_dmc620_pmu.c module of the Linux kernel’s performance monitoring driver, which allows a hacker to cause a system failure.
The vulnerability of the dmc620pmuinit function in the drivers/perf/armdmc620pmu.c module of the Linux kernel’s performance monitoring driver is related to state management errors. Exploiting this vulnerability could allow an attacker to cause a system failure...
The vulnerability in the software web interface of Cisco Webex Meetings allows attackers to perform cross-site scripting attacks (XSS).
The vulnerability of Cisco Webex Meetings software’s web interface is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...
The vulnerability of the Grafana monitoring and observation platform, related to unencrypted storage of user credentials, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Grafana monitoring and observation platform is related to the unencrypted storage of user credentials. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...
The vulnerability of the PreviewTab component in Google Chrome browsers allows a hacker to bypass security measures.
The vulnerability of the PreviewTab component in Google Chrome and Microsoft Edge is related to deficiencies in the data source confirmation mechanism. Exploiting this vulnerability can allow an attacker to bypass security measures through a specially created HTML page...
The vulnerability of the PKI Vault platform for archiving corporate information, including HashiCorp Vault Community Edition and Vault Enterprise, allows a perpetrator to disclose confidential information.
The vulnerability of the PKI Vault platform, which is used for archiving corporate information, in HashiCorp Vault Community Edition and Vault Enterprise, stems from insufficient validation of requests on the server side. Exploiting this vulnerability can allow a malicious actor to disclose...
The vulnerability of the Updater component in the Google Chrome browser for MacOS allows a hacker to bypass the sandboxing protection mechanism.
The vulnerability of the Updater component in the Google Chrome browser for MacOS operating systems is due to a race condition. Exploiting this vulnerability allows an attacker to bypass the sandboxing mechanism by using a specially created HTML page...
The vulnerability of hardware and software solutions for data storage and information processing in Dell PowerFlex Manager, PowerFlex Appliance, and PowerFlex Rack lies in errors related to the authentication process. These errors allow attackers to compromise the confidentiality and integrity of the protected information.
The vulnerabilities of hardware and software solutions for data storage and information processing in Dell PowerFlex Manager, PowerFlex Appliance, and PowerFlex Rack are related to errors in the authentication process. Exploiting these vulnerabilities can allow unauthorized actors to compromise t...
The hardware and software solutions for data storage and information processing of Dell PowerFlex Manager, PowerFlex Appliance, and PowerFlex Rack are vulnerable due to the insecure storage of confidential information. This vulnerability allows attackers to gain unauthorized access to confidential information.
The vulnerabilities of hardware and software solutions for data storage and information processing in Dell PowerFlex Manager, PowerFlex Appliance, and PowerFlex Rack involve insecure storage of confidential information. Exploiting these vulnerabilities can allow attackers to gain unauthorized...
The vulnerabilities of NVIDIA Virtual GPU Manager and the Guest driver of virtual graphics processors allow attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the NVIDIA Virtual GPU Manager and the Guest driver for NVIDIA Virtual GPUs is related to a numerical overflow. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...
The vulnerability of the BrowserBot software component for Cisco ThousandEyes Enterprise Agent allows a hacker to execute arbitrary commands.
The vulnerability of the BrowserBot software for analyzing Cisco ThousandEyes Enterprise Agent relates to the failure to take measures to neutralize specific elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of hardware and software solutions for data storage and information processing in Dell PowerFlex Manager, PowerFlex Appliance, and PowerFlex Rack lies in the redirection of URLs to unreliable websites. This allows attackers to carry out phishing attacks or expose confidential information.
The vulnerability of hardware and software solutions for data storage and information processing in Dell PowerFlex Manager, PowerFlex Appliance, and PowerFlex Rack lies in the redirection of URLs to an unreliable website. Exploiting this vulnerability allows a remote attacker to carry out phishin...
Vulnerability of hardware and software solutions for data storage and information processing in Dell PowerFlex Manager, PowerFlex Appliance, and PowerFlex Rack systems, due to the improper use of standard resolutions. This vulnerability allows attackers to compromise protected information.
The vulnerability of hardware and software solutions for data storage and information processing in Dell PowerFlex Manager, PowerFlex Appliance, and PowerFlex Rack is related to the improper use of standard permissions. Exploiting this vulnerability can allow attackers to disclose protected...
The vulnerability of components in NVIDIA Virtual GPU’s guest driver allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of NVIDIA Virtual GPU’s guest driver components is related to a numerical overflow condition. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...
The hardware and software solutions for data storage and information processing of Dell PowerFlex Manager, PowerFlex Appliance, and PowerFlex Rack are vulnerable due to the insecure storage of confidential information. This vulnerability allows attackers to gain unauthorized access to protected information.
The vulnerabilities of hardware and software solutions for data storage and information processing in Dell PowerFlex Manager, PowerFlex Appliance, and PowerFlex Rack involve insecure storage of confidential information. Exploiting these vulnerabilities can allow attackers to gain unauthorized...
The vulnerability of the mcb_probe() function in the drivers/mcb/mcb-core.c file of the MEN Chameleon Bus driver for the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the mcbprobe function in the drivers/mcb/mcb-core.c file of the MEN Chameleon Bus driver for the Linux operating system is related to improper memory release memory leak. Exploiting this vulnerability could allow a attacker to cause a system failure...
The hardware and software solutions for data storage and information processing of Dell PowerFlex Manager, PowerFlex Appliance, and PowerFlex Rack are vulnerable due to the use of cryptographic algorithms. This vulnerability allows attackers to circumvent existing security restrictions.
The vulnerabilities of hardware and software solutions for data storage and information processing in Dell PowerFlex Manager, PowerFlex Appliance, and PowerFlex Rack are related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting these vulnerabilities can allow attacke...
The vulnerability of the __dead_end_function() function in the tools/objtool/check.c module of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the deadendfunction function in the tools/objtool/check.c module of the Linux kernel is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a system failure...
The vulnerability of the Fastify framework, a Node.js-based software platform, arises from improper validation of the specified data type. This allows attackers to bypass existing security measures.
The vulnerability of the Fastify framework, a Node.js software platform, is related to improper validation of the specified data type during input processing. Exploiting this vulnerability allows an attacker to bypass existing security measures remotely...
The vulnerability of the Duo Workflows software tool, a git-based programming platform for collaborative code development on GitLab EE/CE, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Duo Workflows software tool, a git-based programming platform for collaborative code development in GitLab EE/CE, is related to insufficient protection of registration data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized...
The vulnerability of the software platform based on Git for collaborative code development in GitLab EE/CE involves a lack of measures to protect the structure of web pages, allowing attackers to execute arbitrary code.
The vulnerability of the Git-based software platform for collaborative code development in GitLab EE/CE relates to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the Splunk Enterprise platform for operational analysis allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Splunk Enterprise platform for operational analysis is related to improper handling of data with Unicode encoding. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the Suricata intrusion detection and prevention system, due to the unlimited distribution of resources, allows an intruder to trigger a service failure.
The vulnerability of the Suricata intrusion detection and prevention system is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...