90104 matches found
The vulnerability of the Dawn component in browsers such as Google Chrome and Microsoft Edge allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Dawn component in Google Chrome and Microsoft Edge relates to reading data beyond the permitted range in memory. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
Vulnerability of the user interface of Google Chrome and Microsoft Edge browsers, allowing a hacker to execute arbitrary code
The vulnerability of the user interfaces of Google Chrome and Microsoft Edge relates to the possibility of using memory after it is freed. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code remotely...
The vulnerability in the Mattermost instant messaging application, related to the manipulation of cross-site requests, allows a hacker to perform a CSRF attack.
The vulnerability of the Mattermost instant messaging application is related to the manipulation of cross-site requests. Exploiting this vulnerability could allow a malicious actor to perform a CSRF attack remotely...
The vulnerability of the emac_dispatch_skb_zc() function in the network interface driver icssg-prueth of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the emacdispatchskbzc function in the network interface driver icssg-prueth of the Linux operating system is related to incorrect initialization. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the Reading Mode in Google Chrome and Microsoft Edge browsers allows a hacker to execute arbitrary code.
The vulnerability of the Reading Mode in Google Chrome and Microsoft Edge browsers relates to the ability to utilize memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the Media components in Google Chrome and Microsoft Edge browsers allows attackers to bypass security restrictions.
The vulnerability of the Media components in Google Chrome and Microsoft Edge is related to a lack of mechanisms for verifying the source of these components. Exploiting this vulnerability could allow an attacker to bypass security restrictions from a remote location...
The vulnerability of the parser for NF-profiles in the NR/LTE Open5GS network creation and management tool allows a attacker to cause a service failure.
The vulnerability of the NF-profile parser in the NR/LTE Open5GS network creation and management tool is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a remote attacker to cause service failures...
The vulnerability of the handle_scp_info() function, a tool for creating and managing NR/LTE Open5GS mobile networks, allows a attacker to cause a service failure.
The vulnerability of the handlescpinfo function, a tool for creating and managing NR/LTE Open5GS mobile networks, is related to the occurrence of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to cause service interruptions...
The vulnerability of the add_adev() function in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the addadev function in the Linux operating system’s kernel is related to the use of memory after it has been freed. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the xfsattr3_node_inactive() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the xfsattr3nodeinactive function in the Linux operating system is related to a race condition. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Companion component in Google Chrome and Microsoft Edge browsers allows attackers to increase their privileges.
The vulnerability of the Companion browser components in Google Chrome and Microsoft Edge is related to a flaw in data protection mechanisms. Exploiting this vulnerability can allow an attacker to enhance their privileges remotely...
The vulnerability of the WebAudio component in Google Chrome and Microsoft Edge allows a hacker to execute arbitrary code.
The vulnerability of the WebAudio component in Google Chrome and Microsoft Edge relates to the possibility of using memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to gain unauthorized access to protected information.
The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability in the implementation of the SSL protocol by Google Chrome and Microsoft Edge browsers allows attackers to perform spoofing attacks.
The vulnerability of the SSL Secure Sockets Layer protocol implementation in Google Chrome and Microsoft Edge is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to carry out spoofing attacks using a specially created HTML page...
The vulnerability of the Telnet protocol implementation in the cryptographic protection tool PuTTY, which allows attackers to perform spoofing attacks.
The vulnerability of the Telnet protocol implementation in the cryptography protection tool PuTTY is related to errors in information representation by the user interface. Exploiting this vulnerability allows a malicious actor to perform spoofing attacks remotely...
The vulnerability of the sock_def_readable() function in the Linux operating system’s kernel allows a hacker to trigger a denial-of-service attack.
The vulnerability of the sockdef-readable function in the Linux operating system’s kernel is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of the Updater service for Google Chrome and Microsoft Edge allows a hacker to escalate their privileges.
The vulnerability of the Updater service for Google Chrome and Microsoft Edge is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to enhance their privileges using the malicious file...
The vulnerability of the parser for NF-profiles in the NR/LTE Open5GS network creation and management tool allows a attacker to cause a service failure.
The vulnerability of the NF-profile parser in the NR/LTE Open5GS network creation and management tool is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a remote attacker to cause service failures...
The vulnerability of the graphics processing units in Google Chrome and Microsoft Edge browsers allows attackers to bypass the sandboxing protection mechanisms.
The vulnerability of the graphics processing units in Google Chrome and Microsoft Edge relates to the ability to utilize memory after it is freed. Exploiting this vulnerability can allow a malicious actor to bypass the sandboxing protection mechanisms...
The vulnerability of the WebDialer service in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) allows a attacker to perform an SSRF attack.
The vulnerability of the WebDialer service in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME is related to insufficient validation of requests on the server side. Exploiting this vulnerability can allow a maliciou...
The vulnerability of the ChromeDriver component for Google Chrome and Microsoft Edge allows a hacker to execute arbitrary code.
The vulnerability of the ChromeDriver component for Google Chrome and Microsoft Edge is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created HTML page...
The vulnerability of the Autofill function in browsers such as Google Chrome and Microsoft Edge allows attackers to expose protected information.
The vulnerability of the Autofill function in Google Chrome and Microsoft Edge browsers is related to a lack of mechanisms for verifying the source of the data. Exploiting this vulnerability can allow attackers to disclose sensitive information remotely...
The vulnerability of the ip4ip6_err() function in the net/ipv6/ip6_tunnel.c module of the Linux operating system allows a hacker to execute arbitrary code.
The vulnerability of the ip4ip6err function in the net/ipv6/ip6tunnel.c module of the Linux kernel is related to buffer out-of-buffer writing. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the handleBondStateChanged method in the AdapterService.java class of Android operating systems allows a hacker to disclose protected information.
The vulnerability of the handleBondStateChanged method in the AdapterService.java class of Android operating systems is related to deficiencies in access control. Exploiting this vulnerability could allow attackers to disclose sensitive information that is protected by security measures...
The vulnerability of the PHPShop content management system lies in the lack of measures taken to protect the SQL query structure, allowing attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the PHPShop content management system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the onNullBinding method in the HostEmulationManager.java class of Android operating systems allows a hacker to exploit their privileges.
The vulnerability of the onServiceConnected method in Android operating systems arises due to a race condition. Exploiting this vulnerability can allow an attacker to gain increased privileges...
The vulnerability of the caching mechanism of the anti-virus software Trend Micro Apex One, which allows a hacker to enhance their privileges
The vulnerability of the caching mechanism of the anti-virus software Trend Micro Apex One is related to synchronization errors when using a shared resource “Race Situation”. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the getAppLabel method in the ForgetDeviceDialogFragment.java class of Android operating systems allows a hacker to escalate their privileges.
The vulnerability of the getAppLabel method in the ForgetDeviceDialogFragment.java class of Android operating systems is related to information representation errors in the user interface. Exploiting this vulnerability can allow an attacker to gain increased privileges...
The vulnerability of the isSameApp method in the NotificationManagerService.java class of Android operating systems allows a hacker to trigger a service failure.
The vulnerability of the isSameApp method in the NotificationManagerService.java class of Android operating systems is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a attacker to cause a service failure...
The vulnerability of the `applySimpleFieldMaxSize` method in the `DataRowHandler.java` class in Android operating systems allows a hacker to cause a service failure.
The vulnerability of the applySimpleFieldMaxSize method in the DataRowHandler.java class of Android operating systems is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to cause service failures...
The vulnerability of the client library of the Firebird database management system allows a perpetrator to cause information leakage.
The vulnerability of the client library of the Firebird database management system is related to the lack of protection for operational data. Exploiting this vulnerability can allow an attacker to cause a data leak...
The vulnerability of the Framework component in Android operating systems, which allows a hacker to increase their privileges
The vulnerability of the Framework component in Android operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the performPreInstallChecks() function in the InstallRepository.kt script of the Android operating system’s Framework component allows a malicious actor to escalate their privileges.
The vulnerability of the performPreInstallChecks function in the InstallRepository.kt scenario of the Android operating system’s framework component is related to a data protection mechanism breach. Exploiting this vulnerability could allow an attacker to enhance their privileges...
The vulnerability of the synchronization tool for NextCloud’s desktop, related to the lack of security measures for the website structure, allows attackers to execute arbitrary code.
The vulnerability of the synchronization tool for NextCloud’s desktop interface is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the UniFi OS Server network management center, related to lack of access control, allows a intruder to gain read, modify, or delete access to data.
The vulnerability of the UniFi OS Server network management center is related to lack of access control. Exploiting this vulnerability could allow an attacker to gain read, modify, or delete access to data...
The vulnerability of the TmSelfProtect component of the antivirus software Trend Micro Apex One allows a malicious individual to elevate their privileges and execute arbitrary code.
The vulnerability of the TmSelfProtect component of the Trend Micro Apex One antivirus software is related to a data source verification error. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...
The vulnerability in the l2c_fcr_clone_buf scenario of l2c_fcr.cc in Android operating systems allows attackers to increase their privileges.
The vulnerability in the l2cfcrclonebuf section of the l2cfcr.cc code in Android operating systems is related to a numerical overflow. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...
The vulnerability of the getCallingPackageName method in the Shared.java class of Android operating systems allows a hacker to increase their privileges.
The vulnerability of the getCallingPackageName method in the Shared.java class of Android operating systems is related to the possibility of bypassing access control mechanisms. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability in the KeyguardViewMediator.java class of Android operating systems allows a hacker to disclose protected information.
The vulnerability in the KeyguardViewMediator.java class of Android operating systems is related to incorrect code generation management. Exploiting this vulnerability can allow attackers to disclose sensitive information that is protected by the system’s security measures...
The vulnerability of the PHPShop content management system lies in the incorrect limitation of the path name to the catalog, allowing attackers to execute arbitrary code.
The vulnerability of the PHPShop content management system is related to incorrect restrictions on the path to the catalog. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
Vulnerability of the “Yandex SpeechKit” module of the Content Management System (CMS) 1C-Bitrix: Website management related to the lack of authentication for critical functions, allowing attackers to compromise the confidentiality, integrity, and accessibility of protected information
Vulnerability of the “Yandex SpeechKit” module in the Content Management System CMS of 1C-Bitrix: Website management is associated with the absence of authentication for critical functions. Exploiting this vulnerability may allow a malicious actor to compromise the confidentiality, integrity, and...
The vulnerability of the PHPShop content management system lies in the lack of measures taken to protect the SQL query structure, allowing attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the PHPShop content management system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability in the UBSAN_throwing_runtime.cpp script of Android operating systems allows a hacker to cause a service failure.
The vulnerability in the ubsanthrowingruntime.cpp script of Android operating systems is related to a numerical overflow. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the URL validator in the Keycloak software solution for managing identity verification and access control allows a hacker to expose the protected information.
The vulnerability of the URL validator in the Keycloak identity and access management software relates to the redirection of URLs to an unreliable website. Exploiting this vulnerability can allow a malicious actor to disclose protected information...
The vulnerability of the soup_body_input_stream_read_chunked() function in the LibSoup library allows a attacker to circumvent existing security restrictions, implement a cache poisoning attack, or gain unauthorized access to protected information.
The vulnerability of the soupbodyinputstreamreadchunked function in the LibSoup library is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a malicious actor to circumvent existing security measures, execute a cache poisoning attack, or gain unauthorized...
The vulnerability of the UniFi OS Server network management center, related to insufficient validation of input data, allows a perpetrator to execute arbitrary commands.
The vulnerability of the UniFi OS Server network management center is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary commands remotely...
The vulnerability of the control console of the antivirus software Trend Micro Apex One allows a hacker to execute arbitrary code.
The vulnerability of the management console of the Trend Micro Apex One antivirus software is related to an incorrect limitation on the path to the catalog. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the sprintf() function in the /httpddebug.asp file of the D-Link DI-7001 MINI router’s microprogramming system allows a hacker to cause a service failure or execute arbitrary commands.
The vulnerability of the sprintf function in the /httpddebug.asp file of the D-Link DI-7001 MINI router’s microprogramming system is related to the execution of operations outside the buffer in memory when processing the time parameter. Exploiting this vulnerability allows a remote attacker to...
The vulnerability in the libinput-device-group interface of the libinput library allows a attacker to elevate their privileges to root level and execute arbitrary code. This vulnerability is related to the implementation of X.Org and Wayland server protocols.
The vulnerability of the libinput-device-group interface in the libinput library, which is used in the implementation of X.Org and Wayland display server protocols, is related to incorrect code generation. Exploiting this vulnerability can allow an attacker to elevate their privileges to the root...
The vulnerability of the Apex One NT Listener component of the Trend Micro Apex One antivirus software allows a hacker to escalate their privileges.
The vulnerability of the Apex One NT Listener antivirus software is related to a data source verification error. Exploiting this vulnerability can allow attackers to increase their privileges...