90336 matches found
The vulnerability of the learning platform IQ SCHOOL, related to deficiencies in verifying user input data, allows a hacker to obtain hash values of other users’ passwords.
The vulnerability of the learning platform IQ SCHOOL is related to deficiencies in the verification of data entered by users. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain the hash values of other users’ passwords...
The vulnerability of the formHwSet() function in the /goform/formHwSet file of the Edimax EW-7438RPn wireless signal amplifiers’ software component allows a hacker to execute arbitrary code or cause malfunctions in the device’s functionality.
The vulnerability of the formHwSet function in the /goform/formHwSet component of the Edimax EW-7438RPn wireless signal amplifiers’ software lies in the fact that the output of the operation goes beyond the buffer in memory when processing parameters such as Anntena, Mcs, regDomain, nic0Addr,...
The vulnerability of the formsetPPPoE() function in the /goform/formsetPPPoE file of the Edimax BR-6675nD router’s microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the formsetPPPoE function in the /goform/formsetPPPoE file of the Edimax BR-6675nD router microprogramming software is related to the issue of the operation exceeding the buffer in memory when processing the pppUserName parameter. Exploiting this vulnerability allows an...
The vulnerability of the formWlSiteSurvey() function in the /goform/formWlSiteSurvey file of the webs component of the microprogramming software for wireless signal amplifiers from Edimax EW-7438RPn allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the formWlSiteSurvey function in the /goform/formWlSiteSurvey file of the webs component of the microprogramming software for wireless signal amplifiers like Edimax EW-7438RPn is related to the issue where the operation output goes beyond the buffer in memory when processing...
The vulnerability of the learning platform IQ SCHOOL, related to deficiencies in verifying user input data, allows a hacker to obtain the passwords of other users.
The vulnerability of the learning platform IQ SCHOOL is related to deficiencies in the verification of data entered by users. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain the hash values of other users’ passwords...
The vulnerability of the formWlbasic() function in the /goform/formWlbasic microprogramming system for Edimax BR-6428NS routers allows a hacker to execute arbitrary commands.
The vulnerability of the formWlbasic function in the /goform/formWlbasic microprogramming system for Edimax BR-6428NS routers is related to the lack of data cleaning measures at the control level when processing the repeaterSSID parameter. Exploiting this vulnerability allows an attacker to execu...
The vulnerability of the formWlSiteSurvey() function in the /goform/formWlSiteSurvey file of the Edimax BR-6675nD router’s microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the formWlSiteSurvey function in the /goform/formWlSiteSurvey file of the Edimax BR-6675nD router’s microprogramming system is related to the issue where the operation’s output goes beyond the buffer in memory when processing the selSSID parameter. Exploiting this vulnerabili...
The vulnerability of the formEZCHNwlanSetup() function in the /goform/formEZCHNwlanSetu file of the Edimax BR-6675nD router’s microprogramming system allows a hacker to execute arbitrary commands.
The vulnerability of the formEZCHNwlanSetup function in the /goform/formEZCHNwlanSetu file of the Edimax BR-6675nD router microprogramming system is related to the lack of data cleaning measures at the control level when processing the method parameter. Exploiting this vulnerability allows an...
The vulnerability of the JOSE library Authlib implementation for OAuth and OpenID Connect servers lies in the exposure of information due to inconsistencies, allowing attackers to gain unauthorized access to protected information.
The vulnerability of the JOSE library Authlib implementation for OAuth and OpenID Connect servers is related to the disclosure of information due to incompatibility. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...
The vulnerability of the formWizSurvey function in the /goform/formWizSurvey microprogramming system for wireless signal amplifiers from Edimax EW-7438RPn allows a intruder to execute arbitrary code or trigger a service failure.
The vulnerability of the formWizSurvey function in the /goform/formWizSurvey microprogramming system for wireless signal amplifiers from Edimax EW-7438RPn is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to execute...
The vulnerability of the formWirelessTbl function in the goform/formWirelessTbl file of the webs component of the Edimax EW-7438RPn wireless signal amplifiers’ software allows a hacker to trigger a service failure.
The vulnerability of the formWirelessTbbl function in the goform/formWirelessTbl file of the webs component of the microprogramming software for wireless signal amplifiers from Edimax EW-7438RPn is related to the execution of operations outside the buffer in memory when processing the submit-url...
The vulnerability of the mp function in the goform/mp component of the webs microprogramming system for wireless signal amplifiers from Edimax EW-7438RPn allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the mp function in the goform/mp component of the webs microprogramming system for wireless signal amplifiers from Edimax EW-7438RPn is related to an out-of-buffer operation in memory when processing the command parameter. Exploiting this vulnerability allows a remote attacke...
The vulnerability of the formL2TPSetup function in the goform/formL2TPSetup file of the POST Request Handler component of the microprogramming system for wireless signal amplifiers from Edimax BR-6675nD allows a hacker to induce a service failure.
The vulnerability of the formL2TPSetup function in the goform/formL2TPSetup file of the POST Request Handler component of the microprogramming system for wireless signal amplifiers from Edimax BR-6675nD is related to the issue where the operation output goes beyond the buffer in memory when...
The vulnerability of the Data Protection Module of the Endpoint DLP agent for remote access to corporate resources and Prisma Access Agent applications allows a hacker to bypass security restrictions and gain increased privileges.
The vulnerability of the Data Protection Module of the Endpoint DLP agent for remote access to corporate resources and Prisma Access Agent applications is related to the absence of authentication for a critical function. Exploiting this vulnerability can allow attackers to circumvent security...
The vulnerability of the formWanTcpipSetup function in the goform/formWanTcpipSetup file of the POST Request Handler component of the microprogramming system for wireless signal amplifiers from Edimax BR-6428NS, which allows a hacker to cause a service failure.
The vulnerability of the formWanTcpipSetup function in the goform/formWanTcpipSetup file of the POST Request Handler component of the wireless signal amplifiers’ microprogramming system, Edimax BR-6428NS, is related to the issue where the operation output goes beyond the buffer in memory when...
The vulnerability of the Chronosphere Chronocollector data collector lies in its ability to expose system data to unauthorized individuals, allowing intruders to gain unauthorized access to protected information.
The vulnerability of the Chronosphere Chronocollector data collector relates to the exposure of system data to unauthorized individuals. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the software for providing secure remote access to data in the Palo Alto Networks GlobalProtect App lies in the fact that the operation is performed outside the buffer in memory. This allows an attacker to execute a “man-in-the-middle” attack and execute arbitrary code.
The vulnerability of the software for providing secure remote access to data in the Palo Alto Networks GlobalProtect App is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to carry out a “man-in-the-middle” attack an...
The vulnerability of the Squid proxy server, related to improper blocking of resources, allows a violator to trigger a service failure.
The vulnerability of the Squid proxy server is related to improper blocking of resources. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the Open WebUI web interface, related to the lack of authentication, allows a perpetrator to trigger a service failure.
The vulnerability in the Open WebUI web interface is related to the lack of authentication when processing endpoints like /api/tasks and /api/tasks/stop/taskid. Exploiting this vulnerability allows a malicious actor to cause service failures by sending specially crafted requests...
The vulnerability of the Open WebUI web interface, based on artificial intelligence, arises from the lack of permission checks. This allows attackers to gain read access, modify data, enhance their privileges, and execute arbitrary code.
The vulnerability of the Open WebUI web interface is related to the lack of permission checking for workspace.tools. Exploiting this vulnerability allows a malicious actor to gain read access, modify data, elevate their privileges, and execute arbitrary code by sending a specially crafted POST...
The vulnerability in the Open WebUI web interface, related to the mechanism for restricting access to API keys, allows attackers to bypass existing security measures and gain unauthorized access to protected information.
The vulnerability in the Open WebUI web interface is related to the mechanism for restricting access to API keys. Exploiting this vulnerability allows a malicious actor to bypass existing security measures and gain unauthorized access to protected information...
The vulnerability of the RoundCube Webmail email client, related to the inclusion of functions from an unreliable and uncontrolled area, allows a perpetrator to execute arbitrary codes.
The vulnerability of the RoundCube Webmail email client is related to the inclusion of functions from an unverified and uncontrolled area. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the BuildKit container-building software lies in the improper restriction of the path name to the restricted-access directory, which allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the BuildKit container-building software is related to an incorrect limitation on the path to the restricted-access directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of theOTP library set in the Erlang programming language arises from incorrect processing of highly compressed input data, allowing attackers to trigger a service failure.
The vulnerability of theOTP library in the Erlang programming language is related to the improper processing of highly compressed input data. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the modular interface between web servers and Rack web applications, related to incorrect path name restrictions for the restricted access catalog, allows attackers to gain unauthorized access to protected information.
The vulnerability of the modular interface between web servers and Rack web applications is related to incorrect restrictions on the path name to the restricted directory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability of the PyPDF2 library for processing PDF files, related to the execution of a loop with an unreachable exit condition, allows a hacker to cause a service failure.
The vulnerability of the PyPDF2 library for processing PDF files relates to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the PDF processing library PyPDF2, related to excessive iteration, allows a hacker to trigger a service failure.
The vulnerability of the PyPDF2 library for processing PDF files is related to excessive iteration. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the application software interface of the Glances monitoring tool arises from the use of an untrusted inter-domain policy file, which allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the application programming interface of the Glances monitoring tool is related to the use of an untrusted interdomain policy file. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the webbrowser.open() function in the CPython interpreter allows a hacker to trigger a service failure.
The vulnerability of the webbrowser.open function in the CPython interpreter is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Active Storage component in the Ruby on Rails software framework allows attackers to trigger a service failure.
The vulnerability of the Active Storage component in the Ruby on Rails software framework is related to uncontrolled memory allocation. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
The vulnerability of the activesupport component of the Ruby on Rails software framework allows a hacker to execute arbitrary code.
The vulnerability of the activesupport component in the Ruby on Rails software framework is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the activesupport component in the Ruby on Rails software framework allows a hacker to trigger a service failure.
The vulnerability of the activesupport component in the Ruby on Rails software framework is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of the Squid proxy server, related to the use of memory after it is freed, allows a hacker to execute arbitrary code.
The vulnerability of the Squid proxy server is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Go programming language, which comes with unlimited resource distribution, allows attackers to cause service failures.
The vulnerability of the Go programming language is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a perpetrator to cause service failures...
The vulnerability of the golang.org/x/image/tiff library in the Go programming language, which allows attackers to execute arbitrary code.
The vulnerability of the golang.org/x/image/tiff library in the Go programming language is related to the unlimited loading of dangerous files. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the crypto-x509 component in the Go programming language, which allows a perpetrator to trigger a service failure
The vulnerability of the Go programming language’s crypto-x509 component is related to unlimited resource distribution. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the Libarchive archive library, related to the execution of a loop with an unreachable exit condition, allows a hacker to cause a service failure.
The vulnerability of the Libarchive archive library is related to the execution of a loop with an unavailable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the minimatch library on the Node.js software platform lies in the use of a regular expression with inefficient computational complexity, which allows attackers to trigger a service failure.
The vulnerability of the minimatch library on the Node.js software platform is related to the use of a regular expression with inefficient computational complexity. Exploiting this vulnerability could allow an attacker to cause service interruptions remotely...
The vulnerability of the DNS proxy server of the PAN-OS operating system allows a perpetrator to cause a service failure or execute arbitrary code.
The vulnerability of the DNS proxy server of the PAN-OS operating system is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to cause service failures or execute arbitrary code...
The vulnerability of the formwlencrypt24g function in the goform/formwlencrypt24g file of the POST Request Handler component of the microprogramming system for wireless signal amplifiers of the Edimax EW-7438RPn Mini device, which allows a hacker to cause a service failure.
The vulnerability of the formwlencrypt24g function in the goform/formwlencrypt24g file of the POST Request Handler component of the microprogramming system for wireless signal amplifiers from Edimax EW-7438RPn Mini is related to the execution of an operation outside the buffer in memory when...
The vulnerability of the frmL7ImForm function in the goform/L7Im microprogramming system for Tenda F456 allows a hacker to execute arbitrary code or cause service failures.
The vulnerability of the frmL7ImForm function in the goform/L7Im microprogramming system for Tenda F456 is related to the execution of an operation outside the buffer in memory when processing the page parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or...
The vulnerability of the formWpsStart function in the goform/formWpsStart file of the webs component of the Edimax EW-7438RPn wireless signal amplifiers allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the formWpsStart function in the goform/formWpsStart file of the webs component of the Edimax EW-7438RPn wireless signal amplifiers is related to the execution of operations outside the buffer in memory when processing the pinCode/wlan-url parameter. Exploiting this...
The vulnerability of the Prisma Access Agent, a user remote access agent for corporate resources and applications, stems from insufficient protection of operational data. This allows attackers to gain unauthorized access to protected information.
The vulnerability of the Prisma Access Agent, a user remote access agent, relates to insufficient protection of operational data. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...
The vulnerability of the user remote access agent for corporate resources and Prisma Access applications lies in authentication process errors, which allow attackers to execute “man-in-the-middle” attacks.
The vulnerability of the Prisma Access Agent, a user remote access agent, relates to errors in the certificate validation process. Exploiting this vulnerability allows an attacker to execute a “man-in-the-middle” type attack...
The vulnerability of the ngx_http_rewrite_module module in NGINX Plus and NGINX Open Source web servers allows a attacker to execute arbitrary code or cause service interruptions.
The vulnerability of the ngxhttprewritemodule module in NGINX Plus and NGINX Open Source web servers is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a denial-of-service attack by sending a specially crafte...
The vulnerability of the formWirelessTbl function in the goform/formWirelessTbl file of the POST Request Handler component of the Edimax BR-6428NS wireless signal amplifiers’ microprogramming system allows a hacker to induce a service failure.
The vulnerability of the formWirelessTbl function in the goform/formWirelessTbl file of the POST Request Handler component of the microprogramming software for wireless signal amplifiers from Edimax BR-6428NS is related to the execution of operations outside the buffer in memory when processing t...
The vulnerability of the Trust Protection Foundation’s key and certificate management tool, which allows unauthorized individuals to access system data, enables attackers to gain unauthorized access to protected information.
The vulnerability of the Trust Protection Foundation’s key management and certificate management tools involves the disclosure of system data to unauthorized individuals. Exploiting this vulnerability could allow a remote attacker to gain unauthorized access to protected information...
The vulnerability of the qcom_smmu_def_domain_type() function in the drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c file of the Linux operating system’s IOMMU driver allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the qcomsmmudefdomaintype function in the drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c file of the Linux kernel’s IOMMU driver is related to initialization errors for devices. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, an...
The vulnerability of the asynchronous network library Tornado, related to uncontrolled resource consumption, allows a hacker to cause a service failure.
The vulnerability of the asynchronous network library Tornado is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of the software for interacting with servers via cURL, related to bypassing authentication due to a fundamental error, allows attackers to escalate their privileges.
The vulnerability of the software for interacting with servers via cURL is related to the bypassing of authentication due to a fundamental flaw in the code. Exploiting this vulnerability allows a remote attacker to increase their privileges...