Lucene search
K
Bdu FstecRecent

90104 matches found

BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability in the PackageInstallerService.java class of the Android operating system’s Framework component allows a hacker to enhance their privileges.

The vulnerability of the PackageInstallerService.java class in the Android operating system framework is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to enhance their privileges...

7.8CVSS5.8AI score0.00067EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.2 views

The vulnerability of the formWPS() function in TRENDnet TEW-432BRP router software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the formWPS function in TRENDnet TEW-432BRP router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause a service failure...

9CVSS6.5AI score0.00853EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the formSetDomainFilter() function in TRENDnet TEW-432BRP router software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the formSetDomainFilter function in TRENDnet TEW-432BRP router software lies in the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause service failures...

9CVSS6.4AI score0.00472EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the formSetUrlFilter() function in TRENDnet TEW-432BRP router software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the formSetUrlFilter function in TRENDnet TEW-432BRP router software lies in the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause service interruptions...

9CVSS6.5AI score0.00447EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the cgiSysTimeInfoSet() function in the Tenda W12 router’s microprogramming software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the cgiSysTimeInfoSet function in the Tenda W12 router’s microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause service failures...

9CVSS6.5AI score0.00503EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the Perl_study_chunk() function in the Perl programming language allows a hacker to execute arbitrary code.

The vulnerability of the Perlstudychunk function in the Perl programming language is related to buffer overflows due to integer overflows. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

10CVSS6.3AI score0.00398EPSS
Exploits1References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the `createSessionInternal` method in the `PackageInstallerService.java` class of the Android operating system’s Framework component allows a hacker to escalate their privileges.

The vulnerability of the createSessionInternal method in the PackageInstallerService.java class of the Android operating system’s framework is related to an incorrect path limitation for the restricted access directory. Exploiting this vulnerability could allow an attacker to increase their...

8.4CVSS5.8AI score0.00084EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the WindowState.java class in the Framework component of Android operating systems allows a hacker to increase their privileges.

The vulnerability of the WindowState.java class in the Framework component of Android operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

8.4CVSS5.8AI score0.00075EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability in the UBSAN_throwing_runtime.cpp script of Android operating systems allows a hacker to cause a service failure.

The vulnerability in the ubsanthrowingruntime.cpp script of Android operating systems is related to a numerical overflow. Exploiting this vulnerability can allow an attacker to cause a service failure...

6.8CVSS5.9AI score0.00253EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the database module of the OTRS order processing system allows a hacker to bypass existing security mechanisms.

The vulnerability of the database module of the OTRS request processing system is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to bypass existing security mechanisms remotely...

9.4CVSS5.7AI score0.00362EPSS
Exploits1References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the ChunkedDecoder::read_payload() function in the cpp-httplib library allows a attacker to cause a service failure.

The vulnerability of the ChunkedDecoder::readpayload function in the cpp-httplib library is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to cause service failures...

7.8CVSS5.8AI score0.00327EPSS
Exploits1References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the `MilvusVectorStore#doDelete(List)` method in the Spring AI framework for developing artificial intelligence models allows a perpetrator to compromise the integrity and accessibility of protected information.

The vulnerability of the MilvusVectorStoredoDeleteList method in the Spring AI framework for model development involves the failure to take measures to neutralize special elements used in the expression language operator. Exploiting this vulnerability can allow an attacker to compromise the...

9CVSS5.8AI score0.00353EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the `updateProvidersWhenServiceRemoved` method in the `CredentialManagerService.java` class of the Android operating system framework component allows a hacker to disclose sensitive information that should be protected.

The vulnerability of the updateProvidersWhenServiceRemoved method in the CredentialManagerService.java class of the Android operating system’s framework is related to deficiencies in access control. Exploiting this vulnerability could allow attackers to disclose sensitive information that is...

3.3CVSS5.7AI score0.00065EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the Framework component in Android operating systems, which allows a hacker to increase their privileges

The vulnerability of the Framework component in Android operating systems relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS6.1AI score0.00073EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability in the UBSAN_throwing_runtime.cpp script of Android operating systems allows a hacker to cause a service failure.

The vulnerability in the ubsanthrowingruntime.cpp script of Android operating systems is related to a numerical overflow. Exploiting this vulnerability can allow an attacker to cause a service failure...

6.8CVSS5.9AI score0.00265EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the `setUserDisclaimerAcknowledged` method in the `CarDevicePolicyService.java` class of Android operating systems allows a perpetrator to increase their privileges.

The vulnerability of the setUserDisclaimerAcknowledged method in the CarDevicePolicyService.java class of Android operating systems is related to an incorrect restriction on the visible layers of the user interface. Exploiting this vulnerability could allow a malicious actor to increase their...

8.4CVSS5.8AI score0.00068EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the setWiFiBasicConfig() function in the TOTOLINK N300RH router’s microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the setWiFiBasicConfig function in the TOTOLINK N300RH router’s microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS6.4AI score0.01425EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the cgiSysWebTimeoutSet() function in the Tenda W12 router’s microprogramming software allows a intruder to trigger a service failure.

The vulnerability of the cgiSysWebTimeoutSet function in the Tenda W12 router’s microprogramming software is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...

6.8CVSS5.8AI score0.00368EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.2 views

Vulnerability of the cliprdr_server_receive_pdu() function in the RDP client FreeRDP, allowing a hacker to execute arbitrary code and cause a service failure

The vulnerability of the cliprdrserverreceivepdu function in the RDP client FreeRDP is related to buffer overflows in dynamic memory during the processing of the capabilitySetLength parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service...

9CVSS6.4AI score0.03472EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the parse_header() function in the cpp-httplib library allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the parseheader function in the cpp-httplib library is related to deficiencies in HTTP request processing. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

9.9CVSS5.8AI score0.00295EPSS
Exploits1References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the Framework component in Android operating systems allows a hacker to elevate their privileges and execute arbitrary code.

The vulnerability of the Framework component in Android operating systems is related to a numerical overflow condition. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code...

8.4CVSS6.4AI score0.01714EPSS
Exploits1References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability in the DevicePolicyManagerService.java class of the Android operating system component allows a hacker to trigger a service failure.

The vulnerability of the DevicePolicyManagerService.java class in the Android operating system framework is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS5.8AI score0.00066EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability in the DevicePolicyManagerService.java class of the Android operating system component allows a hacker to trigger a service failure.

The vulnerability of the DevicePolicyManagerService.java class in the Android operating system framework is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.8AI score0.00071EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the Framework component in Android operating systems allows a hacker to trigger a service failure.

The vulnerability of the Framework component in Android operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to cause service failures...

8.4CVSS5.8AI score0.00072EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the AppOpsService.java class in the Android operating system framework components allows a hacker to disclose sensitive information that should be protected.

The vulnerability of the AppOpsService.java class in the Android operating system framework components is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to disclose sensitive information that is protected by these components...

3.3CVSS5.7AI score0.00064EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the `startAnimation` method in the `StageCoordinator.java` class of the Framework component in Android operating systems allows a hacker to disclose protected information.

The vulnerability of the startAnimation method in the StageCoordinator.java class of the Framework component in Android operating systems is related to insufficient protection of sensitive data. Exploiting this vulnerability could allow an attacker to disclose confidential information...

8CVSS5.7AI score0.00072EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the `addWindow` method in the `WindowManagerService.java` class of the Android operating system’s Framework component allows a hacker to escalate their privileges.

The vulnerability of the addWindow method in the WindowManagerService.java class of the Android operating system’s framework component is related to an improper limitation on the number of displayed user interface layers or frames. Exploiting this vulnerability could allow a malicious individual ...

7.8CVSS5.8AI score0.00067EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the Load method in the LoadLoadedArsc.cpp script of the Android operating system’s Framework component, which allows a hacker to escalate their privileges.

The vulnerability of the Load method in the LoadLoadedArsc.cpp script of the Android operating system’s framework component is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

7.8CVSS6.1AI score0.00075EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the Framework component in Android operating systems, which allows a hacker to increase their privileges

The vulnerability of the Framework component in Android operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS5.8AI score0.00067EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the resumeConfigurationDispatch method in the ActivityRecord.java class of the Framework operating system Android component allows a hacker to escalate their privileges.

The vulnerability of the resumeConfigurationDispatch method in the ActivityRecord.java class of the Android operating system’s Framework component is related to improper code generation. Exploiting this vulnerability could allow an attacker to gain increased privileges...

8.4CVSS5.8AI score0.00082EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the validateNode method in the ResourceTypes.cpp script of the Framework operating system component in Android allows a hacker to escalate their privileges.

The vulnerability of the validateNode method in the ResourceTypes.cpp component of the Android operating system’s framework is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to gain increased privileges...

8.4CVSS6.1AI score0.00079EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the WindowState.java class in the Framework component of Android operating systems allows a hacker to increase their privileges.

The vulnerability of the WindowState.java class in the Framework component of Android operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

8.4CVSS5.8AI score0.00073EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the Letterbox.java class in the Android operating system’s Framework component allows attackers to enhance their privileges.

The vulnerability of the Letterbox.java class in the Android operating system’s framework component is related to an incorrect limitation on the visible layers of the user interface. Exploiting this vulnerability can allow attackers to increase their privileges...

8.4CVSS5.8AI score0.00076EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the Framework component in Android operating systems, which allows a hacker to increase their privileges

The vulnerability of the Framework component in Android operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

8.4CVSS5.8AI score0.00079EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability in the UBSAN_throwing_runtime.cpp script of Android operating systems allows a hacker to cause a service failure.

The vulnerability in the ubsanthrowingruntime.cpp script of Android operating systems is related to a numerical overflow. Exploiting this vulnerability can allow an attacker to cause a service failure...

6.8CVSS5.9AI score0.00253EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability in the UBSAN_throwing_runtime.cpp script of Android operating systems allows a hacker to cause a service failure.

The vulnerability in the ubsanthrowingruntime.cpp script of Android operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to cause service failures...

6.8CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of the onCreate method in the DisableSupervisionActivity.kt script on Android operating systems allows a hacker to escalate their privileges.

The vulnerability of the onCreate method in the DisableSupervisionActivity.kt script on Android operating systems is related to an unvalidated return value, which leads to the assignment of a null pointer. Exploiting this vulnerability can allow an attacker to gain elevated privileges...

8.4CVSS5.7AI score0.00075EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability in the UBSAN throwing runtime.cpp of Android operating systems allows attackers to escalate their privileges.

The vulnerability in the ubsanthrowingruntime.cpp script of Android operating systems is related to a numerical overflow. Exploiting this vulnerability can allow an attacker to gain increased privileges...

5.5CVSS5.9AI score0.00074EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.1 views

The vulnerability of Android operating systems, related to improper handling of code generation, allows attackers to increase their privileges.

The vulnerability of Android operating systems is related to improper handling of code generation. Exploiting this vulnerability can allow attackers to enhance their privileges...

8.4CVSS5.8AI score0.00094EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.2 views

The vulnerability of the formPPPoESetup() function in the microprogramming software for routers EDIMAX BR-6478AC allows a hacker to execute arbitrary code or cause service failures.

The vulnerability of the formPPPoESetup function in the microprogramming software for EDIMAX BR-6478AC routers lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or cause service failures...

9CVSS6.4AI score0.00447EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.2 views

The vulnerability of the formSetWlanEncrypt() function in TRENDnet TEW-432BRP router software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the formSetWlanEncrypt function in TRENDnet TEW-432BRP router software lies in the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause service interruptions...

9CVSS6.5AI score0.03198EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.2 views

The vulnerability of the formSetProtocolFilter() function in TRENDnet TEW-432BRP router software allows a attacker to execute arbitrary code or cause a service failure.

The vulnerability of the formSetProtocolFilter function in TRENDnet TEW-432BRP router software lies in the fact that the operation’s output goes beyond the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause service failures...

9CVSS6.3AI score0.00472EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.2 views

The vulnerability of the RoundCube Webmail email client, related to the lack of protection for the website structure, allows attackers to perform cross-site scripting attacks (XSS).

The vulnerability of the RoundCube Webmail client stems from the lack of protection for the website’s structure during the processing of the topic field in the preliminary version. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

4.4CVSS5.5AI score0.00239EPSS
Exploits1References8Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.2 views

The vulnerability of the cgiWifiMacFilterSet() function in the Tenda W12 router’s microprogramming software allows a intruder to execute arbitrary code or cause a service failure.

The vulnerability of the cgiWifiMacFilterSet function in the microprogramming-based router software of Tenda W12 lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause service failures...

9CVSS6.5AI score0.00476EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.2 views

The vulnerability of the formWlanSetup() function in TRENDnet TEW-432BRP router software allows a hacker to execute arbitrary commands.

The vulnerability of the formWlanSetup function in TRENDnet TEW-432BRP router software lies in the lack of measures taken to neutralize special elements in the output data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

6.5CVSS6.1AI score0.01072EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.2 views

The vulnerability of the formWlbasic() function in the microprogramming router EDIMAX BR-6478AC allows a hacker to execute arbitrary commands.

The vulnerability of the formWlbasic function in the microprogrammed routing switch EDIMAX BR-6478AC lies in the lack of measures taken to neutralize special elements in the output data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary commands...

6.5CVSS6.1AI score0.01072EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.2 views

The vulnerability in the UBSAN_throwing_runtime.cpp script of Android operating systems allows a hacker to cause a service failure.

The vulnerability in the ubsanthrowingruntime.cpp script of Android operating systems is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a perpetrator to cause a service failure...

5.5CVSS5.8AI score0.00071EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/02 12:0 a.m.2 views

The vulnerability in the UBSAN_throwing_runtime.cpp script of Android operating systems allows a hacker to cause a service failure.

The vulnerability in the ubsanthrowingruntime.cpp script of Android operating systems is related to a numerical overflow. Exploiting this vulnerability can allow an attacker to cause a service failure...

6.8CVSS5.9AI score0.00253EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the JavaScript-based Thymeleaf framework lies in the lack of measures taken to neutralize special elements used in the expression language. This allows attackers to execute Server Side Template Injection (SSTI) attacks.

The vulnerability of the JavaScript-based Thymeleaf framework is related to the lack of measures taken to neutralize special elements used in the expression language operator. Exploiting this vulnerability can allow a remote attacker to execute a Server Side Template Injection SSTI attack...

9CVSS5.9AI score0.00427EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the isVMLowLevelOptionForbidden() function in the LXD container management system allows a attacker to elevate their privileges.

The vulnerability of the isVMLowLevelOptionForbidden function in the LXD container management system is related to the use of an incomplete blacklist when processing input data. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

9.1CVSS5.7AI score0.00363EPSS
Exploits0References7Affected Software3
Total number of security vulnerabilities90104