90709 matches found
The vulnerability of the n_gsm component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the ngsm component in the Linux operating system’s kernel is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the bpf_sock_addr() function in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the bpfsockaddr function in the Linux operating system’s kernel is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the PERF_IDX2OFF() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the PERFIDX2OFF function in the Linux operating system is related to the operation of writing data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the DeleteMac Component’s sub_402D1C function in the Wavlink NU516U1 router’s microprogramming system allows a hacker to execute arbitrary commands.
The vulnerability of component DeleteMac Page’s sub402D1C function in the Wavlink NU516U1 microprogramming system lies in the failure to take data cleaning measures at the control level when processing the deletelist argument. Exploiting this vulnerability allows an attacker to execute arbitrary...
The vulnerability of the App Router router on the Next.js software development platform for creating web applications, as well as the CLI interface of the Vercel platform, allows attackers to compromise the integrity of protected information.
The vulnerability of the App Router router on the Next.js software development platform and the Vercel command-line interface CLI platform is related to shortcomings in HTTP request processing. Exploiting this vulnerability allows a malicious actor to compromise the integrity of protected...
The vulnerability of the Elastic Defend software for detection, monitoring, and responding to threats arises from improper storage of permissions, allowing attackers to increase their privileges.
The vulnerability of the software for detecting, monitoring, and responding to threats from Elastic Defend is related to improper storage of permissions. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the “Import from Excel” plugin, related to incorrect restrictions on the path to the catalog, allows attackers to gain unauthorized access to protected information.
The vulnerability of the “Import from Excel” plugin is related to an incorrect limitation on the path name to the catalog. Exploiting this vulnerability may allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of Firefox browser, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.
The vulnerability of the Firefox browser is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The Log Aggregator Service’s vulnerability allows attackers to gain unauthorized access to protected information, replace data, enhance their privileges, execute arbitrary code, or cause service failures in large-scale distributed training systems. NVIDIA Resiliency Extension (NVRx) provides tools to improve the fault tolerance of such systems.
The vulnerability of the Log Aggregator Service, a tool designed to enhance the fault tolerance of large-scale distributed training systems, is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow attackers to gain unauthorized access t...
The vulnerability of NVIDIA NeMo’s integrated platform for training and applying neural networks in speech processing and natural language processing lies in its deserialization mechanism flaws. This allows attackers to replace data, gain privileges, execute arbitrary code, or trigger service failures.
The vulnerability of NVIDIA NeMo’s integrated platform for training and applying neural networks in speech processing and natural language processing is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability can allow attackers to replace data, gain enhanced...
The vulnerability of the Firefox interface component for people with limited browser capabilities allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Firefox interface component for people with limited browser capabilities is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information...
The vulnerability of the Downloads component of the Firefox browser on iOS operating systems allows attackers to perform spear-phishing attacks.
The vulnerability of the Downloads component of the Firefox browser on iOS operating systems is related to errors in information representation by the user interface during the processing of RTLO symbols. Exploiting this vulnerability allows a remote attacker to perform spoofing attacks...
The vulnerability of the web page rendering module in WebKit operating systems for macOS, iOS, and iPadOS allows a hacker to trigger a service failure.
The vulnerability of the web page rendering module in WebKit operating systems for macOS, iOS, and iPadOS is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...
The vulnerability of the web page rendering module in WebKit operating systems for macOS, iOS, and iPadOS allows a hacker to trigger a service failure.
The vulnerability of the web page rendering module in WebKit operating systems for macOS, iOS, and iPadOS is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to cause service interruptions...
The vulnerability of the HR-Link employment electronic document management platform, related to insufficient restrictions on authentication attempts, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the HR-Link talent electronic document management platform lies in the insufficient restrictions on authentication attempts. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...
The vulnerability of the TrueConf Server software, related to inconsistencies in responses to incoming requests, allows a perpetrator to obtain information about certain properties of objects.
The vulnerability of the TrueConf Server software is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability can allow a malicious actor, operating remotely, to obtain information about certain properties of objects...
The configuration “config.enableHelm: true” of the user interface of the Kubernetes cluster management software “Headlamp” allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the config.enableHelm: true configuration in the user interface of the Kubernetes cluster management software’s command-line tool is related to the disclosure of information through caching during the processing of the /clusters/main/helm/releases/list directory. Exploiting...
The vulnerability of the “Export/Import Goods to Excel” plugin is related to incorrect restrictions on the path name to the catalog, allowing attackers to gain unauthorized access to protected information.
The vulnerability of the “Export/Import Goods to Excel” plugin is related to incorrect restrictions on the path name to the catalog. Exploitation of this vulnerability may allow an attacker operating remotely to gain unauthorized access to protected information...
The vulnerability of the Checkpointing module in the NVIDIA Resiliency Extension (NVRx) toolset, which is designed to enhance the fault tolerance of large-scale distributed training systems. This vulnerability allows attackers to gain unauthorized access to protected information, replace data, enhance their privileges, or trigger service failures.
The vulnerability of the Checkpointing module in the NVIDIA Resiliency Extension NVRx toolset, which is designed to improve the fault tolerance of large-scale distributed training systems, is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow...
The vulnerability of the NVIDIA Isaac Lab platform for unifying and simplifying robotic processes is related to deficiencies in the deserialization mechanism, allowing a hacker to execute arbitrary code.
The vulnerability of the NVIDIA Isaac Lab platform for unifying and simplifying robotic processes is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the RTAnalytics business analytics platform, related to the lack of measures taken to protect the website structure, allows a hacker to execute arbitrary JavaScript code.
The vulnerability of the RTAnalytics business analytics platform lies in the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary JavaScript code...
The vulnerability of the web page rendering module in WebKit operating systems for macOS, iOS, and iPadOS allows a hacker to trigger a service failure.
The vulnerability of the web page rendering module in WebKit operating systems for macOS, iOS, and iPadOS is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerability of the python-jose library, related to incorrect processing of highly compressed input data, allows attackers to cause service failures.
The vulnerability of the python-jose library is related to incorrect processing of highly compressed input data. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the Mattermost instant messaging application relates to the redirection of the URL to an unreliable website, allowing a hacker to redirect users to any given URL address.
The vulnerability of the Mattermost instant messaging application is related to the redirection of the URL to an unreliable website. Exploiting this vulnerability could allow a malicious actor to redirect users to any given URL address...
The vulnerability of the Mattermost GitHub plugin for instant messaging applications arises from insufficient validation of certain input types. This allows attackers to bypass security restrictions and gain access to read and modify data.
The vulnerability of the Mattermost GitHub plugin for a real-time messaging application relates to insufficient validation of the input data type. Exploiting this vulnerability can allow an attacker to bypass security restrictions and gain access to read and modify data...
The vulnerability of NVIDIA NeMo’s integrated platform for training and applying neural networks in speech processing and natural language processing lies in its deserialization mechanism flaws. This allows attackers to replace data, gain privileges, execute arbitrary code, or trigger service failures.
The vulnerability of NVIDIA NeMo’s integrated platform for training and applying neural networks in speech processing and natural language processing is related to deficiencies in the deserialization mechanism during model loading. Exploiting this vulnerability can allow attackers to replace data...
The vulnerability of the handleServeStandalone() function in the Mattermost plugin, which allows an attacker to perform a CSRF attack on the Mattermost instant messaging application.
The vulnerability of the handleServeStandalone function in the Mattermost plugin for instant messaging applications is related to the manipulation of cross-site requests when processing the X-Calls-E2E header with a value of “true”. Exploiting this vulnerability could allow a malicious actor to...
The vulnerability of the web interface of Avtech’s microprogrammed software-based IP cameras allows a intruder to execute arbitrary commands.
The vulnerability of the web interface of Avtech’s microprogramming software-based IP cameras is related to the lack of measures taken at the control level to protect data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the web interface of Avtech’s microprogrammed software-based IP cameras allows a intruder to execute arbitrary commands.
The vulnerability of the web interface of Avtech’s microprogrammed software-based cameras is related to the lack of measures taken at the control level to protect data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the web interface of Avtech’s microprogrammed software-based IP cameras allows a intruder to execute arbitrary commands.
The vulnerability of the web interface of Avtech’s microprogramming software-based IP cameras is related to the lack of measures taken at the control level to protect data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the web interface of Avtech’s microprogrammed software-based IP cameras allows a intruder to execute arbitrary commands.
The vulnerability of the web interface of Avtech’s microprogrammed software-based cameras is related to the lack of measures taken at the control level to protect data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the __extent_writepage() function in the btrfs component of the Linux kernel allows a hacker to trigger a service failure.
The vulnerability of the extentwritepage function in the btrfs component of the Linux kernel operating system is related to a potential memory leak. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the tb_handle_dp_bandwidth_request() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the tbhandledpbandwidthrequest function in the Linux operating system is related to improper memory release before deleting the last reference. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the ath11k_ahb_fw_resources_init() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the ath11kahbfwresourcesinit function in the Linux kernel is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the jbd2_journal_try_remove_checkpoint() function in the fs/jbd2/checkpoint.c file of the Linux kernel’s file system allows a attacker to compromise the integrity of the protected information or cause service failures.
The vulnerability of the jbd2journaltryremovecheckpoint function in the fs/jbd2/checkpoint.c file of the Linux kernel operating system is related to data loss due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to compromise the integrity of protect...
The vulnerability of the HPE OneView IT infrastructure management system, related to insecure privilege management, allows attackers to escalate their privileges.
The vulnerability of the HPE OneView IT infrastructure management system is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remotely...
The vulnerability of the IBM License Metric Tool’s software management system lies in its errors related to access control. This allows a violator to circumvent existing security restrictions.
The vulnerability of the IBM License Metric Tool software management system is related to access control errors. Exploiting this vulnerability could allow a malicious actor to circumvent existing security restrictions remotely...
The vulnerability of the IBM InfoSphere Information Server software platform, related to the failure to take measures to neutralize specific elements, allows a perpetrator to execute arbitrary code.
The vulnerability of the IBM InfoSphere Information Server software platform is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the IBM Hardware Management Console lies in its lack of measures to protect the structure of the web page, allowing attackers to disclose protected information.
The vulnerability of the IBM Hardware Management Console is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...
Vulnerability of software for managing IBM Engineering Requirements Management DOORS: Next, the existing structure of the web page, due to lack of protective measures, allows attackers to disclose protected information.
The vulnerability of the IBM Engineering Requirements Management DOORS Next software exists because measures to protect the website structure have not been implemented. Exploiting this vulnerability could allow a malicious actor to disclose protected information remotely...
The vulnerability of the microprogramming software of the photogalvanic system EcoGuideTAB PV-DR004J and PV-DR004JA lies in the use of rigidly encoded credentials. This vulnerability allows a intruder to trigger a service failure.
The vulnerability of the microprogramming software of the photogalvanic system EcoGuideTAB PV-DR004J and PV-DR004JA lies in the use of rigidly encoded account data. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the microprogramming software of the photogalvanic system EcoGuideTAB PV-DR004J and PV-DR004JA lies in its weak password requirements, allowing attackers to compromise the confidentiality of the protected information.
The vulnerability of the microprogramming software of the EcoGuideTAB PV-DR004J and PV-DR004JA monitors related to weak password requirements is a concern. Exploiting this vulnerability could allow an attacker to compromise the confidentiality of the protected information...
The vulnerability of the ODBC BI Connector driver, related to the incorrect use of standard permissions, allows attackers to increase their privileges.
The vulnerability of the ODBC BI Connector driver is related to the incorrect use of standard permissions. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of the application software interface of the Red Hat AI Inference Server, which allows attackers to circumvent existing security restrictions
The vulnerability of the application software interface of Red Hat AI Inference Server is related to the lack of authentication for critical functions. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions remotely...
The vulnerability of the SAP NetWeaver Application Server ABAP software integration platform, related to the lack of protective measures for website structures, allows attackers to carry out XSS attacks.
The vulnerability of the SAP NetWeaver Application Server ABAP software integration platform is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
The vulnerability of the SAP NetWeaver Application Server ABAP software integration platform lies in the redirection of the URL during page loading, causing it to go to an unreliable website. This allows attackers to disclose sensitive information that should be protected.
The vulnerability of the SAP NetWeaver Application Server ABAP software integration platform lies in the redirection of the URL to an unreliable website when loading the login page. Exploiting this vulnerability allows a malicious actor to disclose the protected information...
The vulnerability of the hci_suspend_notifier() function in the net/bluetooth/hci_core.c file of the Linux operating system’s Bluetooth subsystem allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the hcisuspendnotifier function in the net/bluetooth/hcicore.c file of the Linux kernel’s Bluetooth subsystem is related to synchronization errors when using shared resources. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity,...
The vulnerability of the SAP MDM Server data management server, related to the release of previously unallocated memory, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the SAP MDM Server data management server is related to the release of previously unallocated memory. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...
The vulnerability of SAP NetWeaver Internet Communication Framework web applications lies in the lack of authentication for critical functions, allowing attackers to circumvent existing security restrictions.
The vulnerability of SAP NetWeaver Internet Communication Framework web applications lies in the lack of authentication for critical functions. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions remotely...
The vulnerability of the SAP NetWeaver software integration platform, related to uncontrolled resource consumption, allows a perpetrator to cause service interruptions.
The vulnerability of the SAP NetWeaver software integration platform is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...