The vulnerability of the Applitools Eyes plugin in Jenkins automation servers, related to the storage of information in an open manner, allows a malicious actor to gain unauthorized access to the protected information.

The vulnerability of the Applitools Eyes plugin in Jenkins automation servers lies in the fact that information is stored in an open manner within the config.xml configuration file. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to the...

The vulnerability of the StateRepository service in the Windows operating system allows a perpetrator to gain access to read and modify data.

The vulnerability of the StateRepository service in the Windows operating system is related to the lack of authentication. Exploiting this vulnerability can allow an attacker to gain access to read and modify data...

The vulnerability of the Windows RRAS operating system’s routing and remote access service allows a hacker to execute arbitrary code.

The vulnerability of the Windows RRAS operating system’s routing and remote access service is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the DWG File Parser component of the CADImage plugin for IrfanView, a software for viewing and playing graphic, video, and audio files, allows a malicious actor to execute arbitrary code within the context of the current process.

The vulnerability of the DWG File Parser component in the CADImage plugin for IrfanView software, which is used for viewing and playing graphic, video, and audio files, relates to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute...

The vulnerability of the multipart/form-data component in the web framework and the asynchronous networking library Tornado, which allows a hacker to trigger a service failure

The vulnerability of the multipart/form-data component of the web framework and the asynchronous networking library Tornado is related to the use of incorrect authentication tokens due to unlimited resource distribution. Exploiting this vulnerability can allow a malicious actor to cause service...

The vulnerability of Websoft HCM’s automation software for HR processes stems from the use of open redirection. This allows attackers to redirect users to any arbitrary URL address.

The vulnerability of Websoft HCM’s automation software for HR processes is related to the use of open redirection. Exploiting this vulnerability allows a malicious actor to redirect users to any arbitrary URL address from a remote location...

The vulnerability of the Jenkins continuous integration server’s HTML plugin arises from incorrect path name restrictions for the catalog directory, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the Jenkins automation server plugin is related to an incorrect restriction on the path to the catalog. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

The vulnerability of the QMetry Test Management plugin for Jenkins’ automation server lies in the fact that the API keys of Qmetry Automation are stored publicly, allowing an attacker to gain unauthorized access to the protected information.

The vulnerability of the QMetry Test Management plugin for the Jenkins server relates to the storage of Qmetry Automation API keys in an open manner within the config.xml file. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

The vulnerability of the IBM Cloud DevOps server’s Jenkins plugin, related to the storage of keys in an open manner, allows a hacker to gain unauthorized access to protected information.

The vulnerability of the IBM Cloud DevOps server’s Jenkins plugin lies in the fact that keys are stored publicly in the config.xml file. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

The vulnerability of the web interface of the software for managing the infrastructure of the EcoStruxure IT Data Center Expert allows a perpetrator to execute arbitrary code.

The vulnerability of the web interface of the software for managing the infrastructure of the EcoStruxure IT Data Center Expert is related to the failure to take measures to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by creating ...

The vulnerability of the Windows GDI component in Microsoft Windows operating systems allows attackers to disclose protected information.

The vulnerability of the Windows GDI component in Microsoft Windows systems is related to a breach of data protection mechanisms. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose protected information...

The vulnerability of the DWG File Parser component of the CADImage plugin for IrfanView, a software for viewing and playing graphic, video, and audio files, allows a malicious actor to execute arbitrary code within the context of the current process.

The vulnerability of the DWG File Parser component in the CADImage plugin for IrfanView software, which is used for viewing and playing graphic, video, and audio files, relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an...

The vulnerability of the Windows Media component in Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the Windows Media component in Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the system administration program Sudo, related to deficiencies in authentication mechanisms, allows attackers to escalate their privileges.

The vulnerability of the system administration program Sudo is related to deficiencies in the authentication mechanism. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability of the sudo system administration program, related to the activation of functions from an untrusted controlled area when using the "-R" ("--chroot") option, allows a perpetrator to execute arbitrary code and increase their privileges.

The vulnerability of the sudo system administration program relates to the inclusion of functions from an unverified controlled area when the "-R" "--chroot" option is used. Exploiting this vulnerability allows a malicious actor to execute arbitrary code and increase their privileges by placing t...

The vulnerability of the ReadyAPI Functional Testing plugin for Jenkins servers lies in the storage of registration data in an open manner, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the ReadyAPI Functional Testing plugin for the Jenkins automation server lies in the way registration data is stored in an open manner within the config.xml file. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

The vulnerability of the Applitools Eyes plugin in Jenkins automation servers, related to the lack of security measures for website structure protection, allows attackers to perform cross-site scripting attacks.

The vulnerability of the Applitools Eyes plugin in Jenkins automation servers is related to the lack of security measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of the Windows RRAS operating system’s routing and remote access service allows a hacker to execute arbitrary code.

The vulnerability of the Windows RRAS operating system’s routing and remote access service is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Windows RRAS operating system’s routing and remote access service allows a hacker to execute arbitrary code.

The vulnerability of the Windows RRAS operating system’s routing and remote access service is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Jenkins automation server’s Testsigma Test Plan plugin, related to the storage of keys in an open manner, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Jenkins automation server’s Testsigma Test Plan plugin lies in the storage of keys in an open manner within the config.xml file. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to protected information...

The vulnerability of the DWG File Parser component of the CADImage plugin for IrfanView, a software for viewing and playing graphic, video, and audio files, allows a malicious actor to execute arbitrary code within the context of the current process.

The vulnerability of the DWG File Parser component in the CADImage plugin for IrfanView software, which is used for viewing and playing graphic, video, and audio files, relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an...

The vulnerability of the Universal Print Management Service on the Microsoft Windows operating system allows a perpetrator to increase their privileges.

The vulnerability of the Universal Print Management Service on the Microsoft Windows operating system is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the DWG File Parser component of the CADImage plugin for IrfanView, a software for viewing and playing graphic, video, and audio files, allows a malicious actor to execute arbitrary code within the context of the current process.

The vulnerability of the DWG File Parser component in the CADImage plugin for IrfanView software, which is used for viewing and playing graphic, video, and audio files, relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an...

The vulnerability of the Aqua Security Scanner plugin in the Jenkins automation server, related to the lack of data encryption measures, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Aqua Security Scanner plugin in the Jenkins automation server is related to the lack of data encryption measures. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Windows Virtual Hard Disk component of the Microsoft Windows operating system, which allows a hacker to exploit their privileges

The vulnerability of the Windows Virtual Hard Disk component of the Microsoft Windows operating system is related to operations that go beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Windows RRAS operating system’s routing and remote access service allows a hacker to execute arbitrary code.

The vulnerability of the Windows RRAS operating system’s routing and remote access service is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Windows QoS Scheduler Driver, which allows attackers to increase their privileges on Windows operating systems

The vulnerability of the Windows QoS Scheduler Driver affects operating systems with Windows, and it is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow attackers to gain increased privileges...

The vulnerability of the Apica Loadtest plugin for Jenkins’ automation server lies in the fact that registration data is stored in an open manner, allowing a malicious actor to gain unauthorized access to the protected information.

The vulnerability of the Apica Loadtest plugin for Jenkins-based automation servers lies in the way registration data is stored in an open manner within the config.xml file. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

The vulnerability of the Windows RRAS operating system’s routing and remote access service allows a hacker to execute arbitrary code.

The vulnerability of the Windows RRAS operating system’s routing and remote access service is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted malicious request remotely...

The vulnerability of the Windows RRAS operating system’s routing and remote access service allows a hacker to execute arbitrary code.

The vulnerability of the Windows RRAS operating system’s routing and remote access service is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Jenkins automation server plugin VAddy, related to the storage of keys in an open manner, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Jenkins automation server plugin VAddy lies in the storage of keys in an open manner within the config.xml file. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to protected information...

The vulnerability of the Microsoft SQL Server relational database management system, related to insufficient validation of input data, allows attackers to disclose sensitive information that should be protected.

The vulnerability of the Microsoft SQL Server relational database management system is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

The vulnerability of the client of the Remote Desktop Client for Microsoft Windows operating systems allows a perpetrator to carry out spoofing attacks.

The vulnerability of the Remote Desktop Client for Microsoft Windows operating systems relates to the absence of warnings about dangerous actions. Exploiting this vulnerability allows a malicious actor to carry out spoofing attacks remotely...

The vulnerability of the Kernel Streaming WOW Thunk Service Driver (ksthunk.sys) in Windows operating systems, which allows a hacker to increase their privileges

The vulnerability of the Kernel Streaming WOW Thunk Service Driver ksthunk.sys in Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of Websoft HCM’s automation software for HR processes stems from insufficient validation of input data, allowing attackers to gain unauthorized access to protected information.

The vulnerability of Websoft HCM’s automation software for HR processes is related to insufficient verification of entered data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information by sending a specially crafted XQuery quer...

The vulnerability of the Adobe Framemaker desktop publishing system, related to writing beyond the buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Framemaker desktop publishing system lies in the writing of code beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of the Adobe Framemaker desktop publishing system, related to writing beyond the buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Framemaker desktop publishing system lies in the writing of code beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of Websoft HCM’s automation software for HR processes lies in the lack of measures taken to protect the website structure, allowing attackers to carry out XSS attacks.

The vulnerability of Websoft HCM’s automation software for HR processes is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks by sending specially crafted HTTP requests remotely...

The vulnerability of the Adobe Framemaker desktop publishing system, related to integer overflow, allows a hacker to execute arbitrary code.

The vulnerability of the desktop publishing system Adobe Framemaker is related to a potential integer overflow. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of the Live-Restore parameter in software for remote IT support and monitoring of Dell Secure Connect Gateway (SCG) allows a hacker to circumvent existing security restrictions.

The vulnerability of the Live-Restore parameter in software for remote IT support and monitoring of Dell Secure Connect Gateway SCG is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor to circumvent existing security restrictions...

The vulnerability of the Windows operating system’s kernel allows attackers to disclose sensitive information that is protected by security measures.

The vulnerability of the Windows operating system’s kernel is related to insufficient protection of privileged functions. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability of the Adobe Framemaker desktop publishing system, related to writing beyond the buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Framemaker desktop publishing system lies in the writing of code beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of the Windows operating system’s tcpip.sys driver allows attackers to increase their privileges.

The vulnerability of the Windows TCP/IP.sys driver is related to the assignment of the null pointer. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability of the Windows Virtual Hard Disk component allows attackers to exploit their privileges.

The vulnerability of the Windows Virtual Hard Disk component in Windows operating systems is related to operations that go beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability of Windows operating system storage devices, which allows attackers to perform spoofing attacks

The vulnerability of Windows operating system storage devices is related to improper external management of file names or file paths. Exploiting this vulnerability allows a remote attacker to perform spoofing attacks...

The vulnerability of the Microsoft 365 Apps for Enterprise package, related to the use of cryptographic algorithms containing defects, allows a hacker to circumvent security restrictions.

The vulnerability of the Microsoft 365 Apps for Enterprise package is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow an attacker to circumvent security restrictions...

The vulnerability of the Secure Kernel Mode mode in Windows operating systems allows attackers to disclose protected information.

The vulnerability of the Secure Kernel Mode feature in Windows operating systems is related to modifications made to critical security-related code. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability of the Brokering File System (BFS) in Windows operating systems allows a perpetrator to increase their privileges.

The vulnerability of the Brokering File System BFS in Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Windows RRAS operating system’s routing and remote access services allows a hacker to execute arbitrary code.

The vulnerability of the Windows RRAS routing and remote access service is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the desktop publishing system Adobe Framemaker lies in the overflow of buffers in dynamic memory, allowing an attacker to execute arbitrary code.

The vulnerability of the desktop publishing system Adobe Framemaker is related to overflowing buffers in dynamic memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...