90509 matches found
The vulnerability of the pg_restore_attribute_stats() function in the PostgreSQL database management system allows a hacker to disclose protected information.
The vulnerability of the pgrestoreattributestats function in the PostgreSQL database management system is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information that is protected by this function...
The vulnerability of the implementation of the ALTER SUBSCRIPTION...REFRESH PUBLICATION command in the PostgreSQL database management system allows a attacker to execute arbitrary SQL queries.
The vulnerability of the ALTER SUBSCRIPTION...REFRESH PUBLICATION command in PostgreSQL database management systems lies in the lack of protective measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...
The vulnerabilities of the negotiation mechanisms for SSL and GSS in the PostgreSQL database management system allow attackers to induce service failures.
The vulnerability of the negotiation mechanisms for SSL and GSS in the PostgreSQL database management system is related to an uncontrolled recursion. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service interruptions...
The vulnerability of the refint module in the PostgreSQL database management system allows a hacker to execute arbitrary code.
The vulnerability of the refint module in the PostgreSQL database management system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the timeofday() function in the PostgreSQL database management system allows a hacker to gain unauthorized access to protected information.
The vulnerability of the timeofday function in the PostgreSQL database management system is related to the use of uncontrolled format strings. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the pg_basebackup and pg_rewind utilities in the PostgreSQL database management system allows a hacker to re-write any files they choose.
The vulnerability of the pgbasebackup and pgrewind utilities in the PostgreSQL database management system is related to deficiencies in the mechanism for handling symbolic references. Exploiting this vulnerability allows a malicious actor to rewrite any files remotely...
The vulnerability of the PAN-OS operating system, related to the incorrect checking for unusual or exceptional conditions, allows a perpetrator to trigger a service failure.
The vulnerability of the PAN-OS operating system is related to improper checking for unusual or exceptional conditions. Exploiting this vulnerability can allow a remote attacker to cause service failures...
The vulnerability of the Google Chrome browser’s Media component, which allows a hacker to execute arbitrary code.
The vulnerability of the Google Chrome browser’s Media component is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of Google Chrome’s graphics processor allows a hacker to bypass the sandboxing protection mechanisms.
The vulnerability of the Google Chrome browser’s graphics processor is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to bypass the sandboxing protection mechanisms...
The vulnerability of the setother_config() function in the RBAC access control subsystem of the XCP-ng supervisor and the XenServer server virtualization platform allows a malicious individual to gain unauthorized access to the file system.
The vulnerability of the setotherconfig function in the RBAC access control subsystem of the XCP-ng supervisor and the XenServer server virtualization platform is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain...
The vulnerability of the Navigation function in Google Chrome and Microsoft Edge browsers allows attackers to bypass the sandboxing protection mechanisms.
The vulnerability of the Navigation function in Google Chrome and Microsoft Edge is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to bypass the sandboxing protection mechanisms...
The vulnerability of the CORS (Cross-Origin Resource Sharing) mechanism in browsers like Google Chrome and Microsoft Edge allows attackers to bypass existing security measures.
The vulnerability of the CORS Cross-Origin Resource Sharing mechanism in Google Chrome and Microsoft Edge is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to bypass existing security measures through a specially created HTML page...
The vulnerability of the Navigation function in Google Chrome and Microsoft Edge browsers allows attackers to bypass existing security mechanisms.
The vulnerability of the Navigation function in Google Chrome and Microsoft Edge is related to a breach of data protection mechanisms. Exploiting this vulnerability allows an attacker to bypass existing security measures through a specially created HTML page...
The vulnerability of the Direct Sockets API interface in Google Chrome and Microsoft Edge browsers allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Direct Sockets API interface in Google Chrome and Microsoft Edge is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information remotely...
The vulnerability of the ServiceWorker component in Google Chrome and Microsoft Edge allows a hacker to execute arbitrary code.
The vulnerability of the ServiceWorker component in Google Chrome and Microsoft Edge is related to the lack of protective measures for the web page structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the ANGLE library in Google Chrome browsers allows a hacker to execute arbitrary code or trigger a denial-of-service attack.
The vulnerability of the ANGLE library in Google Chrome browser is related to external control over a web parameter that is assumed to be immutable. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause a service failure by using a specially created HTML page...
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to type conversion errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the rxgk_verify_response() function in the rxrpc component of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the rxgkverifyresponse function in the rxrpc component of the Linux operating system is related to improper handling of discrepancies in parameter length. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of the user interface of the Cisco Catalyst SD-WAN Manager centralized system management platform allows a perpetrator to increase their privileges.
The vulnerability of the user interface of the Cisco Catalyst SD-WAN Manager centralized system management console is related to the recording of confidential session information in audit logs. Exploiting this vulnerability could allow an attacker to enhance their read-only privileges...
The vulnerability of the PostgreSQL database management system, related to integer overflows, allows attackers to cause service interruptions.
The vulnerability of the PostgreSQL database management system is related to integer overflow. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
The vulnerability of the user interface of the Cisco Catalyst SD-WAN Manager centralized system management platform allows a perpetrator to disclose protected information.
The vulnerability of the user interface of the Cisco Catalyst SD-WAN Manager centralized system management system is related to insufficient protection of operational data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...
The vulnerability of the ServiceWorker component in Google Chrome and Microsoft Edge browsers allows a hacker to bypass the sandboxing protection mechanism.
The vulnerability of the ServiceWorker component in Google Chrome and Microsoft Edge is related to a violation of data protection mechanisms. Exploiting this vulnerability could allow an attacker to bypass the sandboxing protection mechanisms...
The vulnerability of the Navigation function in Google Chrome and Microsoft Edge browsers allows attackers to bypass the sandboxing protection mechanisms.
The vulnerability of the Navigation function in Google Chrome and Microsoft Edge is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to bypass the sandboxing protection mechanisms...
The vulnerability of WebRTC technology in Google Chrome and Microsoft Edge browsers allows attackers to execute arbitrary code.
The vulnerability of WebRTC technology in Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created HTML page...
The vulnerability of the Speech component in Google Chrome and Microsoft Edge browsers allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Speech component in Google Chrome and Microsoft Edge is related to synchronization errors when using a common resource “Race Situation”. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created HT...
The vulnerability of the Views component in Google Chrome’s browser for MacOS operating systems allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the Views component in Google Chrome’s browser for MacOS operating systems is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause a service failure...
The vulnerability of Google Chrome’s WebRTC technology allows attackers to execute arbitrary code.
The vulnerability of Google Chrome’s WebRTC technology is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of Google Chrome’s WebRTC technology allows attackers to execute arbitrary code or trigger a service failure.
The vulnerability of Google Chrome’s WebRTC technology is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure...
The vulnerability of the Extensions component of Google Chrome and Microsoft Edge browsers allows attackers to bypass existing security mechanisms.
The vulnerability of the Extensions component in Google Chrome and Microsoft Edge relates to a flaw in data protection mechanisms. Exploiting this vulnerability allows an attacker to bypass existing security measures through a specially created HTML page...
The vulnerability of the graphical subsystem of Google Chrome and Microsoft Edge browsers allows a hacker to gain unauthorized access to protected information.
The vulnerability of the graphical subsystem of Google Chrome and Microsoft Edge relates to the reading of data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
Vulnerability of function system_domains.ml:30-35() in the RBAC access role management subsystem of the XCP-ng hypervisor and XenServer server virtualization platform, which allows a perpetrator to increase their privileges
The vulnerability of function systemdomains.ml:30-35 in the RBAC access control subsystem of the XCP-ng hypervisor and the XenServer server virtualization platform is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to elevate their privileges...
The vulnerability of the map_keys_roles() function in the RBAC role management subsystem of the XCP-ng hypervisor and the XenServer server virtualization platform allows a perpetrator to bypass existing security mechanisms.
The vulnerability of the mapkeysroles function in the RBAC role management subsystem of the XCP-ng hypervisor and the XenServer server virtualization platform is related to the absence of authentication. Exploiting this vulnerability allows a malicious actor to bypass existing security mechanisms...
The vulnerability of the storage_driver_domain driver in the Role-Based Access Control (RBAC) subsystem of the XCP-ng hypervisor and the XenServer server virtualization platform allows a perpetrator to increase their privileges.
The vulnerability of the storagedriverdomain driver in the Role-Based Access Control RBAC subsystem of the XCP-ng hypervisor and the XenServer server virtualization platform is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to elevate their...
The vulnerability of the hvm_serial component in the Role-Based Access Control (RBAC) access management subsystem of the XCP-ng hypervisor and the XenServer server virtualization platform allows a perpetrator to gain write access to arbitrary files.
The vulnerability of the hvmserial component in the Role-Based Access Control RBAC access management subsystem of the XCP-ng hypervisor and the XenServer server virtualization platform is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor,...
The vulnerability of the WebdriverIO framework, related to the lack of measures to neutralize special elements, allows a hacker to execute arbitrary code.
The vulnerability of the WebdriverIO framework is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the PostgreSQL database management system, related to the disclosure of information based on temporal discrepancies, allows a perpetrator to disclose protected information.
The vulnerability of the PostgreSQL database management system is related to the disclosure of information based on temporal discrepancies. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected information...
The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to the distribution of resources without any restrictions or regulations, allows a violator to trigger a service failure.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the distribution of resources without any restrictions or regulations. Exploiting this vulnerability allows a malicious actor to cause service interruptions remotely...
The vulnerability of the Git-based software platform for collaborative code development on GitLab arises from the ability to bypass authentication by using a user-controlled key. This allows attackers to compromise the integrity of the protected information.
The vulnerability of the Git-based software platform for collaborative code development on GitLab relates to bypassing authentication by using a key controlled by the user. Exploiting this vulnerability allows an attacker to remotely compromise the integrity of the protected information...
The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to the falsification of inter-site requests, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the manipulation of inter-site requests. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the Craft CMS content management system, related to the lack of authentication, allows a hacker to disclose protected information.
The vulnerability of the Craft CMS content management system is related to the lack of authentication. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected information...
The vulnerability of the Connection.bind() function in the Open WebUI (formerly Ollama WebUI) web interface allows a hacker to bypass existing security mechanisms.
The vulnerability of the Connection.bind function in the Open WebUI formerly Ollama WebUI AI-based web interface is related to deficiencies in the authentication process when processing the password parameter: str. Exploiting this vulnerability allows a malicious actor to bypass existing security...
Vulnerability of the real-time messaging system of the Grafana Live platform for monitoring and observation. This platform allows a violator to trigger a service failure.
The vulnerability of the Grafana Live messaging system, a platform for monitoring and surveillance, involves unlimited resource allocation when processing requests to the final destination. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
Vulnerability of the real-time messaging system of the Grafana Live platform for monitoring and observation. This platform allows a violator to trigger a service failure.
The vulnerability of the Grafana Live messaging system in real-time mode, a platform for monitoring and surveillance, is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause service interruptions by sending specially crafted...
The vulnerability of the Snapshot API interface of the Grafana monitoring and observation platform allows a perpetrator to gain access to read and delete data.
The vulnerability of the Snapshot API interface of the Grafana monitoring and observation platform is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to gain access to read and delete data...
The vulnerability of the Site Isolation function in Google Chrome and Microsoft Edge browsers allows attackers to bypass existing security mechanisms.
The vulnerability of the Site Isolation function in Google Chrome and Microsoft Edge is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to bypass existing security mechanisms through a specially created HTML page...
The vulnerability of the “Network” control element in Google Chrome and Microsoft Edge browsers allows a hacker to bypass existing security mechanisms.
The vulnerability of the “Network” control element in Google Chrome and Microsoft Edge relates to external control over a web parameter that is assumed to be immutable. Exploiting this vulnerability allows a malicious actor to bypass existing security mechanisms through a specially created HTML...
The vulnerability of the Skia graphic library used by Google Chrome and Microsoft Edge allows attackers to gain unauthorized access to protected information.
The vulnerability of the Skia graphic library used by Google Chrome and Microsoft Edge involves reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to improper code generation management, allows a hacker to execute arbitrary code.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to improper code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the Git-based software platform for collaborative code development on GitLab arises from the ability to bypass authentication by using a user-controlled key. This allows unauthorized access to protected information.
The vulnerability of the Git-based software platform for collaborative code development on GitLab relates to bypassing authentication by using a key controlled by the user. Exploiting this vulnerability can allow an intruder, operating remotely, to gain unauthorized access to protected informatio...
The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to deficiencies in the deserialization mechanism, allows a hacker to trigger a service failure.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...