The vulnerability of Lenovo Tab K10 tablet’s microprogramming software, related to errors in the authentication process for certificates, allows unauthorized access to protected information.

The vulnerability of Lenovo Tab K10 tablet’s microprogramming software is related to errors in the authentication process for certificates. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information by using a specially created application...

The vulnerability of the SMR/S2CR registry of Qualcomm’s security microprogramming software allows attackers to influence the integrity, accessibility, and confidentiality of the protected information.

The vulnerability of the SMR/S2CR registry for Qualcomm’s security microprogramming software is related to unverified array indexing. Exploiting this vulnerability could allow attackers to influence the integrity, accessibility, and confidentiality of the protected information...

The vulnerability of the Mozilla Firefox browser and the Thunderbird email client, related to authentication procedures that allow attackers to carry out spear-phishing attacks

The vulnerability of Mozilla Firefox browser and Thunderbird email client is related to deficiencies in authentication procedures, resulting from incorrect display of the domain name in the address bar. Exploiting this vulnerability allows attackers to perform spear-phishing attacks remotely...

Vulnerability of web-based interfaces for microprogramming systems: Wi-Fi routers such as Netis NX10, Netis 11AC Router NC65, Netis 11AC Router NC63, Netis 11AC Router NC21, and Netis Wifi Router MW5360 allow attackers to disclose protected information.

The vulnerability of the web-based management interfaces for Netis microprogramming systems, including Netis NX10, Netis 11AC Router NC65, Netis 11AC Router NC63, Netis 11AC Router NC21, and Netis Wifi Router MW5360, is related to insufficient protection for sensitive data. Exploiting this...

The vulnerability of the SSH configuration function on the NSv Gen7 SonicOS Cloud cloud platform allows a hacker to elevate privileges to the root level and execute arbitrary code.

The vulnerability of the SSH configuration function on the NSv Gen7 SonicOS Cloud cloud platform is related to insecure management of privileges. Exploiting this vulnerability could allow an attacker to elevate privileges to the root level and execute arbitrary code...

The vulnerability of the git-upload-pack method of the go-git library allows a perpetrator to influence the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the git-upload-pack method in the go-git library is related to the implementation or modification of arguments. Exploiting this vulnerability could allow a malicious actor to influence the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the go-git library, related to unlimited resource distribution, allows a hacker to cause a service failure.

The vulnerability of the go-git library is related to the unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service failures...

The vulnerability of the Redis database management system, related to the use of memory after it is freed, allows a hacker to execute arbitrary code.

The vulnerability of the Redis database management system is related to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to execute arbitrary code by injecting a specially crafted Lua script...

The vulnerability in the implementation of IPSec protocols on the SonicOS operating system allows a attacker to trigger a Denial-of-Service attack (DoS) or execute arbitrary code.

The vulnerability of the implementation of IPSec protocols on the SonicOS operating system is related to a numerical overflow condition. Exploiting this vulnerability allows a malicious actor to trigger a Denial-of-Service attack or execute arbitrary code by sending a specially crafted IKEv2...

The vulnerability of the soup_header_parse_param_list_strict() function in the GNOME graphical interface library libsoup, which allows a attacker to cause a service failure

The vulnerability of the soupheaderparseparamliststrict function in the GNOME graphical interface library libsoup is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird lies in the use of memory after it is freed, allowing an attacker to trigger a service failure.

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the use of memory after it is freed. Exploiting this vulnerability can allow a malicious actor to cause service interruptions through a specially created web page...

The vulnerability of the revoke_delegation() function in the fs/nfsd/nfs4state.c module of the Linux kernel-based Network File System (NFS) server allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the revokedelegation function in the fs/nfsd/nfs4state.c module of the Linux file system kernel relates to the reutilization of previously released memory due to competitive access to resources race condition. Exploiting this vulnerability could allow an attacker to compromis...

The vulnerability of the microprogrammed routing software of Four-Faith F3x24 and Four-Faith F3x36 arises from the failure to take measures to neutralize special elements used in the operating system’s commands. This allows attackers to execute arbitrary commands.

The vulnerability of the microprogrammed routing software of Four-Faith F3x24 and Four-Faith F3x36 lies in the lack of measures to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the bcm_release() function in the net/can/bcm.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the bcmrelease function in the net/can/bcm.c module of the Linux kernel is related to the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

The vulnerability of the add inode_ref() function in the fs/btrfs/tree-log.c file of the Linux kernel’s file system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the add inoderef function in the fs/btrfs/tree-log.c file of the Btrfs file system in Linux kernels is related to the use of an uninitialized variable. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...

The vulnerability of the `bnxt_re_ib_get_hw_stats()` function in the drivers/infiniband/hw/bnxt_re/hw_counters.c file of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the bnxtreibgethwstats function in the drivers/infiniband/hw/bnxtre/hwcounters.c file of the Linux kernel is related to reading memory beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to reading beyond the acceptable range in memory, allows a hacker to execute arbitrary code within the context of the current process.

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment related to simulation modeling involves reading data beyond the acceptable range in memory. Exploiting this vulnerability could allow an attacker to execu...

The vulnerability of the web interface or command interface of the Lenovo XClarity Controller (XCC) for Lenovo ThinkSystem servers allows a perpetrator to execute arbitrary commands.

The vulnerability of the web interface or command interface of the Lenovo XClarity Controller XCC for Lenovo ThinkSystem servers is related to the failure to take measures to neutralize certain elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using a...

The vulnerability of the Remote Support remote support tool and the Privileged Remote Access remote access tool lies in the lack of measures to neutralize special elements, allowing attackers to enhance their privileges and execute arbitrary commands.

The vulnerability of the BeyondTrust Remote Support and Privileged Remote Access software products is related to the failure to take measures to neutralize special elements. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute arbitrary commands by sendin...

The vulnerability of the OpenVPN Connect software lies in the improper deletion of critical data at the boundary; this allows a hacker to increase their privileges.

The vulnerability of the OpenVPN Connect software is related to improper cross-border deletion of critical data. Exploiting this vulnerability can allow a remote attacker to increase their privileges...

The vulnerability in the web interface of the microprogramming software for wireless client bridges from HPE Aruba Networking 501 allows a attacker to execute arbitrary code in the device’s basic operating system.

The vulnerability of the web interface for managing microprogramming software in HPE Aruba Networking 501 wireless client bridges is related to the lack of data cleaning measures at the management level. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the...

The vulnerability of the SSL VPN remote access technology for SonicOS operating systems allows a hacker to increase their privileges.

The vulnerability of the SSL VPN remote access technology implemented on SonicOS is related to the bypassing of authentication due to a fundamental error in the implementation. Exploiting this vulnerability allows a malicious actor to enhance their privileges remotely...

The vulnerability of Mutt and NeoMutt email clients, related to errors in verifying the cryptographic signature, allows a hacker to alter the list of trusted recipients and expose the encrypted information.

The vulnerability of Mutt and NeoMutt email clients stems from errors in verifying the cryptographic signature when processing header fields. Exploiting this vulnerability could allow a malicious actor to alter the list of trusted recipients and expose the sensitive information being protected...

The vulnerability of the Symfony Mailer Lite module in the Drupal CMS system, related to the manipulation of cross-site requests, allows a hacker to perform a CSRF attack.

The vulnerability of the Symfony Mailer Lite module in the Drupal CMS system is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to perform a CSRF attack remotely...

The vulnerability of the exynos4_jpeg_parse_decode_h_tbl() function in the Linux kernel’s drivers/media/platform/samsung/s5p-jpeg/jpeg-core.c file allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the exynos4jpegparsedecodehtbl function in the Linux kernel’s drivers/media/platform/samsung/s5p-jpeg/jpeg-core.c file is related to buffer overflow attacks. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility ...

The vulnerability of the hci_user_confirm_request_evt() function in the net/bluetooth/hci_event.c module of the Linux operating system allows a intruder to compromise the confidentiality of the protected information.

The vulnerability of the hciuserconfirmrequestevt function in the net/bluetooth/hcievent.c module of the Linux kernel is related to improper authorization. Exploiting this vulnerability could allow an attacker to compromise the confidentiality of protected information...

The vulnerability of demons that implement routing protocols (rpd) in Junos OS and Junos OS Evolved allows a attacker to cause a service failure.

The vulnerability of demons that implement routing protocols for Junos OS and Junos OS Evolved is related to reading memory outside of the allowed range. Exploiting this vulnerability can allow a malicious actor to cause service failure by sending specially crafted BGP packets remotely...

The vulnerability of the logback-core module in the QOS monitoring system allows a perpetrator to execute arbitrary code.

The vulnerability of the logback-core module in the QOS monitoring system is related to the failure to take measures to neutralize special elements used in the expression language operator. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by using the...

The vulnerability of the software for managing Lenovo Accessories and Display Manager (LADM) and the software for managing and configuring Lenovo Display Control Center (LDCC) is related to errors in the authentication process. This vulnerability allows a malicious individual to gain increased privileges.

The vulnerabilities of the Lenovo Accessories and Display Manager LADM software for managing accessories and displays, as well as the Lenovo Display Control Center LDCC software for controlling and configuring displays, are related to errors in the authentication process. Exploiting these...

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to reading beyond the acceptable range in memory, allows a hacker to execute arbitrary code within the context of the current process.

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment related to simulation modeling involves reading data beyond the acceptable range in memory. Exploiting this vulnerability could allow an attacker to execu...

The vulnerability of Intel Dynamic Tuning Technology (DTT) in system software drivers lies in the ability to disclose information in the erroneous data area, allowing an attacker to enhance their privileges.

The vulnerability of system software drivers related to Intel Dynamic Tuning Technology DTT involves the disclosure of information in the erroneous data area. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the Mozilla Firefox browser and the Thunderbird email client on Android operating systems stems from an improper limitation on the displayed layers of the user interface. This allows attackers to execute a type of attack known as tapjacking.

The vulnerability of the Mozilla Firefox browser and the Thunderbird email client on Android operating systems is related to an improper limitation on the displayed layers of the user interface. Exploiting this vulnerability allows a remote attacker to perform a type of attack known as tapjacking...

The vulnerability in the full-screen mode of browsers like Mozilla Firefox, Firefox ESR, and the email client Thunderbird on Mac OS allows a hacker to trigger a service failure.

The vulnerability in the full-screen mode of browsers such as Mozilla Firefox, Firefox ESR, and the email client Thunderbird on Mac OS operating systems is related to improper handling of exceptional states. Exploiting this vulnerability can allow an attacker to cause service interruptions remote...

The vulnerability of the SSH configuration function on SonicOS operating systems allows a hacker to perform an SSRF attack.

The vulnerability of the SSH configuration function in SonicOS operating systems is related to insufficient validation of requests on the server side. Exploiting this vulnerability allows a malicious actor to perform an SSRF attack remotely...

The vulnerability in the web interface for managing device information on the Cisco Common Services Platform Collector allows a attacker to perform XSS attacks.

The vulnerability in the web interface for collecting device information on Cisco Common Services Platform Collector CSPC is related to the failure to remove unacceptable symbols from identifiers on web pages. Exploiting this vulnerability allows a remote attacker to perform XSS attacks...

The vulnerability of Ivanti Connect Secure (formerly Pulse Connect Secure), Ivanti Policy Secure, and Ivanti Neurons for ZTA – tools for managing IT services – stems from a buffer overflow in the stack. This vulnerability allows attackers to escalate their privileges.

The vulnerability of Ivanti Connect Secure formerly Pulse Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA, which are tools for managing IT services, is related to a buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the --hidden-recipient mode in Mutt and NeoMutt email clients, which allows a hacker to disclose protected information.

The vulnerability of the “--hidden-recipient” mode in Mutt and NeoMutt clients is related to incorrect processing of header fields during PGP encryption. Exploiting this vulnerability can allow a remote attacker to disclose the protected information...

The vulnerability of the sctp_v6_available() function in the net/sctp/ipv6.c module of the Linux operating system’s SCTP protocol implementation allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the sctpv6available function in the net/sctp/ipv6.c module of the Linux operating system’s SCTP protocol implementation is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

The vulnerability of the bitmap_ip_uadt() function in the net/netfilter/ipset/ip_set_bitmap_ip.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the bitmapipuadt function in the net/netfilter/ipset/ipsetbitmapip.c module of the Linux kernel is related to incorrect validation of input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...

The vulnerability of the setup.php file in the phpMyAdmin web application for database management systems allows a hacker to execute arbitrary PHP code.

The vulnerability of the setup.php file in the phpMyAdmin web application for database management systems is related to improper code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary PHP code remotely...

The vulnerability of the VCM software, a security tool from Fortinet for Linux systems, relates to insecure privilege management. This vulnerability allows an attacker to elevate their privileges to the root level.

The vulnerability of the VCM software, a security tool from Fortinet’s FortiClient for Linux, is related to insecure management of privileges. Exploiting this vulnerability allows an attacker, operating remotely, to elevate their privileges to the root level...

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to reading beyond the acceptable range in memory, allows a hacker to execute arbitrary code within the context of the current process.

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment related to simulation modeling involves reading data beyond the acceptable range in memory. Exploiting this vulnerability could allow an attacker to execu...

The vulnerability of the Lenovo XClarity Controller (XCC) against Lenovo ThinkSystem servers allows a hacker to execute arbitrary code.

The vulnerability of the Lenovo XClarity Controller XCC for Lenovo ThinkSystem systems is related to buffer overflow in the stack. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created IPMI command...

The vulnerability of IBM WebSphere Application Server Liberty and IBM WebSphere Application Server arises from incorrect restrictions on XML references to external objects, which allows attackers to disclose sensitive information.

The vulnerability of IBM WebSphere Application Server Liberty and IBM WebSphere Application Server is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information remotely...

The vulnerability of the Lenovo XClarity Controller (XCC) against Lenovo ThinkSystem servers allows a hacker to execute arbitrary commands.

The vulnerability of the Lenovo XClarity Controller XCC for Lenovo ThinkSystem systems is related to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using specially created files...

The vulnerability of graphics drivers in microprogramming software for Intel processors arises from incorrect neutralization of special elements in the output data used by the input component. This allows attackers to exploit their privileges.

The vulnerability of graphic drivers in microprogramming software for Intel processors is related to incorrect neutralization of special elements in the output data used by the input component. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

The vulnerability of the nfs4_init_client() function in the fs/nfs/nfs4client.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the nfs4initclient function in the fs/nfs/nfs4client.c module of the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...

The vulnerability of the amdgpu_cs_pass1() function in the Linux kernel’s drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c file allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the amdgpucspass1 function in the Linux kernel’s drivers/gpu/drm/amd/amdgpu/amdgpucs.c file is related to the repeated release of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility ...

The vulnerability of the `nvmet_setup_dhgroup()` function in the `drivers/nvme/target/auth.c` file of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the nvmetsetupdhgroup function in the drivers/nvme/target/auth.c file of the Linux kernel is related to the repeated release of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...

The vulnerability of the `ibk_restore_migrate_check()` function in the Super Backup & Clone plugin (WP SuperBackup) of the WordPress content management system allows a hacker to execute arbitrary code.

The vulnerability of the ibkrestoremigratecheck function in the Super Backup & Clone plugin for WordPress’ content management system is related to the lack of restrictions on the download of dangerous files. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code...