74701 matches found
The vulnerability of the Drupal CMS system’s kernel allows attackers to compromise the integrity of the protected information.
The vulnerability of the Drupal CMS system’s kernel is related to deficiencies in handling error situations. Exploiting this vulnerability allows an attacker to potentially compromise the integrity of the protected information...
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to type mixing errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created HTML page...
The vulnerability of Moxa VPORT 07-3 microprogrammed IP cameras lies in the insufficient protection of confidential data by suppliers (OSAT), allowing intruders to trigger a service failure.
The vulnerability of Moxa VPORT 07-3 microprogrammed IP cameras is related to insufficient protection of confidential data by suppliers OSATs. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the `dc_state_create_copy()` function in the `drivers/gpu/drm/amd/display/dc/core/dc_state.c` file of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the dcstatecreatecopy function in the drivers/gpu/drm/amd/display/dc/core/dcstate.c file of the Linux kernel is related to the repeated release of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, a...
The vulnerability in the implementation of the OpenPGP email encryption standard for the Mozilla Thunderbird client allows a perpetrator to disclose the protected information.
The vulnerability of the OpenPGP email encryption standard implemented by Mozilla Thunderbird client relates to insufficient protection of confidential data. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...
The vulnerability of the String.toLowerCase() and String.toUpperCase() methods in the Spring LDAP project, which simplifies work with LDAP (Lightweight Directory Access Protocol), allows an intruder to gain unauthorized access to protected information.
The vulnerability of the String.toLowerCase and String.toUpperCase methods in the Spring LDAP project, which simplifies the handling of LDAP Lightweight Directory Access Protocol, is related to insufficient registration checks. Exploiting this vulnerability can allow an attacker operating remotel...
The vulnerability of the generic_ip_connect() function in the fs/smb/client/connect.c module of the SMB client kernel in Linux operating systems allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the genericipconnect function in the fs/smb/client/connect.c module of the SMB client kernel in Linux operating systems is related to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrit...
The vulnerability in the web interface of the Cisco Catalyst SD-WAN Manager (formerly Cisco SD-WAN vManage) allows a attacker to execute XSS attacks.
The vulnerability in the web interface of the Cisco Catalyst SD-WAN Manager formerly Cisco SD-WAN vManage relates to the lack of protection for the web page structure during the processing of element fields. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks by sendin...
The vulnerability of the LDAP protocol implementation in the Samba network communication software allows a hacker to increase their privileges.
The vulnerability of the LDAP protocol implementation in the Samba network communication software package is related to deficiencies in access control based on Access Control Lists ACLs. Exploiting this vulnerability allows a malicious actor to enhance their privileges remotely...
The vulnerability of the Container Storage Interface (CSI) component in the Nomad application orchestrator allows a attacker to influence the integrity of the protected information.
The vulnerability of the Container Storage Interface CSI component in the Nomad application orchestrator is related to improper authentication. Exploiting this vulnerability allows an attacker to influence the integrity of the protected information...
The vulnerability of the vibebp_register_user() function in the scenario included in the class.js file of the VibeBP plugin, a content management system for WordPress, allows a hacker to escalate their privileges.
The vulnerability of the vibebpregisteruser function in the class included in the class.js file of the VibeBP plugin, a content management system for WordPress, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to increase their privileges remotel...
The vulnerability of the hnap_main() function in D-LINK DIR-806 wireless router software allows a hacker to execute arbitrary commands, gain unauthorized access to protected information, or cause service failures.
The vulnerability of the hnapmain function in D-LINK DIR-806 wireless routers is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows an attacker to execute arbitrary commands remotely, gain unauthorized...
The vulnerability of Ivanti Connect Secure (formerly Pulse Connect Secure), Ivanti Policy Secure, and Ivanti Neurons for ZTA – tools for managing IT services – stems from reading data outside of the buffer in memory. This allows attackers to execute arbitrary code.
The vulnerability of Ivanti Connect Secure formerly Pulse Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA, which are tools for managing IT services, lies in the reading of data outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitra...
The vulnerability of the Addressing system’s plugin for requests, incidents, and inventory management of computer equipment in GLPI arises from the use of an external controlled input for selecting classes or codes. This allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the addressing plugin in the GLPI system for managing requests, incidents, and inventory of computer equipment is related to the use of an external controlled input for selecting classes or codes. Exploiting this vulnerability can allow a malicious actor to gain unauthorized...
The vulnerability of the Acronis CyberProtect Cloud data protection software for Linux operating systems allows attackers to compromise the integrity of the protected information.
The vulnerability of Acronis Cyber Protect Cloud, a cloud-based data protection software for Linux operating systems, stems from the use of cryptographic algorithms that contain vulnerabilities when processing RPM packages. Exploiting this vulnerability could allow attackers to compromise the...
The vulnerability of the Gogs software interface allows a hacker to gain access to read, modify, or delete data.
The vulnerability of the Gogs Git repository creation software interface is related to errors in handling symbolic links. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to read, modify, or delete data...
The vulnerability of the Netflow v9 protocol implementation of the FastNetMon detection and prevention DDoS attack tool allows a perpetrator to cause a service failure.
The vulnerability in the implementation of the Netflow v9 protocol for the FastNetMon tool, which is used for detecting and preventing DDoS attacks, stems from the lack of checks for division by zero when processing templates. Exploiting this vulnerability could allow a malicious actor to cause...
The vulnerability of the interface of the Gogs self-managed Git repository creation software allows a hacker to write arbitrary files.
The vulnerability of the Gogs self-managed Git repository creation software interface is related to improper restrictions on the path name to the restricted-access directory. Exploiting this vulnerability allows a malicious actor, operating remotely, to write arbitrary files...
The vulnerability of the ObjectSerializationDecoder decoder in the Apache MINA Java networking framework allows a attacker to execute arbitrary code.
The vulnerability of the ObjectSerializationDecoder decoder in the Apache MINA Java networking framework is related to the restoration of unreliable data due to improper code generation. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...
The vulnerability in the web interface of the microprogramming software for wireless client bridges from HPE Aruba Networking 501 allows a attacker to execute arbitrary code in the device’s basic operating system.
The vulnerability of the web interface for managing microprogramming software in HPE Aruba Networking 501 wireless client bridges is related to the lack of data cleaning measures at the management level. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the...
The vulnerability of the JavaScript script handler in Google Chrome and Microsoft Edge browsers allows attackers to execute arbitrary code.
The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge relates to type mixing errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created HTML page from a remote location...
The vulnerability of the str.format() method in the Jinja HTML templating tool allows a attacker to bypass the sandbox protection mechanisms, execute arbitrary code, or cause a denial-of-service attack.
The vulnerability of the str.format method in the Jinja HTML templating tool is related to the lack of mechanisms to eliminate special elements in the template creation process. Exploiting this vulnerability can allow an attacker to bypass the sandbox’s security measures, execute arbitrary code, ...
The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom; the software for modeling and analyzing 3D models in Autodesk Navisworks Simulate; and the software for analyzing, coordinating, and verifying 3D models and project data in Autodesk Navisworks Manage, allows a malicious actor to execute arbitrary code.
The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom, as well as the software for modeling, analyzing, and simulating 3D models in Autodesk Navisworks Simulate, and the software for analyzing, coordinating, and verifying 3D...
The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom; the software for modeling and analyzing 3D models in Autodesk Navisworks Simulate; and the software for analyzing, coordinating, and verifying 3D models and project data in Autodesk Navisworks Manage. This allows a malicious individual to cause service interruptions or execute arbitrary code.
The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom, as well as the software for modeling, analyzing, and coordinating 3D models and project data in Autodesk Navisworks Manage, is related to a buffer overflow in the dynamic...
The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom; the software for modeling and analyzing 3D models in Autodesk Navisworks Simulate; and the software for analyzing, coordinating, and verifying 3D models and project data in Autodesk Navisworks Manage. This allows a malicious individual to cause service interruptions or execute arbitrary code.
The vulnerability of the DWFX software for viewing 3D models and project documents, as well as the software for modeling and analysis of 3D models Autodesk Navisworks Freedom, the software for analyzing, coordinating, and verifying 3D models and project data Autodesk Navisworks Manage, is related...
The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom; the software for modeling and analyzing 3D models in Autodesk Navisworks Simulate; and the software for analyzing, coordinating, and verifying 3D models and project data in Autodesk Navisworks Manage. This allows a malicious individual to cause service interruptions or execute arbitrary code.
The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom, as well as the software for modeling, analyzing, and coordinating 3D models and project data in Autodesk Navisworks Manage, is related to a buffer overflow in the dynamic...
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the execution of operations beyond the buffer in memory, allows attackers to trigger service failures or execute arbitrary code.
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the execution of operations beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to trigger service failures or...
The vulnerability of the query_to_xml_and_xmlschema/table_to_xml/table_to_xml_and_xmlschema function in the Apache Superset data visualization software allows a hacker to execute arbitrary SQL code.
The vulnerability of the querytoxmlandxmlschema/tabletoxml/tabletoxmlandxmlschema function exists due to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...
The vulnerability of the software platform for monitoring and managing IT infrastructure—Operations Bridge Manager (OBM)—is related to incorrect restrictions on XML links to external objects. This allows a malicious actor to gain unauthorized access to confidential information.
The vulnerability of the software platform for monitoring and managing IT infrastructure, Operations Bridge Manager OBM, is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized...
The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom; the software for modeling and analyzing 3D models in Autodesk Navisworks Simulate; and the software for analyzing, coordinating, and verifying 3D models and project data in Autodesk Navisworks Manage. This allows a malicious individual to cause service interruptions or execute arbitrary code.
The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom, as well as the software for modeling, analyzing, and simulating 3D models in Autodesk Navisworks Simulate, and the software for analyzing, coordinating, and verifying 3D...
The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom; the software for modeling and analyzing 3D models in Autodesk Navisworks Simulate; and the software for analyzing, coordinating, and verifying 3D models and project data in Autodesk Navisworks Manage. This allows a malicious individual to cause service interruptions or execute arbitrary code.
The vulnerability of the DWFX software for viewing 3D models and project documents, as well as the software for modeling and analysis of 3D models Autodesk Navisworks Freedom, the software for analyzing, coordinating, and verifying 3D models and project data Autodesk Navisworks Manage, is related...
The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom; the software for modeling and analyzing 3D models in Autodesk Navisworks Simulate; and the software for analyzing, coordinating, and verifying 3D models and project data in Autodesk Navisworks Manage. This allows a malicious individual to cause service interruptions or execute arbitrary code.
The vulnerability of the DWFX software for viewing 3D models and project documents, as well as the software for modeling and analysis of 3D models Autodesk Navisworks Freedom, the software for analyzing, coordinating, and verifying 3D models and project data Autodesk Navisworks Manage, is related...
The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom; the software for modeling and analyzing 3D models in Autodesk Navisworks Simulate; and the software for analyzing, coordinating, and verifying 3D models and project data in Autodesk Navisworks Manage, allows a malicious individual to execute arbitrary code.
The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom, as well as the software for modeling, analyzing, and simulating 3D models in Autodesk Navisworks Simulate, and the software for analyzing, coordinating, and verifying 3D...
Vulnerability of web-based interfaces for microprogramming software Wi-Fi routers such as Netis NX10, Netis 11AC Router NC65, Netis 11AC Router NC63, Netis 11AC Router NC21, and Netis Wifi Router MW5360 allow attackers to increase their privileges
The vulnerability of the web-based management interfaces for Netis NX10, Netis 11AC Router NC65, Netis 11AC Router NC63, Netis 11AC Router NC21, and Netis Wifi Router MW5360 lies in the reading of data beyond the permitted range in memory. Exploiting this vulnerability can allow an attacker to...
The vulnerability of the FAB_ADD_SECURITY_API component in the Apache Superset data visualization software allows a attacker to enhance their privileges.
The vulnerability of the FABADDSECURITYAPI component in the Apache Superset data visualization software is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remotely...
The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom; the software for modeling and analyzing 3D models in Autodesk Navisworks Simulate; and the software for analyzing, coordinating, and verifying 3D models and project data in Autodesk Navisworks Manage. This allows a malicious individual to cause service interruptions or execute arbitrary code.
The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom, as well as the software for modeling, analyzing, and simulating 3D models in Autodesk Navisworks Simulate, and the software for analyzing, coordinating, and verifying 3D...
The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom; the software for modeling and analyzing 3D models in Autodesk Navisworks Simulate; and the software for analyzing, coordinating, and verifying 3D models and project data in Autodesk Navisworks Manage. This allows a malicious individual to cause service interruptions or execute arbitrary code.
The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom, as well as the software for modeling, analyzing, and coordinating 3D models and project data in Autodesk Navisworks Manage, is related to a buffer overflow in the dynamic...
The vulnerability of the signer-package processor in Nucleus scanners allows a perpetrator to execute arbitrary code.
The vulnerability of the signer-package processor in Nuclei scanners exists because measures to neutralize special elements are not taken. Exploiting this vulnerability allows an attacker to execute arbitrary code by running a specially crafted template with user input...
The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena lies in the use of memory after it is freed, allowing a hacker to execute arbitrary code.
The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena lies in its dependence on external components, allowing a hacker to execute arbitrary code.
The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena lies in its dependence on external components. Exploiting this vulnerability allows an attacker to execute arbitrary code...
The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom; the software for modeling and analyzing 3D models in Autodesk Navisworks Simulate; and the software for analyzing, coordinating, and verifying 3D models and project data in Autodesk Navisworks Manage. This allows a malicious individual to cause service interruptions or execute arbitrary code.
The vulnerability of the DWFX software for viewing 3D models and project documents, as well as the software for modeling and analysis of 3D models Autodesk Navisworks Freedom, the software for analyzing, coordinating, and verifying 3D models and project data Autodesk Navisworks Manage, is related...
The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom; the software for modeling and analyzing 3D models in Autodesk Navisworks Simulate; and the software for analyzing, coordinating, and verifying 3D models and project data in Autodesk Navisworks Manage. This allows a malicious individual to cause service interruptions or execute arbitrary code.
The vulnerability of the DWFX software for viewing 3D models and project documents, as well as the software for modeling and analysis of 3D models Autodesk Navisworks Freedom, the software for analyzing, coordinating, and verifying 3D models and project data Autodesk Navisworks Manage, is related...
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the execution of operations beyond the buffer in memory, allows attackers to trigger service failures or execute arbitrary code.
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the execution of operations beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to trigger service failures or...
The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena lies in the ability to write code beyond the buffer boundaries, allowing an attacker to execute arbitrary code.
The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena lies in the ability to execute code beyond buffer boundaries. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the Adobe Substance 3D Modeler software lies in its ability to read data beyond the buffer limit in memory, allowing an attacker to execute arbitrary code.
The vulnerability of the Adobe Substance 3D Modeler software-related to reading beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially crafted file...
The vulnerability of the dev_get_drvdata() function in the Cadence Quad SPI driver (drivers/spi/spi-cadence-quadspi.c) in the Linux operating system allows a hacker to cause a system failure.
The vulnerability of the devgetdrvdata function in the Cadence Quad SPI driver drivers/spi/spi-cadence-quadspi.c in Linux kernel is related to the use of an unreliable pointer. Exploiting this vulnerability could allow an attacker to cause a system failure...
The vulnerability of the NSC_DeriveKey function in the Mozilla Firefox browser and the Thunderbird email client allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the NSCDeriveKey function in the Mozilla Firefox browser and the Thunderbird email client is related to an error in pointer manipulation when processing the phKey parameter. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, a...
The vulnerability of Moxa EDR-8010, EDR-G9004, EDR-G9010, EDF-G1002-BP, NAT-102, OnCell G4302-LTE4, and TN-4900 network devices arises from the failure to eliminate special elements used in the operating system’s command structure. This allows attackers to execute arbitrary code.
The vulnerability of Moxa EDR-8010, EDR-G9004, EDR-G9010, EDG-G1002-BP, NAT-102, OnCell G4302-LTE4, and TN-4900 network devices stems from the lack of measures taken to neutralize special commands used in the operating system. Exploiting this vulnerability allows a malicious actor to execute...
The vulnerability of the Swagger interface of the IBM WebSphere Automation platform for automating the management and deployment of applications and services allows a perpetrator to execute arbitrary code.
The vulnerability of the Swagger interface of the IBM WebSphere Automation platform for application and service automation and deployment is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious...