90509 matches found
The vulnerability of the Azure AI Foundry platform, which is related to access control deficiencies, allows attackers to escalate their privileges. This makes it possible for unauthorized individuals to manipulate the platform’s development, deployment, and management of artificial intelligence-based solutions.
The vulnerability of the Azure AI Foundry platform, which is used for developing, deploying, and managing artificial intelligence solutions, relates to access control errors. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remotely...
The vulnerability of Microsoft Word text editors on Android operating systems, related to access control errors, allows attackers to perform spear-phishing attacks.
The vulnerability of Microsoft Word text editors on Android operating systems is related to access control errors. Exploiting this vulnerability can allow attackers to perform spear-phishing attacks...
The vulnerability of the Microsoft SharePoint Server software, related to deserialization mechanism flaws, allows attackers to execute arbitrary code.
The vulnerability of the Microsoft SharePoint Server software is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...
The vulnerability of GitHub Copilot, a code editor from Microsoft Visual Studio Code, allows a hacker to bypass existing security restrictions.
The vulnerability of GitHub Copilot, a code editor from Microsoft Visual Studio Code, relates to the lack of measures taken to eliminate special elements in the output data. Exploiting this vulnerability could allow an attacker to bypass existing security mechanisms remotely...
The vulnerability of the Microsoft Confluence SAML SSO plugin, as well as the Microsoft JIRA SAML SSO plugin, stems from incorrect implementation of authentication algorithms. This allows attackers to escalate their privileges.
The vulnerability of the Microsoft Confluence SAML SSO plugin and the Microsoft JIRA SAML SSO plugin is related to incorrect implementation of authentication algorithms. Exploiting this vulnerability can allow attackers to increase their privileges remotely...
The vulnerability of the N8n automation platform lies in its inability to control the uncontrollable changes in the attributes of the prototype object. This allows attackers to execute arbitrary code.
The vulnerability of the N8n automation platform lies in the uncontrolled changes to the attributes of the prototype object. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Vulnerability of the .NET Core software platform, related to incorrect path name restrictions, allowing attackers to write arbitrary files
The vulnerability of the .NET Core software platform is related to an incorrect limitation on the path name to the directory. Exploiting this vulnerability allows a remote attacker to write arbitrary files...
The vulnerability of the Adobe Connect Desktop Application’s instant messaging function, related to deficiencies in the authentication process, allows attackers to escalate their privileges.
The vulnerability of the Adobe Connect Desktop Application’s instant messaging feature is related to deficiencies in the authentication process. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...
The vulnerability of the Adobe Media Encoder application, related to writing beyond the buffer boundaries in memory, allows a perpetrator to execute arbitrary code.
The vulnerability of the Adobe Media Encoder application relates to writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code, provided that the user opens a specially crafted file...
The vulnerability of the 3D model texturing program Adobe Substance 3D Designer, related to writing beyond the buffer boundaries in memory, allows a hacker to execute arbitrary code.
The vulnerability of the 3D model texturing program Adobe Substance 3D Designer lies in the writing of code beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially created malicious file...
The vulnerability of Microsoft Purview eDiscovery tools, related to insufficient validation of requests on the server side, allows attackers to increase their privileges.
The vulnerability of the Microsoft Purview eDiscovery tool is related to insufficient validation of requests on the server side. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...
The vulnerability of the cloud-based platform for managing and protecting Microsoft Entra ID (formerly Azure Active Directory) arises from insufficient validation of requests on the server side. This allows attackers to perform spear-phishing attacks.
The vulnerability of the cloud-based platform for managing and protecting Microsoft Entra ID formerly Azure Active Directory is related to insufficient validation of requests at the server side. Exploiting this vulnerability could allow a malicious actor to perform spear-phishing attacks remotely...
The vulnerability of the Copilot Chat component of the Microsoft Edge browser allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Copilot Chat component of the Microsoft Edge browser is related to the lack of data cleaning at the management level. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...
The vulnerability of the corporate platform Microsoft Teams, related to deficiencies in the authentication process, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the corporate platform Microsoft Teams is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...
The vulnerability of the interactive browser-based environment Azure Cloud Shell, related to the lack of data cleansing at the management level, allows attackers to perform spoofing attacks.
The vulnerability of the Azure Cloud Shell, a browser-based interactive environment, is related to the lack of data cleansing measures at the management level. Exploiting this vulnerability allows attackers to perform spear-phishing attacks remotely...
The vulnerability of the N8n automation platform lies in its inability to control the uncontrollable changes in the attributes of the prototype object. This allows attackers to execute arbitrary code.
The vulnerability of the N8n automation platform lies in the uncontrolled changes to the attributes of the prototype object. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the professional video editing software Adobe Premiere Pro lies in its ability to utilize memory after it is released, allowing a hacker to execute arbitrary code.
The vulnerability of the professional video editing software Adobe Premiere Pro lies in the possibility of exploiting memory after it is freed. Exploiting this vulnerability allows a hacker to execute arbitrary code, provided that the user opens a specially crafted file...
The vulnerability of the software tools for working with secure metadata, namely the Content Authenticity JS SDK and the Content Authenticity Rust SDK, is related to integer overflow. This vulnerability allows attackers to trigger a service failure.
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, is related to a numerical overflow issue. Exploiting this vulnerability could allow an attacker to cause service failures...
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, is related to uncontrolled resource consumption. This vulnerability allows attackers to trigger service failures.
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, is related to insufficient validation of input data. This allows attackers to trigger service failures.
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of the 3D model texturing program Adobe Substance 3D Designer, related to writing beyond the buffer boundaries in memory, allows a hacker to execute arbitrary code.
The vulnerability of the 3D model texturing program Adobe Substance 3D Designer lies in the writing of code beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially created malicious file...
The vulnerability of Microsoft Data Formulator’s AI-based data visualization tool, related to improper code generation management, allows a malicious actor to execute arbitrary code.
The vulnerability of the Microsoft Data Formulator, a tool for visualizing data based on artificial intelligence, is related to improper code generation. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability of Microsoft Word, Microsoft Office suites, and Microsoft 365 Apps for Enterprise, related to data type mixing errors, allows attackers to execute arbitrary code.
The vulnerability of Microsoft Word, the Microsoft Office suite, and Microsoft 365 Apps for Enterprise is related to errors in data type mixing. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of Microsoft Office and Microsoft 365 Apps for Enterprise applications relates to the use of memory after it is freed, allowing an attacker to execute arbitrary code.
The vulnerability of Microsoft Office and Microsoft 365 Apps for Enterprise applications is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the SAP Commerce Cloud platform, related to the transmission of critical information in open text, allows a perpetrator to execute arbitrary codes.
The vulnerability of the SAP Commerce Cloud e-commerce platform is related to incomplete cleaning of temporary or auxiliary resources. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the Azure IoT Central data management platform, related to information disclosure, allows attackers to enhance their privileges.
The vulnerability of the Azure IoT Central data management platform is related to the exposure of information. Exploiting this vulnerability could allow a malicious actor to gain increased privileges...
The vulnerability of the FortiAuthenticator identification system, related to deficiencies in access control, allows a perpetrator to execute arbitrary codes.
The vulnerability of the FortiAuthenticator identification system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute arbitrary commands...
The vulnerability of Adobe Illustrator’s graphic editor, related to pointer naming errors, allows a hacker to trigger a service failure.
The vulnerability of Adobe Illustrator’s graphic editor is related to pointer assignment errors. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of Adobe Illustrator, related to writing beyond the buffer boundaries, allows a hacker to execute arbitrary code.
The vulnerability of the Adobe Illustrator graphic editor is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the Microsoft PowerPoint presentation preparation and viewing software on Android operating systems, related to access control errors, allows attackers to perform spear-phishing attacks.
The vulnerability of the Microsoft PowerPoint presentation preparation and viewing software on Android operating systems is related to access control errors. Exploiting this vulnerability can allow attackers to carry out spoofing attacks...
The vulnerability of Microsoft Word text editors, Microsoft Office software packages, and Microsoft 365 Apps for Enterprise, related to the use of memory after it is freed, allows attackers to execute arbitrary code.
The vulnerability of Microsoft Word, the Microsoft Office suite, and Microsoft 365 Apps for Enterprise is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the MCP OAuth component of the automation platform for N8n processes allows attackers to perform cross-site scripting attacks.
The vulnerability of the MCP OAuth component of the automation platform for N8n processes is related to the lack of protective measures taken for the structure of the web page when processing the clientname parameter. Exploiting this vulnerability allows a malicious actor to perform cross-site...
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, is related to uncontrolled resource consumption. This vulnerability allows attackers to trigger service failures.
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, involves an uncontrolled consumption of resources. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, is related to uncontrolled resource consumption. This vulnerability allows attackers to trigger service failures.
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, involves an uncontrolled consumption of resources. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability in the glue_generator.cpp script of the OpenPLC programmable logic controller software allows a hacker to read and write arbitrary files.
The vulnerability in the gluegenerator.cpp script of the OpenPLC programmable logic controller software relates to an incorrect restriction on the path name when processing parameters varName and varType. Exploiting this vulnerability allows a remote attacker to read and write arbitrary files...
The vulnerability of the Mastodon web application for deploying distributed social networks, related to the improper implementation of the sequence of actions to be performed, allows a perpetrator to bypass existing security mechanisms or gain unauthorized access to protected information.
The vulnerability of the Mastodon web application for deploying distributed social networks is related to the improper implementation of the sequence of actions to be performed. Exploiting this vulnerability allows a malicious actor to bypass existing security mechanisms or gain unauthorized acce...
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, is related to integer overflow. This allows attackers to trigger a service failure.
The vulnerability of the software tools for working with secure metadata, such as the Content Authenticity JS SDK and the Content Authenticity Rust SDK, is related to a numerical overflow issue. Exploiting this vulnerability could allow an attacker to cause service failures...
The vulnerability of the skb_try_coalesce() function in the Linux operating system allows a hacker to increase their privileges.
The vulnerability of the skbtrycoalesce function in the Linux operating system is related to the execution of operations outside the buffer boundaries. Exploiting this vulnerability can allow an attacker to enhance their privileges...
The vulnerability of the TCP/IP protocol implementation in Windows operating systems allows a perpetrator to cause service failures.
The vulnerability of the TCP/IP protocol implementation in Windows operating systems is related to pointer aliasing. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of Microsoft Office and Microsoft 365 Apps for Enterprise applications relates to the use of memory after it is freed, allowing an attacker to execute arbitrary code.
The vulnerability of Microsoft Office and Microsoft 365 Apps for Enterprise applications is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the Microsoft Dynamics 365 resource planning software, related to improper code generation management, allows an attacker to execute arbitrary code.
The vulnerability of the Microsoft Dynamics 365 resource planning software is related to improper code generation. Exploitation of this vulnerability could allow an attacker operating remotely to execute arbitrary code...
The vulnerability of Microsoft Office packages, related to buffer overflows in dynamic memory, allows an attacker to execute arbitrary code.
The vulnerability of Microsoft Office packages is related to overflowing buffers in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the Windows Operating System’s Telephony Service allows attackers to exploit their privileges.
The vulnerability of the Windows Operating System’s Telephony Service relates to the possibility of exploiting memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the Native WiFi Miniport Driver for Windows operating systems allows a hacker to execute arbitrary code.
The vulnerability of the Native WiFi Miniport Driver for Windows operating systems is related to synchronization errors when using a shared resource. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...
The vulnerability of the 3D model texturing software Adobe Substance 3D Painter, related to writing beyond buffer boundaries in memory, allows a hacker to execute arbitrary code.
The vulnerability of the 3D model texturing software Adobe Substance 3D Painter lies in the writing of code beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability of the TCP/IP protocol implementation in Windows operating systems allows a perpetrator to cause service failures.
The vulnerability of the TCP/IP protocol implementation in Windows operating systems is related to pointer aliasing. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of Microsoft Edge’s browser on Android operating systems, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.
The vulnerability of Microsoft Edge’s browser on Android operating systems is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform spear-phishing attacks...
The vulnerability of the Rich Text Edit Control text editor in the Windows operating system, which allows attackers to exploit their privileges.
The vulnerability of the Rich Text Edit Control text editor in the Windows operating system is related to a memory reclamation error. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the Click-to-Run package technology for Microsoft Office and Office 365 allows attackers to enhance their privileges.
The vulnerability of the Click-to-Run package technology for Microsoft Office and Office 365 is related to access control errors. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the TCP/IP protocol implementation in Windows operating systems allows attackers to enhance their privileges.
The vulnerability of the TCP/IP protocol implementation in Windows operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to increase their privileges...