The vulnerability of the IBM DevOps Velocity lifecycle management platform (formerly known as IBM UrbanCode Velocity) relates to the disclosure of information through browser caching, allowing an intruder to gain unauthorized access to protected information.

The vulnerability of the IBM DevOps Velocity formerly IBM UrbanCode Velocity lifecycle management platform relates to the disclosure of information through browser caching. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Microsoft AutoUpdate (MAU) application for Mac, which manages privileges in a non-safe manner, allows a malicious individual to escalate their privileges.

The vulnerability of the Microsoft AutoUpdate MAU for Mac application related to insecure management of privileges. Exploiting this vulnerability could allow an attacker to escalate their privileges...

The vulnerability of Microsoft Office and 365 Apps for Enterprise packages, related to the misuse of a trusted pointer, allows an attacker to execute arbitrary code.

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of an untrusted pointer. Exploiting this vulnerability allows an attacker to execute arbitrary code...

The vulnerability of the CSC (Client-Side Caching) service in Windows operating systems allows attackers to enhance their privileges.

The vulnerability of the CSC Client-Side Caching service in Windows operating systems is related to the overflow of memory buffers in dynamic memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Digital Media component of Windows operating systems, which allows attackers to enhance their privileges

The vulnerability of the Digital Media component of Windows operating systems relates to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Digital Media component of Windows operating systems, which allows attackers to enhance their privileges

The vulnerability of the Digital Media component of Windows operating systems relates to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Windows operating system’s Telephony Service allows a perpetrator to execute arbitrary code.

The vulnerability of the Windows operating system’s Telephony Service is related to overflowing buffers in the dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Vulnerability of the Server component: The Oracle MySQL Server component of the database management system, which allows a hacker to cause a service failure.

The vulnerability of the Oracle MySQL Server component of the database management system involves unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

The vulnerability of the sub_422eb8 function in Linksys E8450 Wi-Fi routers allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the sub422eb8 function in Linksys E8450 Wi-Fi routers’ microprogramming software is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibili...

The vulnerability of the IBM DevOps Velocity lifecycle management platform (previously known as IBM UrbanCode Velocity) stems from the use of an untrusted inter-domain policy file. This allows attackers to gain unauthorized access to protected information and enhance their privileges.

The vulnerability of the IBM DevOps Velocity lifecycle management platform previously known as IBM UrbanCode Velocity is related to the use of an untrusted inter-domain policy file. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information and...

Vulnerability of the Server component: The Oracle MySQL Server database management system’s Parser component, which allows a hacker to cause a service failure.

The vulnerability of the Oracle MySQL Server component of the database management system involves unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

The vulnerability of the InnoDB component of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the InnoDB component in the Oracle MySQL Server database management system is related to deficiencies in the authentication process due to incorrect processing of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...

The vulnerability of the Microsoft Office package, Microsoft 365 Apps for Enterprise, and the Microsoft Outlook email client relates to the use of an uninitialized resource, allowing a perpetrator to execute arbitrary code.

The vulnerability of the Microsoft Office package, Microsoft 365 Apps for Enterprise, and the Microsoft Outlook email client is related to the use of an uninitialized resource. Exploiting this vulnerability could allow a malicious individual to execute arbitrary code...

The vulnerability of the formSetCfm() function in the Tenda AC18 router’s microprogramming software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the formSetCfm function in the Tenda AC18 router’s microprogramming software is related to the issue where the write operation goes beyond the buffer boundaries in memory when processing the funcpara1 parameter. Exploiting this vulnerability allows a remote attacker to execut...

The vulnerability of the downloadFile.cgi function in the microprogramming software for the Totolink-A810R router allows a hacker to execute arbitrary code.

The vulnerability of the downloadFile.cgi function in the Totolink-A810R router microprogramming system is related to the lack of measures taken to neutralize special elements operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a...

The vulnerability of IBM Concert Software’s artificial intelligence-based automation tools relates to the disclosure of system data within the controlled area by unauthorized parties, allowing attackers to expose protected information.

The vulnerability of IBM Concert Software’s artificial intelligence-based automation tools lies in the fact that it allows unauthorized parties to access system data within the controlled area. Exploiting this vulnerability could enable attackers to disclose protected information remotely...

The vulnerability of the hnap_main function in the D-LINK GO-RT-AC750 router’s software allows a hacker to execute arbitrary commands.

The vulnerability of the hnapmain function in the D-LINK GO-RT-AC750 router’s microprogramming software is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary comman...

The vulnerability of the Portal component in the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a perpetrator to gain unauthorized access to read, modify, add, or delete data.

The vulnerability of the Portal component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to the lack of protective measures for the web page structure. Exploiting this vulnerability allows an attacker, operating remotely, to gain unauthorized access to read,...

The vulnerability of the MapUrlToZone component in the Windows operating system, which allows a hacker to circumvent existing security restrictions

The vulnerability of the MapUrlToZone component in the Windows operating system is related to incorrect path equivalence resolution. Exploiting this vulnerability can allow a remote attacker to bypass existing security restrictions...

The vulnerability of Microsoft Office, Excel, and 365 Apps for Enterprise programs relates to the use of memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Office, Excel, and 365 Apps for Enterprise packages is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the NWS_PF_setMacAddrExceptionIP handler of the NetworkingService service in the Mercedes-Benz User Experience (MBUX) system allows a hacker to execute arbitrary commands.

The vulnerability of the NWSPFsetMacAddrExceptionIP handler of the NetworkingService service in the Mercedes-Benz User Experience MBUX system is related to insufficient validation of input data during MAC address processing. Exploiting this vulnerability can allow an attacker to execute arbitrary...

The vulnerability of the software for developing and executing applications in the ABAP language on the SAP NetWeaver Application Server ABAP lies in the exposure of system data to unauthorized access within the controlled area. This allows attackers to disclose protected information.

The vulnerability of the software used for developing and executing applications in the ABAP language on the SAP NetWeaver Application Server ABAP is related to the disclosure of system data that is not protected by permissions within the controlled area. Exploiting this vulnerability can allow a...

The vulnerability of the BitLocker component of the Windows operating system, which allows a hacker to disclose protected information

The vulnerability of the BitLocker component of the Windows operating system is related to a rollback to a less secure state. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability of the Connected Devices Platform Service component of the Microsoft Windows operating system, which allows a perpetrator to trigger a service failure.

The vulnerability of the Connected Devices Platform Service component of the Microsoft Windows operating system is related to an uncontrolled consumption of resources. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

The vulnerability of the Secure Boot Security component of the Windows operating system, which allows a hacker to circumvent security restrictions

The vulnerability of the Secure Boot Security component of the Windows operating system is related to a breach of the data protection mechanism. Exploiting this vulnerability could allow an attacker to circumvent security restrictions...

The vulnerability of the Brokering File System (BFS) of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the Brokering File System BFS in the Windows operating system relates to the possibility of exploiting memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the UserDataExchangeServiceClient::unpackVoiceTagArchiveOptimized() function in the Mercedes-Benz User Experience (MBUX) system allows a hacker to exploit it to elevate their privileges and record arbitrary files.

The vulnerability of the UserDataExchangeServiceClient::unpackVoiceTagArchiveOptimized function in the Mercedes-Benz User Experience MBUX system is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to enhance their privileges and write arbitrary...

The vulnerability of the Boost library in the Mercedes-Benz MBUX multimedia system allows a intruder to trigger a service failure.

The vulnerability of the Boost library in the Mercedes-Benz MBUX multimedia system is related to integer overflow when processing values of cid. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of SpagoBI’s web interface for automating business processes allows a perpetrator to execute arbitrary code.

The vulnerability of SpagoBI’s web interface for automating business processes is related to the failure to take measures to neutralize special elements used in the command input field. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by injecting a specially craft...

The vulnerability of the PDF document viewing program Foxit PDF Reader (formerly Foxit Reader) lies in the incorrect handling of links before accessing the file. This allows attackers to exploit this flaw to gain increased privileges.

The vulnerability of the PDF document viewing program Foxit PDF Reader formerly Foxit Reader is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the Tooltip module in the Drupal CMS system allows attackers to perform cross-site scripting attacks.

The vulnerability of the Tooltip module in the Drupal CMS system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of the software for developing and executing applications in the ABAP language on the SAP NetWeaver Application Server ABAP lies in the exposure of system data to unauthorized access within the controlled area. This allows attackers to disclose protected information.

The vulnerability of the software used for developing and executing applications in the ABAP language on the SAP NetWeaver Application Server ABAP is related to the disclosure of system data that is not protected by permissions within the controlled area. Exploiting this vulnerability can allow a...

Vulnerability of the SAP setup tool for simplified installation and configuration. The SAP setup involves an uncontrolled search element, which allows attackers to increase their privileges.

The vulnerability of the SAP setup tool is related to an uncontrollable element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the Secure Email Gateway (SEG) email security gateway arises from the possibility of operations going beyond the buffer in memory. This allows attackers to circumvent security restrictions, enhance their privileges, or cause service interruptions.

The vulnerability of the Secure Email Gateway SEG email security gateway is related to the escape of operations beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to bypass security restrictions, gain additional privileges, or cause service interruptions by...

The vulnerability of the Core server component of Oracle WebLogic Server, a software platform of Oracle Fusion Middleware, allows attackers to disclose protected information.

The vulnerability of the Core server component of Oracle WebLogic Server, a software platform of Oracle Fusion Middleware, is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to disclose sensitive information using the T3/IIOP protocol...

The vulnerability of the Windows operating system’s Recovery Environment Agent allows a hacker to increase their privileges.

The vulnerability of the Windows operating system’s Recovery Environment Agent is related to access control errors. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the upnphost.dll library in the Windows operating system, which allows a hacker to trigger a service failure

The vulnerability of the upnphost.dll library in the Windows operating system is related to an uncontrolled consumption of resources. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...

The vulnerability of the Boost library in the Mercedes-Benz MBUX multimedia system, related to the manipulation of the zero pointer, allows a intruder to compromise the accessibility of protected information.

The vulnerability of the Boost library in the Mercedes-Benz MBUX multimedia system is related to a pointer assignment error. Exploiting this vulnerability could allow an attacker to compromise the accessibility of the protected information...

The vulnerability of the OAuth and OpenID Connect Single Sign On module in Drupal CMS systems allows attackers to perform cross-site scripting attacks.

The vulnerability of the OAuth and OpenID Connect Single Sign On module in Drupal systems is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of the InnoDB component of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the InnoDB component in the Oracle MySQL Server database management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL protocol...

Vulnerability of Microsoft .NET Framework, .NET software platforms, and Microsoft Visual Studio development tools: This vulnerability relates to operations that occur outside of the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft’s software platforms, such as the .NET Framework and Microsoft Visual Studio, relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

The vulnerability of the BitLocker component of the Windows operating system, which allows a hacker to disclose protected information

The vulnerability of the BitLocker component of the Windows operating system is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker to disclose the protected information...

The vulnerability of the MapUrlToZone component in the Windows operating system, which allows a hacker to circumvent existing security restrictions

The vulnerability of the MapUrlToZone component in the Windows operating system is related to incorrect path equivalence resolution. Exploiting this vulnerability can allow a remote attacker to bypass existing security restrictions...

The vulnerabilities of the microprogrammed Ethernet switch software from Moxa series, including EDR-810, EDR-8010, EDR-G902, EDR-G903, EDR-G9004, EDR-G9010, EDG-G1002-BP, NAT-102, OnCell G4302-LTE4, and TN-4900, are related to the use of weak security mechanisms. These vulnerabilities allow attackers to exploit them to gain increased privileges.

The vulnerabilities of the microprogrammed Ethernet switch software from Moxa series, including EDR-810, EDR-8010, EDR-G902, EDR-G903, EDR-G9004, EDR-G9010, EDG-G1002-BP, NAT-102, OnCell G4302-LTE4, and TN-4900, are related to the use of weak security mechanisms. Exploiting these vulnerabilities...

The vulnerability of the OpenSearch Dashboards component in the Oracle PeopleSoft Enterprise PeopleTools business application package allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the OpenSearch Dashboards component in the Oracle PeopleSoft Enterprise PeopleTools business application suite exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information using...

The vulnerability of the SAP GUI graphical user interface for Java allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the SAP GUI graphical user interface for Java relates to the disclosure of system data by unauthorized parties in the controlled area. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...

The vulnerability of the software platform interface for managing network infrastructure, Versa Director, allows a perpetrator to disclose protected information.

The vulnerability of the software platform interface for managing network infrastructure Versa Director is related to the lack of authenticity verification for a critical function. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose sensitive information by sendin...

The vulnerability of the Power Automate automation platform, related to improper code generation management, allows a malicious actor to execute arbitrary code.

The vulnerability of the Power Automate automation platform is related to incorrect code generation management. Exploiting this vulnerability allows an attacker to execute arbitrary code...

The vulnerability of the UserData service in the Mercedes-Benz MBUX multimedia system allows a intruder to gain unauthorized access to protected information.

The vulnerability of the UserData service in the Mercedes-Benz MBUX multimedia system is related to deficiencies in access control due to synchronization errors when using a shared resource “Race Mode”. Exploiting this vulnerability could allow an intruder to gain unauthorized access to protected...

The vulnerability of the libspeech service in the Mercedes-Benz User Experience (MBUX) system allows a intruder to trigger a service failure.

The vulnerability of the libspeech service in the Mercedes-Benz User Experience MBUX multimedia system is related to the buffer overflow in dynamic memory during the processing of UD2 format files. Exploiting this vulnerability can allow an attacker to cause a service failure...