90709 matches found
The vulnerability of the cpu_to_node() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the cputonode function in the Linux operating system is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability in the driver module drivers/clk/tegra/clk-tegra124-emc.c of the Linux operating system allows a hacker to cause a service failure.
The vulnerability in the drivers/clk/tegra/clk-tegra124-emc.c module of the Linux operating system is related to the improper release of memory before removing the last reference. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the microprogramming software of the General Industrial Controls Lynx+ Gateway, which is related to weak password requirements, allows a intruder to gain unauthorized access to protected information and enter the system.
The vulnerability of the microprogramming software of the General Industrial Controls Lynx+ Gateway device relates to weak password requirements. Exploiting this vulnerability could allow an intruder, operating remotely, to gain unauthorized access to protected information and gain control over t...
The vulnerability of the microprogramming software of the General Industrial Controls Lynx+ Gateway, related to the transmission of critical information in open text format, allows a intruder to gain unauthorized access to protected information.
The vulnerability of the microprogramming software of the General Industrial Controls Lynx+ Gateway device relates to the transmission of critical information in open text format. Exploiting this vulnerability can allow an intruder operating remotely to gain unauthorized access to protected...
The vulnerability of the Splunk MCP Server application, related to authentication errors, allows a violator to circumvent the restrictions on allowed commands in the MCP (Model Context Protocol).
The vulnerability of the Splunk MCP Server data processing and analysis application is related to authentication errors. Exploiting this vulnerability allows a malicious actor to bypass the restrictions on allowed commands in the MCP Model Context Protocol...
The vulnerability of the Views Dashboard component of the Splunk Enterprise platform for operational analysis allows attackers to carry out phishing attacks.
The vulnerability of the Views Dashboard component of the Splunk Enterprise operational analytics platform is related to the redirection of the URL to an unreliable website. Exploiting this vulnerability allows a malicious actor to conduct phishing attacks using a specially created URL address...
The vulnerability of the Splunk Enterprise platform for operational analysis lies in its improper handling of output data from registration logs. This allows attackers to poison, falsify, or conceal confidential data in these logs.
The vulnerability of the Splunk Enterprise platform for operational analysis is related to the improper processing of output data for registration logs. Exploiting this vulnerability allows a malicious actor to poison, falsify, or hide confidential data from log records using specially created HT...
The vulnerability of the Splunk Enterprise operating analysis platform, related to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.
The vulnerability of the Splunk Enterprise platform for operational analysis is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
The vulnerability in the net/core/skbuff.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability in the net/core/skbuff.c module of the Linux operating system is related to improper memory release before deleting the last reference. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Splunk Enterprise platform for operational analysis, related to insufficient protection of operational data, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Splunk Enterprise platform for operational analysis is related to insufficient protection of operational data. Exploiting this vulnerability may allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the Splunk Enterprise platform for operational analysis, related to insufficient validation of input data, allows a perpetrator to trigger a service failure.
The vulnerability of the Splunk Enterprise platform for operational analysis is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...
The vulnerability of the SAP FICA ODN framework, related to improper code generation management, allows attackers to compromise the integrity and accessibility of data.
The vulnerability of the SAP FICA ODN framework is related to incorrect code generation management. Exploiting this vulnerability allows a malicious actor to compromise the integrity and accessibility of data...
The vulnerability of the SAP NetWeaver ABAP software integration platform lies in the insufficient protection of the web page structure, which allows attackers to gain unauthorized access to protected information.
The vulnerability of the SAP NetWeaver ABAP software integration platform is related to insufficient protection of the website structure. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the SAP NetWeaver ABAP software integration platform, related to the lack of authentication, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the SAP NetWeaver ABAP software integration platform is related to the lack of authentication. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the SAP NetWeaver Application Server ABAP software integration platform, related to incorrect privilege assignment, allows attackers to compromise the confidentiality and integrity of protected information.
The vulnerability of the SAP NetWeaver Application Server ABAP software integration platform is related to the improper assignment of privileges. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality and integrity of the protected information...
The vulnerability of the IBM QRadar SIEM system’s event collection and analysis process lies in the storage of authentication data in unencrypted form within configuration files. This allows attackers to gain unauthorized access to protected information.
The vulnerability of the IBM QRadar SIEM event collection and analysis system lies in the storage of authentication data in unencrypted form within configuration files. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...
The vulnerability of the snmptrapd component of the software suite for deploying and using the SNMP protocol Net-SNMP allows a attacker to execute arbitrary code.
The vulnerability of the Net-SNMP software suite, which is used for deploying and operating the SNMP protocol, relates to the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted packag...
The vulnerability in the arch/powerpc/kernel/rtas_flash.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability in the arch/powerpc/kernel/rtasflash.c module of the Linux operating system is related to the unlimited distribution of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
Vulnerability eliminated
...
The vulnerability of the Rust programming language library for interacting with the SSH protocol, which allows a hacker to cause a service failure.
The vulnerability of the Rust programming language’s Russh library for interacting with the SSH protocol is related to a numerical overflow condition. Exploiting this vulnerability could allow an attacker to cause service interruptions remotely...
The vulnerability of hybrid cloud solutions for managing thin clients in the Dell Wyse Management Suite lies in the unlimited loading of dangerous types of files, allowing a hacker to execute arbitrary code.
The vulnerability of the hybrid cloud solution for managing thin clients in the Dell Wyse Management Suite is related to the unlimited loading of dangerous types of files. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the HostnameError.Error() function in the crypto/x509 package for the Go programming language allows a attacker to cause a service failure.
The vulnerability of the HostnameError.Error function in the crypto/x509 package in the Go programming language is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause service failures remotely...
The vulnerability of the dbAllocDmapLev() function in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the dbAllocDmapLev function in the Linux operating system’s kernel is related to incorrect calculation of the index. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of IBM WebSphere Application Server application servers, related to unlimited resource distribution, allows attackers to cause service failures.
The vulnerability of the IBM WebSphere Application Server application server is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
The vulnerability of the ses_intfremove() function in the scsi component of the Linux operating system allows a hacker to gain unauthorized access to protected information.
The vulnerability of the sesintfremove function in the Linux kernel’s SCSI component is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
The vulnerability of the raw_smp_processor_id() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the rawsmpprocessorid function in the Linux operating system is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the null_timeout_rq() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the nulltimeoutrq function in the Linux operating system’s kernel is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to trigger a service failure...
The vulnerability of the SAP Business Warehouse data management and analytics system, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks (XSS).
The vulnerability of the SAP Business Warehouse data management and analytics system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...
The vulnerability of the nft_chain_lookup_byid() function in the net/netfilter/nf_tables_api.c module of the netfilter component of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the nftchainlookupbyid function in the net/netfilter/nftablesapi.c module of the netfilter component of the Linux operating system is related to the use of a previously released resource. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...
The vulnerability in the implementation of IPSec protocols for Cisco SD-WAN vEdge software allows a attacker to induce a service failure.
The vulnerability of the implementation of IPSec protocol-based microprogramming software for Cisco SD-WAN vEdge routers is related to buffer overflow attacks. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the administration portal of Cisco Identity Services Engine (ISE) allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Cisco Identity Services Engine ISE administration portal is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the WinBox service on the RouterOS operating system of MikroTik allows a hacker to gain unauthorized access to protected information.
The vulnerability of the WinBox service on the RouterOS operating system of MikroTik is related to discrepancies in the size of responses between attempts to connect with valid and invalid user names. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain...
The vulnerability in the `drivers/iommu/intel/cache.c` file of the Linux operating system’s IOMMU kernel driver allows a hacker to cause a service failure.
The vulnerability in the drivers/iommu/intel/cache.c file of the Linux operating system’s IOMMU kernel driver is related to pointer aliasing. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the `dc_state_create()` function in the `drivers/gpu/drm/amd/display/dc/core/dc_state.c` file of the DRI support driver for AMD GPU-based Linux operating system kernels allows a malicious actor to cause a service failure.
The vulnerability of the dcstatecreate function in the drivers/gpu/drm/amd/display/dc/core/dcstate.c file, a driver for AMD graphics cards, related to Linux operating systems, leads to unregulated resource consumption. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the ice_ptp_extts_event() function in the drivers/net/ethernet/intel/ice/ice_ptp.c file of the Intel Ethernet network adapter driver for the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the iceptpexttsevent function in the drivers/net/ethernet/intel/ice/iceptp.c file of the Intel Ethernet network adapter driver in the Linux operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker t...
The vulnerability of the spi_async() function in the drivers/spi/spi.c module of the Linux kernel’s SPI device support driver allows a attacker to corrupt data.
The vulnerability of the spiasync function in the drivers/spi/spi.c module of the Linux kernel’s SPI device support driver is related to improper control of resource identifiers “resource injection”. Exploiting this vulnerability could allow an attacker to compromise the integrity of protected...
The vulnerability of the developer tool “1C:Standard Subsystems Library” relates to deficiencies in code generation process management, allowing a hacker to execute arbitrary code.
The vulnerability of the developer tool “1C:Standard Subsystems Library” is related to deficiencies in process management for code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code...
Vulnerability of 1C software: 1C:ERP Business Management, 1C:Comprehensive Automation, 1C:Commerce Management – due to the lack of authorization, allowing attackers to execute arbitrary requests.
Vulnerabilities of 1C software: 1C:ERP Business Management, 1C:Comprehensive Automation, 1C:Commerce Management involve a lack of authentication. Exploiting these vulnerabilities can allow remote attackers to execute arbitrary requests...
The vulnerability of the library for creating and editing PDF documents in OpenPDF, related to insufficient validation of input data, allows a hacker to read arbitrary files.
The vulnerability of the OpenPDF library for creating and editing PDF documents is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to read arbitrary files...
The vulnerability of the library for creating and editing PDF documents in OpenPDF, related to insufficient validation of input data, allows a hacker to read arbitrary files.
The vulnerability of the OpenPDF library for creating and editing PDF documents is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to read arbitrary files...
The vulnerability of the mPDF library, related to incorrect restrictions on path names to the catalog, allows attackers to gain unauthorized access to protected information.
The vulnerability of the mPDF library is related to an incorrect limitation on the path name to the catalog. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
The vulnerability of the SAPCAR file compression and decompression utility, related to incorrect privilege assignment, allows a hacker to elevate their privileges.
The vulnerability of the SAPCAR file compression and decompression utility is related to the improper assignment of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...
The vulnerability of the SAPCAR file compression and decompression utility lies in the improper limitation of the path name for the restricted access directory, allowing attackers to write arbitrary files.
The vulnerability of the SAPCAR file compression and decompression utility is related to incorrect restrictions on the path name to the restricted directory. Exploiting this vulnerability could allow an attacker to write arbitrary files...
The vulnerability of the hmi_isapi.dll library in the Rockwell Automation FactoryTalk View SE HMI software allows a attacker to disclose protected information.
The vulnerability of the hmiisapi.dll library in the Rockwell Automation FactoryTalk View SE HMI software is related to insufficient protection of operational data during the processing of the GetHMIProjectPaths parameter. Exploiting this vulnerability can allow an attacker to disclose sensitive...
The vulnerability of the vDaemon microprogramming software for Cisco SD-WAN vEdge routers allows a attacker to execute arbitrary commands or cause service failures.
The vulnerability of the vDaemon microprogramming software for Cisco SD-WAN vEdge routers is related to buffer overflow attacks. Exploiting this vulnerability could allow an attacker to execute arbitrary commands or cause service failures...
The vulnerability of the xe_migrate_copy() function in the drivers/gpu/drm/xe/xe_bo.c module of the Linux kernel’s Direct Rendering Infrastructure (DRI) support driver allows a malicious actor to cause a service failure.
The vulnerability of the xemigratecopy function in the drivers/gpu/drm/xe/xebo.c module of the DRI support driver for the Linux operating system is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the stop_kthread() function in the kernel module trace/trace_osnoise.c of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the stopkthread function in the kernel module trace/traceosnoise.c of the Linux operating system is related to improper locking of resources. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability in the sound support module sound/soc/intel/common/soc-acpi-intel-rpl-match.c of the Linux operating system’s SoC kernel allows a attacker to cause a service failure.
The vulnerability in the sound-related module sound/soc/intel/common/soc-acpi-intel-rpl-match.c of the Linux operating system’s SoC kernel is related to the execution of a loop with an unreachable exit condition “Infinite loop”. Exploiting this vulnerability could allow an attacker to cause a...
The vulnerability of the __flush_work() function in the kernel/workqueue.c module of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the flushwork function in the kernel/workqueue.c module of the Linux operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the tcpci_init() function in the drivers/usb/typec/tcpm/tcpci.c module of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the tcpciinit function in the drivers/usb/typec/tcpm/tcpci.c file of the USB Type-C port driver in the Linux kernel is related to the assignment of pointers. Exploiting this vulnerability could allow an attacker to cause a service failure...