The vulnerability of the Jenkins automation server plugin Xooa lies in the storage of tokens in an unencrypted form, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the Jenkins automation server plugin Xooa is related to the storage of tokens in an unencrypted form in the file io.jenkins.plugins.xooa.GlobConfig.xml. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to protected information...

The vulnerability of the Warrior Framework plugin for Jenkins’ automation servers, related to the storage of passwords in an open manner, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Jenkins automation server’s Warrior Framework plugin lies in the storage of passwords in an exposed manner within the config.xml file. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to protected information...

The vulnerability of the Thunderbird email client, related to insufficient validation of input data, allows attackers to gain access to potentially confidential information.

The vulnerability of the Thunderbird email client is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to gain access to potentially confidential information...

The vulnerability of the Win32k.sys component in Windows operating systems, which allows a hacker to increase their privileges

The vulnerability of the Win32k.sys component in Windows operating systems is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability of the DOM component of Adobe Experience Manager (AEM), which allows attackers to perform cross-site scripting attacks

The vulnerability of the DOM component of the Adobe Experience Manager AEM system relates to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created web page...

The vulnerability of the Connected Devices Platform Service (CDPSvc) in Microsoft Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the Connected Devices Platform Service CDPSvc in Microsoft Windows operating systems is related to the possibility of using memory after it has been freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

The vulnerability of the BitLocker data protection function in Microsoft Windows operating systems allows attackers to circumvent existing security restrictions.

The vulnerability of the BitLocker data protection function in Microsoft Windows operating systems is related to synchronization errors when using shared resources “Race Conditions”. Exploiting this vulnerability can allow attackers to circumvent existing security restrictions...

The vulnerability of the rand() function in the Crypt::CBC module of the Perl programming language allows a hacker to trigger a denial-of-service attack.

The vulnerability of the rand function in the Crypt::CBC module of the Perl programming language is related to the use of a insecure program for generating random numbers. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the gf_filter_in_parent_chain function in the MP4Box utility of the GPAC multimedia platform allows a hacker to cause a service failure.

The vulnerability of the gffilterinparentchain function in the MP4Box utility of the GPAC multimedia platform is related to the use of memory after deallocation. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the Jenkins automation server plugin Xooa lies in the storage of tokens in an unencrypted form, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the Jenkins automation server plugin Xooa is related to the storage of tokens in an unencrypted form in the file io.jenkins.plugins.xooa.GlobConfig.xml. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to protected information...

The vulnerability of the Nouvola DiveCloud plugin for Jenkins’ automation server, related to the storage of keys in an unencrypted form, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Nouvola DiveCloud plugin in the Jenkins automation server lies in the fact that keys are stored in an unencrypted form in the config.xml file. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to protected information...

The vulnerability in the virtual graphics adapter VMSVGA of the Oracle VM VirtualBox software allows a hacker to escalate their privileges and execute arbitrary code.

The vulnerability of the Virtual Graphics Adapter VMSVGA in the Oracle VM VirtualBox virtualization software is related to deficiencies in access control due to a numerical overflow condition. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...

The vulnerability of the Sherpa Orchestrator component of the Sherpa RPA process automation platform allows a attacker to execute cross-site scripting attacks.

The vulnerability of the Sherpa Orchestrator component of the Sherpa RPA process automation platform is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform XSS scripting across sites by sending specially crafted...

Vulnerability of Microsoft Office packages, 365 Apps for Enterprise, and Microsoft PowerPoint presentation software, related to buffer overflow in dynamic memory, allowing attackers to execute arbitrary code.

The vulnerabilities of Microsoft Office packages, 365 Apps for Enterprise, and Microsoft PowerPoint presentation software are related to buffer overflows in dynamic memory. Exploiting these vulnerabilities can allow attackers to execute arbitrary code...

The vulnerability of the EPA component of the Honeywell Experion PKS programmable logic controllers allows a intruder to trigger a service failure.

The vulnerability of the Epic Platform Analyzer EPA component of Honeywell Experion PKS programmable logic controllers is related to the use of an uninitialized variable. Exploiting this vulnerability could allow a malicious actor to cause a service failure remotely...

The vulnerability of the Go programming language’s Verify component allows attackers to circumvent existing security restrictions.

The vulnerability of the Go programming language’s Verify component is related to the improper assignment of permissions for a critical resource. Exploiting this vulnerability can allow an attacker to bypass existing security restrictions remotely...

The vulnerability of the Nouvola DiveCloud plugin for Jenkins’ automation server, related to the storage of keys in an unencrypted form, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Nouvola DiveCloud plugin for Jenkins-based automation servers lies in the storage of keys in an unencrypted form within the config.xml file. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to protected information...

The vulnerability in the virtual network adapter VMXNET3 of VMware ESXi, Workstation, Fusion, and Cloud Foundation exists due to a write-off outside the buffer, allowing an attacker to execute arbitrary code.

The vulnerability in the virtual network adapter VMXNET3 of VMware ESXi, Workstation, Fusion, and Cloud Foundation software lies in buffer overflow attacks. Exploiting this vulnerability allows an attacker to execute arbitrary code...

The vulnerability of the Windows Microsoft PC Manager software for maintenance, cleaning, and security operations lies in its improper handling of symbolic links before accessing files. This allows attackers to exploit their privileges.

The vulnerability of the Windows Microsoft PC Manager software for maintenance, cleaning, and security operations is related to an incorrect definition of symbolic links before accessing files. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability of the Linux operating system’s kernel, related to errors in resource release, allows a hacker to cause a service failure.

The vulnerability of the Linux operating system’s kernel is related to errors during resource release. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to a countable loss of significance, allows attackers to execute arbitrary code.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to a countable amount of significance loss. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially created malicious file...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially created malicious file...

The vulnerability of the Sensedia API Platform Tools for Jenkins servers, related to the storage of tokens in unencrypted form, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Sensedia Api Platform tools for Jenkins servers relates to the storage of tokens in an unencrypted form within the file com.sensedia.configuration.SensediaApiConfiguration.xml. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to...

The vulnerability of the gf_filter_pid_reconfigure_task_discard function in the MP4Box multimedia platform of GPAC allows a intruder to trigger a service failure or execute arbitrary code.

The vulnerability of the gffilterpidreconfiguretaskdiscard function in the MP4Box utility of the GPAC multimedia platform is related to the use of memory after deallocation. Exploiting this vulnerability could allow an attacker to cause a service failure or execute arbitrary code...

The vulnerability of the Virtual Machine Communication Interface (VMCI) implementation in software products such as VMware ESXi, Workstation, Fusion, and Cloud Foundation allows a perpetrator to execute arbitrary code.

The vulnerability of the Virtual Machine Communication Interface VMCI implementation in software products such as VMware ESXi, Workstation, Fusion, and Cloud Foundation lies in buffer overflow attacks. Exploiting this vulnerability allows an attacker to execute arbitrary code...

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to reading beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Siemens Solid Edge’s design and simulation tools is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created .par file...

The vulnerability of the Dead Man’s Snitch plugin in Jenkins servers, related to the storage of tokens in unencrypted form, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Dead Man’s Snitch plugin in the Jenkins automation server lies in the fact that tokens are stored in an unencrypted form in the config.xml file. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to protected information...

The vulnerability of the Sherpa Orchestrator component of the Sherpa RPA process automation platform allows a perpetrator to enhance their privileges.

The vulnerability of the Sherpa Orchestrator component of the Sherpa RPA process automation platform is related to an error in processing authentication keys controlled by users. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

The vulnerability of the formSafeEmailFilter() function (/goform/SafeEmailFilter) in the Tenda FH1201 router software allows a hacker to execute arbitrary code or cause service failures.

The vulnerability of the formSafeEmailFilter function /goform/SafeEmailFilter of the Tenda FH1201 router software lies in the issue of the operation being executed outside the buffer in memory when processing the page parameter. Exploiting this vulnerability allows a malicious actor to execute...

The vulnerability of the Transport Driver Interface (TDI) driver in Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the Transport Driver Interface TDI driver in Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability of the Win32k.sys component of Microsoft Windows operating systems, which allows a hacker to increase their privileges

The vulnerability of the Win32k.sys component in Microsoft Windows operating systems is related to the possibility of using memory after it has been freed. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the AppX Deployment Service for Microsoft Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the AppX Deployment Service for Microsoft Windows operating systems is related to incorrect handling of symbolic links before accessing the file. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Universal Plug and Play (UPnP) Device Host Service in Microsoft Windows operating systems allows a hacker to increase their privileges.

The vulnerability of the Universal Plug and Play UPnP Device Host Service in Microsoft Windows operating systems is related to the ability to utilize freed memory. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

The vulnerability of the Linux operating system’s kernel, related to errors in resource release, allows a hacker to cause a service failure.

The vulnerability of the Linux operating system’s kernel is related to errors during resource release. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to access to an uninitialized pointer, allows a hacker to execute arbitrary code.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to access to an uninitialized pointer. Exploiting this vulnerability could allow a attacker to execute arbitrary code by sending a specially created malicious file...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially created malicious file...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to writing beyond the buffer limit, allows a hacker to execute arbitrary code.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to writing outside the buffer. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially created malicious file...

The vulnerability of the Portainer container management platform, related to insufficient protection of operational data, allows a hacker to gain access to confidential information.

The vulnerability of the Portainer container management platform is related to insufficient protection of operational data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to confidential information...

The vulnerability of the naludmx_configure_pid component in the gf_sei_load_from_state function of the internal() function in the filters/sei_load.c file, a multimedia platform for GPAC, allows a attacker to cause a service failure by terminating the application abnormally or executing arbitrary code.

The vulnerability of the naludmxconfigurepid component in the gfseiloadfromstate function of the filters/seiload.c file, within the GPAC multimedia platform, is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure by...

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to reading beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Siemens Solid Edge’s design and simulation tools is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created .par file...

The vulnerability of the Apica Loadtest plugin for Jenkins’ automation server, related to the storage of registration data, allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Apica Loadtest plugin for Jenkins-based automation servers lies in the way registration data is stored in an open manner within the config.xml file. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

The vulnerability of the Golang programming language, related to insufficient or incorrect blocking mechanisms, allows for situations where a violator can delete arbitrary directories.

The vulnerability of the Golang programming language is related to insufficient or incorrect blocking measures. Exploiting this vulnerability could allow a remote attacker to delete any directories at will...

The vulnerability of the Applitools Eyes plugin in Jenkins automation servers, related to the storage of keys in an open manner, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Applitools Eyes plugin in Jenkins automation servers lies in the fact that keys are stored in an open manner within the config.xml configuration file. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to protected...

The vulnerability in the web interface of Qtech switches, related to incorrect processing of cookie files, allows attackers to elevate their privileges to the level of administrators.

A vulnerability in the web interface of Qtech switches, related to improper handling of cookie files. Exploiting this vulnerability can allow a remote attacker to elevate their privileges to the level of an administrator...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially created malicious file...

The vulnerability of the Sherpa Orchestrator component of the Sherpa RPA process automation platform allows a hacker to perform a CSRF attack.

The vulnerability of the Sherpa Orchestrator component of the Sherpa RPA process automation platform is related to insufficient verification of the authenticity of executed requests. Exploiting this vulnerability may allow a remote attacker to carry out a CSRF attack...

The vulnerability of the print spooler daemon on Windows operating systems allows a hacker to cause a service failure.

The vulnerability of the Windows Print Spooler in Windows operating systems is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

The vulnerability of Microsoft Office and Microsoft 365 Apps for Enterprise packages lies in their ability to exploit memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Office and Microsoft 365 Apps for Enterprise packages relates to the ability to utilize memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of the Azure Auth component of the Vault Enterprise platform for archiving corporate information allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of Azure Auth component in the Vault Enterprise archiving platform relates to improper authorization. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...