90509 matches found
The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.
The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.
The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the inclusion of functions from an unverified and uncontrolled area. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the software for calculating positions of individual RTLS transponders in the SIMATIC RTLS Locating Manager lies in the lack of a mechanism for verifying input data during backup scenarios. This allows a malicious actor to execute arbitrary code with SYSTEM privileges.
The vulnerability of the software for calculating positions of individual RTLS transponders in the SIMATIC RTLS Locating Manager is related to deficiencies in the mechanism for verifying input data during backup scenario execution. Exploiting this vulnerability could allow an attacker, operating...
The vulnerability of the Directum Web Agent component of the Directum RX system, which arises due to insufficient validation of input data, allows a perpetrator to execute arbitrary code.
The vulnerability of the Directum Web Agent component of the Directum RX system exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a specially crafted file...
The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.
The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability in the drivers/bluetooth/btnxpuart.c module of Linux operating systems allows a hacker to cause a service failure.
The vulnerability in the drivers/bluetooth/btnxpuart.c module of Linux operating systems is related to incorrect resource management. Exploiting this vulnerability can allow an attacker to cause service failures...
Blitz Identity Provider (Authentication server)
...
The vulnerability of the Directum HR Pro system, which exists due to insufficient verification of input data, allows a perpetrator to disclose protected information.
The vulnerability of the Directum HR Pro system exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to disclose protected information by sending a specially crafted POST request...
The vulnerability of the Directum RX ECM system, related to deficiencies in access control, allows a perpetrator to compromise data integrity.
The vulnerability of the Directum RX ECM system is related to deficiencies in access control. Exploiting this vulnerability could allow a remote attacker to compromise data integrity...
The vulnerability of the MmMapIoSpace() function in the ThrottleBlood.sys driver allows a hacker to escalate their privileges, execute arbitrary code, or cause a service failure.
The vulnerability of the MmMapIoSpace function in the ThrottleBlood.sys driver, as part of the ThrottleStop utility, is related to open IOCTLs with insufficient access control. Exploiting this vulnerability could allow an attacker to enhance their privileges, execute arbitrary code, or cause...
The vulnerability of the Kerberos protocol for Windows operating systems allows attackers to increase their privileges.
The vulnerability of the Kerberos protocol for Windows operating systems is related to errors in the mechanism for handling relative pathnames to the directory. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...
The vulnerabilities in the net/bluetooth/eir.c and net/bluetooth/mgmt.c modules of Linux kernel allow a hacker to cause a service failure.
The vulnerability in the net/bluetooth/eir.c and net/bluetooth/mgmt.c modules of Linux kernel systems relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...
The vulnerability of the parser of the console-based graphic editor ImageMagick allows a hacker to execute arbitrary code, gain unauthorized access to confidential information, and cause service failures.
The vulnerability of the console-based graphic editor ImageMagick relates to the possibility of using memory after it is freed. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code, gain unauthorized access to confidential information, and cause service failures...
The vulnerability of the module for working with the DIB format in console-based graphic editors like ImageMagick allows attackers to execute arbitrary code, expose protected information, and cause system failures.
The vulnerability of the module for working with the DIB format in the console-based graphic editor ImageMagick is related to reading data beyond the permitted range of memory. Exploiting this vulnerability allows an attacker to execute arbitrary code, disclose sensitive information, and cause...
The vulnerability of the JPEG encoder in the console-based graphic editor ImageMagick allows a hacker to trigger a service failure.
The vulnerability of the JPEG encoder in console-based image editing software ImageMagick lies in the execution of a loop with an unavailable exit condition. Exploiting this vulnerability allows a malicious actor to cause service interruptions using a specially created image...
The vulnerability of the SIXEL decoder in the console-based image editing software ImageMagick allows a hacker to cause memory corruption and service failures.
The vulnerability of the SIXEL decoder in the console-based image editing software ImageMagick is related to a numerical overflow condition. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of Sun’s console-based graphic editor ImageMagick decoder allows a hacker to execute arbitrary code.
The vulnerability of the Sun console-based graphic editor ImageMagick relates to a numerical overflow condition. Exploiting this vulnerability allows an attacker to execute arbitrary code...
The vulnerability of ImageMagick’s PSD format file processor allows attackers to compromise the confidentiality of protected information.
The vulnerability of ImageMagick’s PSD format file processor relates to reading data beyond the permitted range of memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality of the protected information...
The vulnerability of the NewXMLTree method in the ImageMagick console-based graphics editor allows a hacker to trigger a service failure.
The vulnerability of the NewXMLTree method in the ImageMagick console-based graphics editor is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of the MAP image decoder in the console-based image editing software ImageMagick allows a hacker to gain unauthorized access to protected information or cause service failures.
The vulnerability of the MAP image decoder in the console-based image editing software ImageMagick relates to reading data outside of the permitted range in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cause service failures...
The vulnerability of the ReadSFWImage() function in the ImageMagick console graphics editor’s coders/sfw.c file allows a hacker to cause a service failure.
The vulnerability of the ReadSFWImage function in the ImageMagick console graphics editor’s coders/sfw.c file is related to pointer manipulation errors. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the MSSQL plugin on the Grafana monitoring and observation platform allows a hacker to bypass security restrictions and cause a service failure.
The vulnerability of the MSSQL plugin platform for Grafana monitoring and observation is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to bypass security restrictions and cause service failures...
The vulnerability of the WriteUHDRImage() function in the ImageMagick console graphics editor’s coders/uhdr.c file allows a hacker to cause a service failure.
The vulnerability of the WriteUHDRImage function in the ImageMagick console graphics editor’s coders/uhdr.c file is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of the DecodeImage() function in the ImageMagick console-based graphics editor allows a hacker to cause a service failure.
The vulnerability of the DecodeImage function in the console-based image editing tool ImageMagick is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of the ReadSTEGANOImage() function in the ImageMagick console graphics editor’s coders/stegano.c file allows a hacker to induce a service failure.
The vulnerability of the ReadSTEGANOImage function in the ImageMagick console graphics editor’s coders/stegano.c file is related to improper memory release. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of the ReadYUVImage() function in the ImageMagick console graphics editor’s coders/yuv.c file allows a hacker to execute arbitrary code, disclose protected information, or cause a service failure.
The vulnerability of the ReadYUVImage function in the ImageMagick console graphics editor’s coders/yuv.c file is related to writing beyond buffer boundaries. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code, disclose sensitive information, or cause service...
The vulnerability of the _.unset and _.omit functions in the Lodash library, which allows an attacker to compromise data integrity
The vulnerability of the unset and omit functions in the Lodash library is related to uncontrolled changes to prototype attributes of objects. Exploiting this vulnerability could allow a malicious actor to compromise data integrity...
The vulnerability of the MagnifyImage function in the console-based image editing tool ImageMagick, which allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the MagnifyImage function in the console-based image editing tool ImageMagick is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause a service failure...
The vulnerability of the SVG file analysis function in the console-based graphic editor ImageMagick, which allows a hacker to trigger a service failure.
The vulnerability of the SVG file analysis function in the console-based graphic editor ImageMagick is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the VIFF format encoder in the console-based graphic editor ImageMagick allows a hacker to trigger a service failure.
The vulnerability of the VIFF format encoder in the console-based graphic editor ImageMagick is related to a numerical overflow condition. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the msl.c file in the console-based image editing tool ImageMagick allows a hacker to trigger a service failure.
The vulnerability of the msl.c file in the console-based image editing tool ImageMagick is related to improper memory release. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the -sample operation in the console-based image editing tool ImageMagick allows a hacker to trigger a service failure.
The vulnerability of the -sample command in the console-based image editing tool ImageMagick is related to reading data beyond the allowable range of memory. Exploiting this vulnerability can allow an attacker to cause a system failure...
The vulnerability in the org.apache.kafka.common.security.oauthbearer.DefaultJwtValidator component of the Apache Kafka messaging broker allows a attacker to circumvent security restrictions and gain unauthorized access to protected information.
The vulnerability of the org.apache.kafka.common.security.oauthbearer.DefaultJwtValidator class in the Apache Kafka messaging broker is related to incorrect validation of specified indexes, positions, or offsets in input data. Exploiting this vulnerability could allow an attacker to bypass securi...
The vulnerability of the MSL format processor in the ImageMagick console graphics editor allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the MSL format processor in the ImageMagick console-based graphics editor is related to uncontrolled recursion. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service interruptions...
The vulnerability of the console-based graphic editor ImageMagick, related to a shift error of one unit, allows a hacker to trigger a service failure.
The vulnerability of the console-based graphic editor ImageMagick is related to a offset error of one unit. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the console-based graphic editor ImageMagick arises from the possibility of an operation exceeding the buffer boundaries in memory, allowing attackers to compromise the integrity and accessibility of the protected information.
The vulnerability of the console-based graphic editor ImageMagick is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to compromise the integrity and accessibility of the protected information...
The vulnerability of the FullScreen component in Google Chrome and Microsoft Edge browsers allows a hacker to execute arbitrary code.
The vulnerability of the FullScreen component in Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to execute arbitrary code through the created HTML page...
The vulnerability of the clone_dtr() function in the drivers/md/dm-clone-target.c file of the Linux kernel driver for multiple device types (RAID and LVM), which allows a hacker to cause service failure.
The vulnerability of the clonedtr function in the drivers/md/dm-clone-target.c file of the Linux kernel driver for multiple device types RAID and LVM is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the UHDR encoder in the console-based image editing software ImageMagick, which allows a hacker to trigger a service failure.
The vulnerability of the UHDR encoder in the console-based image editing software ImageMagick is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the JBIG decoder in the console-based image editing software ImageMagick, which allows a hacker to trigger a service failure.
The vulnerability of the JBIG decoder in the ImageMagick console-based graphics editor is related to the lack of checking for the returned value. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the WriteASHLARImage() function in the ImageMagick console graphics editor’s coders/ashlar.c file allows a hacker to cause a service failure.
The vulnerability of the WriteASHLARImage function in the ImageMagick console graphics editor’s coders/ashlar.c file is related to improper memory release. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of the IPTCTEXT mechanism in the console-based ImageMagick graphic editor allows a hacker to trigger a service failure.
The vulnerability of the IPTCTEXT mechanism in the console-based ImageMagick graphic editor is related to the execution of a loop with an unavailable exit condition. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of the Printing component in the Google Chrome browser allows a hacker to bypass the sandboxing protection mechanism.
The vulnerability of the Printing component in Google Chrome browser relates to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to bypass the sandboxing mechanism through the created HTML page...
The vulnerability of the reading module for FTXT format graphic files in the console-based graphic editor ImageMagick allows a hacker to induce a service failure.
The vulnerability of the FTXT graphic file reading module in the console-based graphic editor ImageMagick is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the ep_free() function in the eventpoll.c component of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the epfree function in the eventpoll.c component of the Linux operating system’s kernel is related to the dereferencing of a pointer whose expiration time has passed. Exploiting this vulnerability could allow an attacker to trigger a service failure...
The vulnerability of the cifs_ses_add_channel() function in the fs/cifs/sess.c file of the Linux kernel file system allows a hacker to cause a service failure.
The vulnerability of the cifssesaddchannel function in the fs/cifs/sess.c file of the Linux kernel file system is related to improper memory release memory leak. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the toshsd_probe() function in the drivers/mmc/host/toshsd.c file of the MMC/SD/SDIO card driver for the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the toshsdprobe function in the drivers/mmc/host/toshsd.c file of the MMC/SD/SDIO card driver for the Linux operating system is related to the lack of checking the return value. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the jbd2_fc_wait_bufs() function in the fs/jbd2/journal.c file of the Linux kernel file system allows a attacker to cause a service failure.
The vulnerability of the jbd2fcwaitbufs function in the fs/jbd2/journal.c file of the Linux kernel file system is related to errors during the update of the reference counter. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the dual-way inverter series for KACO Blueplanet GridSave storage systems lies in the lack of protective measures for the SQL query structure, allowing attackers to enhance their privileges within the local network.
The vulnerability of the dual-way inverter series for KACO Blueplanet GridSave energy storage systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability can allow attackers to enhance their privileges within the local network...
The vulnerability of the backup server of the Veeam Backup & Replication software allows a perpetrator to execute arbitrary code. This vulnerability targets systems for cloud, virtual, and physical environments.
The vulnerability of the backup server of the Veeam Backup & Replication software for cloud, virtual, and physical systems is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...