90336 matches found
The vulnerability of the access control model for the container registry in the Git repository management system Gitea allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the access control model for the container registry in the Git repository management system Gitea is related to the lack of authentication for the critical function. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to...
The vulnerability of the TLS protocol implementation in the IBM HTTP Server allows a perpetrator to execute arbitrary code or cause a service failure.
The vulnerability of the TLS protocol implementation in the IBM HTTP Server is related to incorrect code generation practices. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause service failures...
The vulnerability of the IBM HTTP Server web server, related to uncontrolled resource consumption, allows attackers to cause service interruptions.
The vulnerability of the IBM HTTP Server is related to an uncontrolled consumption of resources. Exploiting this vulnerability could allow a attacker to cause service interruptions...
The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to authentication errors, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to authentication errors. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the formPing() function on Boa HTTP-servers of Tenda HG9 microprogrammed routing software allows attackers to execute arbitrary code or cause service failures.
The vulnerability of the formPing function on Boa microprogrammed software-based Tenda HG9 routers stems from the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure...
The vulnerability of the sub_414BA8() function in the embedded web server of the D-Link DIR-825M router’s software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the sub414BA8 function in the embedded web server of the D-Link DIR-825M router’s software is related to the copying of buffer data without checking the size of the input data during the processing of the submit-url parameter. Exploiting this vulnerability allows an attacker ...
The vulnerability of the sub_4237AC() function in D-Link DWR-M960 router microprogramming software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the sub4237AC function in D-Link DWR-M960 router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause malfunctions in the device...
The vulnerability of the setAdvancedInfoShow() function (/cgi-bin/cstecgi.cgi) in the TOTOLINK A7100RU router’s microprogramming software allows a hacker to execute arbitrary commands.
The vulnerability of the setAdvancedInfoShow function /cgi-bin/cstecgi.cgi of the TOTOLINK A7100RU router’s microprogramming software is related to the failure to take measures to neutralize special elements used in the operating system’s command for processing the parameter ttyserver. Exploiting...
The vulnerability of the setMiniuiHomeInfoShow() function (/cgi-bin/cstecgi.cgi) in the TOTOLINK A7100RU router’s microprogramming software allows a perpetrator to execute arbitrary commands.
The vulnerability of the setMiniuiHomeInfoShow function /cgi-bin/cstecgi.cgi of the TOTOLINK A7100RU router’s microprogramming software is related to the lack of measures taken to neutralize special elements used in the operating system’s processing of the laninfo parameter. Exploiting this...
The vulnerability of the fromP2pListFilter() function (/goform/P2pListFilter) in the Tenda F451 router software allows a hacker to execute arbitrary code or cause service failures.
The vulnerability of the fromP2pListFilter function /goform/P2pListFilter in the Tenda F451 router software relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or cause service failures...
The vulnerability of the drm/i915/gem component of the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the drm/i915/gem component of the Linux operating system is related to pointer arithmetic errors. Exploiting this vulnerability could allow a hacker to cause a service failure...
The vulnerability of the powerpc/kexec component in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the powerpc/kexec component in the Linux operating system is related to the lack of initialization for resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Merge() function in the Gogs automated Git repository creation tool allows a hacker to execute arbitrary code.
The vulnerability of the Merge function in the Gogs self-managed Git repository creation tool is related to the insertion or modification of arguments. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code by sending a specially crafted request...
The vulnerability of the process-interaction mechanism of the text editor Notepad++, which allows a hacker to trigger a service failure.
The vulnerability of the process-interaction mechanism of the text editor Notepad++ is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the golang.org/x/crypto/ssh library for the Go programming language, which allows a hacker to trigger a denial-of-service attack.
The vulnerability of the golang.org/x/crypto/ssh library for the Go programming language is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...
The vulnerability of the formPing6() function in the Boa microprogramming software-based router Tenda HG9 HTTP server allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the formPing6 function on the Boa microprogrammed software-based Tenda HG9 router’s HTTP server is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure...
The vulnerability of the setWiFiGuestCfg() function (/cgi-bin/cstecgi.cgi) in the TOTOLINK A7100RU router’s microprogramming software allows a attacker to execute arbitrary commands.
The vulnerability of the setWiFiGuestCfg function /cgi-bin/cstecgi.cgi of the TOTOLINK A7100RU router software is related to the failure to take measures to neutralize special elements used in the operating system’s processing of the wifiOff parameter. Exploiting this vulnerability allows a remot...
The vulnerability of the formWrlExtraSet() function in the httpd daemon of the Tenda F456 microprogramming router allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the formWrlExtraSet function in the httpd daemon of the Tenda F456 microprogramming router lies in the fact that the operation escapes the buffer boundaries in memory when processing the GO parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary...
The vulnerability of the sub_462590() function in D-Link DWR-M960 router microprogramming software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the sub462590 function in D-Link DWR-M960 router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure...
The vulnerability of the dcmqrdb/libsrc/dcmqrdbi.cc component, a library for working with DICOM format data, allows attackers to cause service interruptions.
The vulnerability of the dcmqrdb/libsrc/dcmqrdbi.cc component, which is part of the DICOM processing library, is related to errors during resource release. Exploiting this vulnerability could allow an attacker to cause service failures...
The vulnerability in the net/mptcp/subflow.c component of the Linux operating system allows a attacker to cause a service failure.
The vulnerability of the net/mptcp/subflow.c component in the Linux operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the RoundCube Webmail email client lies in the lack of validation for incoming requests, which allows attackers to disclose protected information or bypass existing security mechanisms.
The vulnerability of the RoundCube Webmail email client is related to the lack of validation during the processing of incoming requests. Exploiting this vulnerability can allow an attacker to disclose sensitive information or bypass existing security mechanisms...
The vulnerability of the WINS-server software Samba, which allows a hacker to trigger a service failure
The vulnerability of the WINS-server software Samba is related to pointer aliasing. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
The vulnerability of the ANGLE library in Google Chrome and Microsoft Edge browsers allows attackers to disclose protected information.
The vulnerability of the ANGLE library in Google Chrome and Microsoft Edge relates to external control over a web parameter that is assumed to be immutable. Exploiting this vulnerability could allow an attacker to disclose protected information...
The vulnerability of the arp_create() function in the net/ipv4/arp.c module of the Linux operating system’s IPv4 protocol implementation allows a attacker to cause a service failure.
The vulnerability of the arpcreate function in the net/ipv4/arp.c module of the Linux kernel’s IPv4 protocol implementation is related to the dereferencing of a pointer with an expired validity period. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the ANGLE library in Google Chrome and Microsoft Edge browsers allows a hacker to induce a service failure.
The vulnerability of the ANGLE library in Google Chrome and Microsoft Edge relates to external control over a web parameter that is assumed to be immutable. Exploiting this vulnerability could allow an attacker to cause service interruptions...
The vulnerability of the Media components in Google Chrome and Microsoft Edge browsers on Android operating systems allows attackers to bypass the sandboxing protection mechanisms.
The vulnerability of the Media component in Google Chrome and Microsoft Edge browsers on Android operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to bypass the sandboxing protection mechanisms...
The vulnerability of the ANGLE library in Google Chrome and Microsoft Edge browsers on macOS operating systems allows a hacker to execute arbitrary code.
The vulnerability of the ANGLE library in Google Chrome and Microsoft Edge browsers on MacOS operating systems is related to the possibility of using memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to execute arbitrary code.
The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers relates to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...
The vulnerability of the Popup Blocker extension in Google Chrome and Microsoft Edge browsers allows a hacker to bypass existing security mechanisms.
The vulnerability of the Popup Blocker extension in Google Chrome and Microsoft Edge is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to bypass existing security measures remotely...
The vulnerability in the user interface of WebUI for Google Chrome and Microsoft Edge allows a hacker to bypass existing security mechanisms.
The vulnerability of the WebUI user interface of Google Chrome and Microsoft Edge is related to a violation of data protection mechanisms. Exploiting this vulnerability allows an attacker to bypass existing security measures remotely...
The vulnerability of the vfs_worm module in Samba software allows a hacker to modify any arbitrary files.
The vulnerability of the vfsworm module in Samba software is related to improper handling of insufficient permissions or privileges. Exploiting this vulnerability allows a remote attacker to modify arbitrary files...
The vulnerability of the Google Chrome and Microsoft Edge browsers’ mobile components in iOS operating systems allows a hacker to execute arbitrary code.
The vulnerability of Google Chrome and Microsoft Edge web browsers on iOS operating systems relates to the ability to utilize memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the learning platform IQ SCHOOL, related to insufficient verification of input data, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the learning platform IQ SCHOOL is related to insufficient verification of input data. Exploiting this vulnerability could allow an unauthorized attacker to gain unauthorized access to protected information...
The vulnerability of the Trend Micro Apex One antivirus software agent allows a hacker to increase their privileges.
The vulnerability of the Trend Micro Apex One antivirus software agent is related to a data source verification error. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of the Trend Micro Apex One antivirus software agent allows a hacker to increase their privileges.
The vulnerability of the Trend Micro Apex One antivirus software agent is related to a data source verification error. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of the Trend Micro Apex One antivirus software agent allows a hacker to increase their privileges.
The vulnerability of the Trend Micro Apex One antivirus software agent is related to a data source verification error. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of the Trend Micro Apex One antivirus software agent allows a hacker to increase their privileges.
The vulnerability of the Trend Micro Apex One antivirus software agent is related to a data source verification error. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of the RoundCube Webmail email client lies in the lack of validation for incoming requests, which allows attackers to disclose protected information or enhance their privileges.
The vulnerability of the RoundCube Webmail email client is related to the lack of validation for incoming requests. Exploiting this vulnerability can allow an attacker to disclose protected information or enhance their privileges...
The vulnerability of the LDAP protocol implementation in the RoundCube Webmail client allows a hacker to execute arbitrary code.
The vulnerability of the RoundCube Webmail client LDAP implementation is related to the improper handling of control flows. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the RoundCube Webmail client, related to the lack of protective measures for the website structure, allows attackers to execute SSRF attacks and disclose the protected information.
The vulnerability of the RoundCube Webmail email client is related to insufficient validation of requests at the server side. Exploiting this vulnerability allows a malicious actor to perform an SSRF attack and disclose sensitive information...
The vulnerability of the Blitz Identity Provider software, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks (XSS).
The vulnerability of the Blitz Identity Provider software is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...
The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to execute arbitrary code.
The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers relates to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...
The vulnerability of the fromPPTPUserSetting() function in the Tenda F1202 router software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the fromPPTPUserSetting function in the Tenda F1202 router’s microprogramming software is related to the issue of the operation going beyond the buffer boundaries in memory when processing the delno parameter. Exploiting this vulnerability allows a remote attacker to execute...
The vulnerability of the Font component in Google Chrome and Microsoft Edge browsers allows a hacker to trigger a service failure.
The vulnerability of the Font component in Google Chrome and Microsoft Edge relates to reading beyond the permitted range in memory. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the fromSafeEmailFilter() function in the Tenda F1202 router software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the from SafeEmailFilter function in the Tenda F1202 router software is related to the execution of an operation outside the buffer in memory when processing the page parameter. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause...
The vulnerability of the fromPptpUserAdd() function in the Tenda F1202 router software allows a hacker to execute arbitrary code or cause service failures.
The vulnerability of the fromPptpUserAdd function in the Tenda F1202 router microprogramming system is related to the operation that goes beyond the buffer boundaries in memory when processing the parameters username and opttype. Exploiting this vulnerability allows a remote attacker to execute...
The vulnerability of the Request Header Handler component of the ASGI framework in web development for Starlette allows attackers to circumvent existing security restrictions.
The vulnerability of the Request Header Handler component in the Starlette framework for web development is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions remotely...
The vulnerability in the set of tools for web development, DevTools, available in Google Chrome and Microsoft Edge browsers, allows a hacker to bypass existing security mechanisms.
The vulnerability of the DevTools suite for web development in Google Chrome and Microsoft Edge relates to a data protection mechanism flaw. Exploiting this vulnerability could allow an attacker to bypass existing security measures remotely...
The vulnerability of Google Chrome and Microsoft Edge mobile browsers on Android operating systems allows attackers to perform cross-site scripting attacks.
The vulnerability of Google Chrome and Microsoft Edge web browsers on Android operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to perform cross-site scripting attacks...