89987 matches found
The vulnerability in the driver module/hid/hid-core.c of the Linux operating system allows a hacker to cause a service failure.
The vulnerability in the drivers/hid/hid-core.c module of the Linux operating system is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability in the net/sched/cls_u32.c module of Linux operating systems allows a hacker to trigger a service failure.
The vulnerability in the net/sched/clsu32.c module of Linux kernel systems is related to insufficient resource control during its existence. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the `ieee80211_tdls_oper()` function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the ieee80211tdlsoper function in the Linux operating system is related to the lack of initialization for variables. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Java VM component of the Oracle Database Server database management system allows a hacker to gain unauthorized access to the device.
The vulnerability of the Java VM component of the Oracle Database Server management system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to the device via network packets...
The vulnerability of the ExtractPluginFromImage() function, a loader for OCI plugins in the system for managing secrets and encryption, allows a hacker to trigger a service failure.
The vulnerability of the ExtractPluginFromImage function in the OCI plugin loader of the secrets and encryption management system OpenBao involves an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...
The vulnerability of the OpenBao encryption and secret management system arises from errors in restricting the assignment of security tokens. This allows attackers to enhance their privileges.
The vulnerability of the OpenBao encryption and secret management system is related to errors in restricting the assignment of security tokens. Exploiting this vulnerability can allow a malicious actor, operating remotely, to increase their privileges...
The vulnerability of the authentication method based on TLS certificates of the OpenBao encryption system allows attackers to gain unauthorized access to protected information.
The vulnerability of the TLS certificate authentication method used by the OpenBao encryption system is related to errors in the certificate validation process. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to the protected information...
The vulnerability in the net/core/dev.c module of the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the net/core/dev.ct module in the Linux operating system’s kernel is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability in the `drivers/net/wireless/virtual/virt_wifi.c` module of the Linux kernel allows a hacker to cause a service failure.
The vulnerability in the drivers/net/wireless/virtual/virtwifi.c module of the Linux kernel relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the tcm_loop_target_reset() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the tcmlooptargetreset function in the Linux operating system is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the merge_reloc_root() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the mergerelocroot function in the Linux operating system is related to insufficient validation of data authenticity. Exploiting this vulnerability could allow an attacker to trigger a service failure...
The vulnerability of the __radix_tree_create() function in the net/qrtr/af_qrtr.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the radixtreecreate function in the net/qrtr/afqrtr.c module of the Linux operating system is related to the failure to release resources after the expiration of their useful life. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the wacom_intuos_bt_irq() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the wacomintuosbtirq function in the Linux operating system is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of the fd_execute_rw_aio() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the fdexecuterwaio function in the Linux operating system is related to the lack of initialization for variables. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerability of the Metadata Plugin component of the Oracle Enterprise Manager Base Platform software platform allows a perpetrator to gain full control over the application.
The vulnerability of the Metadata Plugin component of the Oracle Enterprise Manager Base Platform relates to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to gain full control over the application...
The vulnerabilities of JADM components, the JVM diagnostics software for monitoring Oracle Application Performance Management, part of the Oracle Enterprise Manager software platform, allow attackers to gain unauthorized access to information or cause service failures.
The vulnerability of JADM components, a software for JVM diagnostics and monitoring within Oracle Application Performance Management, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain unauthorized access to information or cause service...
The vulnerability of the Extensibility Framework component of the Oracle Enterprise Manager Base Platform allows a attacker to trigger a service failure.
The vulnerability of the Extensibility Framework component of the Oracle Enterprise Manager Base Platform relates to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the Extensibility Framework component of the Oracle Enterprise Manager Base Platform allows a attacker to trigger a service failure.
The vulnerability of the Extensibility Framework component of the Oracle Enterprise Manager Base Platform is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the Management Service component of the Oracle Enterprise Manager Base Platform allows a perpetrator to gain full control over the application.
The vulnerability of the Management Service component of the Oracle Enterprise Manager Base Platform is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to gain full control over the application...
The vulnerability of the Extensibility Framework component of the Oracle Enterprise Manager Base Platform allows a hacker to gain full control over the application.
The vulnerability of the Extensibility Framework component of the Oracle Enterprise Manager Base Platform is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain full control over the application...
The vulnerability of Schneider Electric Saitel DR and Schneider Electric EasyLogic T150 management platforms lies in the insufficient protection of registration data, allowing unauthorized access by attackers to protected information.
The vulnerability of Schneider Electric Saitel DR and Schneider Electric EasyLogic T150 control platforms relates to insufficient protection for registration data. Exploiting this vulnerability can allow unauthorized actors to gain unauthorized access to protected information...
The vulnerability of the Cisco Finesse operator automation software lies in improper external control of file names or paths, allowing a malicious actor to execute arbitrary code or gain unauthorized access to protected information.
The vulnerability of the Cisco Finesse operator automation software lies in improper external control of file names or file paths. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or gain unauthorized access to protected information...
The vulnerability of Schneider Electric Saitel DR and Schneider Electric EasyLogic T150 management platforms lies in the improper assignment of permissions for critical resources, allowing attackers to gain unauthorized access to protected information.
The vulnerability of Schneider Electric Saitel DR and Schneider Electric EasyLogic T150 management platforms relates to the improper assignment of permissions for critical resources. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...
The vulnerability of the microprogramming software of Schneider Electric PowerLogic P7 relay protection devices, related to the underutilization of the assert() function, allows a intruder to trigger a malfunction during maintenance.
The vulnerability of the microprogramming software of the Schneider Electric PowerLogic P7 relay protection device for electrical systems is related to the lack of use of the “assert” function. Exploiting this vulnerability could allow a malicious actor to trigger a service failure...
The vulnerability of the microprogramming software of the Schneider Electric PowerLogic P7 relay protection device, related to the failure to take measures to neutralize special elements, allows a intruder to execute arbitrary commands.
The vulnerability of the microprogramming software of Schneider Electric PowerLogic P7 relay protection devices relates to the lack of measures to neutralize special elements. Exploiting this vulnerability could allow a remote attacker to execute arbitrary commands...
The vulnerability of the microprogramming software of Schneider Electric PowerLogic P7 relay protection devices, related to pointer assignment errors, allows a intruder to trigger a service failure.
The vulnerability of the microprogramming software of Schneider Electric PowerLogic P7 relay protection devices relates to pointer assignment errors. Exploiting this vulnerability could allow an attacker to trigger a service failure...
The vulnerability of the PAN-OS operating system, related to the incorrect handling of unusual or exceptional states, allows a perpetrator to trigger a service failure.
The vulnerability of the PAN-OS operating system is related to the improper handling of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...
The vulnerability of the user_role function in the LiteLLM proxy server allows attackers to increase their privileges and gain full control over the proxy server.
The vulnerability of the userrole function in the LiteLLM proxy server is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to increase their privileges and gain full control over the proxy server...
The vulnerability of the `internal_user` function in the LiteLLM proxy server allows a hacker to increase their privileges and gain full control over the proxy server.
The vulnerability of the internaluser function in the LiteLLM proxy server is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to enhance their privileges and gain full control over the proxy server...
The vulnerability of the software for data integration and analytics in Hitachi Vantara Pentaho Data Integration & Analytics lies in the insufficient protection of registration data, allowing unauthorized access to protected information by attackers.
The vulnerability of the Hitachi Vantara Pentaho Data Integration & Analytics software for data integration and analytics is related to insufficient protection of registration data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to...
The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform is related to the disclosure of information. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...
The vulnerability of the Security Framework component of the Oracle WebCenter Portal, which allows a perpetrator to gain unauthorized access to protected information or cause service failures.
The vulnerability of the Security Framework component of the Oracle WebCenter Portal is related to access control errors. Exploiting this vulnerability may allow an attacker to gain unauthorized access to protected information or cause service failures...
The vulnerability of the Authentication Engine component of the Oracle Access Manager control system allows a perpetrator to gain read, modify, or delete access to data.
The vulnerability of the Authentication Engine component in the Oracle Access Manager access control system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain read, modify, or delete privileges on data...
The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform allows a perpetrator to gain access to read, modify, or delete data.
The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain read, modify, or delete access to data...
The vulnerability of the Shell component: the Dump and Load feature of the Oracle MySQL Shell’s command-line and code editor, which allows an intruder to gain unauthorized access to protected information.
The vulnerability of the Shell component: The “Dump and Load” feature of the Oracle MySQL Shell command-line and code editor interface is related to the manipulation of inter-site queries. Exploiting this vulnerability allows an attacker, operating remotely, to gain unauthorized access to protect...
Vulnerability of the Router component: The general proxy server MySQL Router of the Oracle MySQL Database Management System allows a hacker to cause a service failure.
Vulnerability of the Router component: The general proxy server of the Oracle MySQL Server database management system is related to uncontrolled resource consumption. Exploiting this vulnerability can allow an attacker to cause service interruptions using the TLS network protocol...
The vulnerability of the DNS server service in Windows operating systems allows attackers to increase their privileges.
The vulnerability of the DNS server service in Windows operating systems is related to overflow in the buffer of dynamic memory. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform allows a perpetrator to gain access to read, modify, or delete data.
The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain read, modify, or delete access to data...
The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform allows a perpetrator to gain unauthorized access to create, delete, or modify data.
The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform is related to access control errors. Exploiting this vulnerability could allow an attacker to gain unauthorized access to create, delete, or modify data...
The vulnerability of the Core component of corporate application software for storing, viewing, and processing graphic images of Oracle WebCenter Content: Imaging allows a hacker to gain full control over the application.
The vulnerability of the Core component in corporate application software for storing, viewing, and processing graphic images in Oracle WebCenter Content: Imaging is related to the absence of authentication for a critical function. Exploiting this vulnerability can allow an attacker to gain full...
The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform allows a perpetrator to gain full control over the application.
The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform is related to access control errors. Exploiting this vulnerability could allow a malicious actor to gain full control over the application...
The vulnerability of the Event Management component of the Oracle Enterprise Manager Base Platform allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the Event Management component of the Oracle Enterprise Manager Base Platform is related to the lack of authentication for a critical function. Exploiting this vulnerability could allow an attacker, operating remotely, to compromise the confidentiality, integrity, and...
The software’s vulnerability related to data integration and analysis in Hitachi Vantara Pentaho Data Integration & Analytics allows attackers to perform XXE attacks due to incorrect restrictions on XML references to external objects.
The vulnerability of the programming tool for data integration and analysis in Hitachi Vantara Pentaho Data Integration & Analytics relates to incorrect restrictions on XML references to external objects. Exploiting this vulnerability allows a malicious actor to perform XXE attacks remotely...
The vulnerability of the End User Self Service component of the identity management tool One Identity Manager allows a malicious actor to gain read, modify, or delete access to data.
The vulnerability of the End User Self Service component of the identity management tool, One Identity Manager, relates to access control deficiencies. Exploiting this vulnerability could allow an attacker to gain read, modify, or delete access to data...
The vulnerability of the Shell component for VS Code’s command-line and code editor client, Oracle MySQL Shell, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Shell component in VS Code’s command-line and code editor client for Oracle MySQL Shell is related to access control deficiencies. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...
The vulnerability of the Cortex XSOAR platform for security organization, automation, and response lies in improper name restrictions on paths to the catalog, allowing attackers to execute “man-in-the-middle” attacks or write arbitrary files.
The vulnerability of the Cortex XSOAR security, automation, and response platform is related to an incorrect restriction on the path name to the catalog. Exploiting this vulnerability could allow a malicious actor to execute a “man-in-the-middle” attack or write arbitrary files...
The vulnerability in the web interface of the operating system PAN-OS for network interfaces of the PA-Series, VM-Series, and virtual devices of the M-Series series allows a perpetrator to execute arbitrary code.
The vulnerability of the PAN-OS operating system’s web interface for PA-Series, VM-Series, and M-Series virtual devices is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the NVIDIA Virtual GPU Manager driver, which allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the NVIDIA Virtual GPU Manager driver relates to the ability to utilize memory after it is freed. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...
Vulnerability of the Router component: The general proxy server of the Oracle MySQL Server database management system, which allows attackers to gain full control over the application.
Vulnerability of the Router component: The general proxy server, MySQL Router of the Oracle Database Management System, is associated with access control deficiencies. Exploiting this vulnerability can allow an attacker, operating remotely, to gain full control over the application using the HTTP...
The vulnerability of the command-line interface of the PAN-OS operating system, which is found in the PA-Series, VM-Series network interfaces, and M-Series virtual devices, allows attackers to escalate their privileges.
The vulnerability of the command-line interface of the PAN-OS operating system’s network interfaces in the PA-Series, VM-Series, and M-Series virtual devices is related to the absence of authentication. Exploiting this vulnerability can allow a remote attacker to increase their privileges...