Lucene search
K
Bdu FstecRecent

90104 matches found

BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability in the Open WebUI web interface, related to bypassing authentication using a user-controlled key, allows attackers to gain unauthorized access to protected information.

The vulnerability in the Open WebUI web interface relates to bypassing authentication using a user-controlled key during the processing of the final endpoint /api/v1/notes/noteid. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

6.8CVSS5.8AI score0.00277EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.5CVSS6.6AI score0.00375EPSS
Exploits0References10Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the microprogrammed network device products WildFire WF-500 and WildFire WF-500-B lies in improper external control of file names or file paths, allowing an intruder to gain access to read, modify, or delete files.

The vulnerability of the microprogrammed network device products WildFire WF-500 and WildFire WF-500-B lies in improper external control of the file name or file path. Exploiting this vulnerability can allow an attacker to gain read, modify, or delete access to files...

7.5CVSS5.8AI score0.00278EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the Chromoting remote administration tool, which operates on Google Chrome and Microsoft Edge browsers, allows a hacker to execute arbitrary code.

The vulnerability of the Chromoting remote administration tool for Google Chrome and Microsoft Edge lies in the ability to exploit memory after it is freed. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

10CVSS6.1AI score0.00309EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the arp_create() function in the net/ipv4/arp.c module of the Linux operating system’s IPv4 protocol implementation allows a attacker to cause a service failure.

The vulnerability of the arpcreate function in the net/ipv4/arp.c module of the Linux kernel’s IPv4 protocol implementation is related to the dereferencing of a pointer with an expired validity period. Exploiting this vulnerability could allow an attacker to cause a service failure...

7.8CVSS5.8AI score0.00123EPSS
Exploits0References16Affected Software6
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.2 views

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to execute arbitrary code.

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers relates to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

10CVSS6.1AI score0.00296EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.2 views

The vulnerability of the ANGLE library in Google Chrome and Microsoft Edge browsers allows a hacker to induce a service failure.

The vulnerability of the ANGLE library in Google Chrome and Microsoft Edge relates to external control over a web parameter that is assumed to be immutable. Exploiting this vulnerability could allow an attacker to cause service interruptions...

10CVSS5.7AI score0.00224EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the formWrlExtraSet() function in the Tenda F1202 router’s microprogramming software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the formWrlExtraSet function in the Tenda F1202 router’s microprogramming software is related to the issue of the operation exceeding the buffer boundaries in memory when processing the GO parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

9CVSS7.9AI score0.00579EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the SVG object processing mechanism in Google Chrome and Microsoft Edge browsers allows attackers to execute arbitrary code.

The vulnerability of the SVG object processing mechanism in Google Chrome and Microsoft Edge lies in the possibility of using memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS6.1AI score0.00267EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the Media components in Google Chrome and Microsoft Edge browsers on Android operating systems allows attackers to bypass the sandboxing protection mechanisms.

The vulnerability of the Media component in Google Chrome and Microsoft Edge browsers on Android operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to bypass the sandboxing protection mechanisms...

8.3CVSS5.8AI score0.0022EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the DOM components in Google Chrome and Microsoft Edge allows a hacker to execute arbitrary code.

The vulnerability of the DOM components in Google Chrome and Microsoft Edge relates to the possibility of using memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS6.1AI score0.00267EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the Popup Blocker extension in Google Chrome and Microsoft Edge browsers allows a hacker to bypass existing security mechanisms.

The vulnerability of the Popup Blocker extension in Google Chrome and Microsoft Edge is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to bypass existing security measures remotely...

4.2CVSS5.7AI score0.0017EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the Speech component in Google Chrome and Microsoft Edge browsers allows attackers to perform spoofing attacks.

The vulnerability of the Speech component in Google Chrome and Microsoft Edge is related to information representation errors in the user interface. Exploiting this vulnerability can allow attackers to perform spoofing attacks remotely...

6.4CVSS5.7AI score0.0019EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.2 views

Vulnerability of the gdi_CacheToSurface() function in the RDP client FreeRDP, allowing a hacker to execute arbitrary code and cause service failure

The vulnerability of the gdiCacheToSurface function in the RDP client FreeRDP is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause a service failure by sending specially crafted RDPGFX packets...

10CVSS6.5AI score0.00808EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of Microsoft 365 Copilot’s intelligent virtual assistant in operating systems like iOS, related to the lack of measures for cleaning incoming data, allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of Microsoft 365 Copilot’s intelligent virtual assistant in operating systems like iOS stems from the lack of measures for cleaning incoming data. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality and integrity of the protected informati...

9.4CVSS5.8AI score0.0042EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the Trend Micro Apex One antivirus software agent allows a hacker to increase their privileges.

The vulnerability of the Trend Micro Apex One antivirus software agent is related to a data source verification error. Exploiting this vulnerability can allow attackers to increase their privileges...

7.8CVSS5.8AI score0.00213EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the Trend Micro Apex One antivirus software agent allows a hacker to increase their privileges.

The vulnerability of the Trend Micro Apex One antivirus software agent is related to a data source verification error. Exploiting this vulnerability can allow attackers to increase their privileges...

7.8CVSS5.8AI score0.00213EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the Hyper-converged Infrastructure of Microsoft Azure Stack (HCI), which stems from insufficient validation of input data, allows attackers to disclose protected information.

The vulnerability of the Hyper-converged Infrastructure of Microsoft Azure Stack HCI is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

7.7CVSS5.7AI score0.00579EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability in the Open WebUI web interface allows attackers to perform cross-site scripting attacks (XSS).

The vulnerability in the Open WebUI web interface is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

7.7CVSS5.6AI score0.00217EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the IKEv2 protocol implementation in the PAN-OS operating system allows a perpetrator to escalate their privileges, execute arbitrary code, or cause a service failure.

The vulnerability of the IKEv2 protocol implementation in the PAN-OS operating system is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow a malicious actor to enhance their privileges, execute arbitrary code, or cause service failures...

9CVSS6.3AI score0.0031EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the ANGLE library in Google Chrome and Microsoft Edge browsers allows a hacker to bypass the sandboxing protection mechanisms.

The vulnerability of the ANGLE library in Google Chrome and Microsoft Edge is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to bypass the sandboxing protection mechanisms...

8.3CVSS6.1AI score0.00227EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the fromPPTPUserSetting() function in the Tenda F1202 router software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the fromPPTPUserSetting function in the Tenda F1202 router’s microprogramming software is related to the issue of the operation going beyond the buffer boundaries in memory when processing the delno parameter. Exploiting this vulnerability allows a remote attacker to execute...

9CVSS7.9AI score0.00579EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the XKMS (XML Key Management Specification) service in the Apache CXF web service framework allows a hacker to gain unauthorized access to protected information.

The vulnerability of the XKMS XML Key Management Specification service in the Apache CXF web service framework is related to the failure to take measures to eliminate special elements in LDAP requests. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized...

10CVSS5.8AI score0.0068EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability in the set of tools for web development, DevTools, available in Google Chrome and Microsoft Edge browsers, allows a hacker to bypass existing security mechanisms.

The vulnerability of the DevTools suite for web development in Google Chrome and Microsoft Edge relates to a data protection mechanism flaw. Exploiting this vulnerability could allow an attacker to bypass existing security measures remotely...

3.1CVSS5.7AI score0.00143EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability in the Sanitizer API of Google Chrome and Microsoft Edge browsers allows a malicious actor to execute XSS attacks.

The vulnerability of the Sanitizer API on Google Chrome and Microsoft Edge browsers is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

6.4CVSS5.7AI score0.00165EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to execute arbitrary code.

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers relates to the possibility of using memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS6.1AI score0.00196EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the NTFS reparse point mechanism in Samba software, which allows a hacker to modify arbitrary files

The vulnerability of the NTFS reparse point mechanism in Samba software is related to access control deficiencies. Exploiting this vulnerability allows a remote attacker to modify arbitrary files...

7.5CVSS6AI score0.00862EPSS
Exploits0References7Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the Google Chrome and Microsoft Edge browsers’ mobile components in iOS operating systems allows a hacker to execute arbitrary code.

The vulnerability of Google Chrome and Microsoft Edge web browsers on iOS operating systems relates to the ability to utilize memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

7.6CVSS6.1AI score0.00308EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the WINS-server software Samba, which allows a hacker to trigger a service failure

The vulnerability of the WINS-server software Samba is related to pointer aliasing. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

7.8CVSS5.7AI score0.02669EPSS
Exploits0References4Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the software for working with DAEMON Tools Lite images stems from the presence of dangerous, undeclared features, which allow a hacker to bypass existing security restrictions.

The vulnerability of the software for working with DAEMON Tools Lite discs is related to the presence of dangerous, undeclared features. Exploiting this vulnerability can allow a remote attacker to bypass existing security restrictions...

10CVSS6.1AI score0.01456EPSS
Exploits1References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the learning platform IQ SCHOOL, related to insufficient verification of input data, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the learning platform IQ SCHOOL is related to insufficient verification of input data. Exploiting this vulnerability could allow an unauthorized attacker to gain unauthorized access to protected information...

7.7CVSS5.8AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the Trend Micro Apex One antivirus software agent allows a hacker to increase their privileges.

The vulnerability of the Trend Micro Apex One antivirus software agent is related to a data source verification error. Exploiting this vulnerability can allow attackers to increase their privileges...

7.8CVSS5.8AI score0.00246EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability in the Audio/Video components of Mozilla Firefox, Firefox ESR, and the email client Thunderbird allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Audio/Video components in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

7.8CVSS6.1AI score0.00323EPSS
Exploits0References12Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to reading data beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird lies in the reading of data beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.1CVSS6.2AI score0.00384EPSS
Exploits0References12Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the ANGLE library in Google Chrome and Microsoft Edge browsers on macOS operating systems allows a hacker to execute arbitrary code.

The vulnerability of the ANGLE library in Google Chrome and Microsoft Edge browsers on MacOS operating systems is related to the possibility of using memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS6.1AI score0.00267EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to execute arbitrary code.

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers relates to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

10CVSS6.1AI score0.00344EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the ServiceWorker interface in Google Chrome and Microsoft Edge browsers allows a hacker to bypass existing security mechanisms.

The vulnerability of the ServiceWorker interface in Google Chrome and Microsoft Edge is related to a breach of data protection mechanisms. Exploiting this vulnerability could allow an attacker to bypass existing security measures remotely...

3.1CVSS5.7AI score0.00187EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to induce a service failure.

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers is related to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

5CVSS5.8AI score0.00193EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the Persistent Cache component in Google Chrome and Microsoft Edge browsers allows attackers to bypass existing security mechanisms.

The vulnerability of the Persistent Cache component in Google Chrome and Microsoft Edge is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to bypass existing security measures...

3.1CVSS5.8AI score0.002EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.2 views

The vulnerability of the Cross-Origin-Opener-Policy (COOP) function in Google Chrome and Microsoft Edge allows a perpetrator to bypass existing security mechanisms.

The vulnerability of the Cross-Origin-Opener-Policy COOP function in Google Chrome and Microsoft Edge is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to bypass existing security mechanisms...

3.1CVSS5.8AI score0.002EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the vfs_worm module in Samba software allows a hacker to modify any arbitrary files.

The vulnerability of the vfsworm module in Samba software is related to improper handling of insufficient permissions or privileges. Exploiting this vulnerability allows a remote attacker to modify arbitrary files...

7.5CVSS6AI score0.00904EPSS
Exploits0References6Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the Trend Micro Apex One antivirus software agent allows a hacker to increase their privileges.

The vulnerability of the Trend Micro Apex One antivirus software agent is related to synchronization errors when using a shared resource “Race Situation”. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS5.8AI score0.003EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the Trend Micro Apex One antivirus software agent allows a hacker to increase their privileges.

The vulnerability of the Trend Micro Apex One antivirus software agent is related to a data source verification error. Exploiting this vulnerability can allow attackers to increase their privileges...

7.8CVSS5.8AI score0.00213EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the validate_url() function in the Open WebUI AI-based web interface allows a attacker to perform an SSRF attack.

The vulnerability of the validateurl function in the Open WebUI AI-based web interface is related to insufficient validation of requests at the server side. Exploiting this vulnerability could allow a malicious actor to perform an SSRF attack remotely...

8.5CVSS5.7AI score0.00292EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the LDAP and OAuth web interface implementation based on Open WebUI allows a perpetrator to escalate their privileges and gain unauthorized access to protected information.

The vulnerability of LDAP and OAuth web interfaces based on artificial intelligence Open WebUI is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to increase their privileges and gain unauthorized access to protected information...

8.1CVSS5.8AI score0.00354EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the RoundCube Webmail email client lies in the lack of validation for incoming requests, allowing attackers to delete any files they desire.

The vulnerability of the RoundCube Webmail email client is related to the lack of validation for incoming requests. Exploiting this vulnerability could allow a malicious actor to delete any files at will...

3.7CVSS5.8AI score0.00433EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the RoundCube Webmail email client lies in the lack of validation for incoming requests, which allows attackers to disclose protected information or bypass existing security mechanisms.

The vulnerability of the RoundCube Webmail email client is related to the lack of validation during the processing of incoming requests. Exploiting this vulnerability can allow an attacker to disclose sensitive information or bypass existing security mechanisms...

6.5CVSS5.7AI score0.00339EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the RoundCube Webmail email client lies in the lack of validation for incoming requests, which allows attackers to disclose protected information or enhance their privileges.

The vulnerability of the RoundCube Webmail email client is related to the lack of validation for incoming requests. Exploiting this vulnerability can allow an attacker to disclose protected information or enhance their privileges...

6.5CVSS5.7AI score0.00315EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the LDAP protocol implementation in the RoundCube Webmail client allows a hacker to execute arbitrary code.

The vulnerability of the RoundCube Webmail client LDAP implementation is related to the improper handling of control flows. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

7.5CVSS6AI score0.00414EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/28 12:0 a.m.1 views

The vulnerability of the preg_replace() function in the RoundCube Webmail email client allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the pregreplace function in the RoundCube Webmail email client is related to the lack of security measures for handling SQL query structures. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

7.5CVSS5.8AI score0.00764EPSS
Exploits0References6Affected Software1
Total number of security vulnerabilities90104