Lucene search
K
Bdu FstecRecent

90104 matches found

BDU FSTEC
BDU FSTEC
added 2026/06/04 12:0 a.m.1 views

The vulnerability of the `updateState` method in the `GraphicsDriverEnableAngleAsSystemDriverController.java` class in Android operating systems allows a hacker to cause a service failure.

The vulnerability of the updateState method in the GraphicsDriverEnableAngleAsSystemDriverController.java class in Android operating systems is related to incorrect handling of exceptional states. Exploiting this vulnerability could allow an attacker to cause a service failure...

7.5CVSS5.8AI score0.00071EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/04 12:0 a.m.1 views

The vulnerability of the PHPShop content management system, related to insufficient validation of input data, allows attackers to gain unauthorized access to protected information.

The vulnerability of the PHPShop content management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

5.3CVSS5.8AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/04 12:0 a.m.1 views

The vulnerability of the endpoint of the cloud software for creating and using a data storage service called Nextcloud Server allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the endpoint of the cloud software for creating and using a data storage service, Nextcloud Server, involves bypassing authentication using a key controlled by the user. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to...

4.3CVSS5.8AI score0.00237EPSS
Exploits1References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/06/04 12:0 a.m.1 views

The vulnerability in the ComputerEngine.java class of the Android operating system’s Framework component allows a perpetrator to increase their privileges.

The vulnerability in the ComputerEngine.java class of the Android operating system’s Framework component is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS5.8AI score0.00084EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/04 12:0 a.m.1 views

The vulnerability of the UniFi OS Server network management center arises from incorrect restrictions on the path to the directory, allowing unauthorized access by intruders to protected information.

The vulnerability of the UniFi OS Server network management center is related to an incorrect limitation on the path name to the catalog. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

10CVSS5.8AI score0.02269EPSS
Exploits2References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/04 12:0 a.m.1 views

The vulnerability of the formWPS() function in the /goform/formWPS file of TRENDnet TEW-432BRP microprogramming router software allows a hacker to execute arbitrary commands.

The vulnerability of the formWPS function in the /goform/formWPS file of TRENDnet TEW-432BRP microprogramming router software is related to the failure to take measures to neutralize special elements in the output data. Exploiting this vulnerability may allow a remote attacker to execute arbitrar...

10CVSS6.1AI score0.0501EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/04 12:0 a.m.1 views

The vulnerability of the iCore antivirus software service from Trend Micro Apex One allows a malicious actor to escalate their privileges and execute arbitrary code.

The vulnerability of the iCore antivirus software from Trend Micro’s Apex One service is related to a data source verification error. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...

7.8CVSS6AI score0.00357EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2026/06/04 12:0 a.m.1 views

The vulnerability of the iCore antivirus software service from Trend Micro Apex One allows a malicious actor to escalate their privileges or execute arbitrary code.

The vulnerability of the iCore antivirus software from Trend Micro’s Apex One lies in synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to increase their privileges or execute arbitrary code...

7CVSS6AI score0.00301EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2026/06/04 12:0 a.m.1 views

The vulnerability of the KeyChainActivity component in Android operating systems allows attackers to escalate their privileges.

The vulnerability of the KeyChainActivity component in Android operating systems is related to information representation errors in the user interface. Exploiting this vulnerability can allow an attacker to gain increased privileges...

7.8CVSS5.8AI score0.00058EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/04 12:0 a.m.1 views

The vulnerability of the onNullBinding method in the HostEmulationManager.java class of Android operating systems allows a hacker to exploit their privileges.

The vulnerability of the onNullBinding method in the HostEmulationManager.java class in Android operating systems is related to deficiencies in access control. Exploiting this vulnerability could allow attackers to enhance their privileges...

7.8CVSS5.8AI score0.00071EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/04 12:0 a.m.1 views

The vulnerability in the UBSAN_throwing_runtime.cpp script of Android operating systems allows a hacker to cause a service failure.

The vulnerability in the ubsanthrowingruntime.cpp script of Android operating systems is related to the lack of a standardized mechanism for handling errors. Exploiting this vulnerability can allow attackers to cause service failures...

5.5CVSS5.8AI score0.00071EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/04 12:0 a.m.1 views

The vulnerability of the getPreferredSize() function in the LauncherProcessImageListener.kt script on Android operating systems allows a hacker to trigger a service failure.

The vulnerability of the getPreferredSize function in the LauncherProcessImageListener.kt script on Android operating systems is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS5.8AI score0.00071EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/04 12:0 a.m.1 views

The vulnerability of the PipTaskOrganizer.java class in the Android operating system framework allows a hacker to escalate their privileges.

The vulnerability of the PipTaskOrganizer.java class in the Android operating system framework relates to the possibility of bypassing access control mechanisms. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS5.8AI score0.00072EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/04 12:0 a.m.3 views

The vulnerability of the Grafana monitoring and observation platform, related to deficiencies in authentication procedures, allows unauthorized access by attackers to protected information.

The vulnerability of the Grafana monitoring and observation platform is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

4.3CVSS5.8AI score0.00238EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/06/04 12:0 a.m.1 views

The vulnerability of the zipfileInflate function in the SQLite database management system allows attackers to circumvent security restrictions and cause service failures.

The vulnerability of the zipfileInflate function in the SQLite database management system is related to improper cleaning of dynamic memory. Exploiting this vulnerability allows a remote attacker to bypass security restrictions and cause service failures by sending specially crafted smb2 packets...

7.8CVSS5.8AI score0.00301EPSS
Exploits1References7Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/06/04 12:0 a.m.1 views

The vulnerability lies in the built-in virtual table module of the FTS5 database management system for SQLite, which allows a hacker to trigger a service failure.

The vulnerability of the embedded virtual table module in the FTS5 database system of the SQLite database management system is related to a numerical overflow condition. Exploiting this vulnerability could allow an attacker to cause service interruptions...

6.5CVSS5.8AI score0.00322EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/06/04 12:0 a.m.1 views

The vulnerability of the formSetPortTr() function in the /goform/formSetPortTr file of the TRENDnet TEW-432BRP router microprogramming system allows a attacker to execute arbitrary code or cause a service failure.

The vulnerability of the formSetPortTr function in the /goform/formSetPortTr file of the TRENDnet TEW-432BRP router microprogramming system is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code or...

10CVSS6.4AI score0.00399EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/04 12:0 a.m.1 views

The vulnerability of the control console of the antivirus software Trend Micro Apex One allows a hacker to execute arbitrary code.

The vulnerability of the management console of the Trend Micro Apex One antivirus software is related to an incorrect limitation on the path to the catalog. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS6.4AI score0.03811EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2026/06/04 12:0 a.m.1 views

The vulnerability of the Grafana monitoring and observation platform, related to synchronization errors when using a shared resource, allows attackers to escalate their privileges.

The vulnerability of the Grafana monitoring and observation platform is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow a malicious actor to gain increased privileges...

2CVSS5.8AI score0.00175EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/06/04 12:0 a.m.1 views

The vulnerability of the loadSafeLabel() function in Android operating systems allows a hacker to escalate their privileges.

The vulnerability of the loadSafeLabel function in Android operating systems is related to errors in information representation by the user interface. Exploiting this vulnerability can allow an attacker to gain increased privileges...

7.8CVSS5.8AI score0.00073EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/04 12:0 a.m.1 views

The vulnerability of the application for integrating PDF.js files with cloud-based software for creating and using data storage systems like NextCloud Server allows attackers to perform cross-site scripting attacks (XSS).

The vulnerability of the application for integrating PDF.js files with cloud-based software for creating and using data storage in NextCloud Server is related to insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scriptin...

6.5CVSS5.6AI score0.00246EPSS
Exploits1References3Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/06/04 12:0 a.m.1 views

The vulnerability of the HTTP/2 header processing module in the Apache HTTP Server allows a attacker to cause a service failure.

The vulnerability of the HTTP/2 header processing module in the Apache HTTP Server is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.5CVSS5.8AI score0.11471EPSS
Exploits7References10Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/06/04 12:0 a.m.1 views

The vulnerability of the UniFi OS Server network management center arises from incorrect restrictions on the path to the directory, allowing unauthorized access by intruders to protected information.

The vulnerability of the UniFi OS Server network management center is related to an incorrect limitation on the path name to the catalog. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

7.7CVSS5.8AI score0.0068EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/04 12:0 a.m.1 views

The vulnerability of the UniFi OS Server network management center, related to insufficient validation of input data, allows a perpetrator to execute arbitrary commands.

The vulnerability of the UniFi OS Server network management center is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary commands remotely...

9.1CVSS6AI score0.01248EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/04 12:0 a.m.1 views

The vulnerability of the formSetRoute() function in the /goform/formSetRoute file of the TRENDnet TEW-432BRP router microprogramming system, which allows a hacker to execute arbitrary commands.

The vulnerability of the formSetRoute function in the /goform/formSetRoute file of the TRENDnet TEW-432BRP router microprogramming system is related to the failure to take measures to neutralize special elements in the output data. Exploiting this vulnerability may allow a remote attacker to...

10CVSS6.1AI score0.0501EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/04 12:0 a.m.1 views

The vulnerability of the IBM HTTP Server’s web server, related to buffer overflows in dynamic memory, allows attackers to execute arbitrary code or cause service interruptions.

The vulnerability of the IBM HTTP Server is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure...

8CVSS6.4AI score0.0026EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/04 12:0 a.m.2 views

The vulnerability of the URL validator in the Keycloak software solution for managing identity verification and access control allows a hacker to expose the protected information.

The vulnerability of the URL validator in the Keycloak identity and access management software relates to the redirection of URLs to an unreliable website. Exploiting this vulnerability can allow a malicious actor to disclose protected information...

9.4CVSS5.7AI score0.005EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the dasher_process() function in the MP4Box packaging tool of the GPAC multimedia platform allows a hacker to trigger a service failure.

The vulnerability of the dasherprocess function in the MP4Box packaging tool of the GPAC multimedia platform relates to the possibility of exploiting memory after it is freed. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS5.8AI score0.0013EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the compatibility package for Microsoft Azure Entra ID lies in the insecure management of privileges, allowing a perpetrator to escalate their privileges.

The vulnerability of the compatibility package for Microsoft Azure Entra ID is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remotely...

7.8CVSS5.7AI score0.00551EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the quartz.dll file in the Windows DirectShow operating system, allowing a hacker to execute arbitrary code

The vulnerability of the quartz.dll file in the Windows DirectShow operating system is related to the improper handling of zero bytes or the Nul character during data exchange. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created QuickTime med...

10CVSS6.2AI score0.50926EPSS
Exploits7References18Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the extractall() function in the Poetry dependency manager for the Python programming language allows a hacker to gain unauthorized access to protected information.

The vulnerability of the extractall function in the Poetry dependency manager for the Python programming language is related to an incorrect limitation on the path name of the restricted access directory. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to...

5.3CVSS5.8AI score0.00294EPSS
Exploits0References8Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.2 views

The vulnerability of the lib/helpers/shouldBypassProxy.js file in the axios library allows a hacker to bypass existing security restrictions.

The vulnerability of the lib/helpers/shouldBypassProxy.js file in the axios library is related to insufficient validation of requests on the server side. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions remotely...

8.6CVSS5.8AI score0.00921EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the requests.utils.extract_zipped_paths() function in the Python Requests library allows a hacker to re-upload arbitrary files.

The vulnerability of the requests.utils.extractzippedpaths function in the Python Requests library is related to insecure temporary files. Exploiting this vulnerability could allow an attacker to re-record arbitrary files...

5.5CVSS5.9AI score0.00182EPSS
Exploits0References12Affected Software13
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the /goform/formTaskEdit file in the UTT 1200GW networking device software allows a attacker to cause a service failure.

The vulnerability of the /goform/formTaskEdit module in the UTT 1200GW networking device involves the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

9CVSS6.1AI score0.00472EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the Azure Resource Manager service and the software platform of Microsoft Azure allows attackers to escalate their privileges.

The vulnerability of the Azure Resource Manager service, a software platform of Microsoft Azure, relates to the bypassing of authentication using an alternative name. Exploiting this vulnerability can allow a malicious actor to gain increased privileges...

10CVSS5.8AI score0.00494EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the PeerObjects component of the iepeers.dll library in the Microsoft Internet Explorer browser allows a hacker to execute arbitrary code.

The vulnerability of the PeerObjects component of the iepeers.dll library in Microsoft Internet Explorer is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS6.1AI score0.82172EPSS
Exploits15References20Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the gf_odf_ac4_cfg_dsi_v1() function in the MP4Box packaging tool of the GPAC multimedia platform allows a hacker to cause a service failure.

The vulnerability of the gfodfac4cfgdsiv1 function, a packaging function of the MP4Box multimedia platform of GPAC, is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS5.8AI score0.00143EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the gf_media_get_color_info() function in the MP4Box packaging tool of the GPAC multimedia platform allows a malicious actor to cause a service failure.

The vulnerability of the gfmediagetcolorinfo function in the MP4Box packaging tool of the GPAC multimedia platform is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS5.8AI score0.00133EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the modular interface of the Ruby-based Rack web server allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Ruby-based Rack web server’s modular interface is related to the use of a regular expression, which does not sufficiently restrict the set of allowed values. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.3CVSS5.8AI score0.0024EPSS
Exploits0References7Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the map_accel_path method in the Ruby programming language-based Rack web server module interface allows a hacker to gain unauthorized access to protected information.

The vulnerability of the mapaccelpath method in the Ruby programming language-based Rack web server module interface is related to the use of a regular expression, which does not sufficiently restrict the set of allowed values. Exploiting this vulnerability can allow an attacker to gain...

7.8CVSS5.8AI score0.00209EPSS
Exploits0References7Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the Rack::Utils.get_byte_ranges() function in the Ruby-based Rack web server module interface allows a attacker to cause a denial-of-service attack.

The vulnerability of the Rack::Utils.getbyteranges function in the Rack web server module interface, a programming language for Ruby, is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS5.8AI score0.0038EPSS
Exploits0References7Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the Firebird database management system, related to incorrect restrictions on path names to the catalog, allows attackers to execute arbitrary code.

The vulnerability of the Firebird database management system is related to incorrect restrictions on the name of the path to the catalog. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

9.9CVSS6.1AI score0.00692EPSS
Exploits1References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the GLPI system’s request, incident, and computer equipment inventory management processes, related to the failure to protect the SQL request structure, allows attackers to execute arbitrary code.

The vulnerability of the GLPI system’s request, incident, and computer equipment inventory management processes is related to the lack of measures taken to protect the SQL request structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code...

9CVSS6.1AI score0.00339EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of Adobe Reader, a PDF viewer program, and Adobe Acrobat, a PDF editing program, is related to buffer overflow attacks. This allows attackers to execute arbitrary code.

The vulnerability of Adobe Reader, a PDF viewer software, and Adobe Acrobat, a PDF editing program, is related to buffer overflow attacks. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

10CVSS6.4AI score0.86468EPSS
Exploits12References18Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of Microsoft 365 Copilot’s intelligent virtual assistant, related to the lack of measures for cleaning incoming data, allows a perpetrator to disclose protected information.

The vulnerability of Microsoft 365 Copilot’s intelligent virtual assistant is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability could allow a malicious actor to disclose protected information remotely...

7.8CVSS5.7AI score0.00503EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the API proxy server of the data source platform for Grafana’s monitoring and observation allows a malicious actor to gain unauthorized access to read the GET endpoints in the Alertmanager and Prometheus data sources.

The vulnerability of the API proxy server of the data source platform for Grafana relates to authentication errors. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to read GET requests directed at the final endpoints in the Alertmanager and...

5CVSS5.8AI score0.00414EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the cloud-based platform for managing and protecting Microsoft Entra ID (formerly Azure Active Directory) relates to deficiencies in the data source verification mechanism, allowing attackers to escalate their privileges.

The vulnerability of the cloud-based platform for managing and protecting Microsoft Entra ID formerly Azure Active Directory is related to deficiencies in the data source verification mechanism. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...

10CVSS5.7AI score0.00301EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the route/goform/formFireWall files in the microprogramming software for network devices UTT 1250GW allows a hacker to cause a service failure.

The vulnerability of the route/goform/formFireWall files in the UTT 1250GW network devices is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

9CVSS6.1AI score0.00472EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the modular interface of the Ruby-based Rack web server allows a hacker to trigger a service failure.

The vulnerability of the modular interface of the Ruby-based Rack web server is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures...

7.8CVSS5.8AI score0.0043EPSS
Exploits0References7Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the software deployment plugin and the GLPI Inventory network, related to the lack of measures taken to protect the SQL query structure, allows attackers to execute arbitrary code.

The vulnerability of the software deployment plugin and the GLPI Inventory network is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

9CVSS6.1AI score0.00212EPSS
Exploits0References3Affected Software2
Total number of security vulnerabilities90104