90709 matches found
The vulnerability of the dsa_switch_shutdown() function in the net/dsa/dsa2.c module exposes a flaw in the support for Linux kernel distributed architecture switches, allowing an attacker to trigger a service failure.
The vulnerability of the dsaswitchshutdown function in the net/dsa/dsa2.c module, which supports Linux kernel with distributed architecture switches, is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Jenkins automation server, related to the storage of information in an open manner, allows a perpetrator to gain unauthorized access to the protected information.
The vulnerability of the Jenkins automation server lies in the way information is stored in an open manner. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to the protected information...
The vulnerability of the import_flow function in the framework for developing applications using large language models like db-gpt allows a hacker to execute arbitrary code.
The vulnerability of the importflow function in the framework for developing applications using large language models like db-gpt is related to an incorrect restriction on the path name to the restricted-access directory. Exploiting this vulnerability could allow a remote attacker to execute...
The vulnerabilities of XWiki Platform Flamingo Skin Resources and XWiki Platform Web Templates, a platform for creating collaborative web applications. These vulnerabilities allow attackers to perform cross-site scripting attacks.
The vulnerabilities of XWiki Platform Flamingo Skin Resources and XWiki Platform Web Templates, a platform for creating collaborative web applications, are related to the lack of measures taken to protect the website structure. Exploiting these vulnerabilities can allow attackers to perform...
The vulnerability of microprogrammed network interface modules of the 432ES-IG3 Series A, related to unlimited distribution of resources, allows a intruder to cause service failure.
The vulnerability of the microprogrammed network interface modules of the 432ES-IG3 Series A is related to unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
The vulnerability of the IAM software for designing, operating, and maintaining technological installations—COMOS, as well as tools for design and simulation such as Siemens Solid Edge, Simcenter 3D, and Simcenter Femap—allows a perpetrator to carry out a type of “man-in-the-middle” attack.
The vulnerability of IAM software for designing, operating, and maintaining technological installations such as COMOS, design and simulation tools like Siemens Solid Edge, Simcenter 3D, and Simcenter Femap, is related to errors in the certificate validation process. Exploiting this vulnerability...
The vulnerability of the Telnet Service component of the wireless router WIRELESS-N 300M software allows a hacker to execute arbitrary commands.
The vulnerability of the Telnet Service component of the wireless router WIRELESS-N 300M software lies in the use of default login credentials. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...
The vulnerability of Zyxel network devices’ microprogramming software arises from the lack of measures taken to neutralize special elements used in the operating system commands. This vulnerability allows attackers to execute arbitrary operating system commands.
The vulnerability of Zyxel network devices’ microprogramming software exists due to the lack of measures taken to neutralize the special elements used in the operating system command set. Exploiting this vulnerability allows a remote attacker to execute arbitrary operating system commands during...
The vulnerability of the setDiagnosisCfg function in the TOTOLink A950RG router’s microprogramming software allows a intruder to execute arbitrary commands.
The vulnerability of the setDiagnosisCfg function in the TOTOLink A950RG router’s microprogramming system is related to the failure to take measures to clean data at the control level. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the PIA Core Technology component of the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a hacker to gain read, modify, and delete access to data.
The vulnerability of the PIA Core Technology component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to a breach of the buffer’s initial boundary. Exploiting this vulnerability could allow an attacker operating remotely to gain read, modify, and delete acce...
The vulnerability of the embedded software for DGN2200v4 lies in insufficient validation of input data, allowing a hacker to execute arbitrary code.
The vulnerability of the embedded software for DGN2200v4 lies in insufficient validation of input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the Wlan AP Driver software driver, a microprogramming-based chip from MediaTek, allows attackers to disclose protected information.
The vulnerability of the Wlan AP Driver software driver from MediaTek is related to an error in exception handling. Exploiting this vulnerability could allow a remote attacker to disclose sensitive information that is protected by the system...
The vulnerability of the imx_pgc_power_up() function in the drivers/pmdomain/imx/gpcv2.c file of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the imxpgcpowerup function in the drivers/pmdomain/imx/gpcv2.c file of the Linux kernel is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
Vulnerability of the virtnet_enable_queue_pair() function in the drivers/net/virtio_net.c module – A Linux kernel network device driver that allows a hacker to cause a service failure
Vulnerability of the virtnetenablequeuepair function in the drivers/net/virtionet.c module – The Linux kernel’s network device driver support mechanism is related to operations involving resources after their expiration. Exploiting this vulnerability can allow an attacker to cause service failure...
Vulnerability of the hclge_ptp_set_tx_info() function in the drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_ptp.c module – A driver for supporting Ethernet adapter support in Linux kernels, which allows a hacker to cause service failure
Vulnerability of the hclgeptpsettxinfo function in the drivers/net/ethernet/hisilicon/hns3/hns3pf/hclgeptp.c module – The Linux kernel’s Ethernet adapter support driver relies on pointer swapping. Exploiting this vulnerability could allow an attacker to cause a system failure...
The vulnerability of the npm React Router package, related to insufficient handling of exceptional states, allows a violator to trigger a service failure.
The vulnerability of the npm React Router package is related to insufficient handling of exceptional states. Exploiting this vulnerability may allow a remote attacker to cause service failures...
The vulnerability of the cfFilterImageToRaster function in the printing server of CUPS allows a attacker to compromise the confidentiality and integrity of the protected information.
The vulnerability of the cfFilterImageToRaster function in the printing server of CUPS involves reading memory beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and integrity of the protected information...
The vulnerability of the system call ioctl driver ltq-ptm of the operating system for OpenWrt routers allows a hacker to gain access to read and write memory in the kernel.
The vulnerability of the system call ioctl driver ltq-ptm of the operating system for OpenWrt routers allows a hacker to gain access to read and write memory in the kernel...
The vulnerability of the Redpen plugin – Pipeline Reporter for Jira Jenkins server automation tools – relates to improper restrictions on the path to the restricted catalog. This allows a malicious individual to gain unauthorized access to protected information.
The vulnerability of the Redpen plugin – Pipeline Reporter for Jira Jenkins server automation tools – involves improper restrictions on the path to the restricted catalog. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected...
The vulnerability of the REST API interface of the XWiki Platform, a platform for creating collaborative web applications. The XWiki Platform allows attackers to trigger a service failure.
The vulnerability of the REST API interface of the XWiki Platform, a platform for creating collaborative web applications, lies in its unlimited resource distribution. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the XWiki platform, which relates to the failure to implement measures to neutralize instructions in dynamically executed code, allows attackers to execute arbitrary code and gain access to read and modify data.
The vulnerability of the XWiki Platform lies in the lack of measures taken to neutralize instructions in dynamically executed code. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely and gain access to read and modify data...
The vulnerability of the CODESYS Development System, a programming platform for embedded systems, arises from deficiencies in the deserialization mechanism. This allows attackers to execute arbitrary code.
The vulnerability of the CODESYS Development System, a programming platform for embedded systems, is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability in the web-based application system for customer support services, technical support, and IT service management, Znuny, arises from the failure to implement measures to neutralize instructions in dynamically executed code. This allows attackers to enhance their privileges and execute arbitrary commands.
The vulnerability in the web-based application system for customer support services, technical support, and IT service management involves a failure to implement measures to neutralize instructions within the dynamically executed code. Exploiting this vulnerability allows an attacker to enhance...
The vulnerability of the FactoryTalk DataMosaix Private Cloud data management platform and production process optimization, related to the lack of measures taken to protect the SQL query structure, allows attackers to execute arbitrary code.
The vulnerability of the FactoryTalk DataMosaix Private Cloud data management platform and its production process optimization capabilities is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code...
The vulnerability of the IBM Sterling B2B Integrator and IBM Sterling File Gateway software, which involves exposing system data to unauthorized individuals, allows a violator to gain unauthorized access to protected information.
The vulnerability of the IBM Sterling B2B Integrator and IBM Sterling File Gateway software lies in the ability to expose system data to unauthorized individuals. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...
The vulnerability of the SAP NetWeaver Enterprise Portal (SAP NW EP) software integration platform lies in the insufficient protection of operational data during code debugging, allowing attackers to carry out cross-site scripting attacks.
The vulnerability of the SAP NetWeaver Enterprise Portal software integration platform SAP NW EP is related to insufficient protection of operational data during code debugging. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
The vulnerability of the software for deploying and executing AI models with NVIDIA Triton Inference Server (previously known as TensorRT Inference Server) allows a malicious actor to trigger a service failure. This vulnerability stems from improper checking of the data size at the input stage.
The vulnerability of the software for deploying and executing AI models developed by NVIDIA Triton Inference Server previously known as TensorRT Inference Server is related to improper checking of the amount of data at input. Exploiting this vulnerability can allow a malicious actor to cause...
The vulnerability of NVIDIA’s AI adaptation platform TAO, related to insufficient checking of privileged states, allows a perpetrator to escalate their privileges.
The vulnerability of NVIDIA’s AI adaptation platform, TAO, is related to insufficient testing of exceptional states. Exploiting this vulnerability can allow a remote attacker to gain increased privileges...
The vulnerability of Microprogrammed Software in Network Video Recorders like Digiever DS, related to the lack of measures to neutralize special elements, allows a violator to execute arbitrary code.
The vulnerability of the microprogrammed software in network video recorders Digiever DS is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the microprogrammed software for GNCC GC2 Indoor Security Camera cameras relates to deficiencies in authentication procedures, allowing intruders to bypass the authentication process.
The vulnerability of the microprogrammed video surveillance camera software from GNCC GC2 Indoor Security Camera is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a intruder to bypass the authentication process...
The vulnerability of microprogrammed software in ZTE ZXHN-F660T and ZXHN-F660A optical modems, related to the use of weak credentials, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of microprogrammed software in ZTE ZXHN-F660T and ZXHN-F660A optical modems is related to the use of weak authentication credentials. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of microprogramming software in embedded Qualcomm chips, related to writing beyond the buffer boundaries, allows a hacker to execute arbitrary code.
The vulnerability of embedded Qualcomm software is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of microprogramming software in embedded Qualcomm chips, related to the use of memory after it is freed, allows a hacker to execute arbitrary code.
The vulnerability of microprogramming software in embedded Qualcomm chips relates to the use of memory after it is freed. Exploiting this vulnerability can allow a hacker to execute arbitrary code...
The vulnerability of NETGEAR RAX30 and RAXE300 microprogrammed software drivers lies in authentication process errors, allowing attackers to execute arbitrary commands.
The vulnerability of NETGEAR RAX30 and RAXE300 microprogrammed software drivers is related to errors in the certificate validation process. Exploiting this vulnerability could allow an attacker to execute arbitrary commands remotely...
The vulnerability of the plugin for working with Git repositories in Jenkins’ Git client plugin, related to the failure to take measures to neutralize special elements, allows a violator to execute arbitrary code.
The vulnerability of the plugin for working with Git repositories in Jenkins Git clients is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a malicious actor operating remotely to execute arbitrary code...
The vulnerability of the Password Manager component in the Google Chrome browser allows a hacker to disclose protected information and execute arbitrary codes.
The vulnerability of the Password Manager component in the Google Chrome browser relates to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to disclose sensitive information and execute arbitrary code...
The vulnerability of the endpoint of the Elasticsearch API system/stop service of the Nagios Log Server monitoring and analysis software allows a perpetrator to cause a service failure.
The vulnerability of the endpoint of the API system/stop service in the Elasticsearch software for monitoring and analyzing log files by Nagios Log Server is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to trigger a service failure ...
The vulnerability of the Nagios Fusion software for visualizing IT infrastructure working conditions lies in the lack of protective measures for the website structure, allowing attackers to execute arbitrary code.
The vulnerability of the Nagios Fusion software for visualizing IT infrastructure’s operational status is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Nagios Network Analyzer software, a monitoring and network traffic analysis tool, arises from the lack of security measures taken to protect the website structure. This vulnerability allows attackers to execute arbitrary code.
The vulnerability of the Nagios Network Analyzer software relates to the lack of security measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code...
The vulnerability of the Nagios Network Analyzer software lies in its inability to neutralize certain special elements, allowing a hacker to execute arbitrary code. This vulnerability allows attackers to perform unauthorized actions.
The vulnerability of the Nagios Network Analyzer software lies in its lack of measures to neutralize certain special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the WinGUp software, a tool for automatic updating of the Notepad++ text editor, stems from insufficient verification of the authenticity of update files. This allows attackers to execute arbitrary code.
The vulnerability of the WinGUp software for updating Notepad++ editors is related to insufficient verification of the authenticity of update files. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted executable file...
The vulnerability of the AuthN component of the distributed storage system for NVIDIA AIStore-based AI applications allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the AuthN component in the NVIDIA AIStore distributed storage system for AI-based applications involves a lack of authentication. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of ZTE MC889A Pro router’s microprogramming software, related to deficiencies in the encoding or shielding mechanisms for output data, allows attackers to trigger a service failure.
The vulnerability of the ZTE MC889A Pro router’s microprogramming software is related to deficiencies in the mechanism for encoding or shielding output data. Exploiting this vulnerability can allow a malicious actor to trigger a service failure...
The vulnerabilities of the infostat.cgi and cstecgi.cgi scripts in the TOTOLINK A720R, LR1200GB, and NR1800X networking device software allow a malicious individual to cause service interruptions or execute arbitrary code.
The vulnerability of the infostat.cgi and cstecgi.cgi microprogramming devices of the TOTOLINK A720R, LR1200GB, and NR1800X networks devices is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code...
The vulnerability in the cstecgi.cgi microprogramming system of TOTOLINK LR1200GB and NR1800X routers allows a attacker to cause a service failure or execute arbitrary code.
Vulnerability of the cstecgi.cgi microprogramming system in TOTOLINK LR1200GB and NR1800X routers. Exploitation of this vulnerability can allow a malicious actor to cause service failures or execute arbitrary code when processing the IpAddress parameter...
The vulnerability of embedded software developed by Qualcomm, related to uncontrolled implementation of certain certifications, allows attackers to trigger service failures.
The vulnerability of embedded Qualcomm software is related to an uncontrolled and exploitable specification. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability in the arch/arm64/kvm/hyp/nvhe/ffa.c module of the Linux Kernel-Based Virtual Machine (KVM) virtualization subsystem allows a attacker to execute arbitrary code or escalate privileges.
The vulnerability in the arch/arm64/kvm/hyp/nvhe/ffa.c module of the Linux Kernel-Based Virtual Machine KVM virtualization subsystem is related to the execution of operations beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to execute arbitrary code or gain...
Vulnerability of the ivpu_ipc_receive() function in the drivers/accel/ivpu/ivpu_ipc.c module – This driver for supporting the Intel NPU core in the Linux operating system allows a hacker to trigger a service failure.
Vulnerability of the ivpuipcreceive function in the drivers/accel/ivpu/ivpuipc.c module – The Linux kernel’s Intel NPU driver support mechanism is vulnerable to synchronization errors when using shared resources. Exploiting this vulnerability can allow attackers to cause system failures...
The vulnerability of the tool for blocking unauthorized incoming traffic in GitHub Bullfrog’s working processes, related to the disclosure of information during data transmission, allows a violator to bypass the sandbox protection mechanism.
The vulnerability of the tool for blocking unauthorized incoming traffic in GitHub Bullfrog is related to the disclosure of information during data transmission. Exploiting this vulnerability could allow a hacker to bypass the sandbox’s security mechanisms...
The vulnerability of the Toolbar component in the Google Chrome browser allows a hacker to disclose protected information and cause a service failure.
The vulnerability of the Toolbar component in Google Chrome is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to disclose sensitive information and cause service failures...