89987 matches found
The vulnerability of the fd_execute_rw_aio() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the fdexecuterwaio function in the Linux operating system is related to the lack of initialization for variables. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerability of the __radix_tree_create() function in the net/qrtr/af_qrtr.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the radixtreecreate function in the net/qrtr/afqrtr.c module of the Linux operating system is related to the failure to release resources after the expiration of their useful life. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the `pin_user_pages_fast()` function in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the pinuserpagesfast function in the Linux operating system’s kernel is related to deficiencies in error handling. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the `fix_ndisc_ra_useropt()` function in the `net/ipv6/ndisc.c` module of the Linux operating system allows a attacker to disclose confidential information.
The vulnerability of the fixndiscrauseropt function in the net/ipv6/ndisc.c module of the Linux kernel is related to incorrect initialization of resources. Exploiting this vulnerability can allow an attacker to disclose sensitive information...
The vulnerability of the tcm_loop_target_reset() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the tcmlooptargetreset function in the Linux operating system is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability in the driver/hid/hid-logitech-hidpp.c module of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the drivers/hid/hid-logitech-hidpp.c module in the Linux operating system is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the f2fs_rename() function in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the f2fsrename function in the Linux operating system is related to a potential memory leak. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability in the net/rxrpc/key.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability in the net/rxrpc/key.c module of the Linux operating system is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the sendmsg() function in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the sendmsg function in the Linux operating system’s kernel is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to trigger a service failure...
The vulnerability of the merge_reloc_root() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the mergerelocroot function in the Linux operating system is related to insufficient validation of data authenticity. Exploiting this vulnerability could allow an attacker to trigger a service failure...
The vulnerability of the wacom_intuos_bt_irq() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the wacomintuosbtirq function in the Linux operating system is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability in the drivers/crypto/ccp/sev-dev.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability in the drivers/crypto/ccp/sev-dev.c module of the Linux operating system is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a system failure...
The vulnerability in the `drivers/net/wireless/virtual/virt_wifi.c` module of the Linux kernel allows a hacker to cause a service failure.
The vulnerability in the drivers/net/wireless/virtual/virtwifi.c module of the Linux kernel relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability in the drivers/crypto/caam/caamhash.c module of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability in the drivers/crypto/caam/caamhash.c module of the Linux operating system is related to the copying of buffers without checking the input data. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the RDBMS component of the database management system Oracle Database Server allows a hacker to gain unauthorized access to protected information.
The vulnerability of the RDBMS component of the database management system, Oracle Database Server, is related to access control errors. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the OUD Core component of the Oracle Unified Directory application, which facilitates simplified deployment of the Oracle Fusion Middleware software. This vulnerability allows a malicious individual to gain full control over the application.
The vulnerability of the OUD Core component of the Oracle Unified Directory application, which is used for simplified deployment of the Oracle Fusion Middleware software, is related to access control errors. Exploiting this vulnerability could allow an attacker to gain full control over the...
The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform is related to access control errors. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...
The vulnerability of the ADF Faces framework in the Oracle Application Development Framework allows a perpetrator to gain unauthorized access to read, update, add, or delete protected information.
The vulnerability of the ADF Faces framework in the Oracle Application Development Framework is related to access control errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to read, update, add, or delete protected information...
The vulnerability of the Generic Unix Connector component in the Oracle Identity Manager Connector software suite for managing user accounts and access rights allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Generic Unix Connector component in the Oracle Identity Manager Connector software suite for managing user accounts and access rights is related to access control errors. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, a...
The vulnerability of the EAI component in the Oracle Siebel CRM system, which manages relationships with customers, allows a hacker to gain full access to the system.
The vulnerability of the EAI component in the Oracle Siebel CRM system, which is responsible for managing relationships with customers, relates to insecure management of privileges. Exploiting this vulnerability could allow an attacker operating remotely to gain full access to the system...
The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform is related to access control errors. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...
The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform is related to the manipulation of cross-site requests. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of protect...
The vulnerability of the TarFile.ExtractToDirectory method in the .NET software platform allows a malicious actor to gain access to and modify data.
The vulnerability of the TarFile.ExtractToDirectory method in the .NET software platform is related to the incorrect handling of symbolic links before accessing the file. Exploiting this vulnerability could allow an attacker to gain access to and modify data...
The vulnerability of the cap_set_file() function in the libcap library, which allows a hacker to increase their privileges
The vulnerability of the capsetfile function in the libcap library is related to synchronization errors when using a common resource “Race Condition”. Exploiting this vulnerability can allow an attacker to gain increased privileges...
The vulnerability of the Security Framework component of the Oracle WebCenter Portal web platform allows a perpetrator to gain full control over the application.
The vulnerability of the Security Framework component of the Oracle WebCenter Portal is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain full control over the application...
The vulnerability of the Authentication Engine component of the Oracle Access Manager control system allows a perpetrator to gain read, modify, or delete access to data.
The vulnerability of the Authentication Engine component in the Oracle Access Manager access control system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain read, modify, or delete privileges on data...
The vulnerability of the PAN-OS operating system, related to the incorrect handling of unusual or exceptional states, allows a perpetrator to trigger a service failure.
The vulnerability of the PAN-OS operating system is related to the improper handling of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...
The vulnerability of the built-in mobile security firewall Ivanti Sentry arises from the use of an alternative path or channel, which allows a intruder to elevate their privileges and gain full access to the device.
The vulnerability of the built-in mobile security firewall, Ivanti Sentry, relates to bypassing authentication using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to enhance their privileges and gain full access to the device...
The vulnerability of the Cisco Finesse operator automation software lies in improper external control of file names or paths, allowing a malicious actor to execute arbitrary code or gain unauthorized access to protected information.
The vulnerability of the Cisco Finesse operator automation software lies in improper external control of file names or file paths. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or gain unauthorized access to protected information...
The vulnerability of the Magick.NET library, a console-based graphic editor for ImageMagick, allows a hacker to induce a service failure.
The vulnerability of the Magick.NET library, a console-based graphic editor that uses ImageMagick, relates to reading data outside of the permitted range in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the software for data integration and analytics in Hitachi Vantara Pentaho Data Integration & Analytics lies in the improper assignment of permissions to critical resources. This allows attackers to gain access to read, modify, or delete data.
The vulnerability of the Hitachi Vantara Pentaho Data Integration & Analytics software for data integration and analysis is related to the improper assignment of permissions for a critical resource. Exploiting this vulnerability may allow an attacker operating remotely to gain access to read,...
The vulnerability of the Enterprise Infrastructure Security component of the JD Edwards EnterpriseOne Tools system allows a hacker to gain full access to the system.
The vulnerability of the Enterprise Infrastructure Security component of the JD Edwards EnterpriseOne Tools management system is related to the lack of authentication for critical functions. Exploiting this vulnerability could allow a malicious actor to gain full access to the system remotely...
The vulnerability of the Core component of corporate application software for storing, viewing, and processing graphic images of Oracle WebCenter Content: Imaging, allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the Core component of corporate application software for storing, viewing, and processing graphic images in Oracle WebCenter Content: Imaging is related to the absence of authentication for a critical function. Exploiting this vulnerability can allow an attacker to compromise...
The vulnerability of the Security Framework component of the Oracle WebCenter Portal web platform allows a perpetrator to gain full control over the application.
The vulnerability of the Security Framework component of the Oracle WebCenter Portal relates to the absence of authentication for a critical function. Exploiting this vulnerability could allow a malicious actor to gain full control over the application...
The vulnerability of the Setup and Administration component of the Oracle Advanced Inbound Telephony software, a part of the Oracle E-Business Suite, allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the Setup and Administration component of the Oracle Advanced Inbound Telephony software in the Oracle E-Business Suite relates to the absence of authentication for a critical function. Exploiting this vulnerability allows an attacker to influence the confidentiality,...
The vulnerability of the Enterprise Infrastructure Security component of the JD Edwards EnterpriseOne Tools system allows a hacker to gain full access to the system.
The vulnerability of the Enterprise Infrastructure Security component of the JD Edwards EnterpriseOne Tools management system is related to lack of access control. Exploiting this vulnerability could allow a malicious actor to gain full access to the system...
The vulnerability of the Cortex XSOAR platform for security organization, automation, and response lies in improper name restrictions on paths to the catalog, allowing attackers to execute “man-in-the-middle” attacks or write arbitrary files.
The vulnerability of the Cortex XSOAR security, automation, and response platform is related to an incorrect restriction on the path name to the catalog. Exploiting this vulnerability could allow a malicious actor to execute a “man-in-the-middle” attack or write arbitrary files...
The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform allows a perpetrator to gain unauthorized access to create, delete, or modify data.
The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform is related to access control errors. Exploiting this vulnerability could allow an attacker to gain unauthorized access to create, delete, or modify data...
The vulnerability of the Event Management component of the Oracle Enterprise Manager Base Platform allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the Event Management component of the Oracle Enterprise Manager Base Platform is related to the lack of authentication for a critical function. Exploiting this vulnerability could allow an attacker, operating remotely, to compromise the confidentiality, integrity, and...
The vulnerability of the Extensibility Framework component of the Oracle Enterprise Manager Base Platform allows a hacker to gain full control over the application.
The vulnerability of the Extensibility Framework component of the Oracle Enterprise Manager Base Platform is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain full control over the application...
The vulnerability of the Shell component for VS Code’s command-line and code editor client, Oracle MySQL Shell, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Shell component in VS Code’s command-line and code editor client for Oracle MySQL Shell is related to access control deficiencies. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...
The vulnerability of the microprogramming software of Schneider Electric PowerLogic P7 relay protection devices, related to the underutilization of the assert() function, allows a intruder to trigger a malfunction during maintenance.
The vulnerability of the microprogramming software of the Schneider Electric PowerLogic P7 relay protection device for electrical systems is related to the lack of use of the “assert” function. Exploiting this vulnerability could allow a malicious actor to trigger a service failure...
The vulnerability of the WebCenter Sites component for user-serviceing applications on the internet allows a perpetrator to gain unauthorized access to create, delete, or modify data.
The vulnerability of the WebCenter Sites application component for online user services in Oracle WebCenter Sites is related to access control errors. Exploiting this vulnerability could allow an attacker to gain unauthorized access to create, delete, or modify data...
The vulnerability of the Extensibility Framework component of the Oracle Enterprise Manager Base Platform allows a attacker to trigger a service failure.
The vulnerability of the Extensibility Framework component of the Oracle Enterprise Manager Base Platform relates to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the console-based graphic editor ImageMagick, related to buffer overflow in the stack, allows a hacker to exploit it to disclose protected information.
The vulnerability of the console-based graphic editor ImageMagick is related to buffer overflows in the stack during the processing of MIFF format files Magick Image File Format. Exploiting this vulnerability can allow an attacker to disclose protected information...
The vulnerability of the Core connector component in Oracle Identity Manager, a software platform of Oracle Fusion Middleware, allows attackers to compromise the confidentiality and integrity of the protected information.
The vulnerability of the Core connector component in Oracle Identity Manager, a software platform of Oracle Fusion Middleware, is related to the absence of authentication for a critical function. Exploiting this vulnerability allows an attacker to manipulate the confidentiality and integrity of...
The vulnerability of the software for data integration and analytics in Hitachi Vantara Pentaho Data Integration & Analytics lies in the insufficient protection of registration data, allowing unauthorized access to protected information by attackers.
The vulnerability of the Hitachi Vantara Pentaho Data Integration & Analytics software for data integration and analytics is related to insufficient protection of registration data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to...
The vulnerability of the DNS server service in Windows operating systems allows attackers to increase their privileges.
The vulnerability of the DNS server service in Windows operating systems is related to overflow in the buffer of dynamic memory. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the Metadata Plugin component of the Oracle Enterprise Manager Base Platform software platform allows a perpetrator to gain full control over the application.
The vulnerability of the Metadata Plugin component of the Oracle Enterprise Manager Base Platform relates to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to gain full control over the application...
The vulnerability of Schneider Electric Saitel DR and Schneider Electric EasyLogic T150 management platforms lies in the insufficient protection of registration data, allowing unauthorized access by attackers to protected information.
The vulnerability of Schneider Electric Saitel DR and Schneider Electric EasyLogic T150 control platforms relates to insufficient protection for registration data. Exploiting this vulnerability can allow unauthorized actors to gain unauthorized access to protected information...