90336 matches found
The vulnerability of the Python library for working with PDF files, PyPDF, arises from improper processing of highly compressed input data. This vulnerability allows attackers to cause service failures.
The vulnerability of the Python library for working with PDF files, PyPDF, is related to incorrect processing of highly compressed input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of the read_2004_compressed_section() function in the library for processing DWG format files by LibreDWG allows a perpetrator to cause service interruptions.
The vulnerability of the read2004compressedsection function in the library for processing DWG format files by GNU LibreDWG is related to the issue of the operation exceeding the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Python library for working with PDF files, PyPDF, related to unlimited resource distribution, allows a hacker to cause a service failure.
The vulnerability of the Python library for working with PDF files, PyPDF, is related to the unlimited distribution of resources. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the Valkey data structure server, related to insufficient validation of input data, allows attackers to cause service failures.
The vulnerability of the Valkey data structure server is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of the C-ares asynchronous DNS query library, related to the use of memory after it is freed, allows a hacker to execute arbitrary code.
The vulnerability of the C-ares asynchronous DNS query library is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the XWiki platform for creating collaborative web applications lies in its lack of authentication mechanisms. This allows attackers to create or modify arbitrary files.
The vulnerability of the XWiki Platform lies in the lack of authentication. Exploiting this vulnerability allows a malicious actor to create or modify arbitrary files remotely...
The vulnerability of the container management system and the virtual machine manager Incus, related to deficiencies in authentication procedures, allows attackers to escalate their privileges.
The vulnerability of the container management system and the virtual machine manager Incus is related to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers operating remotely to enhance their privileges...
The vulnerability of the libexpat XML file analysis library, related to the swapping of the zero pointer, allows an attacker to trigger a service failure.
The vulnerability of the libexpat library for analyzing XML files is related to the use of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the SVG converter CairoSVG, related to uncontrolled recursion, allows attackers to cause service failures.
The vulnerability of the SVG converter CairoSVG is related to uncontrolled recursion. Exploiting this vulnerability could allow a remote attacker to cause service failures...
The vulnerability of the _has_sneaky_javascript() function in the lxml_html_clean library for the Python programming language allows attackers to perform cross-site scripting (XSS) attacks.
The vulnerability of the hassneakyjavascript function in the lxmlhtmlclean library, written in the Python programming language, is related to incorrect encoding or escaping of output data. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting XSS attacks remotely...
The vulnerability of the lxml_html_clean library in the Python programming language arises from improper encoding or escaping of output data. This allows attackers to perform cross-site scripting (XSS) attacks or phishing attacks, or to modify the user interface.
The vulnerability of the lxmlhtmlclean library in the Python programming language is related to incorrect encoding or escaping of output data. Exploiting this vulnerability allows an attacker to perform cross-site scripting XSS attacks or phishing attacks, or to modify the user interface...
The vulnerability of the Drupal CMS system’s kernel allows attackers to execute cross-site scripting (XSS) attacks.
The vulnerability of the Drupal CMS system’s kernel is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting XSS attacks remotely...
The vulnerability of the Nginx UI server’s user interface lies in the lack of origin verification in WebSockets, allowing attackers to disclose confidential information.
The vulnerability of the Nginx UI server’s user interface lies in the lack of origin verification in WebSockets. Exploiting this vulnerability allows an attacker to disclose confidential information remotely...
The vulnerability of the CKEditor text editor in the Drupal CMS system allows attackers to execute XSS attacks.
The vulnerability of the CKEditor text editor in the Drupal CMS system is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
The vulnerability of the container management system and the virtual machine manager Incus, related to incorrect restrictions on the path name to the restricted access catalog, allows a intruder to gain unauthorized access to protected information.
The vulnerability of the container management system and the virtual machine manager Incus is related to an incorrect limitation on the path name to the restricted access catalog. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to protected information...
The vulnerability of the Glances monitoring tool lies in the lack of protection for service data, which allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the Glances monitoring tool is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker who operates remotely to gain unauthorized access to protected information...
The vulnerability of the Python library for working with PDF files, PyPDF, relates to the execution of a loop with an unreachable exit condition, allowing a hacker to cause a service failure.
The vulnerability of the Python library for working with PDF files, PyPDF, is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the formiNICSiteSurvey() function in the microprogramming software for EDIMAX BR-6478AC allows a intruder to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the formiNICSiteSurvey function in the microprogramming software for EDIMAX BR-6478AC routers lies in the fact that the operation’s output is stored outside of the buffer in memory. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality,...
The vulnerability of the printing subsystem in Samba-enabled network communication programs allows a hacker to execute arbitrary code.
The vulnerability of the printing subsystem in Samba networking-enabled programs is related to the lack of measures taken to neutralize special elements during the processing of the %J parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the decompress_R2004_section() function in the LibreDWG file processing library allows a perpetrator to cause service interruptions.
The vulnerability of the decompressR2004section function in the library for processing DWG format files by LibreDWG is related to the occurrence of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Packetbeat network packet analyzer, related to unvalidated array indexing, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Network Packetbeat analyzer is related to unvalidated array indexing. Exploiting this vulnerability can allow an attacker operating remotely to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the RoundCube Webmail email client, related to the use of an unprotected alternative channel, allows attackers to gain unauthorized access to protected information.
The vulnerability of the RoundCube Webmail email client is related to the use of an unprotected alternative communication channel. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...
The vulnerability of the Valkey data structure server arises from insufficient neutralization of special elements in queries, allowing attackers to execute arbitrary code.
The vulnerability of the Valkey data structure server is related to insufficient neutralization of special elements in requests. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Valkey data structure server, related to reading beyond the buffer in memory, allows attackers to cause service failures.
The vulnerability of the Valkey data structure server is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the virtual learning environment Moodle, related to the lack of measures to neutralize special elements, allows a violator to execute arbitrary commands.
The vulnerability of the virtual training environment Moodle is related to the lack of measures taken to neutralize special elements within it. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...
The vulnerability of the Python library for working with PDF files, PyPDF, related to unlimited resource distribution, allows a hacker to cause a service failure.
The vulnerability of the Python library for working with PDF files, PyPDF, is related to the unlimited distribution of resources. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the virtual learning environment Moodle, related to improper code generation, allows a perpetrator to execute arbitrary code.
The vulnerability in the virtual learning environment Moodle is related to incorrect code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the libexpat XML file analysis library, related to the swapping of the zero pointer, allows an attacker to trigger a service failure.
The vulnerability of the libexpat library for analyzing XML files is related to the use of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the network routing implementation software on Unix-like systems, related to the handling of the zero pointer, allows a hacker to cause a service failure.
The vulnerability of the FRRouting software implementation for Unix-like systems relates to the handling of the zero pointer. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
The vulnerability of the network routing implementation software on Unix-like systems, related to the handling of the zero pointer, allows a hacker to cause a service failure.
The vulnerability of the FRRouting software implementation for Unix-like systems relates to the handling of the zero pointer. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
The vulnerability of the network routing implementation software on Unix-like systems, related to the handling of the zero pointer, allows a hacker to cause a service failure.
The vulnerability of the FRRouting software implementation for Unix-like systems relates to the handling of the zero pointer. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
The vulnerability of the network routing implementation software on Unix-like systems, related to the handling of the zero pointer, allows a hacker to cause a service failure.
The vulnerability of the networking routing implementation software on Unix-like systems is related to the handling of the zero pointer. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the networking routing implementation software on Unix-like systems is related to the handling of the null pointer. Exploiting this vulnerability can allow an attacker to cause service failures.
The vulnerability of the FRRouting software implementation for Unix-like systems relates to the handling of the zero pointer. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
The vulnerability in the file brut/androlib/res/decoder/ResFileDecoder.java of the Android APK reverse-engineering tool Apktoo,l allows a hacker to write or rewrite any data.
The vulnerability in the brut/androlib/res/decoder/ResFileDecoder.java file of the Apktool tool for reverse-engineering Android APK files is related to an incorrect path limitation for the restricted access directory. Exploiting this vulnerability could allow a malicious actor to write or rewrite...
The vulnerability of the Drupal CMS system’s kernel allows a hacker to execute arbitrary code.
The vulnerability of the Drupal CMS system’s kernel is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the formWlanMP() function in the /goform/formWlanM file of the Edimax BR-6428NS router’s microprogramming software allows a hacker to execute arbitrary commands.
The vulnerability of the formWlanMP function in the /goform/formWlanM microprogramming system for Edimax BR-6428NS routers is related to the lack of data cleaning measures at the management level when processing parameters such as ateFunc, ateGain, ateTxCount, ateChan, ateRate, ateMacID,...
The vulnerability of the formConnectionSetting() function in the /goform/formConnectionSetting file of the Edimax BR-6675nD router’s microprogramming software allows a hacker to execute arbitrary commands.
The vulnerability of the formConnectionSetting function in the /goform/formConnectionSetting file of the Edimax BR-6675nD router’s microprogramming software is related to the lack of data cleaning measures at the control level when processing the maxConn and timeOut parameters. Exploiting this...
The vulnerability of the formWlSiteSurvey() function in the /goform/formWlSiteSurvey file of the Edimax BR-6675nD router’s microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the formWlSiteSurvey function in the /goform/formWlSiteSurvey file of the Edimax BR-6675nD router’s microprogramming system is related to the issue where the operation’s output goes beyond the buffer in memory when processing the selSSID parameter. Exploiting this vulnerabili...
The vulnerability of the REST API interface of the Cisco Secure Workload (formerly Tetration) security tool allows a attacker to access confidential information or modify system configurations.
The vulnerability of the REST API interface of the Cisco Secure Workload formerly Tetration security tool for multi-cloud data centers relates to the absence of authentication for critical functions. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to...
The vulnerability of the formsetPPPoE() function in the /goform/formsetPPPoE file of the Edimax BR-6675nD router’s microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the formsetPPPoE function in the /goform/formsetPPPoE file of the Edimax BR-6675nD router microprogramming software is related to the issue of the operation exceeding the buffer in memory when processing the pppUserName parameter. Exploiting this vulnerability allows an...
The vulnerability of the formWlbasic() function in the /goform/formWlbasic microprogramming system for Edimax BR-6428NS routers allows a hacker to execute arbitrary commands.
The vulnerability of the formWlbasic function in the /goform/formWlbasic microprogramming system for Edimax BR-6428NS routers is related to the lack of data cleaning measures at the control level when processing the repeaterSSID parameter. Exploiting this vulnerability allows an attacker to execu...
The vulnerability of the mp() function in the /goform/mp software for router devices from Edimax BR-6675nD allows a hacker to execute arbitrary commands.
The vulnerability of the mp function in the /goform/mp microprogramming system for Edimax BR-6675nD routers is related to the lack of data cleaning at the control level when processing the command parameter. Exploiting this vulnerability allows an attacker to execute arbitrary commands by sending...
The vulnerability of the formHwSet() function in the /goform/formHwSet file of the Edimax EW-7438RPn wireless signal amplifiers’ software component allows a hacker to execute arbitrary code or cause malfunctions in the device’s functionality.
The vulnerability of the formHwSet function in the /goform/formHwSet component of the Edimax EW-7438RPn wireless signal amplifiers’ software lies in the fact that the output of the operation goes beyond the buffer in memory when processing parameters such as Anntena, Mcs, regDomain, nic0Addr,...
The vulnerability of the formWlSiteSurvey() function in the /goform/formWlSiteSurvey file of the webs component of the microprogramming software for wireless signal amplifiers from Edimax EW-7438RPn allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the formWlSiteSurvey function in the /goform/formWlSiteSurvey file of the webs component of the microprogramming software for wireless signal amplifiers like Edimax EW-7438RPn is related to the issue where the operation output goes beyond the buffer in memory when processing...
The vulnerability of the formEZCHNwlanSetup() function in the /goform/formEZCHNwlanSetu file of the Edimax BR-6675nD router’s microprogramming system allows a hacker to execute arbitrary commands.
The vulnerability of the formEZCHNwlanSetup function in the /goform/formEZCHNwlanSetu file of the Edimax BR-6675nD router microprogramming system is related to the lack of data cleaning measures at the control level when processing the method parameter. Exploiting this vulnerability allows an...
The vulnerability of the learning platform IQ SCHOOL, related to deficiencies in verifying user input data, allows a hacker to obtain hash values of other users’ passwords.
The vulnerability of the learning platform IQ SCHOOL is related to deficiencies in the verification of data entered by users. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain the hash values of other users’ passwords...
The vulnerability of the learning platform IQ SCHOOL, related to deficiencies in verifying user input data, allows a hacker to obtain hash values of other users’ passwords.
The vulnerability of the learning platform IQ SCHOOL is related to deficiencies in the verification of data entered by users. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain the hash values of other users’ passwords...
The vulnerability of the learning platform IQ SCHOOL, related to deficiencies in verifying user input data, allows a hacker to obtain the passwords of other users.
The vulnerability of the learning platform IQ SCHOOL is related to deficiencies in the verification of data entered by users. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain the hash values of other users’ passwords...
The vulnerability of the formWpsStart() function in the /goform/formWpsStart file of the webs component of the microprogramming software for wireless signal amplifiers Edimax EW-7438RPn allows a hacker to execute arbitrary commands.
The vulnerability of the formWpsStart function in the /goform/formWpsStart file of the webs component of the microprogramming software for wireless signal amplifiers from Edimax EW-7438RPn is related to the failure to take measures to neutralize special elements used in the operating system’s...
The vulnerability of the formWanTcpipSetup() function in the /goform/formWanTcpipSetup file of the Edimax BR-6675nD router microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the formWanTcpipSetup function in the /goform/formWanTcpipSetup file of the Edimax BR-6675nD router microprogramming software is related to the issue of the operation exceeding the buffer boundaries in memory when processing the pppUserName parameter. Exploiting this...