Lucene search
K
Bdu FstecRecent

90709 matches found

BDU FSTEC
BDU FSTEC
added 2026/01/03 12:0 a.m.3 views

The vulnerability of the aap-server in the Ansible configuration management system allows a hacker to gain unauthorized access to protected information.

The vulnerability of the aap-server in the Ansible configuration management system is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

8.5CVSS7.2AI score0.00302EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/01/03 12:0 a.m.5 views

The vulnerability of the My Timesheet Fiori 2.0 software component, which is used for workforce management in SAP HCM, allows a hacker to escalate their privileges.

The vulnerability of the My Timesheet Fiori 2.0 software, a personnel management solution for SAP HCM, is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to gain elevated privileges...

6.8CVSS5.8AI score0.00216EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/01/03 12:0 a.m.3 views

The vulnerability of the SAP Business Planning and Consolidation solution for managing financial indicators allows a perpetrator to trigger a service failure.

The vulnerability of the SAP Business Planning and Consolidation solution for managing financial indicators is related to the lack of verification of input data for cyclical operations. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

6.8CVSS5.8AI score0.00296EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/03 12:0 a.m.3 views

The vulnerability of the My Timesheet Fiori 2.0 software component, which is used for workforce management in SAP HCM, allows a hacker to escalate their privileges.

The vulnerability of the My Timesheet Fiori 2.0 software, a personnel management solution for SAP HCM, is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to gain elevated privileges...

6.8CVSS5.8AI score0.00216EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2026/01/03 12:0 a.m.4 views

The vulnerability of the Adobe Document Service component in SAP NetWeaver AS Java software integration platforms allows attackers to gain access to and modify system data.

The vulnerability of the Adobe Document Service component in SAP NetWeaver AS Java software integration platforms is related to its dependence on a vulnerable external component. Exploiting this vulnerability can allow attackers to gain access to and modify system data...

3.4CVSS5.8AI score0.00127EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2026/01/03 12:0 a.m.4 views

The vulnerability of the software for working with PDF files, UPDF for Windows operating systems, allows a hacker to execute arbitrary code.

The vulnerability of UPDF software for working with PDF files on Windows operating systems is related to an uncontrolled element in the search process. Exploiting this vulnerability can allow a perpetrator to execute arbitrary code...

7.3CVSS6AI score0.00157EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/03 12:0 a.m.5 views

The vulnerability of the write_headers() function in the cpp-httplib library, which allows a hacker to modify protected information

The vulnerability of the writeheaders function in the cpp-httplib library is related to the lack of measures taken to neutralize CRLF sequences. Exploiting this vulnerability could allow an attacker, operating remotely, to modify protected information by sending a specially crafted HTTP request...

7.8CVSS5.8AI score0.00372EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/03 12:0 a.m.4 views

The vulnerability of NVIDIA DGX OS workstations’ operating system for DGX Spark GB10 artificial intelligence systems involves insecure privilege management. This vulnerability allows a malicious actor to trigger service failures, access and modify sensitive information.

The vulnerability of NVIDIA DGX OS workstations for DGX Spark GB10 artificial intelligence systems is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to cause service failures, disclose, and modify protected information...

8CVSS5.8AI score0.00136EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/01/03 12:0 a.m.5 views

The vulnerability of the software for developing and executing applications in the ABAP language on the SAP NetWeaver Application Server ABAP lies in the lack of authentication procedures. This allows attackers to gain access to read profile parameters.

The vulnerabilities of the software used for developing and executing applications in the ABAP language of SAP NetWeaver Application Server are related to deficiencies in the authentication process. Exploiting these vulnerabilities can allow attackers to gain read access to profile parameters...

4.3CVSS5.8AI score0.002EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/01/03 12:0 a.m.6 views

The vulnerability of the User Management Component (UMC) in the web-based industrial process management system SIMATIC PCS neo allows a attacker to trigger a service failure.

The vulnerability of the User Management Component UMC in the web-based system for managing technological processes of SIMATIC PCS neo is related to the violation of the buffer’s initial limit. Exploiting this vulnerability could allow an attacker, operating remotely, to cause a service failure...

7.8CVSS5.8AI score0.00443EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/01/03 12:0 a.m.2 views

The vulnerability of the Socket Appender component in the Apache Log4j Core API library allows a attacker to intercept log traffic.

The vulnerability of the Socket Appender component in the Apache Log4j Core API library implementation is related to improper verification of certificate authenticity. Exploiting this vulnerability could allow an attacker to intercept log traffic remotely...

4CVSS6.2AI score0.00743EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/02 12:0 a.m.2 views

The vulnerability of the web page rendering module in Safari browsers for WebKit operating systems—tvOS, iOS, iPadOS, watchOS, macOS, and visionOS—allows attackers to execute arbitrary code and gain full control over the device.

The vulnerability of the Web page rendering module in Safari browsers of the WebKit framework in operating systems such as tvOS, iOS, iPadOS, watchOS, macOS, and visionOS relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary co...

10CVSS7.8AI score0.08439EPSS
Exploits8References15Affected Software8
BDU FSTEC
BDU FSTEC
added 2026/01/01 12:0 a.m.4 views

The vulnerability of the Calculator Builder plugin in the WordPress content management system arises from improper handling of file names for PHP functions like include or require. This allows attackers to gain unauthorized access to protected information or execute arbitrary code.

The vulnerability of the Calculator Builder plugin in the WordPress content management system is related to improper handling of file names for PHP functions like include or require. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or execut...

7.6CVSS7.5AI score0.00561EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/01 12:0 a.m.3 views

The vulnerability of the Magic the Gathering Card Tooltips plugin in the WordPress content management system, related to the lack of protective measures for website structures, allows attackers to perform cross-site scripting attacks.

The vulnerability of the Magic the Gathering Card Tooltips plugin in the WordPress content management system is related to the lack of protective measures for website structures. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks...

7.5CVSS7.1AI score0.00224EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/01 12:0 a.m.5 views

The vulnerability of the Manx and Sandcat plugins in the Caldera automated system for emulating intruder actions allows an intruder to execute arbitrary code.

The vulnerability of the Manx and Sandcat plugins in the Caldera intrusion simulation software involves a lack of measures to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.8AI score0.23813EPSS
Exploits2References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/01 12:0 a.m.3 views

The vulnerability of the FULL Customer Content Management System for WordPress plugins relates to improper handling of file names for PHP functions like include or require. This allows attackers to gain unauthorized access to protected information or execute arbitrary code.

The vulnerability of the FULL Customer Content Management System for WordPress involves improper handling of file names for PHP functions like include or require. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or execute arbitrary code...

7.6CVSS6AI score0.00537EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/31 12:0 a.m.3 views

The vulnerability of the VS6Sim.exe software, which is used for configuring HMI interfaces of Monitouch V-SFT and monitoring systems for TELLUS PLCs, allows a attacker to execute arbitrary code.

The vulnerability of the VS6Sim.exe program, which is used for configuring Monitouch V-SFT HMI interfaces and monitoring systems for TELLUS PLCs, lies in the escape of the operation beyond the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending...

7.8CVSS7.6AI score0.00191EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/12/31 12:0 a.m.4 views

The vulnerability of the APPEND Command Handler FTP-server Freefloat FTP Server allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the APPEND Command Handler FTP-server Freefloat FTP Server lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

7.5CVSS7.4AI score0.00596EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/31 12:0 a.m.3 views

The vulnerability of the formSetPPTPUserList() function in the Tenda AC10U router’s software allows a hacker to execute arbitrary code.

The vulnerability of the formSetPPTPUserList function in the Tenda AC10U router’s microprogramming software is related to the copying of buffers without checking the size of the input data when processing the list parameter. Exploiting this vulnerability allows a remote attacker to execute...

9CVSS7.7AI score0.00603EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/31 12:0 a.m.4 views

The vulnerability of NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) access control systems arises from the lack of measures taken to protect the website structure. This vulnerability allows attackers to perform cross-site scripting attacks (XSS).

The vulnerability of NetScaler ADC formerly Citrix ADC and the NetScaler Gateway access control system exists due to the lack of measures taken to protect the web page structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

9CVSS5.5AI score0.254EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/12/31 12:0 a.m.3 views

The vulnerability of the software for managing bidding processes, Bidding Solutions, related to an error in token processing by LFS, allows a perpetrator to gain unauthorized access to user accounts.

The vulnerability of the software for managing bidding processes in Bidding Solutions is related to an error in token processing by LFS. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to user accounts...

10CVSS5.8AI score0.00393EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/31 12:0 a.m.4 views

The vulnerability of KYC Solutions’ software for customer identity verification, related to the disclosure of information in debugging messages, allows a violator to disclose protected information.

The vulnerability of KYC Solutions’ software for customer identity verification is related to the disclosure of information in debugging messages. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose the protected information...

5.3CVSS5.7AI score0.00392EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/31 12:0 a.m.4 views

The vulnerability of the backup software regarding incorrect use of standard permissions allows a perpetrator to escalate their privileges and execute arbitrary commands.

The vulnerability of the backup software relates to errors in the use of standard permissions. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary commands by sending a specially created file...

7.8CVSS6AI score0.00353EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/31 12:0 a.m.4 views

The vulnerability of the `bs_GetManPwd` function in the `libblinkapi.so` library, located in the `/cgi-bin/lighttpd.cgi` file of the LB-LINK router software, allows a intruder to disclose protected information.

The vulnerability of the bsGetManPwd function in the libblinkapi.so library, located in the /cgi-bin/lighttpd.cgi file of the LB-LINK router software, is related to insufficient protection of operational data. Exploiting this vulnerability could allow an attacker to disclose sensitive information...

5.3CVSS5.9AI score0.00343EPSS
Exploits0References6Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/12/31 12:0 a.m.3 views

The vulnerability of the Docker-proxy software lies in its inability to properly clean up or release resources, allowing a malicious actor to cause service failures.

The vulnerability of the Docker-proxy software is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

7.8CVSS5.8AI score0.00222EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/31 12:0 a.m.3 views

The vulnerability of the software implementation of the OTP mechanism for customer identity verification by KYC Solutions allows a perpetrator to gain unauthorized access to user accounts.

The vulnerability of the software implementation for the KYC Solutions’ customer identity verification mechanism is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to user...

8.6CVSS5.8AI score0.00372EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/31 12:0 a.m.5 views

The vulnerability of KYC Solutions’ software for customer identity verification, related to the transmission of user credentials in unencrypted form, allows a perpetrator to gain unauthorized access to users’ accounts.

The vulnerability of KYC Solutions’ software for customer identity verification is related to the transmission of user credentials in an unencrypted form. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to users’ account information...

8.6CVSS5.8AI score0.00265EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/31 12:0 a.m.4 views

The vulnerability of the AI Mortgage Calculator plugin of the WordPress content management system allows a hacker to gain unauthorized access to protected information.

The vulnerability of the AI Mortgage Calculator plugin of the WordPress content management system is related to improper handling of file names for PHP functions like include or require. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

7.5CVSS5.8AI score0.00502EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/31 12:0 a.m.7 views

The vulnerability of the microprogrammed software of the DVP-12SE11T controllers, related to writing outside the buffer boundaries, allows a intruder to disclose protected information and cause service failure.

The vulnerability of the microprogrammed software of the DVP-12SE11T controllers is related to writing outside the buffer boundaries. Exploiting this vulnerability can allow a malicious actor to disclose protected information and cause service failures...

9.4CVSS6.2AI score0.00288EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/31 12:0 a.m.5 views

The vulnerability of the Autodesk Installer installation process, related to errors in privilege management, allows a perpetrator to elevate their privileges and execute arbitrary code.

The vulnerability of the Autodesk Installer installation program is related to errors in privilege management. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code...

7.8CVSS7.3AI score0.0015EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/31 12:0 a.m.4 views

The vulnerability of the `sess_get_uid()` function in D-Link DIR-600 router software allows a hacker to execute arbitrary code.

The vulnerability of the sessgetuid function in D-Link DIR-600 router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted HTTP request...

10CVSS8AI score0.01041EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/31 12:0 a.m.4 views

The vulnerability of the Mailgen.generatePlaintext(email) method in the Mailgen package of the Node.js software platform allows a attacker to execute arbitrary HTML code.

The vulnerability of the Mailgen.generatePlaintextemail method in the Mailgen package of the Node.js software platform is related to the lack of security measures for handling web page structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary HTML code remotely...

5.3CVSS6AI score0.00409EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/31 12:0 a.m.3 views

The vulnerability of the Events Calendar plugin of the WordPress content management system lies in the lack of protection for the SQL query structure. This allows attackers to execute arbitrary SQL queries and gain unauthorized access to protected information.

The vulnerability of the Events Calendar plugin of the WordPress content management system is related to the lack of protection for the SQL query structure when processing the “s” parameter. Exploitation of this vulnerability can allow an attacker to execute arbitrary SQL queries and gain...

7.8CVSS6.1AI score0.00324EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/31 12:0 a.m.2 views

The vulnerability of the Cisco Catalyst Center (formerly Cisco DNA Center) network infrastructure management system, related to access control errors, allows a intruder to gain unauthorized access to protected information or enhance their privileges.

The vulnerability of the Cisco Catalyst Center formerly Cisco DNA Center network infrastructure management system is related to access control errors. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information or increase their privileges by...

9CVSS6.1AI score0.00509EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/31 12:0 a.m.3 views

The vulnerability of KYC Solutions’ software for customer identity verification lies in the implementation of security features on the client side, which allow attackers to circumvent existing security restrictions.

The vulnerability of KYC Solutions’ software for customer identity verification is related to the implementation of security features at the client side. Exploiting this vulnerability could allow a malicious actor to circumvent existing security restrictions remotely...

6.8CVSS5.7AI score0.00342EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/31 12:0 a.m.6 views

The vulnerability of the sub_42261C() function in D-Link’s router microprogramming systems DWR-M920 and DIR-822K allows a hacker to execute arbitrary code.

The vulnerability of the sub42261C function in D-Link’s router microprogramming systems, DWR-M920 and DIR-822K, is related to the execution of an operation outside the buffer in memory when processing the argumenip6addr. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

9CVSS8AI score0.00693EPSS
Exploits1References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/12/31 12:0 a.m.4 views

The vulnerability of the web interface of the Yealink T21P_E2 microprogramming software for IP phones allows a perpetrator to execute arbitrary code.

The vulnerability of the web interface of Yealink T21PE2 microprogramming software for IP phones is related to the lack of measures taken at the management level to protect data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted POST...

9CVSS6.2AI score0.00582EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/30 12:0 a.m.3 views

The vulnerability of CNCSoft’s numerical control software lies in buffer overflows in its dynamic memory, allowing attackers to execute arbitrary code.

The vulnerability of CNCSoft’s numerical control software is related to buffer overflow in its dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created DVP file...

7.7CVSS7.7AI score0.00202EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/30 12:0 a.m.5 views

The vulnerability of the Advantech WebAccss/SCADA SCADA system, related to incorrect restrictions on the path name to the catalog, allows a intruder to write arbitrary files.

The vulnerability of the Advantech WebAccss/SCADA SCADA system is related to incorrect restrictions on the path name to the catalog. Exploiting this vulnerability allows a malicious actor to write arbitrary files...

9CVSS5.9AI score0.00558EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/30 12:0 a.m.2 views

The vulnerability of Tenda WH450 router microprogramming software, related to the execution of operations outside the buffer in memory, allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of Tenda WH450 router microprogramming software is related to the execution of an operation beyond the buffer in memory when processing the parameter ssidindex for the destination point /goform/onSSIDChange. Exploiting this vulnerability allows a remote attacker to execute...

10CVSS8AI score0.05867EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/30 12:0 a.m.3 views

The vulnerability of the Advantech WebAccss/SCADA SCADA system, related to incorrect restrictions on the path to the restricted access catalog, allows a intruder to delete any files they want.

The vulnerability of the Advantech WebAccss/SCADA SCADA system is related to incorrect restrictions on the path to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to delete any files they desire...

8.5CVSS5.8AI score0.00807EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/30 12:0 a.m.3 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to bypassing authentication through spoofing, allows attackers to connect themselves to any organizations they choose.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the ability to bypass authentication through spoofing. Exploiting this vulnerability allows a malicious actor, operating remotely, to connect to arbitrary organizations by modifying the...

6.5CVSS6AI score0.00252EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/30 12:0 a.m.4 views

The vulnerability of the Advantech WebAccss/SCADA SCADA system, related to the lack of protective measures for the SQL query structure, allows a perpetrator to execute arbitrary commands.

The vulnerability of the Advantech WebAccss/SCADA SCADA system lies in the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

6.5CVSS6.2AI score0.0028EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/30 12:0 a.m.5 views

The vulnerability of the Advantech WebAccss/SCADA SCADA system, related to the unlimited loading of dangerous type files, allows a intruder to execute arbitrary code.

The vulnerability of the Advantech WebAccss/SCADA SCADA system is related to the unlimited loading of dangerous files. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

9CVSS6AI score0.00531EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/30 12:0 a.m.4 views

The vulnerability of the Advantech WebAccss/SCADA SCADA system lies in the incorrect limitation of the path name to the restricted access catalog, allowing attackers to write arbitrary files.

The vulnerability of the Advantech WebAccss/SCADA SCADA system is related to incorrect restrictions on the path name to the restricted access catalog. Exploiting this vulnerability allows a malicious actor to write arbitrary files...

6.5CVSS5.9AI score0.00609EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/30 12:0 a.m.4 views

The vulnerability of the CmpVisuServer component in the CODESYS industrial automation software suite allows a malicious individual to trigger a service failure.

The vulnerability of the CmpVisuServer component in the CODESYS industrial automation software suite is related to data type conversion errors. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

7.8CVSS5.8AI score0.0034EPSS
Exploits0References4Affected Software17
BDU FSTEC
BDU FSTEC
added 2025/12/30 12:0 a.m.4 views

The vulnerability of the SysSocket library in the CODESYS Control environment allows a hacker to cause a service failure.

The vulnerability of the SysSocket library in the CODESYS Control environment is related to the execution of operations outside the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

5.9CVSS6.1AI score0.00303EPSS
Exploits0References4Affected Software16
BDU FSTEC
BDU FSTEC
added 2025/12/30 12:0 a.m.4 views

The vulnerability of the FTP server’s web interface allows attackers to escalate their privileges and execute arbitrary code.

The vulnerability of the FTP server interface of Wing FTP Server is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute arbitrary code remotely...

7.1CVSS6.9AI score0.00846EPSS
Exploits2References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/29 12:0 a.m.5 views

The vulnerability of the Reports module of the monitoring, analysis, and reporting software ManageEngine Exchange Reporter Plus allows a perpetrator to perform cross-site scripting attacks.

The vulnerability of the Reports module in the ManageEngine Exchange Reporter Plus software monitoring, analysis, and reporting tool exists due to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting...

7.5CVSS5.5AI score0.00414EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/29 12:0 a.m.7 views

The vulnerability of the Internet Explorer browser, related to incorrect path name restrictions for access to restricted catalogs, allows attackers to execute arbitrary code or enhance their privileges within the system.

The vulnerability of the Internet Explorer browser is related to incorrect restrictions on the path to the restricted access catalog. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or gain increased privileges within the system...

9CVSS6.2AI score
Exploits0Affected Software1
Total number of security vulnerabilities90709