The vulnerability of the Remote Desktop Licensing Service for Windows operating systems allows a hacker to circumvent security restrictions.

The vulnerability of the Remote Desktop Licensing Service for Windows operating systems stems from the lack of authentication for a critical function. Exploiting this vulnerability allows a malicious actor to bypass security restrictions remotely...

The vulnerability of Websoft HCM’s automation software for HR processes lies in the lack of measures taken to protect the website structure, allowing attackers to carry out XSS attacks.

The vulnerability of Websoft HCM’s automation software for HR processes is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks by injecting specially crafted JavaScript code into HTML pages...

The vulnerability of the “Maxima Praidex” electronic queue management system lies in the lack of measures taken to protect the SQL query structure, allowing attackers to execute arbitrary code.

The vulnerability of the “Maxima Praidex” electronic queue management system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted SQL query remotely...

The vulnerability of Websoft HCM’s automation software for HR processes lies in the exposure to information due to inconsistencies, allowing attackers to disclose protected information.

The vulnerability of Websoft HCM’s automation software for HR processes is related to the exposure of information due to inconsistencies. Exploiting this vulnerability allows a malicious actor to disclose the protected information remotely...

The vulnerability of the software for remote IT support and monitoring of Dell Secure Connect Gateway (SCG) arises from the lack of protective measures for the SQL query structure. This allows attackers to disclose sensitive information that should be protected.

The vulnerability of software for remote IT support and monitoring of Dell Secure Connect Gateway SCG is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow attackers to disclose sensitive information...

The vulnerability of Websoft HCM’s automation software for HR processes stems from the lack of measures taken to neutralize special elements used in the operating system’s commands. This allows attackers to execute arbitrary commands.

The vulnerability of Websoft HCM’s automation software for HR processes is related to the lack of measures taken to neutralize special elements used in the operating system’s commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by invoking methods from th...

The vulnerability of the Windows RRAS operating system’s routing and remote access services allows a hacker to execute arbitrary code.

The vulnerability of the Windows RRAS routing and remote access service is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Kerberos protocol for Windows operating systems allows a perpetrator to cause a service failure.

The vulnerability of the Kerberos protocol for Windows operating systems lies in the fact that the operation occurs outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to cause service failures remotely...

The vulnerability of the Windows Ancillary Function Driver for WinSock on Windows operating systems allows attackers to exploit their privileges.

The vulnerability of the Windows Ancillary Function Driver for WinSock operating systems is related to the use of a non-trusted pointer. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability of the operating environment for managing and maintaining the Dell Unity Operating Environment (DELL Unity Operating Environment) storage system lies in the lack of measures taken to neutralize special elements used in the operating system’s command set. This allows attackers to enhance their privileges and execute arbitrary commands.

The vulnerability of the Dell Unity Operating Environment’s operating system for storing and managing data involves the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability can allow a malicious actor to increase their...

The vulnerability of the software for remote IT support and monitoring of Dell Secure Connect Gateway (SCG) arises from the lack of proper input validation when requesting external server authentication. This allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of software for remote IT support and monitoring of Dell Secure Connect Gateway SCG lies in the lack of proper input validation when requesting external server authentication. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected informatio...

The vulnerability of the Secure Kernel Mode mode in Windows operating systems allows attackers to disclose protected information.

The vulnerability of the Secure Kernel Mode feature in Windows operating systems is related to modifications made to critical security-related code. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability of the Adobe Framemaker desktop publishing system, related to writing beyond the buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Framemaker desktop publishing system lies in the writing of code beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of the Adobe Framemaker desktop publishing system, related to integer overflow, allows a hacker to execute arbitrary code.

The vulnerability of the desktop publishing system Adobe Framemaker is related to a potential integer overflow. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of Microsoft 365 Apps for Enterprise and Microsoft Office, related to the use of memory after it is freed, allows a perpetrator to execute arbitrary code.

The vulnerability of Microsoft 365 Apps for Enterprise and Microsoft Office lies in the use of memory after it is released. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of the Windows Event Tracing service allows attackers to exploit their privileges.

The vulnerability of the Windows Event Tracing service in operating systems is related to the misuse of a trusted pointer. Exploiting this vulnerability can allow attackers to gain increased privileges...

The vulnerability of the Windows Virtual Hard Disk component of the Windows operating system allows attackers to exploit their privileges.

The vulnerability of the Windows Virtual Hard Disk component of the Windows operating system is related to the dereferencing of an unreliable pointer. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability of the Substance 3D Sampler software for creating textures and materials for 3D models allows a hacker to execute arbitrary code within the context of the current user. This vulnerability is related to writing beyond the buffer boundaries.

The vulnerability of the Substance 3D Sampler software for creating textures and materials for 3D models involves writing beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to execute arbitrary code in the context of the current user...

The vulnerability of the Solutions App operating system, ctrlX OS, allows a perpetrator to write arbitrary files to arbitrary locations within the file system.

The vulnerability of the Solutions App operating system ctrlX OS is related to errors in processing relative path operations when accessing directories. Exploiting this vulnerability allows a malicious actor to write arbitrary files to arbitrary locations in the file system by sending specially...

The vulnerability in the web interface of the software platform for managing calls in the Cisco Unified Intelligent Contact Management Enterprise system allows a perpetrator to perform cross-site scripting attacks.

The vulnerability in the web interface of the software platform for managing calls in the Cisco Unified Intelligent Contact Management Enterprise system is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform...

The vulnerability of the Cisco Identity Services Engine (ISE) platform, a control plane for network policies, stems from insufficient validation of input data. This allows attackers to execute arbitrary code.

The vulnerability of the Cisco Identity Services Engine ISE platform-related network policy management platform is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the Response Header Handler component in the Craft CMS system allows a hacker to execute arbitrary code.

The vulnerability of the Response Header Handler component in the Craft CMS content management system is related to errors in HTTP request processing. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Apache Traffic Server web server, related to deficiencies in access control, allows attackers to compromise the confidentiality of protected information.

The vulnerability of the Apache Traffic Server web server is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality of the information being protected...

The vulnerability of the Calendar Storage module in the EMUI operating system of HarmonyOS, related to deficiencies in access control, allows attackers to gain access to read and modify data.

The vulnerability of the Calendar Storage module in the EMUI operating system of HarmonyOS is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain access to read and modify data...

The vulnerability of the CLI component of the Brocade Fabric OS operating system allows a hacker to disclose protected information.

The vulnerability of the CLI component of the Brocade Fabric OS operating system is related to an incorrect limitation on the path name to the restricted-access directory. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

The vulnerability of the CADImage plugin in the IrfanView software, which is used for viewing and playing graphic, video, and audio files, allows a hacker to execute arbitrary code.

The vulnerability of the CADImage plugin in IrfanView, a program for viewing and playing graphic, video, and audio files, relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code using specially...

The vulnerability of the CADImage plugin in the IrfanView software, which is used for viewing and playing graphic, video, and audio files, allows a hacker to execute arbitrary code.

The vulnerability of the CADImage plugin in IrfanView, a program for viewing and playing graphic, video, and audio files, is related to memory corruption. Exploiting this vulnerability could allow an attacker to execute arbitrary code using specially crafted DWG format files...

The vulnerability of the CADImage plugin in the IrfanView software, which is used for viewing and playing graphic, video, and audio files, allows a hacker to execute arbitrary code.

The vulnerability of the CADImage plugin in IrfanView, a program for viewing and playing graphic, video, and audio files, is related to memory corruption. Exploiting this vulnerability could allow an attacker to execute arbitrary code using specially crafted DWG format files...

The vulnerability of the Device Admin App operating system ctrlX OS allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Device Admin App on the ctrlX OS platform is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information by sending specially crafted HTTP requests...

The vulnerability of the CADImage plugin in the IrfanView software, which is used for viewing and playing graphic, video, and audio files, allows a hacker to execute arbitrary code.

The vulnerability of the CADImage plugin in IrfanView, a program for viewing and playing graphic, video, and audio files, is related to memory corruption. Exploiting this vulnerability could allow an attacker to execute arbitrary code using specially crafted DWG format files...

The vulnerability of the Dataease database management system, related to improper elimination of surrogate characters, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Dataease database management system is related to the improper elimination of surrogate characters when connecting to PostgreSQL and Redshift databases. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the...

The vulnerability of the “Import from XML and YML” plugin exists due to the lack of protective measures for website structure. This allows attackers to execute XSS attacks.

The vulnerability of the “Import from XML, and YML” plugin exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

The vulnerability of the Session Cookie Handler component in the microprogramming-based Ethernet modules WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN allows a hacker to obtain user passwords by force.

The vulnerability of the Session Cookie Handler component in the microprogramming-based Ethernet modules WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN relates to the ability to retrieve user credentials. Exploiting this vulnerability could allow a malicious actor to obtain user passwords through...

The vulnerability of the Apache Kafka message dispatcher, related to deserialization mechanism flaws, allows attackers to execute remote code.

The vulnerability of the Apache Kafka message dispatcher is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute remote code...

The vulnerability of the Apache Kafka message dispatcher, related to deserialization mechanism flaws, allows attackers to trigger a service failure.

The vulnerability of the Apache Kafka message broker is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability can allow a malicious actor to cause a service failure...

The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom; the software for modeling and analyzing 3D models in Autodesk Navisworks Simulate; and the software for analyzing, coordinating, and verifying 3D models and project data in Autodesk Navisworks Manage, allows a malicious actor to execute arbitrary code.

The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom, as well as the software for modeling, analyzing, and simulating 3D models in Autodesk Navisworks Simulate, and the software for analyzing, coordinating, and verifying 3D...

The vulnerability of the distributed collaborative operating system HarmonyOS’s framework allows a perpetrator to compromise the confidentiality of the protected information.

The vulnerability of the HarmonyOS distributed collaborative work framework relates to the bypassing of authentication due to a fundamental flaw. Exploiting this vulnerability allows an attacker to remotely compromise the confidentiality of the protected information...

Vulnerability of the wfxUploadAp_templates() function in the drivers/net/wireless/silabs/wfx/sta.c module – A driver for supporting wireless connection adapters from Silicon Laboratories’ Linux-based operating systems. This vulnerability allows a hacker to cause a service failure.

Vulnerability of the wfxUploadAptemplates function in the drivers/net/wireless/silabs/wfx/sta.c module – The wireless adapter support driver from Silicon Laboratories for Linux operating systems is vulnerable due to a NULL pointer dereferencing issue. Exploiting this vulnerability could allow an...

The vulnerability of the API component of the Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) allows a perpetrator to load arbitrary files.

The vulnerability of the Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC API components is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to upload arbitrary files remotely...

The vulnerability of the MQTT protocol implementation in the web interface of the microprogramming-based controller ABB RMC-100 and RMC-100-LITE allows a intruder to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerability of the MQTT protocol implementation in the web interface of the microprogrammable controller ABB RMC-100 and RMC-100-LITE devices lies in the use of a rigidly encrypted cryptographic key. Exploiting this vulnerability could allow an attacker to bypass security restrictions and...

The vulnerability of the “Export/Import Products to Excel” plugin, which exists due to the lack of protective measures for the website structure, allows attackers to carry out XSS attacks.

The vulnerability of the “Export/Import Products to Excel” plugin exists due to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

The vulnerability of the “Export to Excel” plugin, which exists due to the lack of protective measures for website structures, allows attackers to carry out XSS attacks.

The vulnerability of the “Export to Excel” plugin exists due to the lack of security measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

The vulnerability of the Windows operating system update service allows a hacker to elevate their privileges to a system level.

The vulnerability of the Windows Operating System Update Service lies in the improper handling of symbolic links during file access. Exploiting this vulnerability can allow an attacker to elevate their privileges to a system-level level by performing operations such as deleting, moving, or renami...

The vulnerability of the xmlrpc component in the Apache Nuttx operating system, which allows a hacker to trigger a service failure.

The vulnerability of the xmlrpc component in the Apache Nuttx operating system is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom; the software for modeling and analyzing 3D models in Autodesk Navisworks Simulate; and the software for analyzing, coordinating, and verifying 3D models and project data in Autodesk Navisworks Manage, allows a malicious individual to execute arbitrary code.

The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom, as well as the software for modeling, analyzing, and simulating 3D models in Autodesk Navisworks Simulate, and the software for analyzing, coordinating, and verifying 3D...

The vulnerability of the Discrete Device Assignment (DDA) function in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Discrete Device Assignment DDA function in Windows operating systems is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability in the web interface of the software for monitoring social networks on the Cisco Customer Collaboration Platform (formerly Cisco SocialMiner) allows a perpetrator to disclose protected information.

The vulnerability of the web interface of the software for monitoring social networks on the Cisco Customer Collaboration Platform formerly Cisco SocialMiner is related to errors in information processing. Exploiting this vulnerability can allow a malicious actor to disclose protected information...

The vulnerability of the “Accent” platform, related to the failure to protect the SQL query structure, allows unauthorized access to protected information.

The vulnerability of the “Accent” platform lies in the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Reader Document Cloud, Adobe Acrobat 2024, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 involve reading beyond the buffer in memory. This allows attackers to bypass the ASLR protection mechanism and gain unauthorized access to protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Reader Document Cloud, Adobe Acrobat 2024, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 are related to reading data beyond the buffer in memory. Exploiting these vulnerabilities can allow...

The vulnerability of the EMUI audio framework of the HarmonyOS operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the EMUI audio framework of the HarmonyOS operating system is related to deficiencies in access control. Exploiting this vulnerability could allow attackers to compromise the confidentiality, integrity, and accessibility of protected information...