90709 matches found
The vulnerability of the software for creating and managing User-ID Credential Agents allows unauthorized individuals to access system data within the controlled area, enabling them to disclose protected information.
The vulnerability of the software for creating and managing User-ID Credential Agents relates to the disclosure of system data that is not accessible to authorized personnel in the controlled area. Exploiting this vulnerability could allow an attacker to disclose protected information...
The vulnerability of the Qsync Central file synchronization application, related to unlimited distribution of resources, allows a hacker to cause a service failure.
The vulnerability of the Qsync Central file synchronization application is related to the unlimited distribution of resources. Exploiting this vulnerability could allow a remote attacker to cause service failures...
The vulnerability of the QuTS operating systems and QTS network devices involves the use of memory after it is freed. This allows attackers to execute arbitrary code and increase their privileges.
The vulnerability of the QuTS operating systems and QTS network devices involves the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and gain increased privileges...
The vulnerability of the synchronization application for Qsync Central files relates to the lack of security measures for the SQL query structure, allowing a hacker to execute arbitrary code.
The vulnerability of the Qsync Central file synchronization application is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of embedded software developed by Qualcomm, related to deficiencies in authentication mechanisms, allows attackers to cause memory corruption.
The vulnerability of embedded Qualcomm software programs is related to deficiencies in the authentication mechanism. Exploiting this vulnerability can allow attackers to cause memory corruption...
The vulnerability of the FactoryTalk Linx automation system’s software, related to incorrect privilege assignment, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the FactoryTalk Linx automation system’s software is related to the improper assignment of privileges. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability in the Splunk Web interface of the Splunk Enterprise operating analysis platform allows a perpetrator to trigger a service failure.
The vulnerability in the Splunk Web platform for operational analysis in Splunk Enterprise relates to an uncontrolled resource consumption when processing the changeauthentication parameter. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of microprogramming software in embedded Qualcomm chips, related to the use of memory after it is freed, allows a hacker to execute arbitrary code.
The vulnerability of microprogramming software in embedded Qualcomm chips relates to the use of memory after it is freed. Exploiting this vulnerability can allow a hacker to execute arbitrary code...
The vulnerability of the input/output hardware module of Rockwell Automation FLEX 5000 IO (5094-IF8) arises from insufficient verification of the specified type of input data. This vulnerability allows a malicious actor to trigger a service failure.
The vulnerability of the input/output hardware module of Rockwell Automation FLEX 5000 IO 5094-IF8 is related to insufficient verification of the specified type of input data. Exploiting this vulnerability can allow a malicious actor to cause maintenance failures remotely...
The vulnerability of the microprogramming software of the IBM Storage TS4500 flash drive, related to the manipulation of cross-site requests, allows a perpetrator to carry out a CSRF attack.
The vulnerability of the microprogramming software of the IBM Storage TS4500 flash drive is related to the manipulation of cross-site requests. Exploiting this vulnerability can allow a remote attacker to execute a CSRF attack...
The vulnerability of the software for deploying and executing AI models with NVIDIA Triton Inference Server (previously known as TensorRT Inference Server) allows a malicious actor to trigger a service failure. This vulnerability stems from improper checking of the data size at the input stage.
The vulnerability of the software for deploying and executing AI models developed by NVIDIA Triton Inference Server previously known as TensorRT Inference Server is related to improper checking of the amount of data at input. Exploiting this vulnerability can allow a malicious actor to cause...
The vulnerability of the WinGUp software, a tool for automatic updating of the Notepad++ text editor, stems from insufficient verification of the authenticity of update files. This allows attackers to execute arbitrary code.
The vulnerability of the WinGUp software for updating Notepad++ editors is related to insufficient verification of the authenticity of update files. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted executable file...
The vulnerability of embedded software developed by Qualcomm, related to uncontrolled implementation of certain certifications, allows attackers to trigger service failures.
The vulnerability of embedded Qualcomm software is related to an uncontrolled and exploitable specification. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the Nagios Network Analyzer software, a monitoring and network traffic analysis tool, arises from the lack of security measures taken to protect the website structure. This vulnerability allows attackers to execute arbitrary code.
The vulnerability of the Nagios Network Analyzer software relates to the lack of security measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code...
The vulnerability of the Password Manager component in the Google Chrome browser allows a hacker to disclose protected information and execute arbitrary codes.
The vulnerability of the Password Manager component in the Google Chrome browser relates to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to disclose sensitive information and execute arbitrary code...
The vulnerability of the Virtual Keyboard Video Monitor (vKVM) system used in Cisco Integrated Management Controller (IMC) remote management solutions allows a hacker to redirect users to any desired URL address.
The vulnerability of the Virtual Keyboard Video Monitor vKVM system, a remote administration tool from Cisco’s Integrated Management Controller IMC, involves redirecting URLs to an unreliable website. Exploiting this vulnerability allows a malicious actor to redirect users to any given URL addres...
The vulnerability of the endpoint of the Elasticsearch API system/stop service of the Nagios Log Server monitoring and analysis software allows a perpetrator to cause a service failure.
The vulnerability of the endpoint of the API system/stop service in the Elasticsearch software for monitoring and analyzing log files by Nagios Log Server is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to trigger a service failure ...
The vulnerability of the setDiagnosisCfg function in the TOTOLink A950RG router’s microprogramming software allows a intruder to execute arbitrary commands.
The vulnerability of the setDiagnosisCfg function in the TOTOLink A950RG router’s microprogramming system is related to the failure to take measures to clean data at the control level. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the Markdown-it component on the SAPUI development user interface platform allows a attacker to trigger a service failure.
The vulnerability of the Markdown-it component of the SAPUI development user interface platform is related to asymmetric resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...
The vulnerability of SAP BusinessObjects Business Intelligence platform, related to incorrect coding or filtering of output data, allows a perpetrator to execute an SSRF attack.
The vulnerability of SAP BusinessObjects Business Intelligence platform is related to incorrect coding or filtering of output data. Exploiting this vulnerability can allow a malicious actor to execute an SSRF attack remotely...
The vulnerability of NVIDIA’s AI adaptation platform TAO, related to insufficient checking of privileged states, allows a perpetrator to escalate their privileges.
The vulnerability of NVIDIA’s AI adaptation platform, TAO, is related to insufficient testing of exceptional states. Exploiting this vulnerability can allow a remote attacker to gain increased privileges...
The vulnerability of the AuthN component of the distributed storage system for NVIDIA AIStore-based AI applications allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the AuthN component in the NVIDIA AIStore distributed storage system for AI-based applications involves a lack of authentication. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability in the DZS router’s web interface allows a attacker to execute XSS attacks.
The vulnerability in the DZS router’s web interface exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
The vulnerability of microprogrammed software in ZTE ZXHN-F660T and ZXHN-F660A optical modems, related to the use of weak credentials, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of microprogrammed software in ZTE ZXHN-F660T and ZXHN-F660A optical modems is related to the use of weak authentication credentials. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the PIA Core Technology component of the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a hacker to gain read, modify, and delete access to data.
The vulnerability of the PIA Core Technology component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to a breach of the buffer’s initial boundary. Exploiting this vulnerability could allow an attacker operating remotely to gain read, modify, and delete acce...
The vulnerability of microprogramming software in embedded Qualcomm chips, related to the use of memory after it is freed, allows a hacker to execute arbitrary code.
The vulnerability of microprogramming software in embedded Qualcomm chips relates to the use of memory after it is freed. Exploiting this vulnerability can allow a hacker to execute arbitrary code...
The vulnerability of embedded Qualcomm microprogramming software, related to copying buffers without checking the size of input data, allows a violator to execute arbitrary code.
The vulnerability of microprogramming software in embedded Qualcomm chips lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the embedded software for DGN2200v4 lies in insufficient validation of input data, allowing a hacker to execute arbitrary code.
The vulnerability of the embedded software for DGN2200v4 lies in insufficient validation of input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the Wlan AP Driver software driver, a microprogramming-based chip from MediaTek, allows attackers to disclose protected information.
The vulnerability of the Wlan AP Driver software driver from MediaTek is related to an error in exception handling. Exploiting this vulnerability could allow a remote attacker to disclose sensitive information that is protected by the system...
The vulnerability of NETGEAR RAX30 and RAXE300 microprogrammed software drivers lies in authentication process errors, allowing attackers to execute arbitrary commands.
The vulnerability of NETGEAR RAX30 and RAXE300 microprogrammed software drivers is related to errors in the certificate validation process. Exploiting this vulnerability could allow an attacker to execute arbitrary commands remotely...
The vulnerability of the mptcp_schedule_work() function in the net/mptcp/protocol.c module of the MPTCP protocol implementation in the Linux operating system allows a attacker to cause a service failure.
The vulnerability of the mptcpschedulework function in the net/mptcp/protocol.c module of the MPTCP protocol implementation in the Linux operating system is related to synchronization errors when using shared resources „Race Conditions“. Exploiting this vulnerability can allow a malicious actor t...
The vulnerability of the Jenkins HashiCorp Vault Plugin, related to deficiencies in access control, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Jenkins HashiCorp Vault Plugin is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the npm React Router package, related to insufficient handling of exceptional states, allows a violator to trigger a service failure.
The vulnerability of the npm React Router package is related to insufficient handling of exceptional states. Exploiting this vulnerability may allow a remote attacker to cause service failures...
The vulnerability of the REST API interface of the XWiki Platform, a platform for creating collaborative web applications. The XWiki Platform allows attackers to trigger a service failure.
The vulnerability of the REST API interface of the XWiki Platform, a platform for creating collaborative web applications, lies in its unlimited resource distribution. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the IBM Sterling B2B Integrator and IBM Sterling File Gateway software, which involves exposing system data to unauthorized individuals, allows a violator to gain unauthorized access to protected information.
The vulnerability of the IBM Sterling B2B Integrator and IBM Sterling File Gateway software lies in the ability to expose system data to unauthorized individuals. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...
The vulnerability of Microprogrammed Software in Network Video Recorders like Digiever DS, related to the lack of measures to neutralize special elements, allows a violator to execute arbitrary code.
The vulnerability of the microprogrammed software in network video recorders Digiever DS is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Telnet Service component of the wireless router WIRELESS-N 300M software allows a hacker to execute arbitrary commands.
The vulnerability of the Telnet Service component of the wireless router WIRELESS-N 300M software lies in the use of default login credentials. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...
The vulnerability of Zyxel network devices’ microprogramming software arises from the lack of measures taken to neutralize special elements used in the operating system commands. This vulnerability allows attackers to execute arbitrary operating system commands.
The vulnerability of Zyxel network devices’ microprogramming software exists due to the lack of measures taken to neutralize the special elements used in the operating system command set. Exploiting this vulnerability allows a remote attacker to execute arbitrary operating system commands during...
The vulnerability in the cstecgi.cgi microprogramming system of TOTOLINK LR1200GB and NR1800X routers allows a attacker to cause a service failure or execute arbitrary code.
Vulnerability of the cstecgi.cgi microprogramming system in TOTOLINK LR1200GB and NR1800X routers. Exploitation of this vulnerability can allow a malicious actor to cause service failures or execute arbitrary code when processing the IpAddress parameter...
The vulnerability of the PIA Core Technology component of the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a hacker to gain read, modify, and delete access to data.
The vulnerability of the PIA Core Technology component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to a breach of the buffer’s initial boundary. Exploiting this vulnerability could allow an attacker operating remotely to gain read, modify, and delete acce...
The vulnerability of the `present_create_notifies` function in the implementation of the Wayland protocol for X.Org XWayland, as well as in the implementation of the X Window System Server, allows a malicious actor to execute arbitrary code or cause a service failure.
The vulnerability of the presentcreatenotifies function in the implementation of the Wayland protocol for X.Org XWayland, as well as in the implementation of the X Window System Server, is related to the use of memory after it is freed. Exploiting this vulnerability can allow a attacker to execut...
The vulnerability of the `be_send_pkt_to_bmc()` function in the `drivers/net/ethernet/emulex/benet/be_main.c` file of the be2net network device driver for the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the besendpkttobmc function in the drivers/net/ethernet/emulex/benet/bemain.c file of the be2net network device driver in the Linux kernel is related to the swapping of pointers. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability in the arch/arm64/kvm/hyp/nvhe/ffa.c module of the Linux Kernel-Based Virtual Machine (KVM) virtualization subsystem allows a attacker to execute arbitrary code or escalate privileges.
The vulnerability in the arch/arm64/kvm/hyp/nvhe/ffa.c module of the Linux Kernel-Based Virtual Machine KVM virtualization subsystem is related to the execution of operations beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to execute arbitrary code or gain...
Vulnerability of the amdgpu_discovery_get_nps_info() function in the drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c file – This driver is part of the Linux operating system’s support for AMD GPU cores in Direct Rendering Infrastructure (DRI). It allows a hacker to trigger a service failure.
Vulnerability of the amdgpudiscoverygetnpsinfo function in the drivers/gpu/drm/amd/amdgpu/amdgpudiscovery.c module – The Linux driver for AMD GPU cores that supports Direct Rendering Infrastructure DRI is vulnerable due to a pointer manipulation issue. Exploiting this vulnerability could allow an...
The vulnerability of the ls_recover() function in the fs/dlm/recoverd.c module exposes the support for distributed locking mechanisms in the Linux operating system’s kernel. This allows a malicious actor to cause a service failure.
The vulnerability of the lsrecover function in the fs/dlm/recoverd.c module, which supports Linux kernel-based distributed locking mechanisms, is related to errors in the returned values. Exploiting this vulnerability could allow an attacker to cause a service failure...
Vulnerability of the hclge_ptp_set_tx_info() function in the drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_ptp.c module – A driver for supporting Ethernet adapter support in Linux kernels, which allows a hacker to cause service failure
Vulnerability of the hclgeptpsettxinfo function in the drivers/net/ethernet/hisilicon/hns3/hns3pf/hclgeptp.c module – The Linux kernel’s Ethernet adapter support driver relies on pointer swapping. Exploiting this vulnerability could allow an attacker to cause a system failure...
The vulnerability of the tool for blocking unauthorized incoming traffic in GitHub Bullfrog’s working processes, related to the disclosure of information during data transmission, allows a violator to bypass the sandbox protection mechanism.
The vulnerability of the tool for blocking unauthorized incoming traffic in GitHub Bullfrog is related to the disclosure of information during data transmission. Exploiting this vulnerability could allow a hacker to bypass the sandbox’s security mechanisms...
The vulnerability of the Jenkins automation server, related to the storage of information in an open manner, allows a perpetrator to gain unauthorized access to the protected information.
The vulnerability of the Jenkins automation server lies in the way information is stored in an open manner. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to the protected information...
The vulnerability of the Jenkins automation server, related to the storage of information in an open manner, allows a perpetrator to gain unauthorized access to the protected information.
The vulnerability of the Jenkins automation server lies in the way information is stored in an open manner. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to the protected information...
The vulnerability of the Toolbar component in the Google Chrome browser allows a hacker to disclose protected information and cause a service failure.
The vulnerability of the Toolbar component in Google Chrome is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to disclose sensitive information and cause service failures...