74701 matches found
The vulnerability of the application software interface of Rockwell Automation’s PowerMonitor 1000 device for monitoring and controlling electrical networks allows a perpetrator to gain full access to the device.
The vulnerability of the application software interface of Rockwell Automation’s PowerMonitor 1000 monitoring and control device lies in the ability to create a privileged user bypassing the authentication mechanism. Exploiting this vulnerability could allow an intruder to gain full access to the...
The vulnerability of the Remote Function Call interface in the SAP NetWeaver AS ABAP software integration platform allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Remote Function Call interface in the SAP NetWeaver AS ABAP software integration platform is related to insufficient control over dynamically defined variables. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protect...
The vulnerability of the cdc-wdm component in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the cdc-wdm component in the Linux operating system’s kernel is related to incorrect blocking in the wdmintcallback function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Dell ECS storage platform lies in the redirection of the URL to an unreliable website, allowing a hacker to redirect users to any given URL address.
The vulnerability of the Dell ECS storage platform relates to the redirection of URLs to an unreliable website. Exploiting this vulnerability allows a hacker to redirect users to arbitrary URL addresses...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of the website structure, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the Translate component in Microsoft Edge and Google Chrome browsers allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Translate component in Microsoft Edge and Google Chrome relates to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the Ruijie Reyee OS operating system is related to the use of a initially dangerous function, which allows attackers to execute arbitrary commands.
The vulnerability of the Ruijie Reyee OS operating system is related to the use of a initially dangerous function. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by sending a specially created malicious MQTT message...
The vulnerability of the platform for monitoring, managing, and improving LLM applications, related to lack of access control, allows attackers to influence the confidentiality and integrity of the protected information.
The vulnerability of the platform for monitoring, managing, and improving LLM applications is related to lack of access control. Exploiting this vulnerability allows a malicious actor to influence the confidentiality and integrity of the protected information by updating the SAML configuration...
The vulnerability of Adobe Connect web conference software lies in the insufficient protection of the website structure, which allows attackers to execute arbitrary code.
The vulnerability of Adobe Connect web conference software is related to insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of the website structure, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of Adobe Connect web conference software lies in the redirection of URLs to an unreliable website, allowing attackers to circumvent existing security restrictions.
The vulnerability of Adobe Connect web conferencing software relates to the redirection of URLs to an unreliable website. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions remotely...
The vulnerability of the BPF filter in the Suricata intrusion detection and prevention system allows a intruder to trigger a service failure.
The vulnerability of the BPF filter in the Suricata intrusion detection and prevention system is related to the operation leaving the buffer boundaries into memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the operating system for managing Synology Router Manager allows for cross-site scripting attacks, as a lack of security measures has been taken to protect the website structure. This vulnerability enables attackers to carry out cross-site scripting attacks.
The vulnerability of the Synology Router Manager operating system for managing network devices is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
The vulnerability of the Adobe Substance 3D Modeler software for 3D modeling lies in pointer assignment errors, which can allow attackers to trigger a service failure.
The vulnerability of the Adobe Substance 3D Modeler software for 3D modeling is related to pointer assignment errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the operating system for managing Synology Router Manager allows for cross-site scripting attacks, as a lack of security measures has been taken to protect the website structure. This vulnerability enables attackers to carry out cross-site scripting attacks.
The vulnerability of the Synology Router Manager operating system for managing network devices is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
The vulnerability of the Network WOL function of the operating system for Synology Router Manager allows attackers to perform cross-site scripting attacks.
The vulnerability of the Network WOL function of the operating system for Synology Router Manager relates to the lack of security measures taken to protect the website structure. Exploiting this vulnerability could allow a remote attacker to perform cross-site attacks...
The vulnerability of the WiFi Connect Setting component of the operating system for managing Synology Router Manager network devices allows attackers to carry out domain-based attack scenarios.
The vulnerability of the WiFi Connect Setting component of the operating system used to manage Synology Router Manager devices is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...
The vulnerability of the “Evaluations” function of the monitoring, management, and improvement platform for LLM applications allows attackers to influence the integrity of the protected information.
The vulnerability of the “Evaluations” function in the platform for monitoring, managing, and improving LLM applications involves bypassing authentication by using a user-controlled key. Exploiting this vulnerability allows an attacker to remotely influence the integrity of protected information ...
The vulnerability of the Linux operating system’s kernel’s ipv6 component, which allows a hacker to trigger a service failure
The vulnerability of the ipv6 component in the Linux operating system’s kernel is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of the website structure, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of Adobe Connect web conference software lies in the redirection of URLs to an unreliable website, allowing attackers to circumvent existing security restrictions.
The vulnerability of Adobe Connect web conferencing software relates to the redirection of URLs to an unreliable website. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions remotely...
The vulnerability of the Next.js software platform for creating web applications stems from deficiencies in the authentication process, which allows attackers to circumvent security restrictions.
The vulnerability of the Next.js software platform for creating web applications is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass security restrictions remotely...
The vulnerability of the Veeam Agent for Microsoft Windows data backup tool lies in the use of an unreliable search path, allowing a perpetrator to execute arbitrary code.
The vulnerability of the Veeam Agent for Microsoft Windows data backup tool is related to the use of an unreliable search path. Exploiting this vulnerability allows attackers to execute arbitrary code by introducing malicious DLL libraries...
The vulnerability of Adobe Connect web conference software lies in the insufficient protection of the website structure, which allows attackers to execute arbitrary code.
The vulnerability of Adobe Connect web conference software is related to insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to type mixing errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of hardware and software solutions for data storage and information processing in Dell PowerFlex Appliances, PowerFlex Rack, PowerFlex Custom Node, InsightIQ, and Data Lakehouse lies in the insecure storage of confidential information, allowing unauthorized access to protected data by attackers.
The vulnerabilities of hardware and software solutions for data storage and information processing in Dell PowerFlex Appliances, PowerFlex Rack, PowerFlex Custom Node, InsightIQ, and Data Lakehouse are related to the insecure storage of confidential information. Exploiting these vulnerabilities c...
The vulnerability of Dell Power Manager’s software, related to inadequate access control, allows a perpetrator to execute arbitrary code and increase their privileges.
The vulnerability of Dell Power Manager is related to deficiencies in access control. Exploiting this vulnerability could allow a perpetrator to execute arbitrary code and increase their privileges...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of the website structure, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of Adobe Connect web conference software lies in the insufficient protection of the website structure, which allows attackers to execute arbitrary code.
The vulnerability of Adobe Connect web conference software is related to insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of Adobe Connect web conference software lies in the insufficient protection of the website structure, which allows attackers to execute arbitrary code.
The vulnerability of Adobe Connect web conference software is related to insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the Router Port Forward component of the operating system used to manage Synology Router Manager allows attackers to perform cross-site scripting attacks.
The vulnerability of the Router Port Forward component of the Synology Router Manager operating system relates to the lack of security measures for the website structure. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...
The vulnerability of the imagename handler in the CGI script /ems/cgi-bin/ezrf-lighttpd.cgi of the graphical interface for managing WLAN access points and LAN switches in Fortinet FortiWLM allows a attacker to execute arbitrary code.
The vulnerability of the imagename handler in the CGI script /ems/cgi-bin/ezrf-lighttpd.cgi of the graphical interface for managing WLAN access points and LAN switches in Fortinet FortiWLM is related to an incorrect limitation on the path name to the restricted directory. Exploiting this...
The vulnerability of the platform for monitoring, managing, and improving LLM applications, related to bypassing authentication using a user-controlled key, allows attackers to influence the integrity and confidentiality of protected information.
The vulnerability of the platform for monitoring, managing, and improving LLM applications involves bypassing authentication by using a user-controlled key. Exploiting this vulnerability allows an attacker to influence the integrity and confidentiality of protected information by manipulating the...
The vulnerability of the Git-based software platform for collaborative code development in GitLab EE/CE allows a hacker to trigger a service failure. This vulnerability is related to an uncontrolled resource consumption.
The vulnerability of the Git-based software platform for collaborative code development in GitLab EE/CE is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the parse_lrc function in the Gstreamer multimedia framework, which allows a hacker to trigger a service failure.
The vulnerability of the parselrc function in the Gstreamer multimedia framework is related to the use of the NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Ucum library in the Java programming language, which allows attackers to perform XXE attacks
The vulnerability of the Ucum library for the Java programming language is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability allows a malicious actor to perform XXE attacks remotely...
The vulnerability of the software for controlling the Geovision GV-ASManager system lies in the absence of an authentication procedure, which allows a intruder to disclose the protected information.
The vulnerability of the software for controlling the Geovision GV-ASManager access control system is related to the absence of an authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose the protected information...
The vulnerability of the StylemixThemes plugin in the eRoom – Zoom Meetings & Webinar system of the WordPress content management system, which allows a hacker to escalate their privileges.
The vulnerability of the StylemixThemes plugin in eRoom – a tool for Zoom meetings and webinars within the WordPress content management system – is related to the absence of authentication procedures. Exploiting this vulnerability could allow attackers to increase their privileges remotely...
The vulnerability of Dell RecoverPoint’s data protection software for virtual machines is related to an ASP.NET configuration error. Creating a binary debug file allows a malicious actor to gain unauthorized access to confidential information.
The vulnerability of Dell RecoverPoint’s data protection software for virtual machines is related to an error in ASP.NET configuration: the creation of a binary debug file. Exploiting this vulnerability can allow attackers to gain unauthorized access to confidential information...
The vulnerability of the software for data protection in Dell RecoverPoint for virtual machines stems from the use of cryptographic algorithms that have defects. This allows a hacker to execute arbitrary code.
The vulnerability of the Dell RecoverPoint data protection software for virtual machines relates to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The software for data protection solutions from Dell RecoverPoint for virtual machines has a vulnerability related to insufficient limits on authentication attempts. This allows attackers to carry out brute-force attacks.
The vulnerability of the Dell RecoverPoint data protection software for virtual machines relates to insufficient restrictions on authentication attempts. Exploiting this vulnerability could allow a malicious actor to carry out a brute-force attack...
The vulnerability of the formSetUSBPartitionUmount function in the wireless access point software Tenda G3 allows a intruder to execute arbitrary commands.
The vulnerability of the formSetUSBPartitionUmount function in the wireless access point Tenda G3 software is related to the lack of measures taken to neutralize special elements during the processing of the usbPartitionName parameter. Exploiting this vulnerability allows a remote attacker to...
The vulnerability of the _execve50c() function in the POSIX.1-2008 standard library for the Perl language in version 2008 allows a attacker to execute arbitrary code or cause a service failure.
The vulnerability of the execve50c function in the POSIX.1-2008 standard library for the Perl language in POSIX.2008 is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause...
The vulnerability of PDF viewing and editing programs such as Acrobat Document Cloud, Adobe Reader Document Cloud, Adobe Reader, and Adobe Acrobat lies in their memory management after memory is freed. This allows attackers to execute arbitrary code.
The vulnerability of PDF viewing and editing programs like Acrobat Document Cloud, Adobe Reader Document Cloud, Adobe Reader, and Adobe Acrobat is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially create...
The vulnerability of the client-side and server-side implementations of the SSHv2 asyncssh protocol in Python programming language allows attackers to carry out “man-in-the-middle” type attacks.
The vulnerability of the client-side and server-side implementations of the SSHv2 asyncssh protocol in Python lies in insufficient validation of data authenticity. Exploiting this vulnerability allows a malicious actor to carry out “man-in-the-middle” attacks remotely...
The vulnerability of the permission_callback function in the Hunk Companion plugin of the WordPress content management system allows a hacker to execute XSS attacks.
The vulnerability of the permissioncallback function in the Hunk Companion plugin of the WordPress content management system is related to the absence of authentication. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks...
The vulnerability of the client-side and server-side implementations of the SSHv2 asyncssh protocol in Python programming language allows attackers to carry out “man-in-the-middle” type attacks.
The vulnerability of the client-side and server-side implementations of the SSHv2 asyncssh protocol in Python lies in the ability to bypass authentication using a user-controlled key. Exploiting this vulnerability allows an attacker to perform “man-in-the-middle” attacks remotely...
The vulnerability in the `src/libs/zbxembed/browser.c` script of the Zabbix monitoring system allows a attacker to trigger a Denial-of-Service Attack (DoS).
The vulnerability in the src/libs/zbxembed/browser.c script of the Zabbix monitoring system relates to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to trigger a Denial-of-Service Attack DoS...
The vulnerability of the gst_ssa_parse_remove_override_codes function in the Gstreamer multimedia framework allows a violator to trigger a service failure.
The vulnerability of the gstssaparseremoveoverridecodes function in the Gstreamer multimedia framework is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of Eclipse Jetty servlet containers, related to uncontrolled resource consumption, allows attackers to trigger a Denial-of-Service Attack (DoS).
The vulnerability of Eclipse Jetty servlet containers is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to initiate a Denial-of-Service attack from a remote location...