90336 matches found
The vulnerability of the PIM Core Upload module of the PHP software platform pimcore allows a attacker to perform XSS attacks.
The vulnerability of the PIM Core Upload module of the PHP software platform, pimcore, is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
The vulnerability of the Mattermost instant messaging application, related to uncontrolled resource consumption, allows a hacker to cause a service failure.
The vulnerability of the Mattermost instant messaging application is related to an uncontrolled resource consumption due to the processing of large HTTP requests. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the LXD container management system, which stems from insufficient validation of input data, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the LXD container management system is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information...
The vulnerability of the pstrip64.sys driver, a utility for configuring video card and monitor parameters, allows a hacker to modify critical kernel structures or increase their privileges.
The vulnerability of the pstrip64.sys driver, a utility for configuring video card and monitor parameters, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to modify critical kernel structures or increase their privileges...
The vulnerability of the get_dashboard_data() function in the customer support management platform for Frappe Helpdesk allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the getdashboarddata function in the Frappe Helpdesk customer support platform relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the...
The vulnerabilities of SAP HANA Cockpit and SAP HANA Database Explorer tools, related to insufficient protection of registration data, allow attackers to compromise the confidentiality of protected information.
The vulnerability of SAP HANA Cockpit and SAP HANA Database Explorer tools is related to insufficient protection of registration data. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality of the protected information...
The vulnerability of the formPortFw() function in TRENDnet TEW-432BRP router’s microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the formPortFw function in TRENDnet TEW-432BRP router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the ConnectToSynactis method of the ActiveX Synactis PDF In-The-Box control (PDF_IN_1.ocx) allows a attacker to execute arbitrary code.
The vulnerability of the ConnectToSynactis method of the ActiveX Synactis PDF In-The-Box control PDFIN1.ocx is related to the issue of operations going out of the buffer in memory when the code generation is not properly managed. Exploiting this vulnerability could allow a remote attacker to...
The vulnerability of the qfq_reset_qdisc() function in the net/sched/sch_qfq.c module of the network scheduling subsystem of the Linux operating system allows a attacker to cause a service failure.
The vulnerability of the qfqresetqdisc function in the net/sched/schqfq.c module, within the net/sched subsystem of the Linux operating system’s kernel, is related to the dereferencing of a NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the AMF function in the src/amf/ngap-handler.c script, a tool for creating and managing NR/LTE Open5GS mobile networks, allows a attacker to cause a service failure.
The vulnerability of the AMF function in the src/amf/ngap-handler.c script, a tool for creating and managing NR/LTE Open5GS mobile networks, is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to cause service interruptions...
The vulnerability of Delta Electronics’ DIAView SCADA system lies in the incorrect limitation of the path name to the catalog, allowing a intruder to disclose protected information.
The vulnerability of the SCADA system from Delta Electronics’ DIAView relates to incorrect restrictions on the name of the path leading to the catalog. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information about infected Delta Electronics DIAView...
The vulnerability of the formSetEnableWizard() function in TRENDnet TEW-432BRP router software allows a hacker to execute arbitrary code.
The vulnerability of the formSetEnableWizard function in TRENDnet TEW-432BRP router software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the SSH service in the TP-Link Archer C64 router’s microprogramming software allows a attacker to execute a brute-force attack.
The vulnerability of the SSH service in TP-Link Archer C64 software routers involves bypassing authentication by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to execute a brute-force attack remotely...
The vulnerability of the npm library Color-Convert, related to the presence of undeclared functions, allows a hacker to execute arbitrary code.
The vulnerability of the npm library Color-Convert is related to the presence of undeclared capabilities. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability in the mission_block.cpp component of the PX4 Autopilot system allows a intruder to alter the flight path of the aircraft.
The vulnerability of the missionblock.cpp component in the PX4 Autopilot system management software is related to incorrect handling of values. Exploiting this vulnerability could allow an attacker to alter the flight path of the aircraft...
The vulnerability of the PX4 Autopilot system, which involves copying buffers without checking the size of the input data, allows a intruder to trigger a service failure.
The vulnerability of the missionblock.cpp component in the PX4 Autopilot system management software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a hacker to cause a service failure...
The vulnerability of the HTTP GET Request Handler component of the LibreChat artificial intelligence-based platform allows a attacker to perform XSS attacks.
The vulnerability of the HTTP GET Request Handler component of the LibreChat artificial intelligence-based platform is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
The vulnerability of the moodle-mod_customcert plugin in the virtual learning environment Moodle, which allows a intruder to gain unauthorized access to protected information
The vulnerability of the moodle-modcustomcert plugin in the virtual learning environment Moodle relates to bypassing authentication using a key controlled by the user. Exploiting this vulnerability could allow an intruder, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the software for automating browser processes in Skyvern lies in the lack of measures to neutralize special elements in the template creation mechanism. This allows a perpetrator to execute arbitrary code.
The vulnerability of the software for automating browser processes in Skyvern is related to the lack of measures taken to neutralize special elements in the template creation mechanism. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the nossrf software lies in its insufficiently checked incoming requests, which allows a perpetrator to execute an SSRF attack.
The vulnerability of the nossrf software is related to insufficient testing of incoming requests. Exploiting this vulnerability allows a remote attacker to execute an SSRF attack...
The vulnerability of the PowerChute Serial Shutdown software for managing uninterruptible power supplies arises from improper encoding or shielding of output data. This allows a intruder to compromise the integrity of the protected information.
The vulnerability of the PowerChute Serial Shutdown software for managing uninterruptible power sources is related to improper encoding or shielding of output data. Exploiting this vulnerability could allow an attacker operating remotely to compromise the integrity of the protected information...
The vulnerability of the setPortalConfWeChat() function in the cgi-bin/cstecgi.cgi script of the TOTOLINK A7100RU router’s microprogramming software allows a hacker to execute arbitrary commands.
The vulnerability of the setPortalConfWeChat function in the cgi-bin/cstecgi.cgi script of the TOTOLINK A7100RU router’s microprogramming system is related to the lack of measures taken at the management level to protect data. Exploiting this vulnerability could allow an attacker to execute...
The vulnerability of the Platinum Host Service antivirus software, Trend Micro Internet Security, allows a hacker to execute arbitrary code within the SYSTEM context.
The vulnerability of the Platinum Host Service antivirus software, Trend Micro Internet Security, is related to improper termination or release of resources. Exploiting this vulnerability can allow an attacker to execute arbitrary code within the context of the SYSTEM process...
The vulnerability of the npm library Color-Name relates to the presence of undeclared functions, allowing a hacker to execute arbitrary code.
The vulnerability of the npm library Color-Name is related to the presence of undeclared functions. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the setTelnetCfg() function (/cgi-bin/cstecgi.cgi) in the TOTOLINK A7100RU router’s microprogramming software allows a hacker to execute arbitrary commands.
The vulnerability of the setTelnetCfg function /cgi-bin/cstecgi.cgi of the TOTOLINK A7100RU router’s microprogramming software is related to the failure to take measures to neutralize special elements used in the operating system’s command for handling the telnetenabled parameter. Exploiting this...
The vulnerability of the fromSafeEmailFilter() function (/goform/SafeEmailFilter) in the Tenda F451 router software allows a hacker to execute arbitrary code or cause service failures.
The vulnerability of the fromSafeEmailFilter function /goform/SafeEmailFilter in the Tenda F451 router software lies in the issue of the operation being executed outside the buffer in memory when processing the page parameter. Exploiting this vulnerability allows a malicious actor to execute...
The vulnerability of the bit_read_RC() function in the Dwgbmp Utility component, a library for processing DWG format files in LibreDWG, allows a hacker to cause a service failure.
The vulnerability of the bitreadRC function in the Dwgbmp Utility component, a library for processing DWG format files in the LibreDWG library, is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause service...
The vulnerability of the IBM HTTP Server web server, related to improper code generation management, allows attackers to execute arbitrary code or cause service failures.
The vulnerability of the IBM HTTP Server is related to incorrect code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause service interruptions...
The vulnerability of the authorization mechanism for performers of artificial intelligence workflow runners on a Git-based software platform for collaborative code development on GitLab allows a perpetrator to compromise the confidentiality and integrity of the protected information.
The vulnerability of the authorization mechanism for performers of artificial intelligence AI workflow runners on a Git-based software platform for collaborative code development on GitLab relates to bypassing authorization by using a user-controlled key. Exploiting this vulnerability could allow...
The vulnerability of the shortcuts.xml configuration file of the text editor Notepad++ allows a hacker to execute arbitrary code.
The vulnerability of the shortcuts.xml configuration file of the text editor Notepad++ is related to the failure to remove special elements. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the Boa HTTP-server microprogramming software-based routers from Tenda HG9 allows attackers to execute arbitrary code or cause service failures.
The vulnerability of the Boa HTTP-server microprogrammed routing software from Tenda HG9 involves the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure...
The vulnerability of the sub_4151FC() function in the embedded web server of the D-Link DIR-825M router’s software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the sub4151FC function in the embedded web server of the D-Link DIR-825M router’s software is related to the copying of buffer data without checking the size of the input data during the processing of the submit-url parameter. Exploiting this vulnerability allows an attacker ...
The vulnerability of the sub_453140() function in D-Link DWR-M960 router microprogramming software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the sub453140 function in D-Link DWR-M960 router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause malfunctions in the device...
The vulnerability of the setLoginPasswordCfg() function (/cgi-bin/cstecgi.cgi) in the TOTOLINK A7100RU router’s software allows a hacker to execute arbitrary commands.
The vulnerability of the setLoginPasswordCfg function /cgi-bin/cstecgi.cgi of the TOTOLINK A7100RU router software is related to the failure to take measures to neutralize special elements used in the operating system’s processing of the admpass parameter. Exploiting this vulnerability allows a...
The vulnerability of the formWlanSetup() function in Tenda HG9 router software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the formWlanSetup function in the Tenda HG9 router’s microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause a service failure...
The vulnerability of AMD’s microprogramming software lies in the improper isolation of common resources between trusted and untrusted agents, allowing attackers to elevate their privileges.
The vulnerability of AMD’s microprogrammed software lies in the improper isolation of common resources between trusted and untrusted agents. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of the `DcmByteString::makeDicomByteString` function in the `dcmdata/libsrc/dcbytstr.cc` library, which is used for working with DICOM format files. This vulnerability allows an attacker to cause a service failure.
The vulnerability of the DcmByteString::makeDicomByteString function in the dcmdata/libsrc/dcbytstr.cc library, which is used for working with DICOM format data, relates to the issue of the operation being executed outside of the buffer’s memory boundaries. Exploiting this vulnerability could all...
The vulnerability of the Linux operating system’s kernel SVM component, which allows a hacker to cause a service failure
The vulnerability of the Linux operating system’s kernel SVM component is related to insufficient checks on the state of shared resources. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of the netfilter component in the Linux operating system’s kernel, which leads to uncontrolled resource consumption, allows a hacker to cause a service failure.
The vulnerability of the netfilter component in the Linux operating system’s kernel is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to the distribution of resources without any restrictions or regulations, allows a violator to trigger a service failure.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the distribution of resources without any restrictions or regulations. Exploiting this vulnerability allows a malicious actor to cause service interruptions remotely...
The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from deficiencies in the authentication process, which allows unauthorized users to gain unauthorized access to protected information.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the IBM HTTP Server, related to the swapping of an untrusted pointer, allows a attacker to disclose sensitive information or cause service failures.
The vulnerability of the IBM HTTP Server is related to the misuse of a trusted pointer. Exploiting this vulnerability can allow an attacker to disclose sensitive information or cause service failures...
The vulnerability of the mod_mem_cache module in the IBM HTTP Server allows a hacker to cause a service failure.
The vulnerability of the modmemcache module in the IBM HTTP Server relates to the pointer being set to expired. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the Duo Workflows API interface of the software platform based on git for collaborative code development on GitLab EE allows a perpetrator to circumvent existing security restrictions.
The vulnerability of the Duo Workflows API interface of the software platform based on git for collaborative code development in GitLab EE is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to circumvent existing security...
The vulnerability of the config.xml configuration file of the Notepad++ text editor allows a hacker to execute arbitrary code.
The vulnerability of the config.xml configuration file of the text editor Notepad++ is related to the lack of measures taken to eliminate special elements during the processing of the commandLineInterpreter parameter. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the sub_425A28() function (/goform/DelFil) of the Tenda 4G300 router’s microprogramming software allows a attacker to execute arbitrary commands.
The vulnerability of the sub425A28 function /goform/DelFil of the Tenda 4G300 router’s microprogramming system is related to the lack of measures taken to neutralize special elements during the processing of the delflag parameter. Exploiting this vulnerability allows a remote attacker to execute...
The vulnerability of the fromGstDhcpSetSer() function in the httpd daemon’s microprogramming software for Tenda F456 allows a attacker to execute arbitrary code or cause a service failure.
The vulnerability of the fromGstDhcpSetSer function in the httpd daemon’s microprogramming-based router software Tenda F456 is related to the issue where operations are performed outside of the buffer in memory when processing the dips parameter. Exploiting this vulnerability allows a remote...
The vulnerability of the formWrlExtraSet() function (/goform/WrlExtraSet) in the Tenda F451 router software allows a attacker to execute arbitrary code or cause service interruptions.
The vulnerability of the formWrlExtraSet function /goform/WrlExtraSet of the Tenda F451 router software lies in the fact that the operation’s output goes beyond the buffer in memory when processing the GO parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary code ...
The vulnerability of the iommu/mediatek component in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the iommu/mediatek component in the Linux operating system’s kernel is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability in the net/mptcp/subflow.c component of the Linux operating system allows a attacker to cause a service failure.
The vulnerability of the net/mptcp/subflow.c component in the Linux operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...