74701 matches found
The vulnerability of Adobe Connect web conference software lies in the lack of measures taken to protect the structure of web pages, allowing attackers to execute XSS attacks.
The vulnerability of Adobe Connect web conference software relates to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to execute XSS attacks by injecting malicious scripts into form fields...
The vulnerability of Adobe Connect web conference software lies in the lack of measures taken to protect the structure of web pages, allowing attackers to execute XSS attacks.
The vulnerability of Adobe Connect web conference software relates to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to execute XSS attacks by injecting malicious scripts into form fields...
The vulnerability in the module net/vmw_vsock/virtio_transport_common.c of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability in the module net/vmwvsock/virtiotransportcommon.c of the Linux operating system is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...
Vulnerability of the SMB microprogramming network device service on QNAP, allowing attackers to execute arbitrary code
The vulnerability of the SMB microprogramming network device software in QNAP is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the Webmin CGI request handler allows a hacker to execute arbitrary code with root privileges.
The vulnerability of the Webmin CGI request handler relates to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with root privileges remotely...
The vulnerability of the Substance 3D Painter software, used for creating textures and materials for 3D models, relates to reading beyond the buffer boundary. This allows attackers to execute arbitrary code.
The vulnerability of the Substance 3D Painter software for creating textures and materials for 3D models involves reading beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the Substance 3D Painter software for creating textures and materials for 3D models arises from a buffer overflow in its dynamic memory. This allows attackers to execute arbitrary code within the context of the current user.
The vulnerability of the Substance 3D Painter software for creating textures and materials for 3D models arises due to an overflow in the dynamic memory buffer. Exploiting this vulnerability allows a hacker to execute arbitrary code in the context of the current user, using a specially created fi...
The vulnerability of the SAP Business Warehouse data management and analytics system lies in the insufficient encoding of user input data, which allows attackers to execute cross-site scripting (XSS) attacks.
The vulnerability of the SAP Business Warehouse data management and analytics system is related to insufficient encoding of user input data. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks XSS remotely...
The vulnerability of the iommufd_access_change_ioas() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the iommufdaccesschangeioas function in the Linux operating system is related to the copying of buffers without checking the input data. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Continuous Integration and Deployment Application Delivery system (CI/CD) of JetBrains TeamCity, related to the lack of authentication, allows attackers to compromise the integrity of protected information.
The vulnerability of the CI/CD application integration and delivery system of JetBrains TeamCity is related to the absence of authentication. Exploiting this vulnerability allows a malicious actor to potentially compromise the integrity of the protected information...
The vulnerability of the CI/CD application integration and delivery system provided by JetBrains TeamCity, related to insufficient protection of registration data, allows attackers to disclose protected information.
The vulnerability of the Continuous Integration and Deployment application delivery system CI/CD of TeamCity in JetBrains is related to insufficient protection for registration data. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...
The vulnerability of the CI/CD application integration and delivery system provided by JetBrains TeamCity, related to incorrect authentication procedures, allows attackers to compromise the confidentiality of protected information.
The vulnerability of the CI/CD application integration and delivery system of JetBrains TeamCity is related to the absence of authentication. Exploiting this vulnerability allows a malicious actor to potentially compromise the integrity of the protected information...
The vulnerability of the SAP Enable Now program for creating and managing training materials, related to deficiencies in the authentication process, allows a user to escalate their privileges and gain unauthorized access to protected information.
The vulnerability of the SAP Enable Now software for creating and managing training materials is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker, operating remotely, to enhance their privileges and gain unauthorized access to protected...
The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena lies in the possibility of writing beyond buffer boundaries during the processing of DOE files. This allows a hacker to execute arbitrary code.
The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena lies in the issue of writing beyond buffer boundaries during the processing of DOE files. Exploiting this vulnerability allows attackers to execute arbitrary code by loading a specially crafted...
The vulnerability of Adobe Connect web conference software lies in the insufficient protection of the website structure, which allows attackers to execute arbitrary code.
The vulnerability of Adobe Connect web conference software is related to insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the formWsc function in the microprogramming software of the Totolink A3002R router allows a intruder to execute arbitrary code.
The vulnerability of the formWsc function in the Totolink A3002R router’s microprogramming software relates to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted request...
The vulnerability of Adobe InDesign’s computer layout automation tool, related to pointer naming errors, allows attackers to trigger a service failure.
The vulnerability of Adobe InDesign’s computer layout automation tool is related to pointer assignment errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the `__lpass_get_dmactl_handle` function in the qcom component of the Linux operating system allows a hacker to induce a service failure.
The vulnerability of the lpassgetdmactlhandle function in the qcom component of the Linux operating system is related to the use of an uninitialized pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the CI/CD application deployment and integration teamcity backup file of JetBrains, which allows a hacker to expose user credentials and session cookie files.
The vulnerability of the CI/CD application deployment and integration team environment from JetBrains TeamCity is related to improper cross-border deletion of critical data. Exploiting this vulnerability can allow a malicious actor to access user credentials and cookie session files remotely...
The vulnerability of Adobe Connect’s instant messaging program, related to deficiencies in access control, allows attackers to circumvent existing security restrictions and gain unauthorized access to protected information.
The vulnerability of Adobe Connect’s instant messaging service is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and gain unauthorized access to protected information...
The vulnerability of the Adobe Media Encoder application, related to a pointer swapping error, allows a perpetrator to trigger a service failure.
The vulnerability of the Adobe Media Encoder application relates to a pointer assignment error. Exploiting this vulnerability could allow an attacker to trigger a service failure using a specially created malicious file...
The vulnerabilities of the `runtime_suspend()` and `runtime_resume()` functions of the `cadence-qspi` component in the Linux operating system allow a hacker to trigger a service failure.
The vulnerability of the runtimesuspend and runtimeresume functions of the cadence-qspi component in Linux operating systems is related to a freeze that occurs due to repeated locking of resources. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Continuous Integration and Deployment Application Delivery system (CI/CD) of JetBrains TeamCity, related to incorrect authentication, allows a perpetrator to access confidential information.
The vulnerability of the Continuous Integration and Application Delivery system CI/CD of JetBrains TeamCity is related to incorrect authentication. Exploiting this vulnerability can allow a malicious actor, operating remotely, to access confidential information...
The vulnerability of the Substance 3D Painter software for creating textures and materials for 3D models arises from buffer overflows in the queue, allowing an attacker to execute arbitrary code.
The vulnerability of the Substance 3D Painter software for creating textures and materials for 3D models arises due to an overflow in the buffer area. Exploiting this vulnerability allows a hacker to execute arbitrary code using a specially created file...
The vulnerability of the NuGet package management system, related to synchronization errors when using a shared resource, allows a hacker to execute arbitrary code.
The vulnerability of the NuGet package management system is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker operating remotely to execute arbitrary code...
The vulnerability of the library for extracting data from SimpleXLSX Excel files relates to the lack of protective measures for the website structure, allowing attackers to execute arbitrary JavaScript code.
The vulnerability of the library for extracting data from SimpleXLSX Excel files is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code remotely...
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the execution of operations beyond the buffer in memory when processing WRL files. Exploiting this vulnerability can allow an attacker to execu...
The vulnerability of the Fortinet FortiClient Enterprise Management Server (EMS) and the FortiClient EMS Cloud cloud storage service lies in the lack of data cleaning measures at the management level. This allows attackers to execute arbitrary code.
The vulnerability of the Fortinet FortiClient Enterprise Management Server EMS and the FortiClient EMS Cloud cloud storage service is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Fortinet FortiClient security device, related to errors in the certificate validation process, allows a perpetrator to execute a type of “man-in-the-middle” attack.
The vulnerability of the Fortinet FortiClient security device is related to errors in the certificate validation process. Exploiting this vulnerability allows a malicious actor to carry out a “man-in-the-middle” attack...
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment related to pointer assignment errors allows a perpetrator to trigger a service failure.
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment related to simulation modeling of systems and processes is linked to errors in the assignment of pointers during the processing of WRL files. Exploiting...
The vulnerability of the wakeup_kswapd() function in the vmscan component of the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the wakeupkswapd function in the vmscan component of the Linux operating system’s kernel is related to inconsistencies in memory management procedures. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Fortinet FortiClient Enterprise Management Server (EMS) server lies in the incorrect path limitation for the restricted access directory. This allows a malicious actor to perform service denial-of-service attacks, read from or write to a limited number of files.
The vulnerability of the Fortinet FortiClient Enterprise Management Server EMS server relates to incorrect restrictions on the path name to the restricted directory. Exploiting this vulnerability allows a malicious actor to perform maintenance actions, read from or write to a limited number of...
The vulnerability of the application programming interface of the FortiEDR Manager allows a perpetrator to access confidential information.
The vulnerability of the application programming interface of the FortiEDR Manager system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to confidential information...
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the execution of operations beyond the buffer in memory when processing WRL files. Exploiting this vulnerability could allow an attacker to...
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the issue where operations exceed the buffer boundaries in memory when processing WRL files. Exploiting this vulnerability could allow an...
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the execution of operations beyond the buffer in memory when processing WRL files. Exploiting this vulnerability can allow an attacker to execu...
The vulnerability of the SAML SSO function of Fortinet’s FortiClient products for Windows, Mac, and iOS lies in authentication process errors, which allow attackers to perform a Mitm attack.
The vulnerability of the SAML SSO function in Fortinet’s FortiClient products for Windows, Mac, and iOS is related to errors in the certificate authentication process. Exploiting this vulnerability can allow an attacker to perform a “man-in-the-middle” attack...
The vulnerability of the monitoring, control, automation, and management tool for IBM Cloud Pak for Multicloud Management Monitoring lies in its deserialization mechanism flaws, which allows attackers to execute arbitrary commands.
The vulnerability of the monitoring, control, automation, and management tool for IBM Cloud Pak for Multicloud Management lies in the shortcomings of the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by sending a specially crafted...
The vulnerability in the web interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition systems allows attackers to perform cross-site scripting attacks and gain unauthorized access to protected information.
The vulnerability of the Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition SME web interfaces is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows an attacker to perform cross-site scripting...
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the execution of operations beyond the buffer in memory when processing WRL files. Exploiting this vulnerability could allow an attacker to...
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the execution of operations beyond the buffer in memory when processing WRL files. Exploiting this vulnerability could allow an attacker to...
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the execution of operations beyond the buffer in memory when processing WRL files. Exploiting this vulnerability could allow an attacker to...
The vulnerability of the HDAudBus_DMA driver interface of the Microsoft High Definition Audio Bus allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the HDAudBusDMA driver interface of the Microsoft High Definition Audio Bus driver is related to insufficient resource control during its existence. Exploiting this vulnerability can allow an attacker to execute arbitrary code or cause service failures...
The vulnerability of the VPN protection component of Fortinet’s FortiClient devices, which allows unauthorized access to protected information
The vulnerability of the Fortinet FortiClient security device’s VPN component lies in the fact that confidential information is stored in unencrypted form in its memory. Exploiting this vulnerability could allow an attacker to gain unauthorized access to the protected information...
The vulnerability of the Navigation components in Microsoft Edge and Google Chrome allows attackers to bypass existing security restrictions.
The vulnerability of the Navigation components in Microsoft Edge and Google Chrome is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions through a specially created HTML page...
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.
The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the execution of operations beyond the buffer in memory when processing WRL files. Exploiting this vulnerability can allow an attacker to execu...
The vulnerability of the console-based MPEG audio player mpg123, related to the ability to write beyond the allocated memory, allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the console-based MPEG audio player mpg123 lies in its ability to write beyond the allocated memory boundaries. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause system failures...
The vulnerability of the Splunk Enterprise platform for operational analysis, related to the transmission of data in an open manner, allows a perpetrator to disclose protected information.
The vulnerability of the Splunk Enterprise platform for operational analysis is related to the transmission of data in an open manner. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...
The vulnerabilities of the components of Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK, and the Oracle Java SE software platform allow attackers to gain unauthorized access to protected information.
The vulnerability of the components of Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK, and the Oracle Java SE software platform lies in the insecure storage of confidential information. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access...
The vulnerability of the software for centralized device management by Fortinet’s FortiManager and FortiAnalyzer devices lies in their ability to bypass authentication using a user-controlled key. This allows unauthorized users to gain access to protected information.
The vulnerability of the software for centralized device management by Fortinet’s FortiManager and the network firewall FortiAnalyzer lies in the ability to bypass authentication by using a user-controlled key. Exploiting this vulnerability allows an attacker to gain unauthorized access to...