74701 matches found
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from insufficient protection of registration data, allowing unauthorized access to protected information.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to insufficient protection of registration data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, which allows attackers to execute XSS attacks.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability can allow a malicious actor to carry out XSS attacks remotely...
The vulnerability of hybrid cloud solutions for managing thin clients in the Dell Wyse Management Suite, related to the manipulation of cross-site requests, allows attackers to execute CSRF attacks.
The vulnerability of the hybrid cloud solution for managing thin clients in the Dell Wyse Management Suite is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to perform a CSRF attack remotely...
The vulnerability of the SSL-VPN portal for FortiOS operating systems and the proxy server used to protect against internet attacks by FortiProxy allows attackers to execute arbitrary code.
The vulnerability of the SSL-VPN portal for FortiOS operating systems and the FortiProxy proxy server used for protecting against internet attacks is related to the use of an uninitialized resource. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, which allows attackers to execute XSS attacks.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks remotely...
The vulnerability of hybrid cloud solutions for managing thin clients in the Dell Wyse Management Suite, related to errors in request processing, allows a hacker to disclose sensitive information.
The vulnerability of the hybrid cloud solution for managing thin clients in the Dell Wyse Management Suite is related to errors in request processing. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability in the arch/x86/kernel/apic/io_apic.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability in the arch/x86/kernel/apic/ioapic.c module of the Linux operating system is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of hybrid cloud solutions for managing thin clients in the Dell Wyse Management Suite lies in the lack of protective measures for website structures. This allows attackers to perform cross-site scripting (XSS) attacks.
The vulnerability of the hybrid cloud solution for managing thin clients in the Dell Wyse Management Suite is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...
The vulnerability of Pgpool-II’s software-based connection balancing and management tools lies in their ability to bypass authentication due to a fundamental flaw. This allows attackers to circumvent security restrictions and gain access to read, modify, and delete data.
The vulnerability of Pgpool-II’s software-based connection balancing and management tools lies in its ability to bypass authentication due to a fundamental flaw. Exploiting this vulnerability allows an attacker to operate remotely, circumvent security restrictions, and gain access to read, modify...
The vulnerability of the diNewExt() function in the fs/jfs/jfs_imap.c module of the JFS file system support in Linux kernel allows a attacker to cause a service failure.
The vulnerability of the diNewExt function in the fs/jfs/jfsimap.c module of the Linux file system support library is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the sub_415EF8 function in Netgear EX6100 router microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of sub415EF8 in Netgear EX6100 router microprogramming software relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted GET request...
The vulnerability of the fl_walk() function in the net/sched/cls_flower.c module of the network scheduling subsystem of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the flwalk function in the net/sched/clsflower.c module of the network scheduling subsystem of the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...
Vulnerability of the HFC cleanup() function in the drivers/isdn/hardware/mISDN/hfcpci.c module – The drivers for supporting mISDN hardware in the Linux operating system allow attackers to compromise the integrity and accessibility of protected information.
Vulnerability of the HFC cleanup function in the drivers/isdn/hardware/mISDN/hfcpci.c module – The Linux operating system’s mISDN hardware support driver relies on the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the integrity an...
The vulnerability of the get_overflow_stack() function in the arch/riscv/kernel/traps.c module of the module management subsystem for the RISC-V architecture-based Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the getoverflowstack function in the arch/riscv/kernel/traps.c module of the module management subsystem for the RISC-V architecture-based Linux operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability could allow an...
The vulnerability of the miEnumattr() function in the fs/ntfs3/record.c module of the Linux file system allows a attacker to access protected information or cause service failures.
The vulnerability of the miEnumattr function in the fs/ntfs3/record.c module of the Linux file system support module is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain access to protected information or cause service failures...
The vulnerabilities of PDF viewing and editing programs such as Acrobat DC, Acrobat Reader DC, Acrobat 2024, Acrobat 2020, and Acrobat Reader 2020 are related to the use of memory after it is freed. This allows attackers to execute arbitrary code.
The vulnerability of PDF viewing and editing programs such as Acrobat DC, Acrobat Reader DC, Acrobat 2024, Acrobat 2020, and Acrobat Reader 2020 is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code in the context of the...
The vulnerability of PDF viewing and editing programs such as Acrobat DC, Acrobat Reader DC, Acrobat 2024, Acrobat 2020, and Acrobat Reader 2020 lies in the ability to read beyond the buffer memory. This allows attackers to gain unauthorized access to protected information.
The vulnerability of PDF viewing and editing programs such as Acrobat DC, Acrobat Reader DC, Acrobat 2024, Acrobat 2020, and Acrobat Reader 2020 is related to reading data beyond the buffer memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected...
The vulnerability of the customerview.php file in the tailoring management system allows a hacker to execute arbitrary SQL code.
The vulnerability of the customerview.php file in the tailoring management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary SQL code...
The vulnerability of the Vinteo video conference software server lies in its insufficient data filtering, which allows attackers to execute arbitrary code.
The vulnerability of the Vinteo video conference software server exists due to insufficient data filtering. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the processAttachmentDataStream function in the software for remote monitoring, management, and support of servers and data storage systems in HPE Insight Remote Support allows a attacker to execute arbitrary code.
The vulnerability of the processAttachmentDataStream function in the software for remote monitoring, management, and support of servers and data storage systems in HPE Insight Remote Support is related to an incorrect limitation on the path name to the restricted-access directory. Exploiting this...
The vulnerability of the mana_ib_install_cq_cb() function in the drivers/infiniband/hw/mana/cq.c file of the Linux operating system allows a hacker to compromise the confidentiality and accessibility of protected information.
The vulnerability of the manaibinstallcqcb function in the drivers/infiniband/hw/mana/cq.c file of the Linux operating system is related to the execution of operations outside of memory buffers. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and...
The vulnerability of the Apache Tomcat application server, related to unlimited resource allocation, allows attackers to cause service failures.
The vulnerability of the Apache Tomcat application server is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of the MDaemon email server, related to the lack of protective measures for website structures, allows attackers to perform cross-site scripting attacks.
The vulnerability of the MDaemon email server is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...
Vulnerability of the ice_ptpFlushTx_tracker() function in the drivers/net/ethernet/intel/ice/ice_ptp.c module – A driver for supporting Ethernet network adapters in Intel-based Linux operating systems, which allows an attacker to compromise the integrity and accessibility of protected information.
Vulnerability of the iceptpFlushTxtracker function in the drivers/net/ethernet/intel/ice/iceptp.c module – The network adapter driver for Intel Ethernet in the Linux operating system is vulnerable due to unvalidated array indexing. Exploitation of this vulnerability could allow an attacker to...
The vulnerability of the SSH protocol implementation in the Cisco Nexus Dashboard Fabric Controller (NDFC) and the Cisco Nexus Dashboard platform for analyzing and automating cloud-based data center operations allows attackers to impersonate other users and obtain encrypted user credentials.
The vulnerability of the SSH protocol implementation in the Cisco Nexus Dashboard Fabric Controller NDFC and the Cisco Nexus Dashboard cloud network analytics and automation platform is related to insufficient security checks for the protected connection. Exploiting this vulnerability allows a...
Vulnerability of the ice_dpll_init() function in the module drivers/net/ethernet/intel/ice/ice_dpll.c – A driver for supporting Ethernet network adapters in Intel-based Linux operating systems, which allows a hacker to cause a service failure.
Vulnerability of the icedpllinit function in the drivers/net/ethernet/intel/ice/icedpll.c file – The Linux kernel-based Ethernet adapter driver has a vulnerability related to the assignment of the NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the retract_page_tables() function in the mm/khugepaged.c module of the Linux kernel’s memory management subsystem allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the retractpagetables function in the mm/khugepaged.c module of the Linux kernel’s memory management subsystem is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
Vulnerability of the nbd_devremove() function in the drivers/block/nbd.c module – This driver for Linux kernel-based block devices allows a hacker to cause a service failure.
Vulnerability of the nbddevremove function in the drivers/block/nbd.c module – The Linux kernel’s block device support driver is vulnerable due to the repeated reuse of previously freed memory. Exploiting this vulnerability could allow an attacker to cause a service failure...
Vulnerability of the w83792d_detect_subclients() function in the drivers/hwmon/w83792d.c module – This driver is used for monitoring hardware in Linux operating systems. It allows a hacker to cause system failures.
Vulnerability of the w83792ddetectsubclients function in the drivers/hwmon/w83792d.c module – The driver for monitoring hardware in Linux operating systems is vulnerable due to a NULL pointer dereferencing issue. Exploiting this vulnerability could allow an attacker to cause a system failure...
The vulnerability of the Mozilla Firefox browser and the Thunderbird email client, related to a leaked file descriptor, allows attackers to escalate their privileges.
The vulnerability of Mozilla Firefox browser and Thunderbird email client is related to a file descriptor escape. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...
The vulnerability of the drm_syncobj_put function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the drmsyncobjput function in Linux kernel systems is related to a potential memory leak. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerabilities of PDF viewing and editing programs such as Acrobat DC, Acrobat Reader DC, Acrobat 2024, Acrobat 2020, and Acrobat Reader 2020 are related to the use of memory after it is freed. This allows attackers to execute arbitrary code.
The vulnerability of PDF viewing and editing programs such as Acrobat DC, Acrobat Reader DC, Acrobat 2024, Acrobat 2020, and Acrobat Reader 2020 is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code in the context of the...
The vulnerabilities in the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B allow attackers to enhance their privileges.
The vulnerabilities of software platforms for developing and managing online stores like Magento Open Source, Adobe Commerce, and Adobe Commerce B2B systems are related to access control errors. Exploiting these vulnerabilities can allow attackers to enhance their privileges remotely...
The vulnerability of the Adobe Experience Manager content and media data management system lies in the insufficient protection of the website structure, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from deficiencies in the authentication process, which allows unauthorized users to gain unauthorized access to protected information.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information by...
The vulnerability of HDL-T hard disk microprogramming software lies in the lack of measures taken to neutralize special elements used in the operating system’s command set, allowing a hacker to execute arbitrary code.
The vulnerability of HDL-T hard disk microprogramming software is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the __arch_prepare_bpf_trampoline() function in the arch/riscv/net/bpf_jit_comp64.c module on RISC-V architecture processors of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the archpreparebpftrampoline function in the arch/riscv/net/bpfjitcomp64.c module on RISC-V architecture processors in Linux systems is related to incorrect calculation of the buffer size. Exploiting this vulnerability could allow an attacker to compromise the confidentiality...
Vulnerability of the mmhub_v3_3_print_l2_protection_fault_status() function in the drivers/gpu/drm/amd/amdgpu/mmhub_v3_3.c module – A driver for AMD GPU cores in Linux operating systems that allows a hacker to trigger a service failure
Vulnerability of the mmhubv33printl2protectionfaultstatus function in the drivers/gpu/drm/amd/amdgpu/mmhubv33.c module – The Linux kernel’s AMD GPU Direct Rendering Infrastructure DRI support driver is vulnerable due to buffer overflow exploits. Exploitation of this vulnerability could allow an...
The vulnerability of the __get_cur_name_and_parent() function in the fs/btrfs/send.c module of the file system support module for Linux’s kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the getcurnameandparent function in the fs/btrfs/send.c module of the Linux file system support module is related to copying buffers without checking the size of the input data a classic buffer overflow attack. Exploiting this vulnerability could allow an attacker to compromi...
The vulnerability of the huge_memory component in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the hugememory component in the Linux operating system’s kernel is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
Vulnerability of the rng_get_data() function in the drivers/char/hw_random/core.c module – A driver for supporting alphanumeric devices in the Linux kernel, which allows a hacker to cause a service failure.
Vulnerability of the rnggetdata function in the drivers/char/hwrandom/core.c module – The Linux kernel’s driver for supporting alphanumeric devices is vulnerable to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of PDF viewing and editing programs such as Acrobat DC, Acrobat Reader DC, Acrobat 2024, Acrobat 2020, and Acrobat Reader 2020 lies in the ability to write outside the buffer, allowing attackers to execute arbitrary code.
The vulnerability of PDF viewing and editing programs such as Acrobat DC, Acrobat Reader DC, Acrobat 2024, Acrobat 2020, and Acrobat Reader 2020 is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially...
The vulnerabilities of PDF viewing and editing programs such as Acrobat DC, Acrobat Reader DC, Acrobat 2024, Acrobat 2020, and Acrobat Reader 2020 are related to the use of memory after it is freed. This allows attackers to execute arbitrary code.
The vulnerability of PDF viewing and editing programs such as Acrobat DC, Acrobat Reader DC, Acrobat 2024, Acrobat 2020, and Acrobat Reader 2020 is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code in the context of the...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the cookie-consent management module on Drupal COOKiES websites stems from the lack of measures taken to protect the website structure. This allows attackers to perform cross-site scripting attacks (XSS).
The vulnerability of the cookie-consent management module on Drupal COOKiES websites is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting XSS attacks remotely...
The vulnerability of the j1939_sk_match_dst() function in the net/can/j1939/socket.c module allows a hacker to cause a service failure in Linux-based systems with CAN-j1939 sockets.
The vulnerability of the j1939skmatchdst function in the net/can/j1939/socket.c module relates to the reuse of previously freed memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the smb20_oplock_break_ack() function in the Linux file system support module fs/ksmbd/smb2pdu.c allows a attacker to cause a service failure.
The vulnerability of the smb20oplockbreakack function in the fs/ksmbd/smb2pdu.c module of the Linux file system support module is related to the reutilization of previously released memory. Exploiting this vulnerability can allow an attacker to cause a service failure...