74701 matches found
The vulnerability of Dell PowerScale InsightIQ software for performance monitoring and reporting lies in its lack of protection against SQL query structures, allowing attackers to disclose sensitive information.
The vulnerability of the software for performance monitoring and report generation in Dell PowerScale InsightIQ is related to the lack of security measures in the SQL query structure. Exploiting this vulnerability can allow attackers to disclose sensitive information...
The vulnerability of the Microsoft Message Queuing (MSMQ) service on Microsoft Windows operating systems allows a perpetrator to cause a service failure.
The vulnerability of the Microsoft Message Queuing MSMQ service on Microsoft Windows operating systems is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...
The vulnerability of the Git-based software platform for collaborative code development in GitLab EE/CE lies in its algorithmic complexity, which allows attackers to trigger service interruptions.
The vulnerability of the Git-based software platform for collaborative code development in GitLab EE/CE is related to algorithmic complexity. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service interruptions...
The vulnerability of the GLPI system’s request, incident, and asset inventory management processes, related to the lack of measures taken to protect the website structure, allows a malicious attacker to carry out XSS attacks.
The vulnerability of the GLPI system’s request, incident, and asset inventory management functions is related to the lack of measures taken to protect the remote-operating web interface. An XSS attack can be carried out against this system...
The vulnerability of the GLPI system’s request, incident, and computer equipment inventory management processes, related to the failure to protect the SQL request structure, allows attackers to execute SQL injections.
The vulnerability of the GLPI system’s request, incident, and computer equipment inventory management processes is related to the lack of measures taken to protect the SQL request structure. Exploiting this vulnerability allows a malicious actor to execute SQL injections remotely...
The vulnerability of the `asyncio._SelectorSocketTransport.writelines()` method in the Python programming language, which allows a hacker to cause a denial-of-service attack
The vulnerability of the asyncio.SelectorSocketTransport.writelines method in the Python programming language is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of the Remote Desktop Gateway (RD Gateway) for Microsoft Windows operating systems allows a hacker to trigger a service failure.
The vulnerability of the Remote Desktop Gateway RD Gateway for Microsoft Windows operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of Windows operating systems’ message queues allows attackers to induce service failures.
The vulnerability of Message Queuing in Windows operating systems is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
The vulnerability of the MapUrlToZone method in Windows operating systems allows attackers to disclose sensitive information that is protected by security measures.
The vulnerability of the MapUrlToZone method in Windows operating systems is related to improper handling of path equivalence. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by this method...
The vulnerability of the Exiv2 metadata management library, related to reading data outside of the allowed range in memory, allows a hacker to cause a service failure.
The vulnerability of the Exiv2 metadata management library relates to reading data outside the allowed range in memory when metadata is written to the created image file. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of Dell PowerScale InsightIQ software for performance monitoring and reporting, related to context switching errors during privilege escalation, allows a perpetrator to elevate their privileges to the root level.
The vulnerability of the Dell PowerScale InsightIQ software for performance monitoring and reporting is related to context switching privilege errors. Exploiting this vulnerability could allow an attacker to elevate their privileges to the root level...
The vulnerability of the Palo Alto Networks Expedition configuration migration tool, related to incorrect external management of file names or file paths, allows a perpetrator to delete any files they desire.
The vulnerability of the Palo Alto Networks Expedition configuration migration tool is related to incorrect external management of file names or file paths. Exploiting this vulnerability allows a malicious actor to delete arbitrary files remotely...
The vulnerability of the Telephony Service in Microsoft Windows operating systems allows a perpetrator to execute arbitrary code.
The vulnerability of the Telephony Service in Microsoft Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the GLPI system’s request, incident, and asset inventory management processes, related to the lack of measures taken to protect the website structure, allows a malicious attacker to carry out XSS attacks.
The vulnerability of the GLPI system’s request, incident, and computer equipment inventory management functions is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks...
The vulnerability of NetworkManager’s software for managing network connections, related to uncontrolled resource consumption, allows a hacker to trigger a service failure.
The vulnerability of the NetworkManager software for managing network connections is related to an uncontrolled consumption of resources. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...
The vulnerability of the Coredns DNS server, related to information disclosure through caching, allows attackers to perform spoofing attacks.
The vulnerability of the coredns DNS server relates to the disclosure of information through caching. Exploiting this vulnerability allows a malicious actor to perform spoofing attacks remotely...
The vulnerability of BranchCache’s caching technology in Windows operating systems allows a hacker to execute arbitrary code.
The vulnerability of BranchCache technology in Windows operating systems relates to the use of memory after it is released. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the WLAN AutoConfig service for Windows operating systems allows attackers to disclose sensitive information.
The vulnerability of the WLAN AutoConfig service for Windows operating systems lies in the reading of data beyond the permitted range in memory. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by security measures...
The vulnerability of the Microsoft .NET software platform and the Microsoft Visual Studio development tools lies in the creation of a temporary file in a directory with incorrect permissions, allowing an attacker to escalate their privileges.
The vulnerability of the Microsoft .NET software platform and the Microsoft Visual Studio development tools is related to the creation of a temporary file in the directory with incorrect permissions. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the MapUrlToZone method in Windows operating systems allows attackers to disclose sensitive information that is protected by security measures.
The vulnerability of the MapUrlToZone method in Windows operating systems is related to improper handling of path equivalence. Exploiting this vulnerability can allow an attacker to disclose protected information remotely...
The vulnerability of the GLPI system’s request, incident, and asset inventory management processes, related to the lack of measures taken to protect the website structure, allows a malicious attacker to carry out XSS attacks.
The vulnerability of the GLPI system’s request, incident, and computer equipment inventory management functions is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks...
The vulnerability of software for automating the creation, publication, and distribution of reports and documents in IBM Engineering Lifecycle Optimization – Publishing (PUB) lies in the use of a regular expression with inefficient computational complexity, allowing an attacker to trigger a service failure.
The vulnerability of software for automating the creation, publication, and distribution of reports and documents in IBM Engineering Lifecycle Optimization – Publishing PUB is related to the use of regular expressions with inefficient computational complexity. Exploiting this vulnerability can...
The vulnerability of the integrated environment for managing the development lifecycle of IBM Jazz Foundation lies in its lack of access control for personal information, allowing attackers to disclose protected information.
The vulnerability of the integrated environment for managing the development lifecycle of IBM Jazz Foundation is related to deficiencies in restricting access to personal information. Exploiting this vulnerability could allow attackers to disclose protected information...
The vulnerability in the implementation of the Secure Boot protocol for Windows operating systems allows attackers to disclose sensitive information that is protected by this security mechanism.
The vulnerability of the Secure Boot secure bootloading protocol for the Windows operating system is related to access control errors. Exploiting this vulnerability could allow a perpetrator to disclose protected information...
The vulnerability of the Microsoft .NET software platform and the Microsoft Visual Studio development tools is related to buffer overflows in dynamic memory, allowing an attacker to execute arbitrary code.
The vulnerability of the Microsoft .NET software platform and the Microsoft Visual Studio development environment is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...
The vulnerability of the MapUrlToZone method in Windows operating systems allows attackers to disclose sensitive information that is protected by security measures.
The vulnerability of the MapUrlToZone method in Windows operating systems is related to improper handling of path equivalence. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by this method...
The vulnerability of the Windows operating system’s Telephony Service allows a perpetrator to execute arbitrary code.
The vulnerability of the Windows Operating System’s Telephony Service is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Windows operating system’s IP Helper service allows a perpetrator to trigger a service failure.
The vulnerability of the Windows operating system’s IP Helper service is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a remote attacker to cause service failures...
The vulnerability of the Telephony Service in Microsoft Windows operating systems allows a perpetrator to execute arbitrary code.
The vulnerability of the Telephony Service in Microsoft Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the command-line interface (CLI) of Juniper Networks Junos OS, which allows a hacker to gain unauthorized access to protected information
The vulnerability of the command-line interface CLI of Juniper Networks Junos OS is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability of the Microsoft Message Queuing (MSMQ) service on Microsoft Windows operating systems allows a perpetrator to cause a service failure.
The vulnerability of the Microsoft Message Queuing MSMQ service on Microsoft Windows operating systems is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...
The vulnerability of the XML_ResumeParser function in the libexpat XML parsing library allows a attacker to induce a service failure.
The vulnerability of the XMLResumeParser function in the libexpat XML parsing library is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the MapUrlToZone method in Windows operating systems allows attackers to disclose sensitive information that is protected by security measures.
The vulnerability of the MapUrlToZone method in Windows operating systems is related to improper handling of path equivalence. Exploiting this vulnerability can allow an attacker to disclose protected information remotely...
The vulnerability of the EditorConfig core library in the C programming language, related to buffer overflow in the stack, allows a malicious actor to trigger a service failure.
The vulnerability of the EditorConfig core library in the C programming language is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the MSHTML platform in Microsoft Windows operating systems allows attackers to circumvent security restrictions.
The vulnerability of the MSHTML platform in Microsoft Windows operating systems is related to improper handling of path equivalence. Exploiting this vulnerability can allow a remote attacker to bypass security restrictions...
The vulnerability of the Action Pack framework for the Ruby interpreter allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the Action Pack framework’s Ruby interpreter lies in insufficient validation of input data. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the App Package Installer installation program for Microsoft Windows operating systems allows a perpetrator to increase their privileges.
The vulnerability of the App Package Installer installation program for Microsoft Windows operating systems is related to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of Websoft HCM’s automation software for HR processes allows attackers to execute cross-site scripting attacks (XSS).
The vulnerability of Websoft HCM’s automation software for HR processes is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...
The vulnerability of the Drupal Private Content CMS system, related to improper privilege assignment, allows attackers to bypass security restrictions and gain unauthorized access to protected information.
The vulnerability of the Drupal Content Management System’s Private Content module is related to the improper assignment of privileges. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain unauthorized access to protected information...
The vulnerability of the Login module in Drupal CMS systems, related to deficiencies in authentication procedures, allows attackers to bypass existing security restrictions.
The vulnerability of the Login module in Drupal CMS systems is related to deficiencies in authentication procedures. Exploiting this vulnerability allows attackers to bypass existing security restrictions remotely...
The vulnerability of the Microsoft Message Queuing (MSMQ) queue service on Windows operating systems allows a perpetrator to disclose protected information.
The vulnerability of the Microsoft Message Queuing MSMQ queue service on Windows operating systems is related to the use of an uninitialized resource. Exploiting this vulnerability could allow a malicious actor to disclose protected information...
The vulnerability of the PrintWorkflowUserSvc service in Windows operating systems allows a hacker to increase their privileges.
The vulnerability of the PrintWorkflowUserSvc service in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of the Windows operating system’s Telephony Service allows a perpetrator to execute arbitrary code.
The vulnerability of the Windows operating system’s Telephony Service is related to overflowing buffers in the dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Windows Installer component on Windows operating systems allows a perpetrator to elevate their privileges to the SYSTEM level.
The vulnerability of the Windows Installer component in Windows operating systems is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to elevate their privileges to the SYSTEM level...
The vulnerability of Drupal’s REST & JSON API Authentication in the Drupal CMS system, related to incorrect authentication procedures, allows attackers to bypass existing security restrictions.
The vulnerability of Drupal’s REST & JSON API Authentication in the Drupal CMS system is related to improper authentication procedures. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions remotely...
The vulnerability of the PrintWorkflowUserSvc service in Windows operating systems allows a hacker to increase their privileges.
The vulnerability of the PrintWorkflowUserSvc service in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of the Microsoft Message Queuing (MSMQ) queue service on Windows operating systems allows a perpetrator to cause a service failure.
The vulnerability of the Microsoft Message Queuing MSMQ queue service on Windows operating systems is related to uncontrolled resource consumption due to incorrect validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the Windows operating system’s Telephony Service allows a perpetrator to execute arbitrary code.
The vulnerability of the Windows operating system’s Telephony Service is related to overflowing buffers in the dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Windows operating system’s Telephony Service allows a perpetrator to execute arbitrary code.
The vulnerability of the Windows operating system’s Telephony Service is related to overflowing buffers in the dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the WebSocket module in Node.js operating systems on FortiOS and proxy servers, which allows attackers to elevate privileges to the “super-admin” level.
The vulnerability of the WebSocket module in Node.js operating systems on FortiOS and FortiProxy proxy servers relates to bypassing the authentication process by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to elevate their privileges to “super-admi...