The vulnerability of the dependency management mechanism for HTTP/2 protocols in the libcurl library of the software tool for interacting with servers via cURL allows a attacker to cause a service failure.

The vulnerability of the dependency management mechanism for HTTP/2, as well as the libcurl library used in the cURL client software for interacting with servers, relates to the possibility of exploiting memory after it is freed. Exploiting this vulnerability could allow a remote attacker to caus...

The vulnerability of the sendmsg() function in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the sendmsg function in the Linux operating system’s kernel is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to trigger a service failure...

The vulnerability of the Netlogon Remote Protocol implementation in Windows operating systems allows a perpetrator to bypass authentication procedures and gain unauthorized access to protected information.

The vulnerability of the Netlogon Remote Protocol NRPC implementation in Windows operating systems arises from the use of a fixed zero initialization vector during data encryption in AES-CFB8 mode. Exploiting this vulnerability allows an attacker to bypass authentication procedures and gain...

The vulnerability of AnyDesk’s remote access and management software lies in buffer overflow attacks in its dynamic memory; this allows attackers to execute arbitrary code.

The vulnerability of AnyDesk remote access and management software is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted package...

The vulnerability of the `snd_usb_create_streams()` function in Linux operating system USB audio drivers allows a hacker to cause a service failure.

The vulnerability of the sndusbcreatestreams function in the Linux operating system’s USB audio driver is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the `ip6_err_gen_icmpv6_unreach()` function in the `net/ipv6/icmp.c` module of the Linux operating system allows a attacker to gain unauthorized access to protected information or cause service failures.

The vulnerability of the ip6errgenicmpv6unreach function in the net/ipv6/icmp.c module of the Linux operating system is related to access to resources through incompatible types. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to protected information or caus...

The vulnerability of the authentication module in cloud software for creating and using Nextcloud data storage allows a hacker to escalate their privileges.

The vulnerability of the authentication module in cloud software for creating and using Nextcloud data storage involves flaws in the authentication process. Exploiting this vulnerability can allow attackers to increase their privileges remotely...

The vulnerability of the JWT/OIDC authentication method of the OpenBao encryption and secret management system allows attackers to perform XSS attacks.

The vulnerability of the JWT/OIDC authentication method of the OpenBao encryption system is related to the lack of mechanisms for encoding or shielding the output data. Exploiting this vulnerability allows a malicious actor to perform XSS attacks remotely...

The vulnerability of the JWT/OIDC authentication method of the OpenBao encryption and secret management system allows a hacker to intercept the user session.

The vulnerability of the JWT/OIDC authentication method of the OpenBao encryption system is related to improper session management. Exploiting this vulnerability could allow a malicious actor to intercept a user’s session...

The vulnerability in the drivers/crypto/caam/caamhash.c module of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability in the drivers/crypto/caam/caamhash.c module of the Linux operating system is related to the copying of buffers without checking the input data. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the `pin_user_pages_fast()` function in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the pinuserpagesfast function in the Linux operating system’s kernel is related to deficiencies in error handling. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the implementations of MySQL and PostgreSQL proxy-server protocols for ProxySQL databases allows a hacker to induce memory corruption.

The vulnerability of the MySQL and PostgreSQL proxy-server protocol implementations relates to the execution of operations outside the memory buffer. Exploiting this vulnerability can allow a malicious actor to trigger memory corruption...

The vulnerability of the WebSocket component in the libcurl library of the cURL software, which allows attackers to induce a service failure.

The vulnerability of the WebSocket component in the libcurl library of the cURL software’s server interaction mechanism is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the Knowledge Integration sub-component of the Oracle HCM Common Architecture component of the Oracle E-Business Suite allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Knowledge Integration sub-component of the Oracle HCM Common Architecture component in the Oracle E-Business Suite relates to the lack of protection for operational data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized acces...

The vulnerability of the Web Services component of the Oracle WebLogic Server application server allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Web Services component of the Oracle WebLogic Server application server is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information through HTTP...

The vulnerability of the libcurl library in software applications for interacting with servers via cURL is related to errors in the certificate validation process. This allows attackers to replace data or gain unauthorized access to protected information.

The vulnerability of the libcurl library in software applications for interacting with servers via cURL is related to errors in the certificate validation process. Exploiting this vulnerability could allow an attacker to remotely replace data or gain unauthorized access to protected information...

The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform allows a perpetrator to gain unauthorized access to read, update, or delete protected information.

The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform is related to access control errors. Exploiting this vulnerability could allow an attacker to gain unauthorized access to read, update, or delete protected information...

The vulnerability of the ADF Shared Components component in the Oracle Application Development Framework allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the ADF Shared Components component in the Oracle Application Development Framework is related to access control errors. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

The vulnerability of the Purchasing component in the Oracle PeopleSoft Enterprise SCM Purchasing application allows a perpetrator to gain unauthorized access to the device.

The vulnerability of the Purchasing component in Oracle PeopleSoft Enterprise SCM Purchasing is related to deficiencies in access control. Exploiting this vulnerability may allow a malicious actor, operating remotely, to gain unauthorized access to the device through HTTP requests...

The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform allows a perpetrator to gain unauthorized access to read, create, delete, and modify protected information.

The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform is related to access control errors. Exploiting this vulnerability could allow an attacker to gain unauthorized access to read, create, delete, and modify protected information...

The vulnerabilities of the ImageColumn and ImageEntry components in the full stack of development tools for the Filament PHP framework Laravel allow attackers to perform cross-site scripting attacks.

The vulnerability of the ImageColumn and ImageEntry components in the full stack of components for accelerated development of the Filament PHP framework Laravel is related to insufficient protection of the web page structure. Exploiting this vulnerability could allow a malicious actor to perform...

The vulnerability of the Run Control Management component in the PeopleSoft Enterprise CC Common Application Objects management tool allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Run Control Management component in the PeopleSoft Enterprise CC Common Application Objects management tool is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access t...

The vulnerability of the UDP packet reception function in QUIC’s libcurl library, a software library for interacting with servers via cURL, allows a attacker to cause a service failure.

The vulnerability of the UDP packet reception function in the QUIC library of the cURL software for interacting with servers is related to the execution of a loop with an unavailable exit condition. Exploiting this vulnerability could allow a remote attacker to cause service failures...

The vulnerability of the keyfile() function in the ansible.posix.authorized_key module allows a perpetrator to escalate their privileges.

The vulnerability of the keyfile function in the ansible.posix.authorizedkey module is related to the incorrect definition of symbolic links when managing SSH keys. Exploiting this vulnerability could allow an attacker to enhance their privileges...

The vulnerability of the Core component of corporate application software for storing, viewing, and processing graphic images in Oracle WebCenter Content: Imaging allows a malicious individual to gain unauthorized access to read, create, delete, and modify data.

The vulnerability of the Core component in corporate application software for storing, viewing, and processing graphic images of Oracle WebCenter Content: Imaging is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

The vulnerability of the Client Bundle component in the Oracle WebCenter Enterprise Capture software suite allows a hacker to gain full control over the system.

The vulnerability of the Client Bundle component in the Oracle WebCenter Enterprise Capture software suite is related to the lack of authentication for a critical function. Exploiting this vulnerability could allow an attacker operating remotely to gain full control over the system...

The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform allows a perpetrator to gain unauthorized access to read, create, delete, and modify protected information.

The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform is related to the manipulation of cross-site requests. Exploiting this vulnerability could allow an attacker to gain unauthorized access to read, create, delete, and modify protected...

The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform allows a perpetrator to gain unauthorized access to read, create, delete, and modify protected information.

The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform is related to insecure management of privileges. Exploiting this vulnerability could allow an attacker to gain unauthorized access to read, create, delete, and modify protected information...

The vulnerability of the Security Framework component of the Oracle WebCenter Portal, which allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Security Framework component of the Oracle WebCenter Portal is related to the lack of authentication for a critical function. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

Vulnerability of the Cluster component: The NDB Operator technology for distributed data storage in MySQL NDB Cluster allows attackers to escalate their privileges and cause service failures.

Vulnerability of the Cluster component: The NDB Operator technology for distributed data storage in MySQL NDB Cluster is vulnerable due to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges and cause service failures using the HTTP...

The vulnerability of the Research Tracking component in the PeopleSoft Enterprise CS Student Records module of the Oracle PeopleSoft business application suite allows a hacker to gain unauthorized access to the device.

The vulnerability of the Research Tracking component in the PeopleSoft Enterprise CS Student Records module of the Oracle PeopleSoft business application suite is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to the...

The vulnerability of the Platform component for data analysis and management in Oracle Financial Services Analytical Applications Infrastructure allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Oracle Financial Services Analytical Applications Infrastructure platform component related to access control deficiencies. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information through HTTP request...

The vulnerability in the net/wireless/mlme.c module of Linux kernel allows a hacker to cause a service failure.

The vulnerability in the net/wireless/mlme.c module of Linux operating systems is related to insufficient input data validation. Exploiting this vulnerability can allow attackers to cause service failures...

The vulnerability of the mt6370_probe() function in Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the mt6370probe function in Linux operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of OpenBao’s secret and encryption management system, related to the failure to protect the SQL query structure, allows attackers to execute arbitrary code.

The vulnerability of the OpenBao encryption and secret management system lies in the lack of measures taken to protect the SQL query structure during PostgreSQL database processing. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Core component of the Oracle Identity Manager Connector, which allows a perpetrator to trigger a service failure

The vulnerability of the Core component of the Oracle Identity Manager Connector, a software solution for managing user accounts and access rights, is related to the absence of authentication for a critical function. Exploiting this vulnerability could allow an attacker, operating remotely, to...

The vulnerabilities of Dell Elastic Cloud Storage and Dell ObjectScale storage platforms lie in the lack of mechanisms to neutralize elements in CSV files, allowing attackers to execute arbitrary code.

The vulnerability of Dell Elastic Cloud Storage and Dell ObjectScale storage platforms lies in the absence of mechanisms to neutralize certain elements in CSV files. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the integrated environment for managing the development lifecycle of IBM Jazz Foundation, related to deficiencies in the authorization process, allows unauthorized access by intruders to protected information.

The vulnerability of the integrated environment for managing the development lifecycle of IBM Jazz Foundation is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected...

The vulnerability of the queue_rq() function in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the queuerq function in Linux operating systems is related to synchronization errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the FreeScout support service management system, related to uncontrolled resource consumption, allows for the triggering of service failures.

The vulnerability of the FreeScout support service management system is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

The vulnerabilities of Dell Elastic Cloud Storage and Dell ObjectScale storage platforms, related to the use of pre-installed credentials, allow attackers to disclose sensitive information that should be protected.

The vulnerability of Dell Elastic Cloud Storage and Dell ObjectScale storage platforms lies in the use of pre-installed credentials. Exploiting this vulnerability could allow an attacker to disclose sensitive information that is protected by these systems...

The vulnerabilities of Dell Elastic Cloud Storage and Dell ObjectScale storage platforms involve insecure privilege management, allowing attackers to escalate their privileges.

The vulnerability of Dell Elastic Cloud Storage and Dell ObjectScale storage platforms lies in the insecure management of privileges. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the Xilinx AXIEthernet driver for the Linux operating system allows a hacker to compromise the accessibility of protected information.

The vulnerability of Xilinx AXIEthernet driver for the Linux operating system is related to a violation of the count of links to pages displayed in memory. Exploiting this vulnerability allows an attacker to compromise the accessibility of protected information...

The vulnerability of the icc_bw_set() function in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the iccbwset function in Linux operating systems is related to the unlimited distribution of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Core server component of Oracle WebLogic Server allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Oracle WebLogic Server application server’s Core component is related to access control errors. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information...

The vulnerability of the OUD Core component of the Oracle Unified Directory application for simplified deployment of the Oracle Fusion Middleware platform allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the OUD Core component of the Oracle Unified Directory application, which is used for simplified deployment of the Oracle Fusion Middleware software, is related to access control errors. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

The vulnerability of the integrated environment for managing the development lifecycle of IBM Jazz Foundation lies in the improper restriction on XML references to external objects, which allows attackers to perform XXE attacks.

The vulnerability of the integrated environment for managing the development lifecycle of IBM Jazz Foundation relates to incorrect restrictions on XML references to external objects. Exploiting this vulnerability allows a malicious actor to perform XXE attacks remotely...

The vulnerability of the Run Control Management component in the PeopleSoft Enterprise CC Common Application Objects management tool allows a hacker to access, modify, or delete the protected information.

The vulnerability of the Run Control Management component in the PeopleSoft Enterprise CC Common Application Objects management tool is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow an attacker, operating remotely, to access and modify or delet...

The vulnerability of the `drm_dp_get_adjust_request_post_cursor()` function in the `drivers/gpu/drm/drm_dp_helper.c` file of Linux kernel modules allows a hacker to gain unauthorized access to protected information or cause service failures.

The vulnerability of the drmdpgetadjustrequestpostcursor function in the drivers/gpu/drm/drmdphelper.c module of Linux operating systems is related to reading data beyond the allowed range of memory. Exploitation of this vulnerability may allow an attacker to gain unauthorized access to protected...

The vulnerability in the driver module/hid/hid-multitouch.c of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the driver/multi-touch.c module of the Linux operating system is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to cause a service failure...