90509 matches found
The vulnerability of Microsoft Visual Studio Code’s editor, related to session management errors, allows attackers to escalate their privileges.
The vulnerability of Microsoft Visual Studio Code’s editor is related to session management errors. Exploiting this vulnerability can allow a remote attacker to gain increased privileges...
The vulnerability of the Mastodon web application for deploying distributed social networks, related to the improper implementation of the sequence of actions to be performed, allows a perpetrator to bypass existing security mechanisms or gain unauthorized access to protected information.
The vulnerability of the Mastodon web application for deploying distributed social networks is related to the improper implementation of the sequence of actions to be performed. Exploiting this vulnerability allows a malicious actor to bypass existing security mechanisms or gain unauthorized acce...
The vulnerability of the centralized network management system of Cisco Catalyst SD-WAN Manager and the software for traffic management of Cisco Catalyst SD-WAN Controller, due to authentication mechanism flaws, allows attackers to gain unauthorized access to the system.
The vulnerability of the centralized network management system Cisco Catalyst SD-WAN Manager and the software for traffic management called Cisco Catalyst SD-WAN Controller is related to authentication mechanism flaws. Exploiting this vulnerability could allow an attacker to gain unauthorized...
The vulnerability of Microsoft 365 Copilot’s intelligent virtual assistant involves redirecting URLs to unreliable websites, allowing attackers to escalate their privileges.
The vulnerability of Microsoft 365 Copilot’s intelligent virtual assistant is related to the redirection of URLs to unreliable websites. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...
The vulnerability of the Microsoft Dynamics 365 resource planning software lies in insufficient validation of queries on the server side, allowing attackers to perform spear-phishing attacks.
The vulnerability of the Microsoft Dynamics 365 resource planning software is related to insufficient testing of server-side queries. Exploiting this vulnerability allows attackers to perform spear-phishing attacks remotely...
The vulnerability of the Microsoft Enterprise Security Token Service in terms of authentication and token management, related to errors in information processing, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Microsoft Enterprise Security Token Service for authentication and token management is related to errors in information processing. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the automated deployment and scaling service for managed Apache Cassandra Azure instances lies in insufficient input data validation. This allows a malicious actor to execute arbitrary code.
The vulnerability of the automated deployment and scaling service for managed Apache Cassandra Azure Managed Instances lies in insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of Microsoft Word packages in Microsoft Office and Microsoft 365 Apps for Enterprise, related to the use of files and directories accessible from external parties, allows attackers to disclose sensitive information.
The vulnerability of Microsoft Word packages in Microsoft Office and Microsoft 365 Apps for Enterprise applications is related to the use of files and directories accessible from external parties. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is...
The vulnerability of Microsoft Visual Studio Code’s editor, related to errors in information processing, allows attackers to circumvent existing security restrictions.
The vulnerability of Microsoft Visual Studio Code’s source editor is related to errors in information processing. Exploiting this vulnerability can allow attackers to circumvent existing security restrictions...
The vulnerability of the Projected File System component in Windows operating systems, which allows attackers to enhance their privileges
The vulnerability of the Projected File System component in Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the GDI component in Windows operating systems, allowing a hacker to execute arbitrary code
The vulnerability of the GDI component in Windows operating systems is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the Hyper-V component in Windows operating systems allows attackers to increase their privileges.
The vulnerability of the Hyper-V component in Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the Graphics component of Windows operating systems, allowing a hacker to execute arbitrary code
The vulnerability of the Graphics component in Windows operating systems is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the Kernel-Mode Driver driver in Windows operating systems allows a hacker to execute arbitrary code.
The vulnerability of the Kernel-Mode Driver driver in Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...
The vulnerability in the implementation of the Secure Boot protocol for operating systems with security features allows a hacker to circumvent security restrictions.
The vulnerability of the Secure Boot implementation for Windows operating systems lies in the dependency on a component that cannot be updated. Exploiting this vulnerability could allow an attacker to circumvent security restrictions...
Vulnerability of Cryptographic Services in Windows operating systems, allowing attackers to enhance their privileges
The vulnerability of Cryptographic Services in Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges...
The vulnerability of the Substance 3D Sampler software for creating textures and materials for 3D models allows a hacker to execute arbitrary code by allowing the operation to escape out of the buffer in memory.
The vulnerability of the Substance 3D Sampler software for creating textures and materials for 3D models involves the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability of the professional video editing software Adobe Premiere Pro, related to recording beyond buffer limits, allows a hacker to execute arbitrary code.
The vulnerability of the professional video editing software Adobe Premiere Pro lies in the ability to record beyond the buffer limits. Exploiting this vulnerability allows an attacker to execute arbitrary code, provided that the user opens a specially crafted file...
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, is related to insufficient validation of input data. This allows attackers to trigger service failures.
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, is related to insufficient validation of input data. This allows attackers to trigger service failures.
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, is related to uncontrolled resource consumption. This vulnerability allows attackers to trigger service failures.
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, involves an uncontrolled consumption of resources. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of the 3D model texturing program Adobe Substance 3D Designer, related to insufficient testing of server-side requests, allows a hacker to gain unauthorized access to protected information.
The vulnerability of the 3D model texturing program Adobe Substance 3D Designer is related to insufficient testing of server-side requests. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information by sending a specially created malicious file...
The vulnerability in the glue_generator.cpp script of the OpenPLC programmable logic controller software allows a hacker to read and write arbitrary files.
The vulnerability in the gluegenerator.cpp script of the OpenPLC programmable logic controller software relates to an incorrect restriction on the path name when processing parameters varName and varType. Exploiting this vulnerability allows a remote attacker to read and write arbitrary files...
The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Foundation, and Microsoft SharePoint Enterprise Server packages lies in their lack of access control mechanisms, allowing attackers to execute arbitrary code.
The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Foundation, and Microsoft SharePoint Enterprise Server is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to execute arbitrary code remotely...
The vulnerability of the Microsoft Power Apps development environment, related to an uncontrolled search path element, allows a perpetrator to execute arbitrary code.
The vulnerability of the Microsoft Power Apps development environment is related to an uncontrolled element in the search process. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of Adobe Illustrator, related to buffer overflow in dynamic memory, allows attackers to execute arbitrary code.
The vulnerability of the Adobe Illustrator graphic editor is related to overflow of the buffer in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of Adobe Illustrator’s graphic editor, related to reading data beyond the buffer in memory, allows attackers to exploit this to disclose protected information.
The vulnerability of the Adobe Illustrator graphic editor is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to disclose protected information...
The vulnerability of the Microsoft SQL Server database management system, related to improper external control of file names or file paths, allows a hacker to execute arbitrary code.
The vulnerability of the Microsoft SQL Server database management system is related to improper external manipulation of file names or file paths. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code remotely...
The vulnerability of Microsoft Word, Microsoft Office suites, and Microsoft 365 Apps for Enterprise, related to the misuse of a trusted pointer, allows attackers to execute arbitrary code.
The vulnerability of Microsoft Word, the Microsoft Office suite, and Microsoft 365 Apps for Enterprise is related to the use of an untrusted pointer. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the Azure Connected Machine Agent, a software tool for managing servers and virtual machines, relates to access segmentation errors, allowing attackers to escalate their privileges.
The vulnerability of the Azure Connected Machine Agent, a software tool for managing servers and virtual machines, is related to access control errors. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of the Power Automate for Desktop automation platform, related to insufficient protection of operational data, allows a hacker to disclose protected information.
The vulnerability of the Power Automate for Desktop automation platform is related to insufficient protection for operational data. Exploiting this vulnerability can allow a malicious actor to disclose protected information...
The vulnerability of the Data Deduplication function in Windows Server servers allows attackers to escalate their privileges.
The vulnerability of the Data Deduplication function in Windows Server servers relates to the possibility of exploiting memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of Microsoft Bing’s search system, related to deficiencies in the deserialization mechanism, allows a perpetrator to execute arbitrary code.
The vulnerability of Microsoft Bing’s search system is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, is related to insufficient validation of input data. This allows attackers to trigger service failures.
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, is related to a countable loss of significance. This vulnerability allows attackers to trigger a service failure.
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, involves a countable loss of significance. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, is related to a countable loss of significance. This vulnerability allows attackers to trigger a service failure.
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, involves a countable loss of significance. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, is related to insufficient validation of input data. This allows attackers to trigger service failures.
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of the BitLocker component in Windows operating systems allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the BitLocker component in Windows operating systems is related to a breach of data protection mechanisms. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability of Microprogrammed Software in Ecostruxure Machine Expert HVAC controllers, related to the storage of confidential information in an open manner, allows a intruder to disclose the protected information.
The vulnerability of the microprogramming software used in Ecostruxure Machine Expert HVAC programmable logic controllers is related to the storage of confidential information in an open manner. Exploiting this vulnerability could allow a intruder to disclose the protected information...
The vulnerability of the Azure Monitor Action Group’s notification service, due to insufficient validation of requests on the server side, allows attackers to escalate their privileges.
The vulnerability of the Azure Monitor Action Group’s notification service is related to insufficient validation of requests on the server side. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...
The vulnerability of the software for working with Azure Machine Learning algorithms lies in the lack of measures taken to neutralize special elements in the output data, allowing attackers to perform spoofing attacks.
The vulnerability of the software for working with Azure Machine Learning algorithms is related to the lack of measures taken to neutralize special elements in the output data. Exploiting this vulnerability allows a remote attacker to perform spearishing attacks...
The vulnerability of the DNS Client component for Windows operating systems allows a perpetrator to execute arbitrary code.
The vulnerability of the DNS Client component for Windows operating systems is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the cloud platform used for creating and launching automated work processes in Azure Logic Apps exposes operating systems running on Windows to exploitation. This allows attackers to escalate their privileges.
The vulnerability of the cloud platform used for creating and launching automated work processes in Azure Logic Apps, when operating on Windows operating systems, is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain increased privileges...
The vulnerability of the Azure Monitor Agent Metrics Extension lies in its use of an insecure search path, allowing attackers to escalate their privileges.
The vulnerability of the Azure Monitor Agent Metrics Extension is related to the use of an unreliable search path. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of Siemens Solid Edge, a design and modeling tool, allows a hacker to execute arbitrary code.
The vulnerability of Siemens Solid Edge’s design and simulation tools relates to access to an uninitialized pointer. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability of the Adobe Connect Desktop Application’s instant messaging program, related to deserialization mechanism flaws, allows attackers to execute arbitrary code.
The vulnerability of the Adobe Connect Desktop Application’s instant messaging function is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of Siemens Solid Edge, a design and modeling tool, allows a hacker to execute arbitrary code.
The vulnerability of Siemens Solid Edge’s design and simulation tools is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the Adobe Media Encoder application, related to integer overflow, allows an attacker to execute arbitrary code.
The vulnerability of the Adobe Media Encoder application relates to a numerical overflow condition. Exploiting this vulnerability allows an attacker to execute arbitrary code, provided that the user opens a specially crafted file...
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, is related to integer overflow. This allows attackers to trigger a service failure.
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, is related to a numerical overflow issue. Exploiting this vulnerability could allow an attacker to cause service failures...
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, is related to insufficient validation of input data. This allows attackers to trigger service failures.
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to cause service failures...