Lucene search
K
Bdu FstecRecent

90709 matches found

BDU FSTEC
BDU FSTEC
added 2025/12/23 12:0 a.m.55 views

The vulnerability of the library for creating and editing PDF documents in OpenPDF, related to insufficient validation of requests on the server side, allows a hacker to perform an SSRF attack.

The vulnerability of the OpenPDF library for creating and editing PDF documents is related to insufficient validation of requests at the server-side. Exploiting this vulnerability could allow a malicious actor to execute an SSRF attack remotely...

5.3CVSS5.8AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/23 12:0 a.m.5 views

The vulnerability of the wlSetExternParameter function in Tenda AX3 Wi-Fi router software allows a hacker to cause a service failure.

The vulnerability of the wlSetExternParameter function in Tenda AX3 Wi-Fi router software is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to cause a service failure...

7.8CVSS6.1AI score0.00362EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/23 12:0 a.m.3 views

The vulnerability of the mPDF library, related to insufficient validation of input data, allows attackers to read arbitrary files.

The vulnerability of the mPDF library is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to read arbitrary files...

6.2CVSS5.9AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/23 12:0 a.m.4 views

The vulnerability of the graphical user interface application GuiXT for SAP GUI on Windows allows a hacker to gain unauthorized access to protected information.

The vulnerability of the graphical user interface application GuiXT for SAP GUI on Windows is related to the use of obfuscation algorithms instead of secure symmetric encryption for storing user credentials. Exploiting this vulnerability can allow an attacker to gain unauthorized access to...

5.6CVSS5.8AI score0.00129EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/12/23 12:0 a.m.6 views

The vulnerability of the XML2PDF library, related to insufficient validation of requests on the server side, allows a attacker to perform an SSRF attack.

The vulnerability of the XML2PDF library is related to insufficient validation of requests on the server side. Exploiting this vulnerability allows a malicious actor to execute an SSRF attack by sending a specially crafted HTTP request...

5.3CVSS5.8AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/23 12:0 a.m.7 views

The vulnerability of the XML2PDF library, related to insufficient validation of requests on the server side, allows a attacker to perform an SSRF attack.

The vulnerability of the XML2PDF library is related to insufficient validation of requests on the server side. Exploiting this vulnerability allows a malicious actor to execute an SSRF attack by sending a specially crafted HTTP request...

5.3CVSS5.8AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/23 12:0 a.m.14 views

The vulnerability of the XML2PDF library, related to insufficient validation of requests on the server side, allows a attacker to perform an SSRF attack.

The vulnerability of the XML2PDF library is related to insufficient validation of requests on the server side. Exploiting this vulnerability allows a malicious actor to execute an SSRF attack by sending a specially crafted HTTP request...

5.3CVSS5.8AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/23 12:0 a.m.5 views

The vulnerability of the SAPCAR file compression and decompression utility, related to deficiencies in access control, allows attackers to escalate their privileges.

The vulnerability of the SAPCAR file compression and decompression utility is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

6.9CVSS5.8AI score0.00123EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/12/23 12:0 a.m.5 views

The vulnerability of the Financials General Ledger component of the SAP S/4HANA software platform allows a hacker to gain access to read and modify data.

The vulnerability of the Financials General Ledger component of the SAP S/4HANA software platform is related to uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to read and modify data...

7.5CVSS5.8AI score0.00265EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/12/23 12:0 a.m.3 views

The vulnerability of the stop_kthread() function in the kernel module trace/trace_osnoise.c of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the stopkthread function in the kernel module trace/traceosnoise.c of the Linux operating system is related to improper locking of resources. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00176EPSS
Exploits0References11Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.5 views

The vulnerability of the SAP GUI graphical user interface for Windows, related to access control errors, allows a intruder to disclose protected information and execute arbitrary code.

The vulnerability of the SAP GUI graphical user interface for Windows relates to access control errors. Exploiting this vulnerability allows an attacker to disclose protected information and execute arbitrary code...

6.8CVSS5.9AI score0.00308EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.3 views

The vulnerability of the ip6_xmit() function in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the ip6xmit function in the Linux operating system’s kernel is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to cause a service failure...

6.1CVSS5.8AI score0.00197EPSS
Exploits0References8Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.3 views

The vulnerability in the drivers/crypto/hisilicon/qm.c module of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability in the drivers/crypto/hisilicon/qm.c module of the Linux operating system is related to the unlimited distribution of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

4.4CVSS5.8AI score0.00182EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.3 views

The vulnerability of the __dm_suspend() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the dmsuspend function in the Linux operating system is related to an error in pointer arithmetic. Exploiting this vulnerability could allow an attacker to trigger a service failure...

4.7CVSS5.8AI score0.00207EPSS
Exploits0References15Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.3 views

The vulnerability of the pid_nr_ns() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the pidnrns function in the Linux operating system’s kernel is related to an error in pointer arithmetic. Exploiting this vulnerability can allow an attacker to cause a service failure...

4.6CVSS5.8AI score0.00207EPSS
Exploits0References15Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.2 views

The vulnerability of the decompress_smooth_data() library used for working with images in libjpeg-turbo, which allows a hacker to cause a service failure.

The vulnerability of the decompresssmoothdata library used for working with images in libjpeg-turbo is related to writing beyond the buffer memory boundaries. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

8.5CVSS7.2AI score0.00715EPSS
Exploits0References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.2 views

The vulnerability of the WavpackPackSamples function in the WavPack audio codec allows a hacker to trigger a service failure.

The vulnerability of the WavpackPackSamples function in the WavPack audio codec lies in the ability to exploit it by reading beyond the buffer boundaries of memory. Exploiting this vulnerability could allow an attacker to cause a service failure using a specially crafted file...

5.5CVSS6.2AI score0.01155EPSS
Exploits1References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.3 views

The vulnerability of the __wrap_pthread_create() function in the Libcap library allows a malicious actor to cause a service failure.

The vulnerability of the wrappthreadcreate function in the Libcap library is related to the lack of memory release after the effective lifetime of the function. Exploiting this vulnerability could allow an attacker to trigger a service failure through a specially crafted request...

3.3CVSS6.5AI score0.0035EPSS
Exploits1References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.2 views

The vulnerability of the resolveSubtable function in the text conversion library for Braille text allows a hacker to trigger a service failure.

The vulnerability of the resolveSubtable function in the text-to-Braille conversion library lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a malicious actor to cause service interruptions through a specially created file...

7.8CVSS7.1AI score0.01148EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.7 views

The vulnerability of the Audio Profile AVRCP component of the Bluetooth protocol stack for the Linux BlueZ operating system allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Audio Profile AVRCP component in the Bluetooth protocol stack for the Linux BlueZ operating system is related to reading data beyond the allowed range. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.4CVSS6.6AI score0.00808EPSS
Exploits0References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.4 views

The vulnerability of the JavaScript library for cryptography, Jwcrypto, related to uncontrolled resource consumption, allows attackers to execute brute-force attacks and cause service failures.

The vulnerability of the JavaScript library for cryptography, Jwcrypto, is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a remote attacker to execute a brute-force attack and cause service failure...

5.3CVSS6.4AI score0.00884EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.3 views

The vulnerability of the tpm2_checkquote component in the Trusted Platform Module tools allows a perpetrator to access protected information.

The vulnerability of the tpm2checkquote component in the Trusted Platform Module tools repository is related to errors in processing input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to protected information using a specially crafted PCR file th...

9CVSS6.5AI score0.00984EPSS
Exploits1References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.1 views

The vulnerability of the LaTeX text editor EMACS’ implementation allows a hacker to trigger a service failure.

The vulnerability of the LaTeX text editor EMACS’ implementation is related to incorrect standard resolutions. Exploiting this vulnerability can allow an attacker to cause a service failure...

2.8CVSS6.3AI score0.00471EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.2 views

The vulnerability of the regcomp function in the system library glibc, which allows a hacker to cause a service failure

The vulnerability of the regcomp function in the glibc system library is related to the repeated release of resources. Exploiting this vulnerability can allow an attacker to cause a service failure by sending a specially crafted request...

4.2CVSS6.7AI score0.00158EPSS
Exploits0References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.3 views

The vulnerability of the Supplier Invoice component in the SAP S/4HANA software platform allows a hacker to circumvent security restrictions.

The vulnerability of the Supplier Invoice component in the SAP S/4HANA software platform is related to the failure to handle CRLF sequences in HTTP headers. Exploiting this vulnerability allows a malicious actor to circumvent security restrictions from a remote location...

4.3CVSS5.8AI score0.00246EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.6 views

The vulnerability of the Launchpad component of the SAP Fiori business application development platform lies in the use of web links to an unreliable target object, allowing attackers to execute a Reverse Tabbing attack.

The vulnerability of the Launchpad component of the SAP Fiori business application development platform relates to the use of web links to an unreliable target object with access to window.opener. Exploiting this vulnerability allows a remote attacker to execute a Reverse Tabbing attack...

5.5CVSS5.9AI score0.00197EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.3 views

The vulnerability of the f2fs_check_quota_consistency() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the f2fscheckquotaconsistency function in the Linux operating system is related to an error in pointer arithmetic. Exploiting this vulnerability could allow a attacker to cause service failures...

5.5CVSS5.8AI score0.00181EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.8 views

The vulnerability of the WatchGuard Fireware OS, a operating system, allows a hacker to execute arbitrary code.

The vulnerability of the WatchGuard Fireware OS’s Icedemon component relates to writing beyond the buffer boundaries. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS6.5AI score0.18047EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.4 views

The vulnerability of the blk_should_throtl() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the blkshouldthrotl function in the Linux operating system is related to an error in pointer arithmetic. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.8AI score0.00238EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.4 views

The vulnerability in the driver/mailbox/zynqmp-ipi-mailbox.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the drivers/mailbox/zynqmp-ipi-mailbox.c module of the Linux operating system is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to cause a service failure...

6.3CVSS5.8AI score0.00194EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.3 views

The vulnerability of the probe() function in the Linux operating system’s kernel allows a hacker to induce a service failure.

The vulnerability of the probe function in the Linux operating system’s kernel is related to the use of uninitialized resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

6.3CVSS5.8AI score0.00181EPSS
Exploits0References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.2 views

The vulnerability of the read_samples() function in the Speex audio codec allows a hacker to trigger a service failure.

The vulnerability of the readsamples function in the Speex audio codec is related to division by zero. Exploiting this vulnerability could allow an attacker to cause a service failure through the use of a specially crafted WAV file...

5.5CVSS6.3AI score0.0094EPSS
Exploits1References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.3 views

The vulnerability of the bgp_capability_llgr() function in the networking routing implementation software for Unix-like systems allows a attacker to cause a service failure.

The vulnerability of the bgpcapabilityllgr function in the networking routing implementation software for Unix-like systems in FRRouting is related to memory buffer overflow attacks. Exploiting this vulnerability can allow attackers to cause service failures...

5.5CVSS6.6AI score0.01027EPSS
Exploits1References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.2 views

The vulnerability of the Pdfinfo component in the Poppler PDF rendering library allows a attacker to cause a service failure.

The vulnerability of the Pdfinfo component in the Poppler PDF rendering library is related to improper validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures...

7.8CVSS7.1AI score0.00785EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.3 views

The vulnerability of the Live Auction Cockpit component of the SAP Supplier Relationship Management procurement automation application allows a malicious actor to redirect users to an arbitrary URL address.

The vulnerability of the Live Auction Cockpit component of the SAP Supplier Relationship Management procurement automation application relates to the redirection of the URL to an unreliable website. Exploiting this vulnerability allows a malicious actor to redirect users to any given URL address...

6.4CVSS5.8AI score0.00261EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.8 views

The vulnerability of the AMD Crash Defender software, a microprogramming solution for AMD Radeon graphics processors, allows a hacker to trigger a service failure.

The vulnerability of the AMD Crash Defender software for AMD Radeon graphics processors is related to the handling of the zero pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.4 views

The vulnerability of SonicWall SMA1000, a microcontroller-based network interface controller, allows attackers to enhance their privileges.

The vulnerability of SonicWall SMA1000 microprogrammed network interface controller consoles relates to deficiencies in access control mechanisms. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

7.1CVSS6.9AI score0.0191EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.6 views

The vulnerability of the f2fs_truncate() function in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the f2fstruncate function in the Linux operating system is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow an attacker to cause a service failure...

6.3CVSS5.9AI score0.00197EPSS
Exploits0References7Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.2 views

The vulnerability of the kvmalloc() function in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the kvmalloc function in the Linux operating system’s kernel is related to the unlimited distribution of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

4.7CVSS5.8AI score0.00202EPSS
Exploits0References14Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.4 views

The vulnerability of AMD’s microprogramming software related to writing beyond buffer boundaries in memory allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of AMD’s microprogramming software lies in writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

6.1CVSS5.9AI score0.00113EPSS
Exploits0References2Affected Software8
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.3 views

The vulnerability of the Avahi service detection system in local networks arises from the use of insufficiently random values, allowing attackers to influence the confidentiality of the protected information.

The vulnerability of the Avahi service detection system in local networks is related to the use of insufficiently random values. Exploiting this vulnerability allows a malicious actor to influence the confidentiality of protected information by using specially crafted DNS requests, while using a...

5.3CVSS6.7AI score0.00574EPSS
Exploits0References4Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.3 views

The vulnerability of the AIDE intrusion detection system arises from the improper processing of output data for log records, allowing attackers to circumvent existing security restrictions.

The vulnerability of the AIDE intrusion detection system is related to incorrect processing of output data for log records. Exploiting this vulnerability can allow attackers to circumvent existing security restrictions...

5.5CVSS7.3AI score0.0021EPSS
Exploits1References4Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.3 views

The vulnerability of the Live Auction Cockpit component of the SAP Supplier Relationship Management application allows a perpetrator to perform cross-site scripting attacks.

The vulnerability of the Live Auction Cockpit component of the SAP Supplier Relationship Management procurement automation application is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting...

6.4CVSS5.5AI score0.00255EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.5 views

The vulnerability of the devm_add_action_or_reset() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the devmaddactionorreset function in the Linux operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...

6.3CVSS5.8AI score0.0022EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.3 views

The vulnerability in the net/smc/smc_clc.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the net/smc/smcclc.c module of the Linux operating system is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...

7.8CVSS5.8AI score0.00182EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.3 views

The vulnerability of the __sk_dst_get() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the skdstget function in the Linux operating system’s kernel is related to the use of memory after it has been freed. Exploiting this vulnerability could allow an attacker to cause a service failure...

6.5CVSS5.7AI score0.00194EPSS
Exploits0References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.2 views

The vulnerability of the ioremap_cache() function in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the ioremapcache function in the Linux operating system’s kernel is related to improper initialization of the resource. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.8AI score0.00194EPSS
Exploits0References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.3 views

The vulnerability of the tls_strp_msg_hold() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the tlsstrpmsghold function in the Linux operating system’s kernel is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to cause a service failure...

6.3CVSS5.8AI score0.00183EPSS
Exploits0References13Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.6 views

The vulnerability of the dl_server_start() function in the kernel/sched/deadline.c file of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the dlserverstart function in the kernel/sched/deadline.c file of the Linux operating system is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

4.6CVSS5.8AI score0.0018EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/22 12:0 a.m.4 views

The vulnerability in the `zzip_disk_entry_to_file_header` function of the `mmapped.c` file in the Zziplib compression library allows a attacker to cause a service failure.

The vulnerability of the zzipdiskentrytofileheader function in the mmapped.c file of the Zziplib compression library is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.2AI score0.00317EPSS
Exploits1References4Affected Software3
Total number of security vulnerabilities90709