Lucene search
K
Bdu FstecRecent

90104 matches found

BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the Mattermost instant messaging application, related to insufficient checking of unusual or exceptional states, allows a hacker to trigger a service failure.

The vulnerability of the Mattermost instant messaging application is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service failures...

6.8CVSS5.8AI score0.00277EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the IPX image optimizer developed by Sharp and SVGO lies in the improper restriction on the path name to the restricted directory. This allows attackers to bypass security restrictions and gain unauthorized access to protected information.

The vulnerability of the IPX image optimizer developed by Sharp and SVGO is related to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability can allow a malicious actor to bypass security restrictions and gain unauthorized access to protected...

7.5CVSS5.8AI score0.0064EPSS
Exploits1References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the Mocca Calendar application lies in the improperly encrypted color and text fields in the event modal window, which allows attackers to perform cross-site scripting attacks.

The vulnerability of the Mocca Calendar application exists because the background and text colors in the event details panel are not properly encrypted. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...

6.4CVSS5.7AI score0.00228EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the SM2 Handler component in the C++ Botan cryptographic library allows a hacker to trigger a service failure and disclose confidential information.

The vulnerability of the SM2 Handler component in the C++ Botan cryptographic library is related to reading data beyond the permitted range of memory. Exploiting this vulnerability can allow an attacker to cause service failures and disclose confidential information...

8.5CVSS5.8AI score0.00278EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the AMF function in the src/amf/ngap-handler.c script, a tool for creating and managing NR/LTE Open5GS mobile networks, allows a attacker to cause a service failure.

The vulnerability of the AMF function in the src/amf/ngap-handler.c script, a tool for creating and managing NR/LTE Open5GS mobile networks, is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to cause service interruptions...

7.5CVSS5.8AI score0.00419EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the npm library Color-Name relates to the presence of undeclared functions, allowing a hacker to execute arbitrary code.

The vulnerability of the npm library Color-Name is related to the presence of undeclared functions. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.5CVSS6.4AI score0.00473EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the moodle-mod_customcert plugin in the virtual learning environment Moodle, which allows a intruder to gain unauthorized access to protected information

The vulnerability of the moodle-modcustomcert plugin in the virtual learning environment Moodle relates to bypassing authentication using a key controlled by the user. Exploiting this vulnerability could allow an intruder, operating remotely, to gain unauthorized access to protected information...

9.6CVSS5.8AI score0.00168EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the setVpnAccountCfg() function in the cgi-bin/cstecgi.cgi script of the TOTOLINK A7100RU router’s software allows a hacker to execute arbitrary commands.

The vulnerability of the setVpnAccountCfg function in the cgi-bin/cstecgi.cgi script of the TOTOLINK A7100RU router’s microprogramming software is related to the failure to take measures to neutralize special elements. Exploiting this vulnerability could allow a remote attacker to execute arbitra...

10CVSS7.6AI score0.02981EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the Linux operating system’s kernel security module, AppArmor, allows a hacker to compromise the integrity and accessibility of protected information.

The vulnerability of the Linux operating system’s kernel security module, AppArmor, is related to coding errors. Exploiting this vulnerability could allow an attacker to compromise the integrity and accessibility of the protected information...

6.3CVSS5.8AI score0.00177EPSS
Exploits0References11Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the software for deploying and executing AI models with NVIDIA Triton Inference Server (previously known as TensorRT Inference Server) involves uncontrolled memory consumption, which allows a malicious actor to cause service failures.

The vulnerability of the software for deploying and executing NVIDIA Triton Inference Server previously known as TensorRT Inference Server is related to uncontrolled memory consumption. Exploiting this vulnerability can allow a malicious actor, operating remotely, to trigger a service failure...

7.8CVSS5.8AI score0.00405EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.2 views

The vulnerability of the formSetMACFilter() function in TRENDnet TEW-432BRP router software allows a hacker to execute arbitrary code.

The vulnerability of the formSetMACFilter function in TRENDnet TEW-432BRP router software lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

9CVSS6.4AI score0.00472EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability in the software for downloading pyLoad files arises from incorrect path restrictions for the restricted access directory. This allows attackers to elevate their privileges and execute code as the root user.

The vulnerability of the software for downloading pyLoad files is related to incorrect restrictions on the path to the restricted directory. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute code as the root user...

10CVSS5.9AI score0.01141EPSS
Exploits1References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.2 views

The vulnerability of the TOML parser in JavaScript, related to uncontrolled changes to prototype attributes, allows attackers to execute “prototype pollution” attacks.

The vulnerability of the TOML parser relates to uncontrolled changes to object prototype attributes. Exploiting this vulnerability could allow a remote attacker to execute a “prototype pollution” attack...

7.5CVSS5.9AI score0.00476EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the OpenShift AI platform, related to insufficient spatial partitioning, allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the OpenShift AI platform for developing artificial intelligence models is related to insufficient spatial partitioning. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality and integrity of the protected information...

8.5CVSS7.1AI score0.00383EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the notification handler of the Instant Messaging application Mattermost, which allows a violator to cause a service failure

The vulnerability of the notification handler in the Mattermost instant messaging application is related to synchronization errors when using a shared resource “Race Situation”. Exploiting this vulnerability could allow a malicious actor to cause a service failure...

6.8CVSS5.8AI score0.00172EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the Mattermost instant messaging application, related to uncontrolled resource consumption, allows a hacker to cause a service failure.

The vulnerability of the Mattermost instant messaging application is related to an uncontrolled resource consumption due to the processing of large HTTP requests. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

7.8CVSS5.8AI score0.00254EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the API request handler of the Mattermost instant messaging application allows a attacker to trigger a service failure.

The vulnerability of the API request handler for Mattermost instant messaging applications is related to improper validation of the specified data type. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

4.3CVSS5.7AI score0.0025EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of tools for storing and delivering content from containers – related to insufficient validation of requests on the server side – allows attackers to execute SSRF attacks.

The vulnerability of the storage and content delivery tools for containers like Distribution is related to insufficient validation of requests at the server side. Exploiting this vulnerability could allow a malicious actor to perform a SSRF attack remotely...

7.8CVSS5.7AI score0.00274EPSS
Exploits1References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the formResetStatistic() function in TRENDnet TEW-432BRP router software allows a hacker to execute arbitrary code.

The vulnerability of the formResetStatistic function in TRENDnet TEW-432BRP router software lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

9CVSS6.4AI score0.00472EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the formSetPassword() function in TRENDnet TEW-432BRP router software allows a hacker to execute arbitrary code.

The vulnerability of the formSetPassword function in TRENDnet TEW-432BRP router software lies in the fact that the operation’s output goes beyond the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

9CVSS6.2AI score0.00472EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the formPortFw() function in TRENDnet TEW-432BRP router’s microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the formPortFw function in TRENDnet TEW-432BRP router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS6.4AI score0.00463EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the Real Estate Property Management System allows a perpetrator to gain unauthorized access to protected information and execute arbitrary codes.

The vulnerability of the Real Estate Property Management System is related to the failure to take measures to neutralize certain elements. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information and execute arbitrary codes...

4CVSS6AI score0.00313EPSS
Exploits1References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the automation application and the Conda-build package for distributing Python packages, related to errors in inherited permissions, allows a perpetrator to trigger a “Race Situation” and execute arbitrary code.

The vulnerability of the automation application and the Conda-build package distribution in Python is related to errors in inherited permissions. Exploiting this vulnerability could allow a perpetrator to trigger a “race condition” and execute arbitrary code...

8CVSS6AI score0.0014EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the Java framework JUnit, related to the storage of critical information in an open manner, allows attackers to exploit their privileges.

The vulnerability of the Java framework JUnit is related to the storage of critical information in an open manner. Exploiting this vulnerability can allow attackers to enhance their privileges...

6.2CVSS5.8AI score0.00099EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the npm library Color-Convert, related to the presence of undeclared functions, allows a hacker to execute arbitrary code.

The vulnerability of the npm library Color-Convert is related to the presence of undeclared capabilities. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.5CVSS6.1AI score0.00378EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the PX4 Autopilot system, which involves copying buffers without checking the size of the input data, allows a intruder to trigger a service failure.

The vulnerability of the missionblock.cpp component in the PX4 Autopilot system management software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a hacker to cause a service failure...

4.4CVSS5.8AI score0.00256EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the software for automating browser processes in Skyvern lies in the lack of measures to neutralize special elements in the template creation mechanism. This allows a perpetrator to execute arbitrary code.

The vulnerability of the software for automating browser processes in Skyvern is related to the lack of measures taken to neutralize special elements in the template creation mechanism. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.5CVSS6.1AI score0.13746EPSS
Exploits6References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the nossrf software lies in its insufficiently checked incoming requests, which allows a perpetrator to execute an SSRF attack.

The vulnerability of the nossrf software is related to insufficient testing of incoming requests. Exploiting this vulnerability allows a remote attacker to execute an SSRF attack...

8.5CVSS5.9AI score0.00365EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the setWizardCfg() function in the cgi-bin/cstecgi.cgi script of the TOTOLINK A7100RU router’s software allows a hacker to execute arbitrary commands.

The vulnerability of the setWizardCfg function in the cgi-bin/cstecgi.cgi script of the TOTOLINK A7100RU router’s microprogramming software is related to the lack of measures taken to clean up data at the control level. Exploiting this vulnerability could allow a remote attacker to execute...

10CVSS7.6AI score0.01823EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the setAppEasyWizardConfig() function in the TOTOLink A800R router’s microprogramming software allows a hacker to execute arbitrary code or cause service failure.

The vulnerability of the setAppEasyWizardConfig function in the TOTOLink A800R router’s microprogramming software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause service failures...

9CVSS7.6AI score0.00472EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of NVIDIA NeMo’s integrated platform for training and applying neural networks in speech processing and natural language processing lies in its ability to restore unreliable data in memory. This allows attackers to execute arbitrary code, gain unauthorized access to protected information, and replace data.

The vulnerability of NVIDIA NeMo’s integrated platform for training and applying neural networks in speech processing and natural language processing is related to the recovery of unreliable data in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code, gain...

7.8CVSS6.1AI score0.00641EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the training library for NVIDIA Megatron-LM, related to the restoration of unreliable data in memory, allows attackers to execute arbitrary code, gain unauthorized access to protected information, and replace data.

The vulnerability of the NVIDIA Megatron-LM training library relates to the restoration of unreliable data in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code, gain elevated privileges, obtain unauthorized access to protected information, and replace data using ...

7.8CVSS6.1AI score0.00208EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.2 views

The vulnerability of the formSetEnableWizard() function in TRENDnet TEW-432BRP router software allows a hacker to execute arbitrary code.

The vulnerability of the formSetEnableWizard function in TRENDnet TEW-432BRP router software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

9CVSS6.4AI score0.00472EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the qfq_reset_qdisc() function in the net/sched/sch_qfq.c module of the network scheduling subsystem of the Linux operating system allows a attacker to cause a service failure.

The vulnerability of the qfqresetqdisc function in the net/sched/schqfq.c module, within the net/sched subsystem of the Linux operating system’s kernel, is related to the dereferencing of a NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS5.8AI score0.00118EPSS
Exploits0References10Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the cifs_get_spnego_key() function in the cifs.upcall tool of the cifs-utils package in Linux kernel allows a attacker to elevate their privileges to root and execute arbitrary code.

The vulnerability of the cifsgetspnegokey function in the cifs.upcall tool of the cifs-utils package in Linux kernel systems is related to the lack of authentication for the critical function. Exploiting this vulnerability can allow an attacker to elevate their privileges to root and execute...

8.8CVSS6AI score0.00353EPSS
Exploits4References20Affected Software12
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the verify_dfa() function in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the verifydfa function in the Linux operating system’s kernel involves reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

7.8CVSS5.9AI score0.00181EPSS
Exploits0References10Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.2 views

The vulnerability of the Linux operating system’s kernel security module, AppArmor, allows a hacker to trigger a service failure.

The vulnerability of the Linux operating system’s kernel security module, AppArmor, arises due to a race condition. Exploiting this vulnerability can allow an attacker to trigger a service failure...

7.8CVSS5.8AI score0.00145EPSS
Exploits0References11Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the Linux operating system’s kernel security module, AppArmor, allows a hacker to trigger a service failure.

The vulnerability of the Linux operating system’s kernel security module, AppArmor, arises from a race condition. Exploiting this vulnerability can allow an attacker to trigger a service failure...

7.8CVSS5.8AI score0.00141EPSS
Exploits0References11Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the isVMLowLevelOptionForbidden() function in the LXD container management system allows a attacker to elevate their privileges.

The vulnerability of the isVMLowLevelOptionForbidden function in the LXD container management system is related to the use of an incomplete blacklist when processing input data. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

9.1CVSS5.7AI score0.00363EPSS
Exploits0References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the LXD container management system, which stems from insufficient validation of input data, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the LXD container management system is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

9.1CVSS5.8AI score0.00424EPSS
Exploits1References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the doCertificateUpdate() function in the LXD container management system allows a attacker to escalate their privileges.

The vulnerability of the doCertificateUpdate function in the LXD container management system is related to insufficient control over the modification of dynamically defined object properties. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...

9.1CVSS5.7AI score0.00274EPSS
Exploits1References6Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.2 views

The vulnerability of the JavaScript-based Thymeleaf framework lies in the lack of measures taken to neutralize special elements used in the expression language. This allows attackers to execute Server Side Template Injection (SSTI) attacks.

The vulnerability of the JavaScript-based Thymeleaf framework is related to the lack of measures taken to neutralize special elements used in the expression language operator. Exploiting this vulnerability can allow a remote attacker to execute a Server Side Template Injection SSTI attack...

9CVSS5.9AI score0.00427EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.1 views

The vulnerability of the TLS protocol implementation in the IBM HTTP Server allows a perpetrator to execute arbitrary code or cause a service failure.

The vulnerability of the TLS protocol implementation in the IBM HTTP Server is related to incorrect code generation practices. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause service failures...

8.1CVSS6.2AI score0.00456EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.1 views

The vulnerability of the authorization mechanism for performers of artificial intelligence workflow runners on a Git-based software platform for collaborative code development on GitLab allows a perpetrator to compromise the confidentiality and integrity of the protected information.

The vulnerability of the authorization mechanism for performers of artificial intelligence AI workflow runners on a Git-based software platform for collaborative code development on GitLab relates to bypassing authorization by using a user-controlled key. Exploiting this vulnerability could allow...

8.2CVSS5.8AI score0.00341EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.1 views

The vulnerability of the formPing6() function in the Boa microprogramming software-based router Tenda HG9 HTTP server allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the formPing6 function on the Boa microprogrammed software-based Tenda HG9 router’s HTTP server is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure...

9CVSS8AI score0.02605EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.1 views

The vulnerability of the sub_453140() function in D-Link DWR-M960 router microprogramming software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the sub453140 function in D-Link DWR-M960 router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause malfunctions in the device...

9CVSS8AI score0.00728EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.1 views

The vulnerability of the setTelnetCfg() function (/cgi-bin/cstecgi.cgi) in the TOTOLINK A7100RU router’s microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the setTelnetCfg function /cgi-bin/cstecgi.cgi of the TOTOLINK A7100RU router’s microprogramming software is related to the failure to take measures to neutralize special elements used in the operating system’s command for handling the telnetenabled parameter. Exploiting this...

10CVSS7.6AI score0.01803EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.1 views

The vulnerability of the fromP2pListFilter() function (/goform/P2pListFilter) in the Tenda F451 router software allows a hacker to execute arbitrary code or cause service failures.

The vulnerability of the fromP2pListFilter function /goform/P2pListFilter in the Tenda F451 router software relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or cause service failures...

9CVSS7.9AI score0.00511EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.1 views

The vulnerability of the formWrlExtraSet() function in the httpd daemon of the Tenda F456 microprogramming router allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the formWrlExtraSet function in the httpd daemon of the Tenda F456 microprogramming router lies in the fact that the operation escapes the buffer boundaries in memory when processing the GO parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

9CVSS7.9AI score0.00619EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.1 views

The vulnerability of the drm/i915/gem component of the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the drm/i915/gem component of the Linux operating system is related to pointer arithmetic errors. Exploiting this vulnerability could allow a hacker to cause a service failure...

5.5CVSS6AI score0.00121EPSS
Exploits0References12Affected Software2
Total number of security vulnerabilities90104