Lucene search
K
Bdu FstecRecent

90104 matches found

BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the Blitz Identity Provider software, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks (XSS).

The vulnerability of the Blitz Identity Provider software is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

7.7CVSS5.6AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the modular interface of the Ruby-based Rack web server allows attackers to circumvent security restrictions.

The vulnerability of the Ruby-based Rack web server’s modular interface is related to the occurrence of interpretation conflicts when processing HTTP headers’ names and values. Exploiting this vulnerability allows a remote attacker to bypass security restrictions...

5.3CVSS5.8AI score0.00253EPSS
Exploits0References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of Microsoft Visual Studio Code’s editor, related to the lack of data cleaning at the control level, allows a hacker to execute arbitrary code.

The vulnerability of Microsoft Visual Studio Code’s editor is related to the lack of measures taken to clean up data at the control level. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS6AI score0.00421EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the gf_isom_apple_set_tag_ex() function in the MP4Box packaging tool of the GPAC multimedia platform allows a perpetrator to trigger a service failure.

The vulnerability of the gfisomapplesettagex function in the MP4Box packaging tool of the GPAC multimedia platform is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS5.8AI score0.00143EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the Ruby-based Rack web server module interface parser allows a attacker to cause a denial-of-service attack.

The vulnerability of the Ruby-based Rack web server module interface parser involves an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...

7.8CVSS5.8AI score0.00369EPSS
Exploits0References7Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the modular interface of the Ruby-based Rack web server allows attackers to bypass existing security mechanisms.

The vulnerability of the Ruby-based Rack web server’s modular interface is related to improper behavior. Exploiting this vulnerability allows a remote attacker to bypass existing security mechanisms...

5.3CVSS5.8AI score0.00195EPSS
Exploits0References7Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the Ruby-based Rack web server’s modular interface, related to improper handling of parameter length discrepancies, allows attackers to compromise the confidentiality and integrity of protected information.

The vulnerability of the Ruby-based Rack web server’s modular interface is related to improper handling of parameter length discrepancies. Exploiting this vulnerability allows an attacker to compromise the confidentiality and integrity of the protected information...

6.5CVSS5.8AI score0.00147EPSS
Exploits0References7Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the Azure Orbital Spatio deployment and management service, a software platform of Microsoft Azure, allows a attacker to execute arbitrary code.

The vulnerability of the Azure Orbital Spatio deployment and management service of the Microsoft Azure software platform is related to the unlimited loading of dangerous files. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

10CVSS6AI score0.00534EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of Microsoft Power Pages, a software for creating web pages, lies in the lack of measures to clean input data, allowing attackers to execute arbitrary code.

The vulnerability of Microsoft Power Pages software for creating web pages is related to the lack of measures to sanitize input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS6.1AI score0.00577EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the secure connection service between the Azure virtual network and other networks of the Microsoft Azure virtual network gateway allows a attacker to execute arbitrary code.

The vulnerability of the secure connection service between the Azure virtual network and other networks within the Microsoft Azure software platform is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

9.9CVSS6AI score0.00525EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability in the access and identity management service of the Microsoft Azure Active Directory B2C package allows a perpetrator to escalate their privileges.

The vulnerability of the Microsoft Azure Active Directory B2C access and identity management service relates to bypassing the authentication process by using an alternative path or channel. Exploiting this vulnerability can allow a malicious actor to gain elevated privileges...

9.4CVSS5.8AI score0.00473EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the Event Handler component in Microsoft Internet Explorer allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft Internet Explorer browser’s Event Handler component is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS6.1AI score0.91885EPSS
Exploits16References19Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the gf_ac4_pres_b_4_back_channels_present() function in the MP4Box packaging tool of the GPAC multimedia platform allows a hacker to trigger a service failure.

The vulnerability of the gfac4presb4backchannelspresent function, belonging to the MP4Box component of the GPAC multimedia platform, is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS5.8AI score0.00143EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the m2tsdmx_send_packet() function in the MP4Box packaging tool of the GPAC platform allows a hacker to cause a service failure.

The vulnerability of the m2tsdmxsendpacket function in the MP4Box packaging tool of the GPAC multimedia platform is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.1AI score0.00158EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the decode_utf8 function in the base/gp_utf8.c software component, which is used for processing, transforming, and generating Ghostscript documents, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the decodeutf8 function in the base/gputf8.c software component for processing and generating Ghostscript documents is related to an incorrect restriction on the path to the restricted directory. Exploiting this vulnerability could allow an attacker to gain unauthorized acces...

8.4CVSS5.8AI score0.0055EPSS
Exploits0References8Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the Django web application software, related to synchronization errors when using shared resources, allows attackers to trigger a service failure.

The vulnerability of the Django web application framework is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

3.7CVSS5.8AI score0.00341EPSS
Exploits0References10Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the URLField.to_python() function in the Django web application framework allows a hacker to trigger a denial-of-service attack.

The vulnerability of the URLField.topython function in the Django web application framework is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS5.8AI score0.00734EPSS
Exploits0References9Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the Microsoft Authenticator multi-factor authentication application, related to the disclosure of information, allows a perpetrator to gain unauthorized access to the protected information.

The vulnerability of the Microsoft Authenticator multi-factor authentication application is related to the disclosure of information. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

10CVSS5.8AI score0.00559EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of Azure cloud services for managing geospatial data by Microsoft Planetary Computer Pro, related to deserialization mechanism flaws, allows attackers to disclose protected information.

The vulnerability of Azure cloud services for managing geospatial data with the Microsoft Planetary Computer Pro is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability could allow a malicious actor to disclose protected information...

10CVSS5.8AI score0.00922EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the modular interface of the Ruby-based Rack web server allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Ruby-based Rack web server’s modular interface is related to partial comparison. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

7.8CVSS5.8AI score0.00387EPSS
Exploits0References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the ASGI request processing mechanism of the Django web application’s software platform allows a hacker to induce a service failure.

The vulnerability of the ASGI request processing mechanism in Django web applications relates to unlimited resource distribution. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS5.8AI score0.00769EPSS
Exploits0References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the Django web development framework, related to deficiencies in the authentication process, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Django web development framework is related to shortcomings in its authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

4CVSS5.8AI score0.00294EPSS
Exploits0References10Affected Software6
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the ASGI component of the Django web application framework allows attackers to perform spoofing attacks.

The vulnerability of the ASGI component of the Django web application framework involves bypassing authentication through spoofing. Exploiting this vulnerability allows a malicious actor to carry out spoofing attacks remotely...

7.8CVSS5.7AI score0.00436EPSS
Exploits0References7Affected Software6
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.2 views

The vulnerability of the GenericInlineModelAdmin class in the Django web development framework allows a attacker to gain unauthorized access to protected information.

The vulnerability of the GenericInlineModelAdmin class in the Django web development framework is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

10CVSS5.8AI score0.00458EPSS
Exploits0References8Affected Software6
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.3 views

The vulnerability of the node-tmp package on the Node.js software platform allows attackers to compromise the confidentiality of protected information.

The vulnerability of the node-tmp package on the Node.js software platform is related to an incorrect limitation on the path name of the directory. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality of the protected information...

7.8CVSS5.8AI score0.00354EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.3 views

The vulnerability of the lib/adapters/http.js component in the axios library allows a attacker to perform a type “man-in-the-middle” attack.

The vulnerability of the lib/adapters/http.js component in the axios library is related to the possibility of bypassing access control mechanisms. Exploiting this vulnerability allows a remote attacker to execute a type of MITM attack...

9.7CVSS5.9AI score0.01041EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of the libcontainer/user/user.go implementation, a tool for running isolated containers in Runc, allows a malicious actor to escalate their privileges.

The vulnerability of the libcontainer/user/user.go implementation, a tool for running isolated containers in Runc, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to enhance their privileges...

7.8CVSS7.1AI score0.00388EPSS
Exploits0References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.1 views

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition, and Microsoft SharePoint Enterprise Server lies in their deserialization mechanism flaws, which allows attackers to execute arbitrary code.

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition, and Microsoft SharePoint Enterprise Server is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

9CVSS6.4AI score0.02781EPSS
Exploits3References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the formSetProtocolFilter() function in TRENDnet TEW-432BRP router software allows a attacker to execute arbitrary code or cause a service failure.

The vulnerability of the formSetProtocolFilter function in TRENDnet TEW-432BRP router software lies in the fact that the operation’s output goes beyond the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause service failures...

9CVSS6.3AI score0.00472EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the formUSBAccount() function in the microprogramming router EDIMAX BR-6478AC allows a hacker to execute arbitrary code.

The vulnerability of the formUSBAccount function in the microprogramming-based router EDIMAX BR-6478AC lies in the fact that the operation’s output escapes the buffer and is stored in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

9CVSS6.2AI score0.00463EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the formWlbasic() function in the microprogramming router EDIMAX BR-6478AC allows a hacker to execute arbitrary commands.

The vulnerability of the formWlbasic function in the microprogrammed routing switch EDIMAX BR-6478AC lies in the lack of measures taken to neutralize special elements in the output data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary commands...

6.5CVSS6.1AI score0.01072EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the formSetRoute() function in TRENDnet TEW-432BRP router software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the formSetRoute function in TRENDnet TEW-432BRP software relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause service interruptions...

9CVSS6.5AI score0.00835EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the formPPPoESetup() function in the microprogramming software for routers EDIMAX BR-6478AC allows a hacker to execute arbitrary code or cause service failures.

The vulnerability of the formPPPoESetup function in the microprogramming software for EDIMAX BR-6478AC routers lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or cause service failures...

9CVSS6.4AI score0.00447EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the formSetWlanEncrypt() function in TRENDnet TEW-432BRP router software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the formSetWlanEncrypt function in TRENDnet TEW-432BRP router software lies in the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause service interruptions...

9CVSS6.5AI score0.03198EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the cgistaKickOff() function in the microprogramming software for Tenda W12 allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the cgistaKickOff function in the Tenda W12 router’s microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause a service failure...

9CVSS6.5AI score0.00476EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the formSysCmd() function in TRENDnet TEW-432BRP router microprogramming software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the formSysCmd function in TRENDnet TEW-432BRP router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause a service failure...

9CVSS6.5AI score0.00472EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the formSysCmd() function in TRENDnet TEW-432BRP router microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the formSysCmd function in TRENDnet TEW-432BRP router microprogramming software is related to the failure to take measures to neutralize special elements in the output data. Exploiting this vulnerability may allow a remote attacker to execute arbitrary commands...

6.5CVSS6.1AI score0.0105EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of D-Link DI-8400 router microprogramming software, related to the execution of operations outside the buffer in memory, allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of D-Link DI-8400 router microprogramming software is related to the execution of operations outside the buffer in memory when processing the dbsrv.asp file. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause service failures...

9CVSS6.5AI score0.005EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the formWlanSetup() function in TRENDnet TEW-432BRP router software allows a hacker to execute arbitrary commands.

The vulnerability of the formWlanSetup function in TRENDnet TEW-432BRP router software lies in the lack of measures taken to neutralize special elements in the output data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

6.5CVSS6.1AI score0.01072EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the set_local_time_0() function in Tenda W12 software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the setlocaltime0 function in Tenda W12 router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause service failures...

9CVSS6.5AI score0.00503EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the cgiWifiMacFilterSet() function in the Tenda W12 router’s microprogramming software allows a intruder to execute arbitrary code or cause a service failure.

The vulnerability of the cgiWifiMacFilterSet function in the microprogramming-based router software of Tenda W12 lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause service failures...

9CVSS6.5AI score0.00476EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the formUSBFolder() function in the microprogramming router EDIMAX BR-6478AC allows a hacker to execute arbitrary code.

The vulnerability of the formUSBFolder function in the microprogramming-based router EDIMAX BR-6478AC lies in the fact that the operation’s output goes beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS6.2AI score0.00463EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the formWlanSetup() function in TRENDnet TEW-432BRP router software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the formWlanSetup function in TRENDnet TEW-432BRP router software lies in the fact that the operation’s output escapes the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause a service failure...

9CVSS6.3AI score0.00472EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability in the UBSAN_throwing_runtime.cpp script of Android operating systems allows a hacker to cause a service failure.

The vulnerability in the ubsanthrowingruntime.cpp script of Android operating systems is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a perpetrator to cause a service failure...

5.5CVSS5.8AI score0.00071EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability in the UBSAN_throwing_runtime.cpp script of Android operating systems allows a hacker to cause a service failure.

The vulnerability in the ubsanthrowingruntime.cpp script of Android operating systems is related to a numerical overflow. Exploiting this vulnerability can allow an attacker to cause a service failure...

6.8CVSS5.9AI score0.00253EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability in the UBSAN_throwing_runtime.cpp script of Android operating systems allows a hacker to cause a service failure.

The vulnerability in the ubsanthrowingruntime.cpp script of Android operating systems is related to a numerical overflow. Exploiting this vulnerability can allow an attacker to cause a service failure...

6.8CVSS5.9AI score0.00253EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.3 views

Vulnerability of the gdi_CreateSurface() function in RDP clients of FreeRDP, allowing attackers to execute arbitrary code and cause service interruptions.

The vulnerability of the gdiCreateSurface function in the RDP client FreeRDP is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service failure by sending specially crafted RDPGFX packets...

9CVSS6.5AI score0.0042EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the RoundCube Webmail email client, related to the lack of protection for the website structure, allows attackers to perform cross-site scripting attacks (XSS).

The vulnerability of the RoundCube Webmail client stems from the lack of protection for the website’s structure during the processing of the topic field in the preliminary version. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

4.4CVSS5.5AI score0.00239EPSS
Exploits1References8Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the Framework component in Android operating systems, which allows a hacker to increase their privileges

The vulnerability of the Framework component in Android operating systems is related to incorrect code generation management. Exploiting this vulnerability can allow attackers to enhance their privileges...

8.4CVSS5.8AI score0.00075EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the setTo method in the ResourceTypes.cpp script of the Android operating system’s Framework component allows a hacker to disclose sensitive information that should be protected.

The vulnerability of the setTo method in the ResourceTypes.cpp script of the Android operating system’s Framework component is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to disclose sensitive information that is...

3.3CVSS6AI score0.00069EPSS
Exploits0References2Affected Software1
Total number of security vulnerabilities90104