90509 matches found
The vulnerability of the XRDP server, related to buffer overflows in dynamic memory, allows a hacker to cause a service failure.
The vulnerability of the XRDP server is related to overflow in the buffer of dynamic memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerability of the Nginx UI server’s user interface allows a perpetrator to execute arbitrary code.
The vulnerability of the Nginx UI server’s user interface is related to insufficient checking of incoming requests. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the Next.js software platform for creating web applications lies in its lack of protection for website structures, allowing attackers to execute arbitrary code.
The vulnerability of the Next.js web application development software platform is related to the lack of security measures for protecting the structure of web pages. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the AMR-NB codec in the Wireshark computer network traffic analyzer allows a hacker to cause a service failure.
The vulnerability of the AMR-NB codec in the Wireshark computer network traffic analyzer is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the mbim_dissect_tlv_ie_list() function in the Wireshark computer network traffic analyzer allows a hacker to cause a service failure.
The vulnerability of the mbimdissecttlvielist function in the Wireshark computer network traffic analyzer is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of the dissect_openflow_bundle_prop_v6() function of the Wireshark network traffic analyzer allows a hacker to cause a service failure.
The vulnerability of the dissectopenflowbundlepropv6 function in the Wireshark network traffic analyzer is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...
The vulnerability of the N8n automation platform, related to bypassing authentication using a user-controlled key, allows attackers to disclose protected information.
The vulnerability of the N8n automation platform relates to bypassing authentication using a user-controlled key. Exploiting this vulnerability allows an attacker, operating remotely, to disclose protected information by sending a specially crafted request with the projectId parameter...
The vulnerability of the XRDP server, related to buffer overflow in dynamic memory, allows a hacker to execute arbitrary code.
The vulnerability of the XRDP server is related to overflow in the buffer of dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the XRDP server, related to reading data outside of the allowed range in memory, allows a hacker to trigger a service failure.
The vulnerability of the XRDP server is related to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerability of Tenda AC7 microprogrammed software, related to the disclosure of information during data transmission, allows a hacker to disclose the protected information.
The vulnerability of Tenda AC7 microprogramming software relates to the disclosure of information during data transmission. Exploiting this vulnerability can allow attackers to disclose the protected information...
The vulnerability in the web interface for managing Tenda AC7 router micro-program software allows a attacker to perform a CSRF attack.
The vulnerability in the web interface for managing Tenda AC7 router microprogramming software is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a remote attacker to execute a CSRF attack...
The vulnerability of the DNN CMS system, related to insufficient validation of requests on the server side, allows a hacker to perform an SSRF attack.
The vulnerability of the DNN CMS system is related to insufficient validation of requests on the server side. Exploiting this vulnerability allows a malicious actor to perform an SSRF attack...
The vulnerability of the Cloud Authentication Service (CAS) component of the PAN-OS operating system, related to incorrect verification of the cryptographic signature, allows attackers to bypass existing security mechanisms.
The vulnerability of the Cloud Authentication Service CAS component in the PAN-OS operating system is related to improper verification of the cryptographic signature. Exploiting this vulnerability could allow a malicious actor to bypass existing security mechanisms remotely...
The vulnerability of the NPM packet manager’s library vm2, related to deficiencies in the error reporting mechanism, allows attackers to disclose sensitive information.
The vulnerability of the NPM package manager’s vm2 library is related to deficiencies in the error reporting mechanism. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information that should be protected...
The vulnerability of the RTSP protocol analyzer and the traffic analysis tool for computer networks by Wireshark allows attackers to cause service interruptions.
The vulnerability of the RTSP protocol analyzer and the network traffic analyzer in Wireshark is related to pointer manipulation. Exploiting this vulnerability can allow a hacker to cause a service failure...
The vulnerability of the Monero protocol analyzer, a traffic analysis tool for computer networks developed by Wireshark, allows a hacker to cause a service failure.
The vulnerability of the Monero protocol analyzer, a traffic analysis tool for computer networks developed by Wireshark, is related to an uncontrolled recursion. Exploiting this vulnerability could allow a hacker to cause a service failure...
The vulnerability of the ASN.1 PER protocol analyzer, a traffic analysis tool for computer networks developed by Wireshark, allows attackers to induce service failures.
The vulnerability of the ASN.1 PER protocol analyzer and the Wireshark network traffic analyzer is related to uncontrolled recursion. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of the OpenFlow v5 protocol analyzer used by Wireshark, a traffic analyzer for computer networks, allows a hacker to cause a service failure.
The vulnerability of the OpenFlow v5 protocol analyzer used by Wireshark for analyzing computer network traffic involves executing a loop with an unavailable exit condition. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of the TLS protocol analyzer and the network traffic analyzer in Wireshark allows a hacker to cause a service failure.
The vulnerability of the TLS protocol analyzer and the network traffic analyzer in Wireshark relates to the execution of a loop with an unavailable exit condition. Exploiting this vulnerability can allow a attacker to cause a service failure...
The vulnerability of the DCP-ETSI protocol analyzer, a traffic analyzer for computer networks developed by Wireshark, allows a hacker to cause a service failure.
The vulnerability of the DCP-ETSI protocol analyzer, a tool for analyzing computer network traffic with Wireshark, is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerability of the iLBC codec in the Wireshark computer network traffic analyzer allows a hacker to cause a service failure.
The vulnerability of the iLBC packet analyzer in Wireshark relates to a memory reclamation error. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerability of the XRDP server, related to improper checking of integrity values, allows a hacker to perform a “man-in-the-middle” attack.
The vulnerability of the XRDP server is related to improper checking of integrity values. Exploiting this vulnerability allows a remote attacker to perform a “man-in-the-middle” attack...
The vulnerability of the Nginx UI server’s user interface relates to synchronization errors when using a shared resource. This allows attackers to cause service failures or execute arbitrary code.
The vulnerability of the Nginx UI server’s user interface is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code...
The vulnerability of the Next.js web application development software platform, related to deficiencies in authentication procedures, allows attackers to bypass existing security mechanisms and gain unauthorized access to protected information.
The vulnerability of the Next.js web application development software platform is related to deficiencies in the authentication process. Exploiting this vulnerability allows an attacker to bypass existing security mechanisms and gain unauthorized access to protected information...
The vulnerability of the Next.js software platform for creating web applications stems from the use of an algorithm that does not meet security requirements for hash functions. This allows attackers to compromise the integrity of the protected information.
The vulnerability of the Next.js web application development software platform is related to the use of an algorithm that does not meet security requirements for hash functions. Exploiting this vulnerability could allow a malicious actor to compromise the integrity of the protected information...
The vulnerability of the Next.js software platform for creating web applications stems from insufficient validation of requests on the server side. This allows attackers to gain unauthorized access to protected information.
The vulnerability of the Next.js web application development software platform is related to insufficient validation of requests at the server side. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
Vulnerability of the tvbuff_lz77.c function: do_uncompress() – This decompression mechanism of the LZ77 algorithm is used by Wireshark to analyze computer network traffic. It can be exploited by attackers to cause service interruptions.
Vulnerability of the tvbufflz77.c function’s douncompress function—decompression of LZ77 compression mechanisms used by Wireshark’s network traffic analyzer—is related to improper management of sequential memory allocation. Exploiting this vulnerability can allow attackers to cause service failur...
The vulnerability of the DCP-ETSI protocol analyzer, a traffic analyzer for computer networks developed by Wireshark, allows attackers to cause service interruptions.
The vulnerability of the DCP-ETSI protocol analyzer, which is part of the Wireshark network traffic analyzer, is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of the MCP OAuth component of the automation platform for N8n processes allows a hacker to redirect a user to any arbitrary URL address.
The vulnerability of the MCP OAuth component of the automation platform for N8n processes is related to the redirection of the URL to an unreliable website during the processing of the /mcp-oauth/register endpoint. Exploiting this vulnerability could allow a malicious actor to redirect users to a...
The vulnerability of the XRDP server, related to deficiencies in access control, allows a perpetrator to elevate their privileges to the root level and execute arbitrary code.
The vulnerability of the XRDP server is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to elevate their privileges to the root level and execute arbitrary code...
The vulnerability of the XRDP server, related to reading data outside of the allowed range in memory, allows a hacker to trigger a service failure.
The vulnerability of the XRDP server is related to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerability of the Nginx UI server’s user interface allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Nginx UI server’s user interface relates to the unencrypted storage of critical information. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the Next.js web application development software platform, related to bypassing the authentication process by using an alternative path or channel, allows attackers to circumvent existing security mechanisms and gain unauthorized access to protected information.
The vulnerability of the Next.js web application development software platform lies in the ability to bypass authentication procedures by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to circumvent existing security mechanisms and gain unauthorized...
The vulnerability of the user interface of the Cisco Catalyst SD-WAN Manager allows a intruder to gain unauthorized access to protected information.
The vulnerability of the user interface of the Cisco Catalyst SD-WAN Manager centralized system management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information by...
The vulnerability of Mozilla Firefox browsers and the Thunderbird email client, related to reading data beyond the buffer in memory, allows attackers to execute arbitrary code.
The vulnerability of Mozilla Firefox browsers and the Thunderbird email client relates to reading data beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Vulnerability of the Audio/Video component: The playback feature in Mozilla Firefox browsers and the Thunderbird email client allows attackers to trigger a service failure.
The vulnerability of the Audio/Video component: The playback functions of Mozilla Firefox browsers and the Thunderbird email client are vulnerable to a resource consumption issue that is not controlled. Exploiting this vulnerability could allow an attacker to cause service interruptions...
The vulnerability of the JavaScript Engine component in Mozilla Firefox browsers and the Thunderbird email client allows attackers to compromise the confidentiality of protected information.
The vulnerability of the JavaScript Engine component in Mozilla Firefox browsers and the Thunderbird email client is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to compromise the confidentiality of protected information...
Vulnerability of the Audio/Video component: The playback feature in Mozilla Firefox browsers and the Thunderbird email client allows attackers to compromise the accessibility of protected information.
The vulnerability of the Audio/Video component: The playback functions of Mozilla Firefox browsers and the Thunderbird email client are related to the handling of a zero pointer. Exploiting this vulnerability could allow an attacker to compromise the accessibility of protected information...
The vulnerability of the ngx_http_proxy_v2_module in NGINX open-source web servers allows attackers to compromise the integrity of protected information.
The vulnerability of the ngxhttpproxyv2module module in NGINX Open Source web servers is related to a coding error. Exploiting this vulnerability allows an attacker to potentially compromise the integrity of the protected information...
The vulnerability of the ngx_http_charset_module module in NGINX Plus and NGINX Open Source web servers allows attackers to compromise the confidentiality and accessibility of protected information.
The vulnerability of the ngxhttpcharsetmodule module in NGINX Plus and NGINX Open Source web servers is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality and accessibility of protected information...
The vulnerabilities of the ngx_http_scgi_module and ngx_http_uwsgi_module modules in NGINX Plus and NGINX Open Source web servers allow a attacker to perform a “man-in-the-middle” attack.
The vulnerability of the ngxhttpscgimodule and ngxhttpuwsgimodule modules in NGINX Plus and NGINX Open Source web servers is related to uncontrolled memory consumption. Exploiting this vulnerability can allow a remote attacker to perform a “man-in-the-middle” attack...
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to reading data beyond the buffer in memory, allowing an attacker to execute arbitrary code.
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to reading data beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Vulnerability of the WebRTC component: The networking features of Mozilla Firefox, Firefox ESR, and the email client Thunderbird allow attackers to compromise the confidentiality, integrity, and accessibility of protected information.
Vulnerability of WebRTC component: The networking functions of Mozilla Firefox, Firefox ESR, and the email client Thunderbird are vulnerable due to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow attackers to compromise the confidentiality,...
Vulnerability of the DOM component: The security features of Mozilla Firefox, Firefox ESR, and the email client Thunderbird allow attackers to circumvent existing security restrictions.
Vulnerability of the DOM component: The security of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relies on bypassing authentication using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions remotely...
The vulnerability of the software for storing and analyzing distributed tracebacks of Grafana Tempo, related to the storage of information in an open manner, allows a perpetrator to gain unauthorized access to the protected information.
The vulnerability of the software for storing and analyzing distributed tracebacks of Grafana Tempo involves the storage of information in an open manner. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to reading data beyond the buffer in memory, allowing an attacker to execute arbitrary code.
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to reading data beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of corporate email for VK WorkMail, related to the lack of measures taken to protect the website structure, allows attackers to execute arbitrary code.
The vulnerability of corporate email for VK WorkMail is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the NPM packet manager’s vm2 library, related to improper code generation management, allows attackers to bypass the sandbox protection mechanisms and execute arbitrary code.
The vulnerability of the NPM package manager’s vm2 library is related to improper code generation management. Exploiting this vulnerability allows an attacker to bypass the sandbox’s security mechanisms and execute arbitrary code...
The vulnerability of the path Resolve() function in the vm2 library of the NPM package manager allows a attacker to bypass the sandbox protection and execute arbitrary code.
The vulnerability of the pathResolve function in the vm2 library of the NPM package manager is related to an incorrect definition of symbolic links during file access. Exploiting this vulnerability allows a remote attacker to bypass the sandboxing mechanisms and execute arbitrary code...
The vulnerability of the Apache Tomcat application server, related to deficiencies in HTTP request processing, allows attackers to send hidden HTTP requests (HTTP Request Smuggling attack).
The vulnerability of the Apache Tomcat application server is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a malicious actor to send hidden HTTP requests remotely HTTP Request Smuggling attack...