90104 matches found
The vulnerability of the fromGstDhcpSetSer() function in the httpd daemon’s microprogramming software for Tenda F456 allows a attacker to execute arbitrary code or cause a service failure.
The vulnerability of the fromGstDhcpSetSer function in the httpd daemon’s microprogramming-based router software Tenda F456 is related to the issue where operations are performed outside of the buffer in memory when processing the dips parameter. Exploiting this vulnerability allows a remote...
The vulnerability of the iommu/mediatek component in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the iommu/mediatek component in the Linux operating system’s kernel is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from deficiencies in the authentication process, which allows unauthorized users to gain unauthorized access to protected information.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the IBM HTTP Server web server, related to improper code generation management, allows attackers to execute arbitrary code or cause service failures.
The vulnerability of the IBM HTTP Server is related to incorrect code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause service interruptions...
The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to authentication errors, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to authentication errors. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the formPing() function on Boa HTTP-servers of Tenda HG9 microprogrammed routing software allows attackers to execute arbitrary code or cause service failures.
The vulnerability of the formPing function on Boa microprogrammed software-based Tenda HG9 routers stems from the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure...
The vulnerability of the Boa HTTP-server microprogramming software-based routers from Tenda HG9 allows attackers to execute arbitrary code or cause service failures.
The vulnerability of the Boa HTTP-server microprogrammed routing software from Tenda HG9 involves the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure...
The vulnerability of the sub_4237AC() function in D-Link DWR-M960 router microprogramming software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the sub4237AC function in D-Link DWR-M960 router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause malfunctions in the device...
The vulnerability of the setMiniuiHomeInfoShow() function (/cgi-bin/cstecgi.cgi) in the TOTOLINK A7100RU router’s microprogramming software allows a perpetrator to execute arbitrary commands.
The vulnerability of the setMiniuiHomeInfoShow function /cgi-bin/cstecgi.cgi of the TOTOLINK A7100RU router’s microprogramming software is related to the lack of measures taken to neutralize special elements used in the operating system’s processing of the laninfo parameter. Exploiting this...
The vulnerability of the setAdvancedInfoShow() function (/cgi-bin/cstecgi.cgi) in the TOTOLINK A7100RU router’s microprogramming software allows a hacker to execute arbitrary commands.
The vulnerability of the setAdvancedInfoShow function /cgi-bin/cstecgi.cgi of the TOTOLINK A7100RU router’s microprogramming software is related to the failure to take measures to neutralize special elements used in the operating system’s command for processing the parameter ttyserver. Exploiting...
The vulnerability of the formWrlExtraSet() function (/goform/WrlExtraSet) in the Tenda F451 router software allows a attacker to execute arbitrary code or cause service interruptions.
The vulnerability of the formWrlExtraSet function /goform/WrlExtraSet of the Tenda F451 router software lies in the fact that the operation’s output goes beyond the buffer in memory when processing the GO parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary code ...
The vulnerability of the powerpc/kexec component in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the powerpc/kexec component in the Linux operating system is related to the lack of initialization for resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to the distribution of resources without any restrictions or regulations, allows a violator to trigger a service failure.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the distribution of resources without any restrictions or regulations. Exploiting this vulnerability allows a malicious actor to cause service interruptions remotely...
The vulnerability of the bit_read_RC() function in the Dwgbmp Utility component, a library for processing DWG format files in LibreDWG, allows a hacker to cause a service failure.
The vulnerability of the bitreadRC function in the Dwgbmp Utility component, a library for processing DWG format files in the LibreDWG library, is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause service...
The vulnerability of the mod_mem_cache module in the IBM HTTP Server allows a hacker to cause a service failure.
The vulnerability of the modmemcache module in the IBM HTTP Server relates to the pointer being set to expired. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the Duo Workflows API interface of the software platform based on git for collaborative code development on GitLab EE allows a perpetrator to circumvent existing security restrictions.
The vulnerability of the Duo Workflows API interface of the software platform based on git for collaborative code development in GitLab EE is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to circumvent existing security...
The vulnerability of the process-interaction mechanism of the text editor Notepad++, which allows a hacker to trigger a service failure.
The vulnerability of the process-interaction mechanism of the text editor Notepad++ is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the shortcuts.xml configuration file of the text editor Notepad++ allows a hacker to execute arbitrary code.
The vulnerability of the shortcuts.xml configuration file of the text editor Notepad++ is related to the failure to remove special elements. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the setWiFiGuestCfg() function (/cgi-bin/cstecgi.cgi) in the TOTOLINK A7100RU router’s microprogramming software allows a attacker to execute arbitrary commands.
The vulnerability of the setWiFiGuestCfg function /cgi-bin/cstecgi.cgi of the TOTOLINK A7100RU router software is related to the failure to take measures to neutralize special elements used in the operating system’s processing of the wifiOff parameter. Exploiting this vulnerability allows a remot...
The vulnerability in the net/mptcp/subflow.c component of the Linux operating system allows a attacker to cause a service failure.
The vulnerability of the net/mptcp/subflow.c component in the Linux operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Merge() function in the Gogs automated Git repository creation tool allows a hacker to execute arbitrary code.
The vulnerability of the Merge function in the Gogs self-managed Git repository creation tool is related to the insertion or modification of arguments. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code by sending a specially crafted request...
The vulnerability of the config.xml configuration file of the Notepad++ text editor allows a hacker to execute arbitrary code.
The vulnerability of the config.xml configuration file of the text editor Notepad++ is related to the lack of measures taken to eliminate special elements during the processing of the commandLineInterpreter parameter. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the sub_425A28() function (/goform/DelFil) of the Tenda 4G300 router’s microprogramming software allows a attacker to execute arbitrary commands.
The vulnerability of the sub425A28 function /goform/DelFil of the Tenda 4G300 router’s microprogramming system is related to the lack of measures taken to neutralize special elements during the processing of the delflag parameter. Exploiting this vulnerability allows a remote attacker to execute...
The vulnerability of the dcmqrdb/libsrc/dcmqrdbi.cc component, a library for working with DICOM format data, allows attackers to cause service interruptions.
The vulnerability of the dcmqrdb/libsrc/dcmqrdbi.cc component, which is part of the DICOM processing library, is related to errors during resource release. Exploiting this vulnerability could allow an attacker to cause service failures...
The vulnerability of the netfilter component in the Linux operating system’s kernel, which leads to uncontrolled resource consumption, allows a hacker to cause a service failure.
The vulnerability of the netfilter component in the Linux operating system’s kernel is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the `DcmByteString::makeDicomByteString` function in the `dcmdata/libsrc/dcbytstr.cc` library, which is used for working with DICOM format files. This vulnerability allows an attacker to cause a service failure.
The vulnerability of the DcmByteString::makeDicomByteString function in the dcmdata/libsrc/dcbytstr.cc library, which is used for working with DICOM format data, relates to the issue of the operation being executed outside of the buffer’s memory boundaries. Exploiting this vulnerability could all...
The vulnerability of the access control model for the container registry in the Git repository management system Gitea allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the access control model for the container registry in the Git repository management system Gitea is related to the lack of authentication for the critical function. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to...
The vulnerability of the IBM HTTP Server, related to the swapping of an untrusted pointer, allows a attacker to disclose sensitive information or cause service failures.
The vulnerability of the IBM HTTP Server is related to the misuse of a trusted pointer. Exploiting this vulnerability can allow an attacker to disclose sensitive information or cause service failures...
The vulnerability of the IBM HTTP Server web server, related to uncontrolled resource consumption, allows attackers to cause service interruptions.
The vulnerability of the IBM HTTP Server is related to an uncontrolled consumption of resources. Exploiting this vulnerability could allow a attacker to cause service interruptions...
The vulnerability of the sub_4151FC() function in the embedded web server of the D-Link DIR-825M router’s software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the sub4151FC function in the embedded web server of the D-Link DIR-825M router’s software is related to the copying of buffer data without checking the size of the input data during the processing of the submit-url parameter. Exploiting this vulnerability allows an attacker ...
The vulnerability of the sub_414BA8() function in the embedded web server of the D-Link DIR-825M router’s software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the sub414BA8 function in the embedded web server of the D-Link DIR-825M router’s software is related to the copying of buffer data without checking the size of the input data during the processing of the submit-url parameter. Exploiting this vulnerability allows an attacker ...
The vulnerability of the sub_462590() function in D-Link DWR-M960 router microprogramming software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the sub462590 function in D-Link DWR-M960 router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure...
The vulnerability of the setLoginPasswordCfg() function (/cgi-bin/cstecgi.cgi) in the TOTOLINK A7100RU router’s software allows a hacker to execute arbitrary commands.
The vulnerability of the setLoginPasswordCfg function /cgi-bin/cstecgi.cgi of the TOTOLINK A7100RU router software is related to the failure to take measures to neutralize special elements used in the operating system’s processing of the admpass parameter. Exploiting this vulnerability allows a...
The vulnerability of the fromSafeEmailFilter() function (/goform/SafeEmailFilter) in the Tenda F451 router software allows a hacker to execute arbitrary code or cause service failures.
The vulnerability of the fromSafeEmailFilter function /goform/SafeEmailFilter in the Tenda F451 router software lies in the issue of the operation being executed outside the buffer in memory when processing the page parameter. Exploiting this vulnerability allows a malicious actor to execute...
The vulnerability of the formWlanSetup() function in Tenda HG9 router software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the formWlanSetup function in the Tenda HG9 router’s microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause a service failure...
The vulnerability of AMD’s microprogramming software lies in the improper isolation of common resources between trusted and untrusted agents, allowing attackers to elevate their privileges.
The vulnerability of AMD’s microprogrammed software lies in the improper isolation of common resources between trusted and untrusted agents. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of the Linux operating system’s kernel SVM component, which allows a hacker to cause a service failure
The vulnerability of the Linux operating system’s kernel SVM component is related to insufficient checks on the state of shared resources. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of the golang.org/x/crypto/ssh library for the Go programming language, which allows a hacker to trigger a denial-of-service attack.
The vulnerability of the golang.org/x/crypto/ssh library for the Go programming language is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...
The vulnerability of the ath11k_wmi_send_peer_assoc_cmd() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the ath11kwmisendpeerassoccmd function in the Linux operating system is related to a lack of data type conversion mechanisms. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the fromSafeEmailFilter() function in the Tenda F1202 router software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the from SafeEmailFilter function in the Tenda F1202 router software is related to the execution of an operation outside the buffer in memory when processing the page parameter. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause...
The vulnerability of the fromPptpUserAdd() function in the Tenda F1202 router software allows a hacker to execute arbitrary code or cause service failures.
The vulnerability of the fromPptpUserAdd function in the Tenda F1202 router microprogramming system is related to the operation that goes beyond the buffer boundaries in memory when processing the parameters username and opttype. Exploiting this vulnerability allows a remote attacker to execute...
The vulnerability of the fullscreen mode of Google Chrome and Microsoft Edge browsers allows a hacker to bypass the sandboxing protection mechanisms.
The vulnerability of the fullscreen mode of Google Chrome and Microsoft Edge browsers relates to the possibility of using memory after it is freed. Exploiting this vulnerability can allow a remote attacker to bypass the sandboxing protection mechanisms...
Vulnerability of Google Chrome and Microsoft Edge browsers’ CSS components, allowing attackers to execute arbitrary code
The vulnerability of Google Chrome and Microsoft Edge browsers’ CSS components relates to the possibility of using memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of Google Chrome and Microsoft Edge mobile browsers on Android operating systems allows attackers to perform cross-site scripting attacks.
The vulnerability of Google Chrome and Microsoft Edge web browsers on Android operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to perform cross-site scripting attacks...
The vulnerability of the GPO group policy management component of the Samba software, which allows a hacker to bypass existing security restrictions
The vulnerability of the GPO group policy management component of the Samba software is related to insufficient verification of data authenticity. Exploiting this vulnerability can allow an attacker, operating remotely, to circumvent existing security restrictions...
The vulnerability of the Trend Micro Apex One antivirus software agent allows a hacker to increase their privileges.
The vulnerability of the Trend Micro Apex One antivirus software agent is related to a data source verification error. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of Azure Privileged Identity Management, a service for ensuring compatibility with Microsoft Azure Entra ID, allows a perpetrator to increase their privileges.
The vulnerability of Azure Privileged Identity Management, a service for ensuring compatibility between Microsoft Azure Entra IDs, involves bypassing authentication using a user-controlled key. Exploiting this vulnerability could allow an attacker to increase their privileges remotely...
The vulnerability of the `insert_new_feedback()` function in the Open WebUI AI-based web interface allows a violator to gain access to and modify data.
The vulnerability of the insertnewfeedback function in the Open WebUI AI-based web interface is related to the incorrect order of dictionary merging. Exploiting this vulnerability could allow an attacker to gain read and edit access to data...
The vulnerability of the Open WebUI web interface, related to deficiencies in the authentication process, allows a perpetrator to gain access to read and modify data.
The vulnerability of the Open WebUI web interface is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to gain access to read and modify data remotely...
The vulnerability of the update_message_by_id() function in the Open WebUI AI-based web interface allows a hacker to gain access to read, modify, or delete data.
The vulnerability of the updatemessagebyid function in the Open WebUI AI-based web interface relates to bypassing authentication using a key controlled by the user. Exploiting this vulnerability could allow an attacker to gain access to read, modify, or delete data...