Lucene search
K
Bdu FstecRecent

90709 matches found

BDU FSTEC
BDU FSTEC
added yesterday13 views

The vulnerability of the Kerberos protocol for Windows operating systems allows attackers to increase their privileges.

The vulnerability of the Kerberos protocol for Windows operating systems is related to errors in the mechanism for handling relative pathnames to the directory. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

9CVSS6.1AI score0.02603EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added yesterday25 views

The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.

The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS7AI score0.00385EPSS
Exploits0References11Affected Software9
BDU FSTEC
BDU FSTEC
added yesterday20 views

The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.

The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the inclusion of functions from an unverified and uncontrolled area. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

10CVSS7.2AI score0.00709EPSS
Exploits1References11Affected Software9
BDU FSTEC
BDU FSTEC
added yesterday12 views

The vulnerability of the software for calculating positions of individual RTLS transponders in the SIMATIC RTLS Locating Manager lies in the lack of a mechanism for verifying input data during backup scenarios. This allows a malicious actor to execute arbitrary code with SYSTEM privileges.

The vulnerability of the software for calculating positions of individual RTLS transponders in the SIMATIC RTLS Locating Manager is related to deficiencies in the mechanism for verifying input data during backup scenario execution. Exploiting this vulnerability could allow an attacker, operating...

9.1CVSS6.1AI score0.00648EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added yesterday14 views

Blitz Identity Provider (Authentication server)

...

5.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added yesterday17 views

The vulnerability of the Directum Web Agent component of the Directum RX system, which arises due to insufficient validation of input data, allows a perpetrator to execute arbitrary code.

The vulnerability of the Directum Web Agent component of the Directum RX system exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a specially crafted file...

8.5CVSS6.1AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added yesterday15 views

The vulnerability of the Directum HR Pro system, which exists due to insufficient verification of input data, allows a perpetrator to disclose protected information.

The vulnerability of the Directum HR Pro system exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to disclose protected information by sending a specially crafted POST request...

7.7CVSS5.7AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added yesterday14 views

The vulnerability of the Directum RX ECM system, related to deficiencies in access control, allows a perpetrator to compromise data integrity.

The vulnerability of the Directum RX ECM system is related to deficiencies in access control. Exploiting this vulnerability could allow a remote attacker to compromise data integrity...

5CVSS5.8AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added yesterday16 views

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

8.4CVSS6AI score0.00456EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added yesterday12 views

The vulnerability of the MmMapIoSpace() function in the ThrottleBlood.sys driver allows a hacker to escalate their privileges, execute arbitrary code, or cause a service failure.

The vulnerability of the MmMapIoSpace function in the ThrottleBlood.sys driver, as part of the ThrottleStop utility, is related to open IOCTLs with insufficient access control. Exploiting this vulnerability could allow an attacker to enhance their privileges, execute arbitrary code, or cause...

7.5CVSS6AI score0.06702EPSS
Exploits8References3Affected Software1
BDU FSTEC
BDU FSTEC
added yesterday8 views

The vulnerability in the drivers/bluetooth/btnxpuart.c module of Linux operating systems allows a hacker to cause a service failure.

The vulnerability in the drivers/bluetooth/btnxpuart.c module of Linux operating systems is related to incorrect resource management. Exploiting this vulnerability can allow an attacker to cause service failures...

5.5CVSS6AI score0.00127EPSS
Exploits0References6Affected Software4
BDU FSTEC
BDU FSTEC
added yesterday15 views

The vulnerabilities in the net/bluetooth/eir.c and net/bluetooth/mgmt.c modules of Linux kernel allow a hacker to cause a service failure.

The vulnerability in the net/bluetooth/eir.c and net/bluetooth/mgmt.c modules of Linux kernel systems relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...

7CVSS6.1AI score0.0013EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added yesterday2 views

The vulnerability of the `dc_state_destruct()` function in the `drivers/gpu/drm/amd/display/dc/core/dc_state.c` file of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the dcstatedestruct function in the drivers/gpu/drm/amd/display/dc/core/dcstate.c file of the Linux kernel lies in the copying of buffers without checking the size of the input data a classic buffer overflow attack. Exploiting this vulnerability could allow an attacker to...

7CVSS6.8AI score0.00147EPSS
Exploits0References10Affected Software1
BDU FSTEC
BDU FSTEC
added yesterday2 views

The vulnerability of the /etc/boa/boa.conf file in the web interface of D-link DIR-823G router software allows a hacker to escalate their privileges.

The vulnerability of the /etc/boa/boa.conf file of the D-link DIR-823G router microprogramming software interface is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to elevate their privileges to the root level...

7.5CVSS7AI score0.00368EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added yesterday2 views

The vulnerability of the npm library extract-zip’s mechanism for processing symbolic links allows a hacker to execute arbitrary code.

The vulnerability of the npm library extract-zip’s mechanism for handling symbolic links is related to errors in link processing. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code...

9.4CVSS6.3AI score0.00346EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added yesterday2 views

The vulnerability of the tar.replace() function in the node-tar library on the Node.js software platform allows a hacker to trigger a denial-of-service attack.

The vulnerability of the tar.replace function in the node-tar library of the Node.js software platform is related to unlimited resource distribution. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS6.1AI score0.00358EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added yesterday2 views

The vulnerability of the src/extract.ts file in the node-tar library of the Node.js software platform allows a hacker to trigger a denial-of-service attack.

The vulnerability of the src/extract.ts file in the node-tar library of the Node.js software platform is related to unlimited resource distribution. Exploiting this vulnerability could allow a malicious actor to cause service failures...

8.6CVSS6.1AI score0.00358EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added yesterday2 views

The vulnerability of the proof-generation tool allows attackers to perform cross-site scripting (XSS) attacks on the Git-based software platform used for collaborative code development in GitLab EE.

The vulnerability of the proof-generation tool and the software platform based on Git for collaborative code development in GitLab EE is related to insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks...

8.7CVSS6.1AI score0.00282EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added yesterday3 views

The vulnerability of the software platform’s rendering of wiki markup in a Git-based development environment, which allows attackers to perform cross-site scripting (XSS) attacks.

The vulnerability of the software platform that renders wiki markup for collaborative code development on Git-based platforms for GitLab EE/CE involves insufficient protection of website structures. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks...

7.3CVSS6.1AI score0.00243EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added yesterday2 views

The vulnerability of the DBS Etherwatch file sharing system, a traffic analyzer for computer networks developed by Wireshark, allows a hacker to cause a service failure.

The vulnerability of the DBS Etherwatch file-sharing server and the Wireshark traffic analyzer involves the execution of operations beyond the buffer limits in memory. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

7.8CVSS6.3AI score0.00156EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added yesterday3 views

The vulnerability of the Management Daemon (MGD) in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to induce a service failure.

The vulnerability of the Management Daemon MGD in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to pointer manipulation. Exploiting this vulnerability can allow an attacker to cause service interruptions...

4.6CVSS6.1AI score0.00166EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added yesterday1 views

The vulnerability of the _sanitize_proxy_path() function (backend/open_webui/routers/terminals.py) in the Open WebUI AI-based web interface allows a attacker to compromise the confidentiality of protected information.

The vulnerability of the sanitizeproxypath function backend/openwebui/routers/terminals.py in the Open WebUI AI-based web interface is related to an incorrect restriction on the path name of the restricted directory. Exploiting this vulnerability could allow a malicious actor to compromise the...

7.7CVSS6.1AI score0.00362EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added yesterday1 views

The vulnerability of the aiohttp HTTP client, related to unlimited resource distribution or throttling, allows attackers to cause service failures.

The vulnerability of the aiohttp HTTP client is related to unlimited resource allocation or throttling. Exploiting this vulnerability can allow a remote attacker to cause service failures...

7.8CVSS6.1AI score0.0044EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added yesterday2 views

The vulnerability of the Request.post() function in the aiohttp HTTP client allows a attacker to trigger a service failure.

The vulnerability of the Request.post function in the aiohttp HTTP client is related to unlimited resource distribution or throttling. Exploiting this vulnerability could allow a remote attacker to cause service failures...

5.3CVSS6.1AI score0.00384EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added yesterday2 views

The vulnerability of the aiohttp HTTP client, related to insufficient protection of service data, allows attackers to disclose the protected information.

The vulnerability of the aiohttp HTTP client is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose the protected information...

5.3CVSS6.1AI score0.00337EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added yesterday2 views

The vulnerability of the aiohttp HTTP client, related to the failure to handle CRLF sequences in HTTP headers, allows attackers to inject arbitrary HTTP headers.

The vulnerability of the aiohttp HTTP client is related to the failure to handle CRLF sequences in HTTP headers when processing the reason parameter. Exploiting this vulnerability allows an attacker who operates remotely to inject arbitrary HTTP headers...

5.3CVSS6.2AI score0.00292EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added yesterday2 views

The vulnerability of the HTTP message analyzer for the llhttp HTTP client and aiohttp allows attackers to inject arbitrary HTTP headers and circumvent existing security restrictions.

The vulnerability of the HTTP message analyzer for the llhttp HTTP client and aiohttp is related to the failure to handle CRLF sequences in HTTP headers when processing the reason parameter. Exploiting this vulnerability allows an attacker to inject arbitrary HTTP headers and circumvent existing...

9.4CVSS6.2AI score0.00461EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added yesterday2 views

The vulnerability of the t7xx_port EnumMsgHandler() function in the Linux operating system allows a hacker to disclose sensitive information or cause service failures.

The vulnerability of the t7xxport EnumMsgHandler function in the Linux operating system is related to reading beyond the buffer boundaries. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information or cause service failures...

8.8CVSS7AI score0.00272EPSS
Exploits0References11Affected Software2
BDU FSTEC
BDU FSTEC
added yesterday2 views

The vulnerability of the dlfb ops mmap() function in Linux kernel allows a hacker to cause a service failure.

The vulnerability of the dlfb ops mmap function in Linux kernel relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.1AI score0.00113EPSS
Exploits0References10Affected Software2
BDU FSTEC
BDU FSTEC
added yesterday1 views

The vulnerability of the `qdisc_peek_dequeued()` function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the qdiscpeekdequeued function in the Linux operating system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.1AI score0.00118EPSS
Exploits0References10Affected Software3
BDU FSTEC
BDU FSTEC
added yesterday1 views

The vulnerabilities of the functions set_mesh_complete() and set_mesh_sync() in the net/bluetooth/mgmt.c module of the Linux kernel’s Bluetooth subsystem allow a malicious actor to cause a service failure.

The vulnerability of the setmeshcomplete and setmeshsync functions in the net/bluetooth/mgmt.c module of the Linux kernel’s Bluetooth subsystem lies in the fact that they involve reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.2AI score0.00164EPSS
Exploits0References8Affected Software1
BDU FSTEC
BDU FSTEC
added yesterday2 views

The vulnerability of the nfsd_set_fh_dentry() function in the fs/nfsd/nfsfh.c module, which is part of the Linux kernel’s Network File System support, allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the nfsdsetfhdentry function in the fs/nfsd/nfsfh.c module, which supports the Network File System in Linux kernels, is related to improper memory release memory leak. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

7CVSS6.1AI score0.00164EPSS
Exploits0References9Affected Software3
BDU FSTEC
BDU FSTEC
added yesterday2 views

The vulnerability of the `virtio_gpu_get_caps_ioctl()` function in the `drivers/gpu/drm/virtio/virtgpu_ioctl.c` driver of the Direct Rendering Infrastructure (DRI) kernel of the Linux operating system allows a malicious actor to cause a service failure.

The vulnerability of the virtiogpugetcapsioctl function in the drivers/gpu/drm/virtio/virtgpuioctl.c driver of the Direct Rendering Infrastructure DRI kernel of the Linux operating system is related to the assignment of pointers L. Exploiting this vulnerability can allow an attacker to cause a...

5.5CVSS6.5AI score0.00208EPSS
Exploits0References14Affected Software3
BDU FSTEC
BDU FSTEC
added yesterday1 views

The vulnerability of the tee_shm_register_user_buf() function in the drivers/tee/tee_shm.c module of the Linux kernel’s trusted execution environment allows a attacker to cause a service failure.

The vulnerability of the teeshmregisteruserbuf function in the drivers/tee/teeshm.c module of the Linux kernel’s trusted execution environment is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00223EPSS
Exploits0References18Affected Software3
BDU FSTEC
BDU FSTEC
added yesterday2 views

The vulnerability of the damon_reclaim_init() function in the mm/damon/reclaim.c module of the Linux kernel’s memory management subsystem allows a hacker to trigger a service failure.

The vulnerability of the damonreclaiminit function in the mm/damon/reclaim.c module of the Linux kernel’s memory management subsystem is related to improper memory release „memory leak“. Exploiting this vulnerability could allow an attacker to cause a system failure...

5.5CVSS6.6AI score0.00157EPSS
Exploits0References9Affected Software2
BDU FSTEC
BDU FSTEC
added yesterday2 views

The vulnerability of the cow_file_range() function in the fs/btrfs/inode.c module of the file system Btrfs in the Linux kernel allows a attacker to cause a service failure.

The vulnerability of the cowfilerange function in the fs/btrfs/inode.c module of the btrfs file system in the Linux kernel lies in the absence of resource locking in case of errors. Exploiting this vulnerability could allow a attacker to cause a service failure...

5.5CVSS6.2AI score0.00159EPSS
Exploits0References10Affected Software1
BDU FSTEC
BDU FSTEC
added yesterday2 views

The vulnerability of the _nfs4_open_and_get_state() function in the fs/nfs/nfs4proc.c module, which is part of the NFS client support in Linux kernel, allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the nfs4openandgetstate function in the fs/nfs/nfs4proc.c module, which is part of the NFS client support in Linux kernel, relates to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

7CVSS6.5AI score0.00165EPSS
Exploits0References17Affected Software3
BDU FSTEC
BDU FSTEC
added yesterday2 views

The vulnerability of the `tap_get_user()` function in the `drivers/net/tap.c` file of the Linux kernel’s network device driver module allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the tapgetuser function in the drivers/net/tap.c file of the Linux kernel network device driver is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected informati...

7CVSS6.7AI score0.00159EPSS
Exploits0References8Affected Software3
BDU FSTEC
BDU FSTEC
added yesterday2 views

The vulnerability of the nmk_pinctrl_dt_subnode_to_map() function in the drivers/pinctrl/nomadik/pinctrl-nomadik.c driver module, which is used by the PINCTRL output controller in the Linux operating system, allows a hacker to cause a service failure.

The vulnerability of the nmkpinctrldtsubnodetomap function in the drivers/pinctrl/nomadik/pinctrl-nomadik.c driver for Linux kernel-based GPIO controllers is related to errors during link counters updates. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.0016EPSS
Exploits0References19Affected Software2
BDU FSTEC
BDU FSTEC
added yesterday2 views

The vulnerability of the aa_simple_write_to_buffer() function in the security/apparmor/apparmorfs.c module of the AppArmor security component for the Linux operating system allows a attacker to cause a service failure.

The vulnerability of the aasimplewritetobuffer function in the security/apparmor/apparmorfs.c module of the AppArmor security component of the Linux operating system’s kernel is related to the distribution of resources without any restrictions or regulations. Exploiting this vulnerability could...

5.5CVSS6.5AI score0.00159EPSS
Exploits0References15Affected Software2
BDU FSTEC
BDU FSTEC
added yesterday2 views

The vulnerability of the CalculateVMAndRowBytes() function in the drivers/gpu/drm/amd/display/dc/dml/dcn30/display_mode_vba_30.c driver file of the Direct Rendering Infrastructure (DRI) driver for AMD graphics cards in Linux operating systems allows a hacker to cause a system failure.

The vulnerability of the CalculateVMAndRowBytes function in the drivers/gpu/drm/amd/display/dc/dml/dcn30/displaymodevba30.c driver of the Direct Rendering Infrastructure DRI for AMD graphics cards in Linux operating systems is related to reading beyond the buffer boundaries. Exploiting this...

5.5CVSS6.7AI score0.00174EPSS
Exploits0References14Affected Software3
BDU FSTEC
BDU FSTEC
added yesterday2 views

The vulnerability of the rockchip_spi_config() function in the drivers/spi/spi-rockchip.c module of the Linux operating system’s SPI device driver allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the rockchipspiconfig function in the drivers/spi/spi-rockchip.c module of the Linux system’s SPI device driver relates to buffer overflow attacks. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...

7CVSS6.9AI score0.00151EPSS
Exploits0References10Affected Software1
BDU FSTEC
BDU FSTEC
added yesterday2 views

The vulnerability of the mctp_frag_queue() function in the net/mctp/route.c module of the MCTP implementation in the Linux operating system’s kernel allows a attacker to cause a service failure.

The vulnerability of the mctpfragqueue function in the net/mctp/route.c module of the MCTP implementation in the Linux operating system’s kernel is related to improper memory release memory leak. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00174EPSS
Exploits0References8Affected Software1
BDU FSTEC
BDU FSTEC
added yesterday1 views

The vulnerability of the `secure_boot_fuse_state_show()` function in the `drivers/platform/mellanox/mlxbf-bootctl.c` kernel module of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the securebootfusestateshow function in the drivers/platform/mellanox/mlxbf-bootctl.c kernel module of the Linux operating system is related to the copying of a buffer without checking the size of the input data a classic buffer overflow attack. Exploiting this vulnerability...

5.5CVSS6.8AI score0.00194EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added yesterday3 views

The vulnerabilities of the functions dcn20_enable_stream() (drivers/gpu/drm/amd/display/dc/hwss/dcn20/dcn20_hwseq.c) and dcn401_enable_stream() (drivers/gpu/drm/amd/display/dc/hwss/dcn401/dcn401_hwseq.c) in the DRI driver for AMD graphics cards with Linux operating systems allow attackers to cause system failures.

The vulnerabilities of the functions dcn20enablestream drivers/gpu/drm/amd/display/dc/hwss/dcn20/dcn20hwseq.c and dcn401enablestream drivers/gpu/drm/amd/display/dc/hwss/dcn401/dcn401hwseq.c in Linux kernel-based AMD Direct Rendering Infrastructure DRI graphics card drivers are related to state...

5.5CVSS6.7AI score0.00226EPSS
Exploits0References8Affected Software1
BDU FSTEC
BDU FSTEC
added yesterday2 views

The vulnerability of the driver cb7210 module’s drivers/staging/gpib/cb7210/cb7210.c in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the drivers/staging/gpib/cb7210/cb7210.c module in the Linux operating system’s kernel is related to incorrect initialization. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.2AI score0.00206EPSS
Exploits0References8Affected Software1
BDU FSTEC
BDU FSTEC
added yesterday3 views

The vulnerability of the mod_proxy_ftp module in the Apache HTTP Server allows attackers to perform cross-site scripting attacks.

The vulnerability of the modproxyftp module in the Apache HTTP Server is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...

6.4CVSS6.1AI score
Exploits0References4Affected Software3
BDU FSTEC
BDU FSTEC
added yesterday2 views

The vulnerability of the Lite Agent Feature of the Cisco Enterprise Chat and Email (ECE) messaging service allows a perpetrator to access, modify, add, or delete data.

The vulnerability of the Lite Agent Feature in the Cisco Enterprise Chat and Email ECE messaging service is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to access, modify, add, or delete data using a specially created...

4.3CVSS6.1AI score0.00125EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added yesterday1 views

The vulnerability of the /boaform/formCountrystri file in the microprogramming software for the Tenda HG3 router allows a hacker to execute arbitrary code.

The vulnerability of the /boaform/formCountrystri file of the Tenda HG3 router microprogramming system is related to the failure to take measures to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

9CVSS7.3AI score0.03269EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added yesterday1 views

The vulnerability of the formgponConf function in the /boaform/admin/formgponConf file of the Tenda HG3 router’s microprogramming system, which allows a hacker to execute arbitrary code.

The vulnerability of the formgponConf function in the /boaform/admin/formgponConf file of the Tenda HG3 router’s microprogramming system is related to the lack of measures to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS7.3AI score0.04075EPSS
Exploits1References3Affected Software1
Total number of security vulnerabilities90709