90709 matches found
The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to trigger a service failure.
The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers is related to operations that go beyond buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause service interruptions through a specially crafted HTML page...
The vulnerability of the web interface of Avtech’s microprogrammed software-based IP cameras allows a intruder to execute arbitrary commands.
The vulnerability of the web interface of Avtech’s microprogrammed software-based cameras is related to the lack of measures taken at the control level to protect data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the __extent_writepage() function in the btrfs component of the Linux kernel allows a hacker to trigger a service failure.
The vulnerability of the extentwritepage function in the btrfs component of the Linux kernel operating system is related to a potential memory leak. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the ses_intfremove() function in the scsi component of the Linux operating system allows a hacker to gain unauthorized access to protected information.
The vulnerability of the sesintfremove function in the Linux kernel’s SCSI component is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
The vulnerability of the raw_smp_processor_id() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the rawsmpprocessorid function in the Linux operating system is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the HPE OneView IT infrastructure management system, related to insecure privilege management, allows attackers to escalate their privileges.
The vulnerability of the HPE OneView IT infrastructure management system is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remotely...
The vulnerability of the IBM Hardware Management Console lies in its lack of measures to protect the structure of the web page, allowing attackers to disclose protected information.
The vulnerability of the IBM Hardware Management Console is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...
Vulnerability of software for managing IBM Engineering Requirements Management DOORS: Next, the existing structure of the web page, due to lack of protective measures, allows attackers to disclose protected information.
The vulnerability of the IBM Engineering Requirements Management DOORS Next software exists because measures to protect the website structure have not been implemented. Exploiting this vulnerability could allow a malicious actor to disclose protected information remotely...
The vulnerability of the microprogramming software of the photogalvanic system EcoGuideTAB PV-DR004J and PV-DR004JA lies in its weak password requirements, allowing attackers to compromise the confidentiality of the protected information.
The vulnerability of the microprogramming software of the EcoGuideTAB PV-DR004J and PV-DR004JA monitors related to weak password requirements is a concern. Exploiting this vulnerability could allow an attacker to compromise the confidentiality of the protected information...
The vulnerability of the IBM InfoSphere Data Replication software configuration lies in the execution of operations beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.
The vulnerability of the IBM InfoSphere Data Replication software configuration relates to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability in the web interface for managing IP-telephony systems FreePBX allows a perpetrator to execute arbitrary code.
The vulnerability of the FreePBX IP-telephony system’s web management interface is related to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the SAP NetWeaver Application Server ABAP software integration platform, related to the lack of protective measures for website structures, allows attackers to carry out XSS attacks.
The vulnerability of the SAP NetWeaver Application Server ABAP software integration platform is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
The vulnerability of the SAP Business Warehouse data management and analytics system, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks (XSS).
The vulnerability of the SAP Business Warehouse data management and analytics system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...
The vulnerability of the SAP BusinessObjects Content Administrator Workbench administration tool lies in the redirection of the URL during page loading, allowing an attacker to disclose sensitive information.
The vulnerability of the SAP BusinessObjects Content Administrator Workbench reporting administration tool is related to the redirection of the URL to an unreliable website when loading the entry page. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information...
The vulnerability of the SAP NetWeaver software integration platform, related to uncontrolled resource consumption, allows a perpetrator to cause service interruptions.
The vulnerability of the SAP NetWeaver software integration platform is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
The vulnerability of the cpu_to_node() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the cputonode function in the Linux operating system is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Cisco Catalyst Center (formerly Cisco DNA Center) network infrastructure management system, related to insecure management of privileges, allows attackers to escalate their privileges.
The vulnerability of the Cisco Catalyst Center formerly Cisco DNA Center network infrastructure management system is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remotely...
The vulnerability in the driver module drivers/clk/tegra/clk-tegra124-emc.c of the Linux operating system allows a hacker to cause a service failure.
The vulnerability in the drivers/clk/tegra/clk-tegra124-emc.c module of the Linux operating system is related to the improper release of memory before removing the last reference. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Rockwell Automation Arena Simulation software for simulating and automating discrete events lies in buffer overflows in the stack. This allows a hacker to execute arbitrary code.
The vulnerability of the Rockwell Automation Arena Simulation software for simulating and automating discrete events is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to execute arbitrary code using specially created DOE files...
The vulnerability of the Splunk MCP Server application, related to authentication errors, allows a violator to circumvent the restrictions on allowed commands in the MCP (Model Context Protocol).
The vulnerability of the Splunk MCP Server data processing and analysis application is related to authentication errors. Exploiting this vulnerability allows a malicious actor to bypass the restrictions on allowed commands in the MCP Model Context Protocol...
The vulnerability of the Splunk Enterprise platform for operational analysis lies in its improper handling of output data from registration logs. This allows attackers to poison, falsify, or conceal confidential data in these logs.
The vulnerability of the Splunk Enterprise platform for operational analysis is related to the improper processing of output data for registration logs. Exploiting this vulnerability allows a malicious actor to poison, falsify, or hide confidential data from log records using specially created HT...
The vulnerability of the SAP NetWeaver Application Server ABAP software integration platform, related to incorrect privilege assignment, allows attackers to compromise the confidentiality and integrity of protected information.
The vulnerability of the SAP NetWeaver Application Server ABAP software integration platform is related to the improper assignment of privileges. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality and integrity of the protected information...
The vulnerability in the arch/powerpc/kernel/rtas_flash.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability in the arch/powerpc/kernel/rtasflash.c module of the Linux operating system is related to the unlimited distribution of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Rust programming language library for interacting with the SSH protocol, which allows a hacker to cause a service failure.
The vulnerability of the Rust programming language’s Russh library for interacting with the SSH protocol is related to a numerical overflow condition. Exploiting this vulnerability could allow an attacker to cause service interruptions remotely...
The vulnerability of the web interface of Avtech’s microprogrammed software-based IP cameras allows a intruder to execute arbitrary commands.
The vulnerability of the web interface of Avtech’s microprogramming software-based IP cameras is related to the lack of measures taken at the control level to protect data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the web interface of Avtech’s microprogrammed software-based IP cameras allows a intruder to execute arbitrary commands.
The vulnerability of the web interface of Avtech’s microprogrammed software-based cameras is related to the lack of measures taken at the control level to protect data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the SAP Solution Manager platform, related to improper code generation management, allows a perpetrator to execute arbitrary code.
The vulnerability of the SAP Solution Manager software platform is related to improper code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the tb_handle_dp_bandwidth_request() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the tbhandledpbandwidthrequest function in the Linux operating system is related to improper memory release before deleting the last reference. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the rtw88_usb() function in the Linux operating system allows a hacker to induce a service failure.
The vulnerability of the rtw88usb function in the Linux operating system is related to improper memory release before deleting the last pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the jbd2_journal_try_remove_checkpoint() function in the fs/jbd2/checkpoint.c file of the Linux kernel’s file system allows a attacker to compromise the integrity of the protected information or cause service failures.
The vulnerability of the jbd2journaltryremovecheckpoint function in the fs/jbd2/checkpoint.c file of the Linux kernel operating system is related to data loss due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to compromise the integrity of protect...
The vulnerability of the null_timeout_rq() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the nulltimeoutrq function in the Linux operating system’s kernel is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to trigger a service failure...
The vulnerability of the HostnameError.Error() function in the crypto/x509 package for the Go programming language allows a attacker to cause a service failure.
The vulnerability of the HostnameError.Error function in the crypto/x509 package in the Go programming language is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause service failures remotely...
The vulnerability of the IBM License Metric Tool’s software management system lies in its errors related to access control. This allows a violator to circumvent existing security restrictions.
The vulnerability of the IBM License Metric Tool software management system is related to access control errors. Exploiting this vulnerability could allow a malicious actor to circumvent existing security restrictions remotely...
The vulnerability of IBM WebSphere Application Server application servers, related to unlimited resource distribution, allows attackers to cause service failures.
The vulnerability of the IBM WebSphere Application Server application server is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
The vulnerability of the IBM License Metric Tool’s software management system lies in its lack of measures to protect the structure of web pages. This allows attackers to execute arbitrary code and disclose the protected information.
The vulnerability of the IBM License Metric Tool software management system is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code and disclose protected information...
The vulnerability of the nft_chain_lookup_byid() function in the net/netfilter/nf_tables_api.c module of the netfilter component of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the nftchainlookupbyid function in the net/netfilter/nftablesapi.c module of the netfilter component of the Linux operating system is related to the use of a previously released resource. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...
The vulnerability of the Read function in the SAP MDM Server management data server allows a perpetrator to cause a service failure.
The vulnerability of the Read function in the SAP MDM Server management server relates to the release of previously unallocated memory. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the hci_suspend_notifier() function in the net/bluetooth/hci_core.c file of the Linux operating system’s Bluetooth subsystem allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the hcisuspendnotifier function in the net/bluetooth/hcicore.c file of the Linux kernel’s Bluetooth subsystem is related to synchronization errors when using shared resources. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity,...
The vulnerability of SAP NetWeaver web application servers’ Internet Communication Manager and SAP Web Dispatcher, related to deficiencies in the mechanism for assigning internal resource access levels for debugging purposes, allows attackers to compromise the confidentiality and accessibility of protected information.
The vulnerability of the SAP NetWeaver Internet Communication Manager and SAP Web Dispatcher web applications is related to deficiencies in the mechanism for assigning internal resources with access levels for debugging purposes. Exploiting this vulnerability can allow attackers to compromise the...
The vulnerability of the amdgpu_dm_fini() function in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the amdgpudmfini function in the Linux operating system is related to the assignment of a zero pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability in the web interface of the Cisco Catalyst Center (formerly Cisco DNA Center) allows a attacker to redirect users to any arbitrary URL address.
The vulnerability of the web interface for managing the Cisco Catalyst Center formerly Cisco DNA Center is related to the use of open redirection. Exploiting this vulnerability allows a malicious actor to redirect a user to an arbitrary URL address using a specially created link...
The vulnerability of the REST API interface of the Cisco Catalyst Center (formerly Cisco DNA Center) allows a attacker to execute arbitrary commands.
The vulnerability of the REST API interface of the Cisco Catalyst Center formerly Cisco DNA Center exists due to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands...
The vulnerability of the Splunk Enterprise platform for operational analysis, related to insufficient protection of operational data, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Splunk Enterprise platform for operational analysis is related to insufficient protection of operational data. Exploiting this vulnerability may allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the dbAllocDmapLev() function in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the dbAllocDmapLev function in the Linux operating system’s kernel is related to incorrect calculation of the index. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of IBM Concert Software’s artificial intelligence-based automation tools, related to improper cleaning of dynamic memory, allows attackers to compromise the accessibility of protected information.
The vulnerability of IBM Concert Software’s artificial intelligence-based automation tools is related to improper cleaning of dynamic memory. Exploiting this vulnerability can allow attackers to compromise the accessibility of protected information...
The vulnerability of the IBM QRadar SIEM system’s event collection and analysis process lies in the storage of authentication data in unencrypted form within configuration files. This allows attackers to gain unauthorized access to protected information.
The vulnerability of the IBM QRadar SIEM event collection and analysis system lies in the storage of authentication data in unencrypted form within configuration files. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...
The vulnerability of the style checking module of the RoundCube Webmail email client allows a hacker to gain unauthorized access to protected information.
The vulnerability of the RoundCube Webmail email client’s style checking module is related to improper coding or encapsulation of output data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability of the WebGPU component in Google Chrome and Microsoft Edge browsers allows a hacker to trigger a service failure.
The vulnerability of the WebGPU component in Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to cause a service failure through a specially created HTML page...
Vulnerability eliminated
...
The vulnerability of the web interface of Avtech’s microprogrammed software-based IP cameras allows a intruder to execute arbitrary commands.
The vulnerability of the web interface of Avtech’s microprogramming software-based IP cameras is related to the lack of measures taken at the control level to protect data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...