74701 matches found
The vulnerability of the iio_gts_build_avail_scale_table() function in the drivers/iio/industrialio-gts-helper.c kernel of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the iiogtsbuildavailscaletable function in the drivers/iio/industrialio-gts-helper.c file of the Linux kernel is related to improper memory release before deleting the last pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the TR-069 protocol implementation (tr069/tr098.c) of the network board microprogramming software from ASR Microelectronics, including models ASR1803L, ASR1806, ASR1901, and ASR1903L, allows a malicious actor to gain unauthorized access to protected information or cause service failures.
The vulnerability of the TR-069 protocol implementation tr069/tr098.c of the network board microcomputer software ASR Microelectronics ASR1803L, ASR1806, ASR1901, and ASR1903L is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an unauthorized attacker...
The vulnerability of the ksmbd component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the ksmbd component in the Linux operating system’s kernel is related to reading data beyond the allowed buffer size. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the tps6598x module in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the tps6598x module in the Linux operating system is related to the release of an incorrect pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of Selea Targa IP cameras’ microprogramming software, related to insufficient validation of input data, allows a intruder to carry out an SSRF attack.
The vulnerability of Selea Targa IP cameras’ microprogramming software is related to insufficient validation of input data during the processing of the ipnotifyaddress and url parameters. Exploiting this vulnerability allows a remote attacker to execute an SSRF attack by sending specially crafted...
The vulnerability in the driver/phy/qualcomm/phy-qcom-qmp-usb.c component of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the drivers/phy/qualcomm/phy-qcom-qmp-usb.c component in the Linux operating system is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the microprogramming software of the Elfatek Elektronik ANKA JPD 00028 series radio control system, related to improper access control, allows a intruder to gain unauthorized access and compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the microprogramming software of the Elfatek Elektronik ANKA JPD 00028 series radio control system is related to improper access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access and compromise the...
The vulnerability of the set_device_language() function in the portal.cgi script of Linksys E8450 Wi-Fi router software allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the setdevicelanguage function in the portal.cgi script of Linksys E8450 Wi-Fi routers is related to the issue where the operation results outside the buffer in memory when processing the dutlanguage parameter. Exploiting this vulnerability allows an attacker to compromise th...
The vulnerability of the formSetACLFilter() function in the /goform/formSetACLFilter file of the D-Link DIR-619L router’s microprogramming software allows a intruder to trigger a service failure.
The vulnerability of the formSetACLFilter function in the /goform/formSetACLFilter module of the D-Link DIR-619L router’s software is related to the issue where the operation’s output goes beyond the buffer in memory when processing the curTime parameter. Exploiting this vulnerability could allow...
The vulnerability of the Node-RED visual programming tool’s server on the Pilz IndustrialPI operating system allows a perpetrator to execute arbitrary commands.
The vulnerability of the Node-RED visual programming tool on the Pilz IndustrialPI industrial computer server is related to the absence of default authentication settings. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system, related to reading data beyond the buffer in memory, allows attackers to gain unauthorized access to protected information.
The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system lies in the reading of data beyond the buffer in memory. Exploiting this vulnerability could allow an intruder to gain unauthorized access to protected information...
The vulnerability of the Blitz Identity Provider software, related to incorrect configuration of access rights, allows a hacker to send an email with arbitrary text to the user’s assigned email address.
The vulnerability of the Blitz Identity Provider software is related to incorrect configuration of access rights. Exploiting this vulnerability could allow a malicious actor to send an email with arbitrary text to the user’s associated account...
The vulnerability of the ANKA JPD 00028 radio control system’s microprogramming software lies in the lack of encryption during data exchange between the transmitter and the receiver. This allows attackers to execute a “Replay attack” and trigger a Denial-of-Service attack (DoS).
The vulnerability of the ANKA JPD 00028 radio control system’s microprogramming software lies in the lack of encryption during data exchange between the transmitter and the receiver. Exploiting this vulnerability allows a remote attacker to carry out a “Replay attack” and cause service failure...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the formSetWizard1() function in the /goform/formWlSiteSurvey file of the D-Link DIR-619L router’s software, which allows a hacker to cause a service failure.
The vulnerability of the formSetWizard1 function in the /goform/formWlSiteSurvey file of the D-Link DIR-619L router’s software is related to the issue where the operation’s output goes beyond the buffer in memory when processing the curTime parameter. Exploiting this vulnerability could allow an...
The vulnerability of the formSetPPTPUserList (/goform/setPptpUserList) function in the Tenda AC5 router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the formSetPPTPUserList /goform/setPptpUserList function in the Tenda AC5 router software relates to the issue of the operation going beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
The vulnerability of the request processing function in TOTOLINK A702R router microprogramming software allows a intruder to trigger a service failure.
The vulnerability of the request processing function in TOTOLINK A702R router microprogramming systems lies in the issue of the operation exceeding the buffer boundaries in memory when processing the submit-url parameter. Exploiting this vulnerability allows a malicious actor to cause service...
The vulnerability of the FactoryTalk Linx automation system’s software, related to insufficient verification of input data, allows a intruder to trigger a service failure.
The vulnerability of the FactoryTalk Linx automation system’s software is related to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending a malicious package...
The vulnerabilities of the Go programming language’s packages net/http, x/net/proxy, and x/net/http/httpproxy allow attackers to compromise the confidentiality and accessibility of protected information.
The vulnerability of the net/http, x/net/proxy, and x/net/http/httpproxy libraries in the Go programming language is related to incorrect matching of hosts with proxy server templates. Exploiting this vulnerability can allow an attacker to compromise the confidentiality and accessibility of...
The vulnerability of the forumrunner component in the vBulletin commercial web forum allows a hacker to perform an SSRF attack.
The vulnerability of the forumrunner component in the vBulletin commercial web forum is related to insufficient validation of incoming requests. Exploiting this vulnerability could allow a malicious actor to execute an SSRF attack remotely...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the Form_Login() function in the Totolink T6 router’s software allows a intruder to gain unauthorized access to protected information.
The vulnerability of the FormLogin function in the microprogramming software of the TOTOLink T6 system is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
The vulnerability of Notepad++ installer allows a hacker to elevate their privileges and write arbitrary files.
The vulnerability of the Notepad++ text editor is related to deficiencies in access control, resulting from uncontrolled access to search paths. Exploiting this vulnerability can allow attackers to enhance their privileges and write arbitrary files...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the Mattermost instant messaging application, related to incorrect authentication, allows a hacker to disclose protected information.
The vulnerability of the Mattermost instant messaging application is related to improper authentication. Exploiting this vulnerability can allow a malicious actor to disclose protected information...
The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system, related to writing beyond the buffer in memory, allows attackers to execute arbitrary code.
The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system lies in the ability to write data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow attackers to execute arbitrary code...
The vulnerability of the Documino automation platform for electronic document processing lies in the lack of measures taken to protect the SQL query structure, allowing attackers to enhance their privileges.
The vulnerability of the Documino automation platform for electronic document processing lies in the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow attackers to enhance their privileges by sending specially crafted SQL queries...
The vulnerability of the unlinkat() function in package managers Nix, Lix, and Guix allows attackers to increase their privileges.
The vulnerability of the unlinkat function in Nix, Lix, and Guix is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the Apache Commons FileUpload library, related to unlimited resource distribution, allows attackers to cause service failures.
The vulnerability of the Apache Commons FileUpload library is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of mediatek’s Linux operating system drivers allows a hacker to cause a service failure.
The vulnerability of mediatek’s Linux operating system drivers is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the OCAS Assistant dialog system, related to improper code generation management, allows a perpetrator to execute arbitrary code.
The vulnerability of the OCAS Assistant dialog system is related to improper handling of code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted POST request...
The vulnerability of the OCAS Assistant dialog system, related to the failure to take measures for data cleaning at the management level, allows a perpetrator to execute arbitrary commands.
The vulnerability of the OCAS Assistant dialog system is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...
The vulnerability of the Documino automation platform for electronic document processing lies in its ability to bypass authentication by using a user-controlled key. This allows unauthorized users to gain unauthorized access to protected information.
The vulnerability of the Documino automation platform for electronic document processing lies in the ability to bypass authentication by using a key controlled by the user. Exploiting this vulnerability could allow an intruder, operating remotely, to gain unauthorized access to protected...
The vulnerability in the drm_modes.c component of the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the drmmodes.c component in the Linux operating system is related to the lack of checks for division by zero. Exploiting this vulnerability could allow a perpetrator to trigger a service failure...
The vulnerability of the drivers/firmware/EFI/libstub components of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the drivers/firmware/EFI/libstub components of the Linux operating system is related to the allocation of unlimited memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability in the downloadFile.cgi script of the TOTOLINK A800R router’s microprogramming software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability in the downloadFile.cgi subroutine of the TOTOLINK A800R router’s microprogramming software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibilit...
The vulnerability of the Blitz Identity Provider software lies in its insufficient limitation on the number of authentication attempts. This allows a hacker to associate any arbitrary email address with a user account.
The vulnerability of the Blitz Identity Provider software is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability allows a malicious actor to associate any email address with a user account...
The vulnerability of the built-in web server boa (/boafrm/formPortFw) of the TOTOLINK N300RH router’s microprogramming software allows a hacker to induce a service failure.
The vulnerability of the built-in web server boa /boafrm/formPortFw of the TOTOLINK N300RH router’s microprogramming software is related to the issue of the operation exceeding the buffer in memory when processing the servicetype parameter. Exploiting this vulnerability allows a malicious actor t...
The vulnerability of the built-in boa server (/boafrm/formIpv6Setup) of the TOTOLINK A702R router’s microprogramming software allows a intruder to cause a service failure.
The vulnerability of the built-in boa server /boafrm/formIpv6Setup of the TOTOLINK A702R router’s microprogramming software is related to the issue of the operation exceeding the buffer boundaries in memory when processing the submit-url parameter. Exploiting this vulnerability allows a malicious...
The vulnerability of the Nix, Lix, and Guix package managers lies in their lack of access control mechanisms, allowing attackers to gain read and write access to data.
The vulnerability of the Nix, Lix, and Guix package managers is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to gain read and write access to data...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the FactoryTalk Linx automation system’s software relates to operations where data is written beyond the buffer boundaries in memory. This allows attackers to bypass the ASLR protection mechanism and gain access to confidential information.
The vulnerability of the FactoryTalk Linx automation system’s software is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to bypass the ASLR protection mechanism and gain access to confidential information...
The vulnerability of the FactoryTalk Linx automation system’s software lies in the possibility of an operation exceeding the buffer boundaries in memory, allowing a hacker to execute arbitrary code.
The vulnerability of the FactoryTalk Linx automation system’s software is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the OrderedHashTable component in Mozilla Firefox browsers allows a hacker to execute arbitrary code.
The vulnerability of the OrderedHashTable component in Mozilla Firefox browsers is related to integer overflow. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the drivers/hid/hid-hyperv.c component in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the drivers/hid/hid-hyperv.c component in the Linux operating system is related to errors during resource release. Exploiting this vulnerability can allow an attacker to cause a service failure...