The vulnerability of the web interface of the IBM Sterling B2B Integrator software allows a perpetrator to execute arbitrary code and gain unauthorized access to protected information.

The vulnerability of the web interface of the IBM Sterling B2B Integrator software solution relates to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely and gain unauthorized access to protected...

The vulnerability of the web interface of the IBM Sterling B2B Integrator software allows a perpetrator to execute arbitrary code and gain unauthorized access to protected information.

The vulnerability of the web interface of the IBM Sterling B2B Integrator software solution relates to the lack of protective measures for the website structure. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code and gain unauthorized access to protected...

The vulnerability of the Juniper Tunnel Driver (JTD) driver for Juniper Networks’ Junos OS Evolved operating systems allows a hacker to induce a service failure.

The vulnerability of the Juniper Tunnel Driver JTD driver for Juniper Networks’ Junos OS Evolved operating systems is related to the lack of memory release after the effective lifespan of the driver. Exploiting this vulnerability can allow a malicious actor to trigger a service failure by sending...

The vulnerability of DHCP servers for real-time operating systems like Wind River VxWorks allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of DHCP servers for real-time operating systems from Wind River VxWorks relates to operations that go beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information...

The vulnerability of the QuTS operating systems and QTS network devices from Qnap, related to the failure to eliminate CRLF sequences, allows attackers to execute arbitrary code.

The vulnerability of the QuTS operating systems and QTS network devices involves a lack of measures to neutralize CRLF sequences. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

The vulnerability of PowerStore T OS’ microprogramming software lies in the lack of protective measures for SQL query structures. This allows attackers to gain access to read, modify, or delete data, or execute arbitrary commands.

The vulnerability of the microprogramming software in the PowerStore data storage system’s T OS lies in the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to gain access to read, modify, or delete data, or to execute arbitrary...

The vulnerability of the Public Project Handler component of the git-based software platform for collaborative code development on GitLab allows a hacker to gain access to protected information.

The vulnerability of the Public Project Handler component in the git-based software platform for collaborative code development on GitLab is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to...

The vulnerability of the Convert-Online.php script (phpoffice/phpspreadsheet/samples/Engineering/Convert-Online.php) in the PhpSpreadsheet PHP library allows attackers to perform cross-site scripting attacks.

The vulnerability of the Convert-Online.php script phpoffice/phpspreadsheet/samples/Engineering/Convert-Online.php in the PhpSpreadsheet library is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site...

The vulnerability of the av1_loop_restoration_dealloc() function in the libaom video encoding library allows a perpetrator to execute arbitrary code.

The vulnerability of the av1looprestorationdealloc function in the libaom video encoding library is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

The vulnerability of the Tungsten Automation Power PDF software for working with PDF files lies in the ability to read data beyond the acceptable range of memory, allowing an intruder to disclose protected information.

The vulnerability of the software for working with PDF files from Tungsten Automation Power PDF is related to reading beyond the allowed range in memory during PDF file syntax analysis. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability of the PowerScale OneFS operating system, related to the improper assignment of permissions for critical resources, allows a perpetrator to trigger a service failure.

The vulnerability of the PowerScale OneFS operating system is related to the improper assignment of permissions for the critical resource. Exploiting this vulnerability can allow an attacker to cause a service failure...

Vulnerability of the Accounting.php script (/phpoffice/phpspreadsheet/samples/Wizards/NumberFormat/Accounting.php) in the PhpSpreadsheet library, which allows attackers to perform cross-site scripting attacks.

The vulnerability in the Accounting.php script /phpoffice/phpspreadsheet/samples/Wizards/NumberFormat/Accounting.php of the PhpSpreadsheet library is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows an attacker to perform cross-site...

The vulnerability of the Windows Telephony Service in Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the Windows Telephony Service in Windows operating systems is related to a potential overflow condition. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a request to the server...

The vulnerability of the editFilePost() function in the Gog tool for creating self-governed Git repositories allows a hacker to execute arbitrary code.

The vulnerability of the editFilePost function in the Gogs self-managed Git repository creation tool is related to improper restrictions on the path name of the restricted directory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Suricata intrusion detection and prevention system, related to the execution of operations beyond the buffer boundaries, allows an intruder to execute arbitrary code or trigger a service failure.

The vulnerability of the Suricata intrusion detection and prevention system lies in the escape of the operation beyond the buffer in memory due to incorrect processing of transformation keywords. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause service...

The vulnerability of the Markdown Marp Core presentation creation tool is related to insufficient protection of website structures, allowing attackers to perform cross-site scripting attacks.

The vulnerability of the Markdown-based presentation creation tool Marp Core is related to insufficient protection of the web page structure when processing HTML content. Exploiting this vulnerability could allow attackers to perform cross-site scripting attacks...

The vulnerability of the set_add_routing() function in the internet.cgi script of the Wavlink AC3000 (WL-WN533A8) router microprogramming system allows a hacker to execute arbitrary commands.

The vulnerability of the setaddrouting function in the internet.cgi script of the Wavlink AC3000 WL-WN533A8 router microprogramming system is related to the lack of data cleaning measures at the control level when processing the gateway parameter. Exploiting this vulnerability allows a remote...

The vulnerability of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller lies in the lack of a mechanism for generating error reports. This allows attackers to gain unauthorized access to protected information.

The vulnerabilities of the software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller are related to deficiencies in the mechanism for generating error reports. Exploiting these vulnerabilities can allow unauthorized actors to...

The vulnerability of the SuiteCRM customer relationship management system is related to deficiencies in authentication procedures, which allow attackers to circumvent security restrictions and gain access to read, modify, or delete data.

The vulnerability of the SuiteCRM customer relationship management system is related to deficiencies in the authentication process. Exploiting this vulnerability allows an attacker to bypass security restrictions and gain access to read, modify, or delete data...

The vulnerability of the set_sys_init() function in the login.cgi script of the Wavlink AC3000 router microprogramming system (WL-WN533A8) allows a hacker to execute arbitrary commands.

The vulnerability of the setsysinit function in the login.cgi script of the Wavlink AC3000 WL-WN533A8 router microprogramming system is related to the lack of data cleaning at the control level when processing the restartweekvalue parameter. Exploiting this vulnerability allows a remote attacker ...

The vulnerability of the set_sys_init() function in the login.cgi script of the Wavlink AC3000 router microprogramming system (WL-WN533A8) allows a hacker to execute arbitrary commands.

The vulnerability of the setsysinit function in the login.cgi script of the Wavlink AC3000 WL-WN533A8 router microprogramming system is related to the lack of data cleaning measures at the control level when processing the restartminvalue parameter. Exploiting this vulnerability allows a remote...

The vulnerability of the set_sys_init() function in the login.cgi script of the Wavlink AC3000 router microprogramming system (WL-WN533A8) allows a hacker to execute arbitrary commands.

The vulnerability of the setsysinit function in the login.cgi script of the Wavlink AC3000 WL-WN533A8 router microprogramming system is related to the lack of data cleaning at the control level when processing the restarthourvalue parameter. Exploiting this vulnerability allows a remote attacker ...

The vulnerability of the set_add_routing() function in the internet.cgi script of the Wavlink AC3000 (WL-WN533A8) router microprogramming system allows a hacker to execute arbitrary commands.

The vulnerability of the setaddrouting function in the internet.cgi script of the Wavlink AC3000 WL-WN533A8 router microprogramming system is related to the lack of data cleaning at the control level when processing the netmask parameter. Exploiting this vulnerability allows a remote attacker to...

The vulnerability of the Open Social CMS system’s Drupal module, related to deficiencies in authentication procedures, allows attackers to circumvent security restrictions and execute a forced browsing attack.

The vulnerability of the Open Social CMS system, Drupal, is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and execute a Forceful Browsing attack...

The vulnerability of the implementation of the authorization mechanism for microprogramming software in Moxa EDS-508A switches allows a intruder to gain unauthorized access to the device’s configuration files.

The vulnerability of the authentication mechanism for Microprogramming Software on Moxa EDS-508A switches lies in the exploitation of vulnerabilities in the identification/authentication mechanism. Exploiting this vulnerability can allow an intruder, operating remotely, to gain unauthorized acces...

The vulnerability of the rsyncd utility for transferring and synchronizing Rsync files allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the rsyncd utility for transferring and synchronizing Rsync files involves the generation of invalid tokens and checksums during the copying process. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

The vulnerability of the Digital Media component of Windows operating systems, which allows attackers to enhance their privileges

The vulnerability of the Digital Media component of Windows operating systems relates to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Windows operating system’s Telephony Service allows a perpetrator to execute arbitrary code.

The vulnerability of the Windows operating system’s Telephony Service is related to overflowing buffers in the dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the xe_exec_ioctl() function in the drivers/gpu/drm/xe/xe_exec.c module of the Intel Xe graphics driver for the Linux operating system allows a attacker to compromise the accessibility of protected information.

The vulnerability of the xeexecioctl function in the drivers/gpu/drm/xe/xeexec.c file of the Intel Xe graphics driver for the Linux operating system is related to a violation of the synchronization mechanism. Exploiting this vulnerability could allow an attacker to compromise the accessibility of...

The vulnerability of Themes components in Windows operating systems, which allows attackers to perform spoofing attacks

The vulnerability of Themes component in Windows operating systems is related to insufficient protection of service data. Exploiting this vulnerability allows a remote attacker to perform spoofing attacks...

The vulnerability of the Drupal CMS system’s RESTful Web Services module, related to errors in request processing, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Drupal CMS system’s RESTful Web Services module is related to errors in request processing. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Ivanti EPM endpoint management software, related to out-of-memory reading, allows a hacker to exploit their privileges.

The vulnerability of the Ivanti EPM endpoint management software relates to memory-walking attacks. Exploiting this vulnerability can allow attackers to gain increased privileges...

The vulnerability of the Ivanti EPM endpoint management software, related to the use of an uninitialized resource, allows a hacker to escalate their privileges.

The vulnerability of the Ivanti EPM endpoint management software is related to the use of an uninitialized resource. Exploiting this vulnerability can allow a malicious individual to gain increased privileges...

The vulnerability of the Megamenu Framework CMS system’s Drupal module, related to insufficient validation of input data, allows attackers to execute arbitrary code.

The vulnerability of the Megamenu Framework CMS system’s Drupal module is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Ivanti EPM endpoint management software lies in the incorrect limitation of the path name in the catalog, allowing a malicious actor to execute remote code.

The vulnerability of the Ivanti EPM endpoint management software is related to incorrect restrictions on path names in the catalog. Exploiting this vulnerability allows a remote attacker to execute malicious code remotely...

The vulnerability of the Ivanti EPM endpoint management software lies in the improper restriction of path names in the catalog, which allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Ivanti EPM endpoint management software is related to incorrect restrictions on path names in the catalog. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

The vulnerability of the `-safe-links` configuration in the rsyncd daemon’s utility for transferring and synchronizing files allows a hacker to write arbitrary files.

The vulnerability of the -safe-links configuration in the rsyncd daemon’s utility for transferring and synchronizing files involves bypassing the directory path check, resulting in the absence of symbolic link checks. Exploiting this vulnerability allows a remote attacker to write arbitrary files...

The vulnerability of the Ivanti EPM endpoint management software lies in the improper restriction of path names in the catalog, which allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Ivanti EPM endpoint management software is related to incorrect restrictions on path names in the catalog. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

The vulnerability of the rsyncd utility for transferring and synchronizing Rsync files allows a attacker to bypass ASLR protection and gain unauthorized access to protected information.

The vulnerability of the rsyncd utility for transferring and synchronizing Rsync files is related to the execution of operations outside the buffer boundaries in memory, as a result of incorrect comparison of file checksums. Exploiting this vulnerability can allow an attacker to bypass ASLR...

The vulnerability in the `-inc-recursive` configuration of the rsyncd daemon’s utility for transferring and synchronizing files allows a attacker to write arbitrary files.

The vulnerability of the -inc-recursive configuration of the rsyncd daemon, a utility for transferring and synchronizing files, involves traversing directory paths without checking for symbolic links, along with checks for duplication. Exploiting this vulnerability allows an attacker to write...

The vulnerability of the Security Account Manager (SAM) on Windows operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the Security Account Manager SAM on Windows operating systems is related to mutual blocking of execution threads. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the btmtk_process_coredump() function in the drivers/bluetooth/btmtk.c kernel module of the Linux operating system allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the btmtkprocesscoredump function in the drivers/bluetooth/btmtk.c kernel module of the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

The vulnerability of the `perf_event_detach_bpf_prog()` function in the kernel/trace/bpfTrace.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the perfeventdetachbpfprog function in the kernel/trace/bpfTrace.c module of the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

The vulnerability of the Ivanti EPM endpoint management software lies in the improper restriction of path names in the catalog, which allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Ivanti EPM endpoint management software is related to incorrect restrictions on path names in the catalog. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

The vulnerability of the Ivanti EPM endpoint management software, related to reading data beyond the buffer in memory, allows a hacker to trigger a service failure.

The vulnerability of the Ivanti EPM endpoint management software is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to cause service failures...

The vulnerability of the Windows operating system’s Telephony Service allows a perpetrator to execute arbitrary code.

The vulnerability of the Windows operating system’s Telephony Service is related to overflowing buffers in the dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Windows operating system’s kernel allows attackers to disclose sensitive information that is protected by security measures.

The vulnerability of the Windows operating system’s kernel is related to insufficient protection of registration data. Exploiting this vulnerability can allow an attacker to disclose the protected information...

The vulnerability of the Drupal CMS system’s Browser Back Button module, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of the Drupal CMS system’s Browser Back Button feature is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of the Ivanti EPM endpoint management software lies in the lack of protective measures for the SQL query structure, allowing a hacker to execute malicious code remotely.

The vulnerability of the Ivanti EPM endpoint management software relates to the lack of security measures for SQL query structures. Exploiting this vulnerability allows a remote attacker to execute malicious code remotely...

The vulnerability of the Ivanti EPM endpoint management software, related to reading data beyond the buffer in memory, allows a hacker to trigger a service failure.

The vulnerability of the Ivanti EPM endpoint management software relates to reading data beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...