90104 matches found
The vulnerability of the SiYuan personal knowledge management system, related to the lack of measures taken to protect the website structure, allows attackers to execute arbitrary code.
The vulnerability of the SiYuan personal knowledge management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the DELMIA Apriso production management system, related to deficiencies in the authentication process, allows a perpetrator to gain privileged access to the application.
The vulnerability of the DELMIA Apriso production management system is related to the lack of privileges required to access the application. Exploiting this vulnerability could allow a malicious actor to gain privileged access to the application remotely...
The vulnerability of Delta Electronics’ DIAView SCADA system lies in the incorrect limitation of the path name to the catalog, allowing a intruder to disclose protected information.
The vulnerability of the SCADA system from Delta Electronics’ DIAView relates to incorrect restrictions on the name of the path leading to the catalog. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information about infected Delta Electronics DIAView...
The vulnerability of the ConnectToSynactis method of the ActiveX Synactis PDF In-The-Box control (PDF_IN_1.ocx) allows a attacker to execute arbitrary code.
The vulnerability of the ConnectToSynactis method of the ActiveX Synactis PDF In-The-Box control PDFIN1.ocx is related to the issue of operations going out of the buffer in memory when the code generation is not properly managed. Exploiting this vulnerability could allow a remote attacker to...
The vulnerability of the formSetFirewallRule() function in TRENDnet TEW-432BRP router software allows a hacker to execute arbitrary code.
The vulnerability of the formSetFirewallRule function in TRENDnet TEW-432BRP router software lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the PowerChute Serial Shutdown software for managing uninterruptible power supplies is related to incorrect restrictions on the path name to the restricted access directory. This allows a intruder to write arbitrary files.
The vulnerability of the PowerChute Serial Shutdown software for managing uninterruptible power sources is related to an incorrect restriction on the path name to the restricted access directory. Exploiting this vulnerability could allow a malicious actor to write arbitrary files...
The vulnerability of the setSyslogCfg() function in the cgi-bin/cstecgi.cgi script of the TOTOLINK A7100RU router’s software allows a intruder to execute arbitrary commands.
The vulnerability of the setSyslogCfg function in the cgi-bin/cstecgi.cgi script of the TOTOLINK A7100RU router’s microprogramming system is related to the lack of measures taken to protect data at the management level. Exploiting this vulnerability could allow a malicious actor to execute...
The vulnerability of the setUrlFilterRules() function in the cgi-bin/cstecgi.cgi script of the TOTOLINK A7100RU router’s microprogramming software allows a perpetrator to execute arbitrary commands.
The vulnerability of the setUrlFilterRules function in the cgi-bin/cstecgi.cgi script of the TOTOLINK A7100RU router’s microprogramming system is related to the lack of measures taken at the management level to prevent data corruption. Exploiting this vulnerability could allow a remote attacker t...
The vulnerability of the implementation of the time series collection in the MongoDB database management system allows a hacker to execute arbitrary code.
The vulnerability of the MongoDB database management system’s time series collection implementation is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker operating remotely to execute arbitrary code...
The software for deploying and executing AI models, NVIDIA Triton Inference Server (previously TensorRT Inference Server), is vulnerable due to synchronization errors when using a shared resource. This vulnerability allows attackers to cause service failures.
The vulnerability of the software for deploying and executing AI models in NVIDIA Triton Inference Server previously known as TensorRT Inference Server stems from synchronization errors when using a shared resource. Exploiting this vulnerability can allow a malicious actor to cause service failur...
The vulnerability of the SENADB microprogramming software for Epson printers and scanners allows a hacker to elevate their privileges and execute arbitrary code.
The vulnerability of the SENADB microprogramming software for Epson AcuLaser CX17NF-WF printers and scanners is related to the absence of quotation marks in the code for elements or search paths. Exploiting this vulnerability can allow an attacker to gain elevated privileges and execute arbitrary...
The vulnerability of the SonicOS operating system, related to insufficient handling of format lines, allows a hacker to trigger a service failure.
The vulnerability of the SonicOS operating system is related to insufficient handling of format lines. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the libarchive library, related to reading beyond the buffer in memory, allows an attacker to disclose protected information.
The vulnerability of the libarchive library is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to disclose the protected information...
The vulnerability of the wxAdminLogin() function in the Metinfo CMS system allows a hacker to execute arbitrary code.
The vulnerability of the wxAdminLogin function in the Metinfo CMS system is related to incorrect code generation. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the platform for customer support and IT service management lies in errors related to access control to saved backup files and configurations. This allows attackers to impersonate users without the need for authentication.
The vulnerability of the customer support and IT service management platform is related to errors in restricting access to saved backup files and configurations. Exploiting this vulnerability allows a malicious actor to impersonate users without the need for authentication...
The vulnerability of the Boards API (Focalboard) interface of the Mattermost instant messaging application, which allows a malicious user to gain unauthorized access to protected information.
The vulnerability of the Boards API Focalboard interface of the Mattermost instant messaging application relates to bypassing authentication using a user-controlled key. Exploiting this vulnerability could allow an intruder, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the formSysLog() function in TRENDnet TEW-432BRP router software allows a hacker to execute arbitrary code.
The vulnerability of the formSysLog function in TRENDnet TEW-432BRP router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the Mocca Calendar application lies in the improperly encrypted color and text fields in the event modal window, which allows attackers to perform cross-site scripting attacks.
The vulnerability of the Mocca Calendar application exists because the background and text colors in the event details panel are not properly encrypted. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...
The vulnerability of the Platinum Host Service antivirus software, Trend Micro Internet Security, allows a hacker to execute arbitrary code within the SYSTEM context.
The vulnerability of the Platinum Host Service antivirus software, Trend Micro Internet Security, is related to improper termination or release of resources. Exploiting this vulnerability can allow an attacker to execute arbitrary code within the context of the SYSTEM process...
The vulnerability of the SSH service in the TP-Link Archer C64 router’s microprogramming software allows a attacker to execute a brute-force attack.
The vulnerability of the SSH service in TP-Link Archer C64 software routers involves bypassing authentication by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to execute a brute-force attack remotely...
The vulnerability of the HTTP GET Request Handler component of the LibreChat artificial intelligence-based platform allows a attacker to perform XSS attacks.
The vulnerability of the HTTP GET Request Handler component of the LibreChat artificial intelligence-based platform is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
The vulnerability in the mission_block.cpp component of the PX4 Autopilot system allows a intruder to alter the flight path of the aircraft.
The vulnerability of the missionblock.cpp component in the PX4 Autopilot system management software is related to incorrect handling of values. Exploiting this vulnerability could allow an attacker to alter the flight path of the aircraft...
The vulnerability of the npm library Color, related to the presence of undeclared features, allows a hacker to execute arbitrary code.
The vulnerability of the npm library Color is related to the presence of undeclared features. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the server audit plugin of the MariaDB database management system allows attackers to bypass existing security mechanisms.
The vulnerability of the server audit plugin of the MariaDB database management system is related to security configuration errors. Exploiting this vulnerability could allow a malicious actor to bypass existing security mechanisms remotely...
The vulnerability of the function for creating __screenshot-error screenshots in the software testing tool Vitest allows a hacker to execute arbitrary code.
The vulnerability of the screenshot-error function in the software testing tool Vitest relates to an incorrect limitation on the path to the restricted-access directory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code and disclose confidential information...
The vulnerability of the setWanCfg() function in the cgi-bin/cstecgi.cgi script of the TOTOLINK A7100RU router’s software allows a hacker to execute arbitrary commands.
The vulnerability of the setWanCfg function in the cgi-bin/cstecgi.cgi script of the TOTOLINK A7100RU router’s software is related to the lack of measures for cleaning input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary commands...
The vulnerability of the PowerChute Serial Shutdown software for managing uninterruptible power supplies arises from improper encoding or shielding of output data. This allows a intruder to compromise the integrity of the protected information.
The vulnerability of the PowerChute Serial Shutdown software for managing uninterruptible power sources is related to improper encoding or shielding of output data. Exploiting this vulnerability could allow an attacker operating remotely to compromise the integrity of the protected information...
The vulnerability of the setLedCfg() function in the cgi-bin/cstecgi.cgi script of the TOTOLINK A7100RU router’s software allows a intruder to execute arbitrary commands.
The vulnerability of the setLedCfg function in the cgi-bin/cstecgi.cgi script of the TOTOLINK A7100RU router’s microprogramming software is related to the lack of measures taken to protect data at the control level. Exploiting this vulnerability could allow an attacker to execute arbitrary comman...
The vulnerability of the setIpQosRules() function in the cgi-bin/cstecgi.cgi script of the TOTOLINK A7100RU router’s microprogramming software allows a perpetrator to execute arbitrary commands.
The vulnerability of the setIpQosRules function in the cgi-bin/cstecgi.cgi script of the TOTOLINK A7100RU router’s microprogramming software is related to the lack of measures taken at the management level to protect data. Exploiting this vulnerability could allow a remote attacker to execute...
The vulnerability of the setPortalConfWeChat() function in the cgi-bin/cstecgi.cgi script of the TOTOLINK A7100RU router’s microprogramming software allows a hacker to execute arbitrary commands.
The vulnerability of the setPortalConfWeChat function in the cgi-bin/cstecgi.cgi script of the TOTOLINK A7100RU router’s microprogramming system is related to the lack of measures taken at the management level to protect data. Exploiting this vulnerability could allow an attacker to execute...
The vulnerability of the vsetTr069Cfg() function (/cgi-bin/cstecgi.cgi) in the Totolink A3300R router software allows a hacker to bypass existing security restrictions and execute arbitrary commands.
The vulnerability of the vsetTr069Cfg function /cgi-bin/cstecgi.cgi of the Totolink A3300R router software is related to the failure to eliminate special elements used in the operating system’s command for processing the stunpass parameter. Exploiting this vulnerability allows a malicious actor t...
The vulnerability of the useMarkdown component in the AIRI utility allows attackers to perform cross-site scripting (XSS) attacks.
The vulnerability of the useMarkdown component in the AIRI utility involves improper handling of code generation. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting XSS attacks...
The vulnerability of the setWiFiGuestCfg() function in TOTOLINK LR350 router software allows a intruder to trigger a service failure.
The vulnerability of the setWiFiGuestCfg function in TOTOLINK LR350 router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failure...
The vulnerability of NVIDIA NeMo’s integrated platform for training and applying neural networks in speech processing and natural language processing lies in its ability to restore unreliable data in memory. This allows attackers to execute arbitrary code, gain unauthorized access to protected information, and replace data.
The vulnerability of NVIDIA NeMo’s integrated platform for training and applying neural networks in speech processing and natural language processing is related to the recovery of unreliable data in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code, gain...
The vulnerability of the learning platform IQ SCHOOL, related to deficiencies in the authentication process, allows unauthorized access to protected information.
The vulnerability of the learning platform IQ SCHOOL is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the msgpack module in the Mattermost instant messaging application allows a hacker to trigger a service failure.
The vulnerability of the msgpack module in the Mattermost instant messaging application is related to an uncontrolled memory consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the pstrip64.sys driver, a utility for configuring video card and monitor parameters, allows a hacker to modify critical kernel structures or increase their privileges.
The vulnerability of the pstrip64.sys driver, a utility for configuring video card and monitor parameters, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to modify critical kernel structures or increase their privileges...
The vulnerability of the Mattermost instant messaging application, related to uncontrolled resource consumption, allows a hacker to cause a service failure.
The vulnerability of the Mattermost instant messaging application is related to an uncontrolled resource consumption when processing TIFF files. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the distribution tool’s dissemination function for storing and delivering content within containers is related to access control errors, allowing attackers to enhance their privileges.
The vulnerability of the distribution tool’s dissemination function related to access control errors. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remotely...
The vulnerability of the PowerChute Serial Shutdown software for managing uninterruptible power sources is related to insufficient restrictions on authentication attempts. This allows a intruder to compromise the accessibility of protected information.
The vulnerability of the PowerChute Serial Shutdown software for managing uninterruptible power sources is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability could allow an attacker, operating remotely, to compromise the accessibility of protected...
The vulnerability of the setPptpServerCfg() function in the cgi-bin/cstecgi.cgi script of the TOTOLINK A7100RU router’s microprogramming software allows a perpetrator to execute arbitrary commands.
The vulnerability of the setPptpServerCfg function in the cgi-bin/cstecgi.cgi script of the TOTOLINK A7100RU router’s microprogramming system is related to the lack of measures taken at the control level to protect data. Exploiting this vulnerability could allow an attacker to execute arbitrary...
The vulnerability of the setPasswordCfg() function in the microprogramming software for TOTOLink A7100RU allows a hacker to execute arbitrary commands.
The vulnerability of the setPasswordCfg function in the microprogramming software for TOTOLink A7100RU lies in the lack of measures taken to protect data at the control level. Exploiting this vulnerability could allow a remote attacker to execute arbitrary commands...
The software for deploying and executing AI models, NVIDIA Triton Inference Server (previously TensorRT Inference Server), is vulnerable due to synchronization errors when using a shared resource. This vulnerability allows attackers to cause service failures.
The vulnerability of the software for deploying and executing AI models in NVIDIA Triton Inference Server previously known as TensorRT Inference Server stems from synchronization errors when using a shared resource. Exploiting this vulnerability can allow a malicious actor to cause service failur...
The vulnerability of the training library for NVIDIA Megatron-LM, related to the restoration of unreliable data in memory, allows attackers to execute arbitrary code, gain unauthorized access to protected information, and replace data.
The vulnerability of the NVIDIA Megatron-LM training library relates to the restoration of unreliable data in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code, gain elevated privileges, obtain unauthorized access to protected information, and replace data using ...
The vulnerability of the training library for NVIDIA Megatron-LM, related to the restoration of unreliable data in memory, allows attackers to execute arbitrary code, gain unauthorized access to protected information, and replace data.
The vulnerability of the NVIDIA Megatron-LM training library relates to the restoration of unreliable data in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code, gain elevated privileges, obtain unauthorized access to protected information, and replace data using ...
The vulnerability of the training library for NVIDIA Megatron-LM, related to the restoration of unreliable data in memory, allows attackers to execute arbitrary code, gain unauthorized access to protected information, and replace data.
The vulnerability of the NVIDIA Megatron-LM training library relates to the restoration of unreliable data in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code, gain elevated privileges, obtain unauthorized access to protected information, and replace data...
The vulnerability of the hybrid transformation library’s script for training large language models like NVIDIA Megatron-LM allows attackers to execute arbitrary code, gain elevated privileges, obtain unauthorized access to protected information, and perform data substitution attacks.
The vulnerability of the hybrid transformation library for training large language models like NVIDIA Megatron-LM involves the restoration of unreliable data in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code, gain elevated privileges, obtain unauthorized acces...
The vulnerability of the PIM Core Upload module of the PHP software platform pimcore allows a attacker to perform XSS attacks.
The vulnerability of the PIM Core Upload module of the PHP software platform, pimcore, is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
The vulnerability of the FlinkSessionJob component in the automation tool for deploying, managing, and scaling a distributed data processing platform. This vulnerability allows attackers to gain unauthorized access to protected information.
The vulnerability of the FlinkSessionJob component in the automation tool for deploying, managing, and scaling a distributed data processing platform called Apache Flink Kubernetes Operator is related to the use of files and directories accessible to external parties. Exploiting this vulnerabilit...
The vulnerability of the Mattermost instant messaging application, related to insufficient checking of unusual or exceptional states, allows a hacker to trigger a service failure.
The vulnerability of the Mattermost instant messaging application is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service failures...