Lucene search
K
Bdu FstecRecent

90709 matches found

BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.5 views

The vulnerability of the QuTS operating systems and QTS network devices relates to the use of memory after it is freed. This allows attackers to execute arbitrary code and increase their privileges.

The vulnerability of the QuTS operating systems and QTS network devices involves the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and gain increased privileges...

10CVSS7.3AI score0.0082EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.6 views

The vulnerability of the FactoryTalk Linx automation system’s software, related to improper handling of user actions, allows a perpetrator to compromise the integrity and accessibility of protected information.

The vulnerability of the FactoryTalk Linx automation system’s software is related to improper handling of user actions. Exploiting this vulnerability can allow attackers to compromise the integrity and accessibility of the protected information...

9CVSS5.8AI score0.00479EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.6 views

The vulnerability of NetBak Replicator’s backup software lies in the absence of quotation marks around elements or search paths in the code. This allows an attacker to gain access to the user account.

The vulnerability of NetBak Replicator’s backup software lies in the absence of quotation marks in the code for elements or search paths. Exploiting this vulnerability could allow an attacker to gain access to the user account...

7.8CVSS6.1AI score0.00205EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.4 views

The vulnerability of the MSTeams plugin for the instant messaging application Mattermost allows a hacker to compromise the integrity and accessibility of protected information.

The vulnerability of the MSTeams plugin for the instant messaging application Mattermost is related to the lack of authentication for a critical function. Exploiting this vulnerability could allow an attacker to compromise the integrity and accessibility of protected information...

5.5CVSS5.8AI score0.00179EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.4 views

The vulnerability of the JoomlaUX JUX Real Estate plugin for the Joomla content management system (CMS) arises from insufficient measures taken to protect the structure of web pages. This allows attackers to execute cross-site scripting attacks.

The vulnerability of the JoomlaUX JUX Real Estate plugin for the Joomla content management system is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

6.4CVSS5.5AI score0.0097EPSS
Exploits2References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.4 views

The vulnerability of the Adobe DNG Software Development Kit’s file reading and writing software lies in its integer overflow vulnerabilities, which allow attackers to trigger a service failure.

The vulnerability of the Adobe DNG Software Development Kit’s file reading and writing software is related to a numerical overflow condition. Exploiting this vulnerability can allow an attacker to cause service interruptions...

5.5CVSS5.8AI score0.00144EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.4 views

The vulnerability of the Endpoint Manager web interface for managing IP telephony systems, FreePBX, allows a intruder to gain unauthorized access to the system.

The vulnerability of the Endpoint Manager web interface for managing IP telephony systems like FreePBX is related to authentication mechanisms’ deficiencies. Exploiting this vulnerability could allow an attacker to gain unauthorized access to the system remotely...

10CVSS6AI score0.03029EPSS
Exploits8References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.4 views

The vulnerability of the Adobe DNG Software Development Kit’s file reading and writing software lies in its ability to read data beyond the permitted range of memory. This allows attackers to compromise the confidentiality and accessibility of the protected information.

The vulnerability of the Adobe DNG Software Development Kit’s file reading and writing software relates to reading data beyond the permitted range of memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility of the protected information...

7.1CVSS5.8AI score0.00153EPSS
Exploits5References2
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.3 views

The vulnerabilities of PDF viewing and editing programs such as Acrobat DC, Acrobat Reader DC, Acrobat 2024, Acrobat 2020, and Acrobat Reader 2020 are related to the use of an insecure search path, allowing attackers to execute arbitrary code.

The vulnerabilities of PDF viewing and editing programs such as Acrobat DC, Acrobat Reader DC, Acrobat 2024, Acrobat 2020, and Acrobat Reader 2020 are related to the use of an insecure search path. Exploiting these vulnerabilities can allow attackers to execute arbitrary code...

8.4CVSS6AI score0.00419EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.3 views

The vulnerabilities of PDF viewing and editing programs such as Acrobat DC, Acrobat Reader DC, Acrobat 2024, Acrobat 2020, and Acrobat Reader 2020 are related to errors in verifying cryptographic signatures. These vulnerabilities allow attackers to circumvent existing security restrictions.

The vulnerabilities of PDF viewing and editing programs such as Acrobat DC, Acrobat Reader DC, Acrobat 2024, Acrobat 2020, and Acrobat Reader 2020 are related to errors in verifying the cryptographic signature. Exploiting these vulnerabilities can allow attackers to circumvent existing security...

4CVSS5.8AI score0.00387EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.3 views

The vulnerability of the IBM Aspera HTTP Gateway lies in the transmission of critical information in plaintext, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the IBM Aspera HTTP Gateway relates to the transmission of critical information in plaintext. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

7.8CVSS5.8AI score0.00193EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.3 views

The vulnerability of the Adobe DNG Software Development Kit’s file reading and writing software lies in buffer overflow attacks in dynamic memory, allowing attackers to compromise the confidentiality and accessibility of protected information.

The vulnerability of the Adobe DNG Software Development Kit’s file reading and writing software lies in buffer overflow attacks in dynamic memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality and accessibility of protected information...

7.1CVSS6AI score0.00168EPSS
Exploits2References2
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.4 views

The vulnerability of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller lies in the use of a hard-coded cryptographic key, which allows attackers to gain unauthorized access to confidential information.

The vulnerability of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller is related to the use of a rigidly encrypted cryptographic key. Exploiting this vulnerability could allow an attacker, operating remotely, to gain...

3.7CVSS5.8AI score0.00213EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.4 views

The vulnerability of the microprogramming software of the IBM Storage TS4500 flash drive, related to the manipulation of cross-site requests, allows a perpetrator to carry out a CSRF attack.

The vulnerability of the microprogramming software of the IBM Storage TS4500 flash drive is related to the manipulation of cross-site requests. Exploiting this vulnerability can allow a remote attacker to execute a CSRF attack...

7.8CVSS5.7AI score0.00156EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.5 views

The vulnerability in the web interface of the Juniper Networks Junos Space Security Director allows a attacker to gain unauthorized access to and modify protected information.

The vulnerability of the Juniper Networks Junos Space Security Director web interface interface is related to the absence of authentication. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to and modify the protected information...

8.6CVSS5.8AI score0.00284EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.4 views

The vulnerability of the Log File Handler component of the mod_auth module in the lighttpd web server allows a hacker to gain access and modify log entries.

The vulnerability of the Log File Handler component in the modauth web server module of the lighttpd server is related to the lack of measures taken to eliminate special elements in the log files. Exploiting this vulnerability can allow an attacker operating remotely to gain access and modify...

7.8CVSS7.1AI score0.09978EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.3 views

The vulnerability of the Mattermost instant messaging application, related to incorrect validation of the specified data type, allows a hacker to trigger a service failure.

The vulnerability of the Mattermost instant messaging application is related to improper validation of the specified data type. Exploiting this vulnerability could allow a malicious actor to trigger a service failure using a specially created GIF file...

6.8CVSS5.8AI score0.00346EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.3 views

The vulnerability of the Mattermost instant messaging application, related to the use of an unreliable search path, allows a hacker to execute arbitrary code.

The vulnerability of the Mattermos instant messaging application is related to the use of an unreliable search path. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

3.3CVSS6.1AI score0.00159EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.3 views

The vulnerability of the Mattermost instant messaging application relates to an overly restrictive mechanism for blocking user accounts. This allows a malicious actor to disclose protected information and block external LDAP accounts.

The vulnerability of the Mattermost instant messaging application is related to an overly restrictive mechanism for blocking user accounts. Exploiting this vulnerability could allow a malicious actor to disclose protected information and block external LDAP accounts...

5.8CVSS7.2AI score0.00287EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.3 views

The vulnerability of the WebSocket component in the Mattermost instant messaging application allows a hacker to gain unauthorized access to protected information.

The vulnerability of the WebSocket component in the Mattermost instant messaging application is related to the lack of authentication for the critical function. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

7.8CVSS5.8AI score0.00297EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.4 views

The vulnerability of the Stratix IOS operating system for Stratix 5410, 5700, and 8000 models arises from incorrect neutralization of special elements in the output data. This allows attackers to execute arbitrary code.

The vulnerability of the Stratix IOS operating system for Stratix 5410, 5700, and 8000 models is related to incorrect elimination of special elements in the output data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS6.1AI score0.00605EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.5 views

The vulnerability of the industrial network access point Wi-Fi model from Rockwell Automation, model 1783-NATR, arises from the possibility of manipulating inter-site requests, allowing a intruder to alter the device’s configuration.

The vulnerability of the Wi-Fi network access point from Rockwell Automation model 1783-NATR relates to the manipulation of inter-site requests. Exploiting this vulnerability could allow a malicious actor to remotely alter the device’s configuration...

9.4CVSS5.7AI score0.00193EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.3 views

The vulnerability of Schneider Electric’s ATV, ILC, VW series software products stems from the lack of protective measures for the website structure, allowing attackers to gain unauthorized access to protected information.

The vulnerability of Schneider Electric’s ATV, ILC, and VW series software products is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

6.4CVSS5.8AI score0.00399EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.4 views

The vulnerability in the Splunk Web interface of the Splunk Enterprise operating analysis platform allows a perpetrator to execute arbitrary JavaScript code.

The vulnerability in the Splunk Web interface of the Splunk Enterprise operating analysis platform is related to the failure to protect the structure of the web page when processing the dataset.command parameter. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScri...

6.8CVSS6AI score0.00335EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.3 views

The vulnerabilities of PDF viewing and editing programs such as Acrobat DC, Acrobat Reader DC, Acrobat 2024, Acrobat 2020, and Acrobat Reader 2020 are related to errors in verifying cryptographic signatures. These vulnerabilities allow attackers to circumvent existing security restrictions.

The vulnerabilities of PDF viewing and editing programs such as Acrobat DC, Acrobat Reader DC, Acrobat 2024, Acrobat 2020, and Acrobat Reader 2020 are related to errors in verifying the cryptographic signature. Exploiting these vulnerabilities can allow attackers to circumvent existing security...

4CVSS5.8AI score0.00379EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.4 views

The vulnerability of the GET Parameter Handler component of the JoomlaUX JUX Real Estate plugin for the Joomla content management system allows a hacker to execute arbitrary SQL code.

The vulnerability of the GET Parameter Handler component in the JoomlaUX JUX Real Estate plugin for the Joomla content management system is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary SQL code remotely...

9CVSS6.8AI score0.09591EPSS
Exploits2References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.4 views

The vulnerability of the Mattermost instant messaging application’s API component, which allows a hacker to compromise the confidentiality of protected information

The vulnerability of the Mattermost instant messaging application’s API component is related to deficiencies in the authentication process when processing the teamid parameter. Exploiting this vulnerability could allow an attacker to compromise the confidentiality of the protected information...

4.3CVSS5.8AI score0.00188EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.2 views

The vulnerability of the Mattermost instant messaging application, related to errors in information processing, allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Mattermost instant messaging application is related to errors in information processing. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information during the processing of the user ID parameter...

6.8CVSS5.8AI score0.00272EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.3 views

The vulnerability of the software for providing secure remote access to data in Palo Alto Networks’ GlobalProtect App is related to errors in the certificate validation process. This allows a malicious actor to create malicious certificates.

The vulnerability of the software for providing secure remote access to data in the Palo Alto Networks GlobalProtect App is related to errors in the certificate validation process. Exploiting this vulnerability allows a malicious actor to create malicious certificates from a remote location...

5.1CVSS5.8AI score0.00112EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.3 views

The vulnerability of the synchronization application for Qsync Central files relates to the lack of security measures for the SQL query structure, allowing a hacker to execute arbitrary code.

The vulnerability of the Qsync Central file synchronization application is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

9CVSS6.1AI score0.00394EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.7 views

The vulnerability of the QuTS operating systems and QTS network devices relates to the use of memory after it is freed. This allows attackers to execute arbitrary code and increase their privileges.

The vulnerability of the QuTS operating systems and QTS network devices involves the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and gain increased privileges...

10CVSS7.4AI score0.00778EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.3 views

The software’s vulnerability regarding backup and disaster recovery for HBS 3 (Hybrid Backup Sync) network devices on QNAP devices allows a intruder to gain unauthorized access to protected information.

The vulnerability of the HBS 3 Hybrid Backup Sync software for backup and disaster recovery functions regarding QNAP network devices is related to an incorrect limitation on the path name to the restricted-access directory. Exploiting this vulnerability could allow a malicious actor to gain...

7.8CVSS5.8AI score0.00203EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.4 views

The vulnerability of the industrial network access point Wi-Fi model from Rockwell Automation, model 1783-NATR, arises from the lack of protective measures for the website structure. This allows attackers to carry out cross-site scripting attacks.

The vulnerability of the Wi-Fi network access point from Rockwell Automation model 1783-NATR is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

9CVSS5.5AI score0.00244EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.4 views

The vulnerability of the 5G NRMM Packet Handler component in Samsung’s Exynos 2100, Exynos 1280, Exynos 2200, Exynos 1330, Exynos 1380, Exynos 1480, Exynos 9110, and Exynos Modem 5123 processors allows a hacker to trigger a service failure.

The vulnerability of the 5G NRMM Packet Handler component in Samsung’s Exynos 2100, Exynos 1280, Exynos 2200, Exynos 1330, Exynos 1380, Exynos 1480, Exynos 9110, and Exynos Modem 5123 processors is related to uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious...

7.8CVSS5.8AI score0.00323EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.4 views

The vulnerability of the Splunk Enterprise platform for operational analysis, related to insufficient protection of operational data, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Splunk Enterprise platform for operational analysis is related to insufficient protection of operational data. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information...

4CVSS5.8AI score0.00276EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.3 views

The vulnerability of Windows Admin Center’s server management tool, related to access control errors, allows a perpetrator to increase their privileges.

The vulnerability of the Windows Admin Center management tool is related to access control errors. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS6.1AI score0.00389EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.3 views

The vulnerability of the Adobe DNG Software Development Kit’s file reading and writing software lies in its integer overflow vulnerabilities, which allow attackers to execute arbitrary code.

The vulnerability of the Adobe DNG Software Development Kit’s file reading and writing software is related to a numerical overflow condition. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS6.1AI score0.00175EPSS
Exploits4References2
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.5 views

The vulnerability of the Packet Forwarding Engine (PFE) module of the JunOS operating system, which allows a hacker to trigger a service failure.

The vulnerability of the Packet Forwarding Engine PFE module in the JunOS operating system is related to the use of an uninitialized resource. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

7.8CVSS5.8AI score0.00331EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.5 views

The vulnerability of the Open in Channel function in the Mattermost instant messaging application allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Open in Channel function in the Mattermost instant messaging application is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

4.3CVSS5.8AI score0.00164EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.3 views

The vulnerability of the Mattermost instant messaging application, related to insufficient protection of operational data, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Mattermost instant messaging application is related to insufficient protection of sensitive data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

3CVSS5.8AI score0.00148EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.4 views

The vulnerability of the Palo Alto Networks Cortex XDR Microsoft 365 Defender Pack is related to insufficient protection of registration data, allowing attackers to gain unauthorized access to user registration information.

The vulnerability of the Palo Alto Networks Cortex XDR Microsoft 365 Defender Pack is related to insufficient protection for registration data. Exploiting this vulnerability can allow attackers to gain unauthorized access to user registration data...

3.2CVSS5.8AI score0.00127EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.4 views

The vulnerability of the Qsync Central file synchronization application, related to unlimited distribution of resources, allows a hacker to cause a service failure.

The vulnerability of the Qsync Central file synchronization application is related to the unlimited distribution of resources. Exploiting this vulnerability could allow a remote attacker to cause service failures...

6.8CVSS5.8AI score0.00387EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.7 views

The vulnerability of the software for creating and managing graphical user interfaces for Rockwell Automation FactoryTalk View Machine Edition devices lies in improper restrictions on path names to restricted directories. This allows attackers to trigger service failures.

The vulnerability of the software for creating and managing graphical user interfaces on Rockwell Automation FactoryTalk View Machine Edition industrial devices is related to incorrect restrictions on the path name to the restricted access catalog. Exploiting this vulnerability could allow a...

7.8CVSS5.8AI score0.00567EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.4 views

The vulnerability of the FactoryTalk Linx automation system’s software, related to incorrect privilege assignment, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the FactoryTalk Linx automation system’s software is related to the improper assignment of privileges. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS5.8AI score0.0017EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.5 views

The vulnerability of the REST API component of the Splunk Enterprise platform for operational analysis allows a attacker to perform an SSRF attack.

The vulnerability of the REST API component of the Splunk Enterprise platform for operational analysis is related to insufficient validation of requests at the server side. Exploiting this vulnerability could allow a malicious actor to perform an SSRF attack remotely...

7.6CVSS5.7AI score0.00437EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.3 views

The vulnerability of the Logendpoint component of the Splunk Enterprise platform for operational analysis lies in the redirection of the URL to an unreliable website, allowing a hacker to redirect users to any given URL address.

The vulnerability of the Logendpoint component of the Splunk Enterprise platform for operational analysis is related to the redirection of the URL to an unreliable website. Exploiting this vulnerability could allow a malicious actor to redirect users to any given URL address...

3.1CVSS5.8AI score0.0023EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.5 views

The vulnerability of the Plesk Obsidian web hosting panel, related to access control errors, allows a hacker to execute arbitrary code and gain unauthorized access to the server with root privileges.

The vulnerability of the Plesk Obsidian web hosting panel is related to access control errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code and gain unauthorized access to the server with root privileges...

10CVSS6.4AI score0.00439EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.3 views

The vulnerability of the graphic editor application for Adobe Creative Cloud Desktop Application lies in the creation of a temporary file in the directory with incorrect permissions, which allows a hacker to trigger a service failure.

The vulnerability of the Adobe Creative Cloud Desktop Application relates to the creation of a temporary file in the directory with incorrect permissions. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.8AI score0.00162EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.3 views

The vulnerability of mobile messaging applications like Mattermost Mobile Apps, related to the manipulation of cross-site requests, allows attackers to gain unauthorized access to protected information.

The vulnerability of mobile messaging applications like Mattermost Mobile Apps relates to the manipulation of cross-site requests. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information...

6.1CVSS5.6AI score0.00141EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/12/17 12:0 a.m.5 views

The vulnerability of the Mattermost instant messaging application, related to an uncontrolled search path element, allows a hacker to execute arbitrary code.

The vulnerability of the Mattermost instant messaging application is related to an uncontrolled element in the search process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute arbitrary code...

9.9CVSS6.2AI score0.00703EPSS
Exploits0References4Affected Software1
Total number of security vulnerabilities90709