The vulnerability of the Adobe Experience Manager content and media data management system is related to errors in processing input data, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager content and media data management system is related to errors in processing input data. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the rcu_nocb_bypass_lock function in the Linux operating system’s Read-Copy-Update (RCU) synchronization mechanism allows a attacker to trigger a service failure.

The vulnerability of the rcunocbbypasslock function in the Linux operating system’s Read-Copy-Update RCU synchronization mechanism is related to the lack of memory release after the effective lifespan of the function. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the AcroForm component in the PDF Foxit Reader software (formerly Foxit Reader) allows a perpetrator to execute arbitrary code.

The vulnerability of the AcroForm component in the PDF viewer software from Foxit, known as Foxit PDF Reader formerly Foxit Reader, relates to reading data beyond the allowed range in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code, provided that the user...

The vulnerability of the Salted Challenge Response Authentication Mechanism (SCRAM) in Apache Kafka message dispatchers allows attackers to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerability of the Salted Challenge Response Authentication Mechanism SCRAM in Apache Kafka message brokers stems from the lack of verification of unique message IDs between the client and the server. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and...

The vulnerability of the Fields plugin in the GLPI system for managing requests, incidents, and inventory of computer equipment arises from the lack of protection for the SQL query structure. This allows attackers to execute arbitrary SQL code.

The vulnerability of the Fields plugin in the GLPI system for managing requests, incidents, and inventory of computer equipment is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...

The vulnerability of the Craft CMS content management system’s `register_argc_argv` configuration allows a hacker to execute arbitrary code.

The vulnerability of the Craft CMS content management system’s registerargcargv configuration is related to improper code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Adobe Experience Manager content and media data management system lies in insufficient validation of input data, allowing attackers to bypass security measures.

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to bypass security measures...

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the bpf_ringbuf_reserve() function in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the bpfringbufreserve function in the Linux operating system is related to the allocation of unlimited memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability in the web interface for managing microprogrammed routing software from DrayTek, namely DrayTek Vigor2960 and Vigor300B, allows a hacker to execute arbitrary code.

The vulnerability of the web interface for managing DrayTek Vigor2960 and Vigor300B microprogramming systems lies in the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by...

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the ASUS AiCloud cloud platform, which stems from the lack of measures taken to clean data at the management level, allows a hacker to execute arbitrary codes.

The vulnerability of the ASUS AiCloud cloud platform lies in the lack of measures taken at the management level to clean data. Exploiting this vulnerability allows a malicious actor to execute arbitrary codes remotely...

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the remap_pfn_range_notrack() function in the mm/memory.c module of the Linux kernel’s memory management subsystem allows a hacker to trigger a service failure.

The vulnerability of the remappfnrangenotrack function in the mm/memory.c module of the Linux kernel’s memory management subsystem is related to incomplete cleanup of temporary or auxiliary resources. Exploiting this vulnerability could allow an attacker to cause a system failure...

The vulnerability of the stream_enc regs() function in the Direct Rendering Manager (DRM) subsystem of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the streamenc regs function in the Direct Rendering Manager DRM subsystem of the Linux kernel is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the pm_runtime_get_sync() function in the mtk-cmdq component of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the pmruntimegetsync function in the mtk-cmdq component of the Linux operating system is related to the lack of code checks for function return values. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the installer of the GFI Archiver software for corporate email and document archiving allows a hacker to execute arbitrary code and gain unauthorized access to protected information.

The vulnerability of the installer of the GFI Archiver software for corporate email and documents is related to the use of an outdated library, Telerik.Web.UI.DLL. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely and gain unauthorized access to protected...

The vulnerability of the radosgw daemon in the Ceph storage system allows a hacker to bypass the authentication process.

The vulnerability of the radosgw daemon in the Ceph storage system is related to insufficient verification of data authenticity when processing JWT tokens. Exploiting this vulnerability allows a malicious actor to bypass authentication procedures...

The vulnerability of the C-more Programming Software for programming and configuring sensor panels (EA9 Series) arises from the execution of operations beyond the buffer boundaries in memory. This allows a hacker to execute arbitrary code.

The vulnerability of the C-more Programming Software EA9 Series for programming and configuring sensor panels is related to the execution of operations outside the buffer in memory when processing EAP9 format files. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the btree_iter function in the bcache component of the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the btreeiter function in the bcache component of the Linux operating system’s kernel is related to the unlimited distribution of resources. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the Splunk Web Bulletin Messages module in the Splunk Web interface of the Splunk Enterprise operating analysis platform allows a perpetrator to influence the confidentiality and integrity of the protected information.

The vulnerability of the Splunk Web Bulletin Messages module in the Splunk Web interface of the Splunk Enterprise operating analysis platform is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to influence the confidentiality and integrity of...

The vulnerability of the Microsoft Dynamics 365 Business Central software for small and medium-sized businesses stems from deficiencies in the authentication process, which allows unauthorized users to elevate their privileges.

The vulnerability of the Microsoft Dynamics 365 Business Central software for small and medium-sized businesses is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to gain increased privileges remotely...

The vulnerability of the Loway QueueMetrics software for analyzing call center performance metrics lies in its inability to properly handle incoming requests, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the Loway QueueMetrics performance analysis software lies in the inconsistency of its responses to incoming requests. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to protected information by sending specially crafted...

The vulnerability of the mechanism for detecting network traffic analysis tools, network detection, and response by the Cortex XDR Agent on Windows operating systems allows attackers to trigger service failures or execute arbitrary code.

The vulnerability of the mechanism for detecting network traffic analysis tools, network detection, and response by the Cortex XDR Agent on Windows operating systems is related to discrepancies in functionality according to the specifications. Exploiting this vulnerability can allow attackers to...

The vulnerability of the Nix packet manager in Unix operating systems arises from improper restrictions on the path name of the restricted access directory. This allows a malicious user to re-record any files in the system.

The vulnerability of the Nix packet manager in Unix operating systems is related to an improper limitation on the path name of the restricted access directory. Exploiting this vulnerability allows a remote attacker to re-record any files in the system...

The vulnerability of the command-line interface (CLI) of the PAN-OS operating system, allowing a hacker to read arbitrary files

The vulnerability of the command-line interface CLI of the PAN-OS operating system is related to the lack of measures taken to neutralize substitution characters or characters that match each other. Exploiting this vulnerability can allow an attacker to read arbitrary files...

The vulnerability of the SMI transfer monitor (STM) in microprogramming software for Intel processors allows attackers to enhance their privileges.

The vulnerability of the SMI transfer monitor STM in microprogramming software for Intel processors is related to improper handling of certain operations. Exploiting this vulnerability can allow an attacker to enhance their privileges...

The vulnerability of the Substance 3D Painter software for creating textures and materials for 3D models allows a hacker to execute arbitrary code by writing beyond the buffer boundaries of memory.

The vulnerability of the Substance 3D Painter software for creating textures and materials for 3D models is related to writing beyond the buffer boundaries of memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created file...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to memory-walking attacks, allows attackers to bypass ASLR protection and disclose the protected information.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to memory-walking attacks. Exploiting this vulnerability can allow attackers to bypass ASLR protection and disclose the protected information...

The vulnerability of PwnDoc’s asynchronous interface functions in audit tools for automation of report generation allows a perpetrator to trigger a service failure.

The vulnerability of the asynchronous interface function of the PwnDoc automation tool for generating report documents is related to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

The vulnerability of the corporate version of the GitHub Enterprise Server, related to incorrect restrictions on the path to the restricted catalog, allows attackers to gain read access to arbitrary files.

The vulnerability of the corporate version of the GitHub Enterprise Server is related to an incorrect restriction on the path name to the restricted catalog. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain read access to arbitrary files by adding specially...

The vulnerability of the SAP Business Warehouse data management and analytics system, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of the SAP Business Warehouse data management and analytics system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of the CI/CD application integration and delivery system provided by JetBrains TeamCity, due to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.

The vulnerability of the CI/CD application integration and delivery system provided by JetBrains TeamCity exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks remotely...

The vulnerability of the Substance 3D Painter software for creating textures and materials for 3D models allows a hacker to trigger a service failure. This vulnerability is related to errors in pointer assignment.

The vulnerability of the Substance 3D Painter software for creating textures and materials for 3D models is related to pointer assignment errors. Exploiting this vulnerability can allow attackers to cause service failures...

The vulnerability of the `__bch2_ioctl_subvolume_create()` function in the `fs/bcachefs/fs-ioctl.c` module of the bcachefs component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the bch2ioctlsubvolumecreate function in the fs/bcachefs/fs-ioctl.c module of the bcachefs component of the Linux operating system is related to a crash due to repeated resource blocking. Exploiting this vulnerability could allow an attacker to cause service failures...

The vulnerability of the Advanced Payment Management component of the SAP S/4HANA Finance software allows a perpetrator to enhance their privileges.

The vulnerability of the Advanced Payment Management component of the SAP S/4HANA Finance financial management software is related to authentication breaches. Exploiting this vulnerability can allow attackers who operate remotely to enhance their privileges...

The vulnerability of the SAP GUI graphical user interface for Windows lies in the insufficient protection of operational data, allowing an intruder to gain unauthorized access to protected information.

The vulnerability of the SAP GUI graphical user interface for Windows relates to the display of a password used to access the SAP system. This vulnerability stems from insufficient protection of administrative data. Exploiting this vulnerability could allow an intruder to gain unauthorized access...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to memory-walking attacks, allows attackers to bypass ASLR protection and disclose the protected information.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to memory-walking attacks. Exploiting this vulnerability can allow an attacker to bypass ASLR protection and disclose the protected information...

The vulnerability of the registration method for mobile devices and the deployment of mobile applications via Splunk Secure Gateway, a platform for operational analysis in Splunk Enterprise, stems from insufficient protection of sensitive data. This vulnerability allows attackers to gain unauthorized access to protected information.

The vulnerability of the mobile device registration and mobile application deployment mechanism of Splunk Secure Gateway, a platform for operational analytics in Splunk Enterprise, is related to insufficient protection of sensitive data due to improper access control to the KV Store Key Value...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to the execution of operations beyond the buffer in memory, allows attackers to bypass the ASLR protection mechanism and expose the protected information.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to bypass the ASLR protection mechanism and disclose the protected information...

The vulnerability of the qdisc_tree_reduce_backlog() function in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the qdisctreereducebacklog function in the Linux operating system is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the CI/CD application integration and delivery system provided by JetBrains TeamCity, due to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.

The vulnerability of the CI/CD application integration and delivery system provided by JetBrains TeamCity exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks remotely...

The vulnerability of the Substance 3D Painter software for creating textures and materials for 3D models arises from buffer overflows in the queue, allowing an attacker to execute arbitrary code.

The vulnerability of the Substance 3D Painter software for creating textures and materials for 3D models arises from an overflow in the buffer area. Exploiting this vulnerability allows a hacker to execute arbitrary code in the context of the current user, using a specially created file...

The vulnerability of Palo Alto Networks’ network switches, managed by the PAN-OS operating system, stems from insufficient checks for unusual or exceptional states. This allows attackers to trigger service interruptions.

The vulnerability of Palo Alto Networks’ network switches, managed by the PAN-OS operating system, is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor to trigger a service failure by sending a specially crafted network...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to memory-walking attacks, allows attackers to bypass ASLR protection and disclose the protected information.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to memory-walking attacks. Exploiting this vulnerability can allow an attacker to bypass ASLR protection and disclose the protected information...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to memory-walking attacks, allows attackers to bypass ASLR protection and disclose the protected information.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to memory-walking attacks. Exploiting this vulnerability can allow an attacker to bypass ASLR protection and disclose the protected information...

The vulnerability of Adobe Connect web conference software lies in the lack of measures taken to protect the structure of web pages, allowing attackers to execute XSS attacks.

The vulnerability of Adobe Connect web conference software relates to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to execute XSS attacks by injecting malicious scripts into form fields...

The vulnerability of Adobe Connect web conference software lies in the lack of measures taken to protect the structure of web pages, allowing attackers to execute XSS attacks.

The vulnerability of Adobe Connect web conference software relates to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to execute XSS attacks by injecting malicious scripts into form fields...