90509 matches found
The vulnerability of the Windows Operating System’s Telephony Service allows attackers to exploit their privileges.
The vulnerability of the Windows Operating System’s Telephony Service relates to the possibility of exploiting memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the DWM Core Library in Windows operating systems allows attackers to enhance their privileges.
The vulnerability of the DWM Core Library in Windows operating systems is related to overflowing buffers in dynamic memory. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the 3D model texturing software Adobe Substance 3D Painter, related to writing beyond buffer boundaries in memory, allows a hacker to execute arbitrary code.
The vulnerability of the 3D model texturing software Adobe Substance 3D Painter lies in the writing of code beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the Microsoft Dynamics 365 Business Central software for small and medium-sized businesses stems from deficiencies in the authentication process, which allows attackers to escalate their privileges.
The vulnerability of the Microsoft Dynamics 365 Business Central software for small and medium-sized businesses is related to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of the Click-to-Run package technology for Microsoft Office and Microsoft 365 Apps for Enterprise allows a perpetrator to enhance their privileges.
The vulnerability of the Click-to-Run package technology for Microsoft Office and Microsoft 365 Apps for Enterprise is related to the use of memory after it is released. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of the Win32K component – ICOMP in Windows operating systems, which allows attackers to exploit their privileges.
The vulnerability of the Win32K component – ICOMP in Windows operating systems is related to the repeated release of memory. Exploiting this vulnerability can allow an attacker to increase their privileges...
Microsoft Edge’s vulnerability, related to improper external management of file names or paths, allows attackers to gain unauthorized access to protected information.
The vulnerability of Microsoft Edge relates to improper external management of file names or paths. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
Microsoft Edge browser vulnerability, related to incorrect elimination of special elements in output data, allows attackers to enhance their privileges.
The vulnerability of Microsoft Edge relates to incorrect elimination of special elements in output data. Exploiting this vulnerability can allow a remote attacker to increase their privileges...
The vulnerability of the data collection tool for Azure Monitor Agents from virtual machines and physical servers arises from improper external management of file names or paths. This allows attackers to escalate their privileges.
The vulnerability of the data collection tool for Azure Monitor Agents, which are associated with virtual machines and physical servers, is related to incorrect external management of file names or paths. Exploiting this vulnerability can allow a malicious actor to increase their privileges...
The vulnerability of Microsoft Office and Microsoft 365 Apps for Enterprise applications relates to the use of memory after it is freed, allowing an attacker to execute arbitrary code.
The vulnerability of Microsoft Office and Microsoft 365 Apps for Enterprise applications is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of Microsoft Office packages, related to deficiencies in access control, allows attackers to carry out spear-phishing attacks.
The vulnerability of Microsoft Office packages is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to carry out spear-phishing attacks...
The vulnerability of the Windows Filtering Platform (WFP), a filtering platform for Windows operating systems, allows attackers to circumvent existing security restrictions.
The vulnerability of the Windows Filtering Platform WFP in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to circumvent existing security restrictions...
The vulnerability of the Windows Cloud Files Mini Filter Driver for operating systems, which allows attackers to escalate their privileges.
The vulnerability of the Windows Cloud Files Mini Filter Driver for operating systems involves the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the Windows Cloud Files Mini Filter Driver for operating systems, which allows attackers to escalate their privileges.
The vulnerability of the Windows Cloud Files Mini Filter Driver for operating systems affects synchronization errors when using shared resources. Exploiting this vulnerability can allow attackers to gain increased privileges...
The vulnerability of the Microsoft Partner Center software, related to errors in processing hypertext links, allows attackers to perform spear-phishing attacks.
The vulnerability of the Microsoft Partner Center software is related to errors in processing hypertext links. Exploiting this vulnerability can allow attackers to perform spear-phishing attacks remotely...
The vulnerability of the command-line interface (CLI) of Fortinet’s FortiAP and FortiAP-W2 access points allows a attacker to execute arbitrary commands.
The vulnerability of the command-line interface CLI of Fortinet’s FortiAP and FortiAP-W2 microprogramming solutions lies in the lack of measures taken to neutralize the special elements used in operating system commands. Exploiting this vulnerability allows an attacker to execute arbitrary comman...
The vulnerability of Microsoft Word text editors arises from improper external control of file names or file paths, allowing attackers to gain unauthorized access to protected information.
The vulnerability of Microsoft Word relates to improper external management of file names or file paths. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability of Microsoft SharePoint Server and SharePoint Enterprise Server’s software packages stems from deficiencies in the deserialization mechanism, allowing attackers to execute arbitrary code.
The vulnerability of Microsoft SharePoint Server and SharePoint Enterprise Server packages is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...
The vulnerability of Microsoft SharePoint Server and SharePoint Enterprise Server’s software packages stems from deficiencies in the deserialization mechanism, allowing attackers to execute arbitrary code.
The vulnerability of Microsoft SharePoint Server and SharePoint Enterprise Server packages is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...
The vulnerability of the .NET software platform, related to the execution of operations beyond buffer boundaries in memory, allows attackers to exploit their privileges.
The vulnerability of the .NET software platform is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the Rich Text Edit Control text editor in Windows operating systems, which allows attackers to exploit their privileges.
The vulnerability of the Rich Text Edit Control text editor in Windows operating systems is related to the repeated release of memory. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of Microsoft Edge’s browser on Android operating systems, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.
The vulnerability of Microsoft Edge’s browser on Android operating systems is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform spear-phishing attacks...
The vulnerability of Microsoft Edge’s browser on Android operating systems, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.
The vulnerability of Microsoft Edge’s browser on Android operating systems is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform spear-phishing attacks...
The vulnerability of the Click-to-Run package technology for Microsoft Office and Microsoft 365 Apps for Enterprise allows a perpetrator to enhance their privileges.
The vulnerability of the Click-to-Run package technology for Microsoft Office and Microsoft 365 Apps for Enterprise is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the Click-to-Run package technology for Microsoft Office and Microsoft 365 Apps for Enterprise allows a perpetrator to enhance their privileges.
The vulnerability of the Click-to-Run package technology for Microsoft Office and Microsoft 365 Apps for Enterprise is related to the use of memory after it is released. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of the .NET software platform, related to executing a loop with an unavailable exit condition, allows a hacker to cause a service failure.
The vulnerability of the .NET software platform lies in the execution of a loop with an exit condition that is not met. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of the Microsoft Outlook email client on iOS operating systems, related to the lack of data cleaning at the management level, allows attackers to execute arbitrary commands.
The vulnerability of the Microsoft Outlook email client on iOS operating systems is related to the lack of measures taken at the control level to clean data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the TCP/IP protocol implementation in Windows operating systems allows attackers to disclose sensitive information.
The vulnerability of the TCP/IP protocol implementation in Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information that is protected by the system...
The vulnerability of Microsoft 365 Copilot’s intelligent virtual assistant in Android operating systems, related to access control errors, allows attackers to perform spearishing attacks.
The vulnerability of Microsoft 365 Copilot’s intelligent virtual assistant in Android operating systems is related to access control errors. Exploiting this vulnerability could allow attackers to carry out spear-phishing attacks...
The vulnerability of Windows SMB operating systems for clients allows attackers to increase their privileges.
The vulnerability of SMB operating system clients in Windows systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...
Vulnerability of operating systems due to improper validation of specified input types, allowing attackers to execute arbitrary code.
The vulnerability of operating systems iPadOS, iOS, and macOS Tahoe is related to improper validation of the specified data type. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the CAPWAP (Control and Provisioning of Wireless Access Points) component in Fortinet’s FortiOS operating systems allows a hacker to execute arbitrary code.
The vulnerability of the CAPWAP Control and Provisioning of Wireless Access Points component in Fortinet’s FortiOS operating systems is related to buffer overflow attacks. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially crafted packets...
The vulnerability of the Windows Ancillary Function Driver for WinSock on Windows operating systems allows attackers to exploit their privileges.
The vulnerability of the Windows Ancillary Function Driver for WinSock operating systems is related to incorrect external management of the file name or path. Exploiting this vulnerability can allow an attacker to gain increased privileges...
The vulnerability of Microsoft Office and Microsoft 365 Apps for Enterprise applications relates to buffer overflows in dynamic memory, allowing an attacker to execute arbitrary code.
The vulnerability of Microsoft Office and Microsoft 365 Apps for Enterprise packages is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the software interface of Fortinet’s FortiManager device management center and FortiAnalyzer event monitoring and analysis tool allows a attacker to trigger a service failure.
The vulnerability of the Fortinet FortiManager device management interface and the FortiAnalyzer event monitoring and analysis tool is related to the use of potentially dangerous functions. Exploiting this vulnerability could allow a malicious actor to cause service interruptions by sending...
The vulnerability of the Netlogon service in Windows operating systems allows a hacker to execute arbitrary code.
The vulnerability of the Netlogon service in Windows operating systems is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of monitoring panels in the Git-based software platform allows attackers to perform cross-site scripting attacks during collaborative code development in GitLab Enterprise Edition.
The vulnerability of monitoring panels in the Git-based software platform for collaborative code development in GitLab Enterprise Edition is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripti...
The vulnerability of Microsoft Office, Excel, and 365 Apps for Enterprise packages lies in their ability to exploit memory after it is freed, allowing an attacker to execute arbitrary code.
The vulnerability of Microsoft Office, Excel, and 365 Apps for Enterprise packages relates to the ability to utilize memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the emulator library for the VTE terminal, which allows a hacker to trigger a service failure
The vulnerability of the terminal emulation library VTE is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a hacker to cause a service failure...
The vulnerability of Google Chrome’s GPU component allows a hacker to execute arbitrary code.
The vulnerability of Google Chrome’s GPU component is related to a numerical overflow condition. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created HTML page...
The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in their uncontrolled resource consumption, which allows attackers to cause service interruptions.
The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to uncontrolled resource consumption. Exploiting these vulnerabilities can allow attackers to cause service interruptions remotel...
The vulnerability of the libpng library, which allows a hacker to gain access to freed memory
The vulnerability of the libpng library lies in the transfer of a pointer obtained from functions like pnggetPLTE, pnggettRNS, or pnggethIST back to the corresponding function for setting values for the same pair of structures pngstruct and pnginfo. This causes reading from the freed memory and...
The vulnerability in the IMG_xpm.c component of the image loading library, part of the SDL_image library, allows a hacker to cause a system failure.
The vulnerability of the IMGxpm.c component in the image loading library, part of the SDLimage library, is related to a numerical overflow condition. Exploiting this vulnerability could allow an attacker to cause a service failure by using a specially created XPM image...
The vulnerability in the IMG_xpm.c component of the image loading library, part of the SDL_image library, allows a hacker to cause a system failure.
The vulnerability of the IMGxpm.c component in the image loading library, part of the SDLimage library, is related to a numerical overflow condition. Exploiting this vulnerability could allow an attacker to cause a service failure by using a specially created XPM image...
The vulnerability of the software for interacting with servers via CURL allows a hacker to gain access to confidential data.
The vulnerability of the software for interacting with servers via CURL is related to errors in the certificate validation process. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data...
The vulnerability of the nextstate() function in the gpsd/packet.c component of the GPS tracking daemon allows a intruder to cause a service failure.
The vulnerability of the nextstate function in the gpsd/packet.c component of the GPS tracking daemon is related to a numerical loss of significance. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the file-xwd.c component of the GIMP graphic editor allows a hacker to cause a service failure.
The vulnerability of the file-xwd.c component of the GIMP graphic editor is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to cause a service failure using the malicious file...
The vulnerability of the H.266 codec parser library in the GStreamer multimedia framework allows a hacker to execute arbitrary code.
The vulnerability of the H.266 codec parser library in the GStreamer multimedia framework is related to insufficient checking of user data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerabilities of the `png_set_TRNX` and `png_set_PLTE` functions in the LIBPNG library allow attackers to execute arbitrary code or cause service interruptions.
The vulnerability of the pngsettRNS and pngsetPLTE functions in the LIBPNG library is related to improper memory management during data deallocation. Exploiting this vulnerability may allow an attacker to gain access to the freed memory area, which could lead to the execution of arbitrary code or...
The vulnerability of the software for centralized identity management systems like FreeIPA allows a perpetrator to gain access to confidential data.
The vulnerability of the FreeIPA identity management software is related to deficiencies in the authorization process. Exploiting this vulnerability could allow a perpetrator to gain access to confidential data...