90509 matches found
The vulnerability of the SSLVPN component of the SONICWALL network interface software of the SMA 1000 series allows a hacker to bypass the TOTP authentication process.
The vulnerability of the SSLVPN component of the SMA 1000 series SonicWALL network gateway software relates to incorrect handling of Unicode characters. Exploiting this vulnerability can allow an attacker to bypass Two-Factor Authentication TOTP verification...
The vulnerability of the vLLM library for working with large language models involves uncontrolled resource consumption, allowing attackers to trigger a service failure.
The vulnerability of the vLLM library for working with large language models is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures by sending specially crafted HTTP requests...
The vulnerability of the v1/completions interface of the LLM vLLM library allows a attacker to trigger a service failure.
The vulnerability of the v1/completions interface of the LLM library for working with large language models is related to an error in handling exceptional states. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the parse_uname_string() function on the security monitoring and threat detection platform Wazuh allows a malicious actor to cause system failures.
The vulnerability of the parseunamestring function on the security monitoring and threat detection platform Wazuh is related to a numerical loss of significance. Exploiting this vulnerability could allow an attacker operating remotely to cause malfunctions in the platform’s operation...
The vulnerability of the Next.js software platform for creating web applications lies in the lack of source verification, which allows attackers to gain unauthorized access to protected information.
The vulnerability of the Next.js web application development software platform lies in the lack of source verification. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the Next.js software platform for creating web applications, related to the manipulation of cross-site requests, allows attackers to execute CSRF attacks.
The vulnerability of the Next.js web application development software platform is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to perform a CSRF attack remotely...
The vulnerability of the Windows Admin Center server management tool, related to deficiencies in the authentication process, allows a perpetrator to escalate their privileges.
The vulnerability of the Windows Admin Center management tool is related to deficiencies in the authentication process. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...
The vulnerability of the Cloud Files Mini Filter Driver for operating systems Windows allows attackers to increase their privileges.
The vulnerability of the Cloud Files Mini Filter Driver for Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of Windows Event Logging, a service in the Windows operating system, allows an attacker to bypass existing security mechanisms.
The vulnerability of Windows Event Logging service is related to lack of access control. Exploiting this vulnerability can allow an attacker to bypass existing security mechanisms...
The vulnerability of the Windows Ancillary Function Driver for WinSock on Windows operating systems allows attackers to exploit their privileges.
The vulnerability of the Windows Ancillary Function Driver for WinSock operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to gain increased privileges...
The vulnerability of the Win32K component – GRFX in Windows operating systems – allows a hacker to execute arbitrary code.
The vulnerability of the Win32K component in Windows operating systems is related to the ability to utilize memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in their uncontrolled resource consumption, which allows attackers to cause service interruptions.
The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to uncontrolled resource consumption. Exploiting these vulnerabilities can allow attackers to cause service interruptions remotel...
The vulnerability of software platforms for developing and managing online stores like Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in their lack of authentication mechanisms. This allows attackers to bypass existing security measures.
The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to deficiencies in authentication mechanisms. Exploiting these vulnerabilities can allow attackers to bypass existing security...
The vulnerability of Microsoft Excel, Microsoft Office, and Microsoft 365 Apps for Enterprise applications relates to reading beyond the buffer limit in memory, allowing an intruder to gain unauthorized access to protected information.
The vulnerability of Microsoft Excel, Microsoft Office, and Microsoft 365 Apps for Enterprise programs relates to reading data beyond the buffer memory limit. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability of the Windows operating system’s kernel, which allows a hacker to increase their privileges
The vulnerability of the Windows operating system’s kernel is related to the swapping of an untrusted pointer. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in their uncontrolled resource consumption, which allows attackers to cause service interruptions.
The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to uncontrolled resource consumption. Exploiting these vulnerabilities can allow attackers to cause service interruptions remotel...
The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in their uncontrolled resource consumption, which allows attackers to cause service interruptions.
The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to uncontrolled resource consumption. Exploiting these vulnerabilities can allow attackers to cause service interruptions remotel...
The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in insufficient validation of input data. This allows attackers to execute arbitrary code.
The vulnerability of software platforms for developing and managing online stores like Magento Open Source, Adobe Commerce, and Adobe Commerce B2B is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the H.266 multimedia framework’s parser in GStreamer allows a perpetrator to execute arbitrary code.
The vulnerability of the H.266 multimedia framework parser in GStreamer lies in the lack of proper checks for data length. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the v1/completions interface of the LLM vLLM library allows a attacker to trigger a service failure.
The vulnerability of the v1/completions interface of the LLM library for working with large language models is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the Wazuh security monitoring and threat detection platform lies in its insufficient limit on authentication attempts, which allows attackers to compromise privacy and integrity.
The vulnerability of the Wazuh security monitoring and threat detection platform lies in the insufficient restrictions on authentication attempts. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality and integrity of the protected information...
The vulnerability of the Entry.Writer() function in the Logrus logging library, which allows a hacker to cause a service failure
The vulnerability of the Entry.Writer function in the Logrus logging library is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause a service failure...
The vulnerability of the TCP/IP driver for Windows operating systems allows attackers to circumvent security restrictions.
The vulnerability of the TCP/IP driver for Windows operating systems relates to bypassing authentication using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to circumvent security restrictions remotely...
The vulnerability of the Win32K component – GRFX in Windows operating systems – allows attackers to enhance their privileges.
The vulnerability of the Win32K component in Windows operating systems is related to integer overflow. Exploiting this vulnerability can allow an attacker to gain increased privileges...
The vulnerability of the Win32K component – GRFX in Windows operating systems – allows attackers to enhance their privileges.
The vulnerability of the Win32K component in Windows operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to gain increased privileges...
The vulnerability of the Libraries component of the Oracle Java SE software platform allows a perpetrator to execute arbitrary code.
The vulnerability of the Libraries component of the Oracle Java software platform relates to reading data beyond the buffer boundaries of memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the Windows operating system’s kernel, which allows a hacker to increase their privileges
The vulnerability of the Windows operating system’s kernel is related to overflow in the dynamic memory buffer. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the parser for the H.266 multimedia framework GStreamer allows a perpetrator to execute arbitrary code.
The vulnerability of the H.266 multimedia framework GStreamer parser is related to the lack of proper data validation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the libpng library lies in the lack of checks for an adequate number of input pixels. This allows attackers to exploit the system to disclose protected information and perform denial-of-service attacks.
The vulnerability of the libpng library lies in the lack of checks for a sufficient number of input pixels during the processing of the last partial portion of the palette extension in the ARM/AArch64 Neon optimization path. Exploiting this vulnerability can allow an attacker to disclose sensitiv...
The vulnerability of the Wi-Fi Protected Access WPA Supplicant allows a hacker to gain access to confidential data and compromise its integrity.
The vulnerability of the Wi-Fi Protected Access Point’s WPA Supplicant relates to the re-use of the encryption key. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to confidential data and compromise its integrity...
The vulnerability of the QEMU hardware emulation software, which allows a hacker to trigger a service failure
The vulnerability of the QEMU hardware emulation software is related to the allocation of unlimited memory. Exploiting this vulnerability can allow a hacker to cause a system failure...
The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit allows a hacker to induce a service failure.
The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit allows a hacker to induce a service failure.
The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerability of the drivers/driver_nmea2000.c component in the GPSd monitoring daemon allows a violator to cause a service failure.
The vulnerability of the drivers/drivernmea2000.c component in the GPSd monitoring daemon is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause a service failure...
The vulnerability of the authenticate component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the authenc component in the Linux operating system’s kernel is related to incorrect checking of the amount of data at input. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the Dawn web browser component in Google Chrome, which allows a hacker to trigger a service failure
The vulnerability of the Dawn web browser component in Google Chrome relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to cause a service failure through a specially created HTML page...
The vulnerability of the Navigation function in the Google Chrome web browser, which allows a hacker to trigger a service failure
The vulnerability of the Navigation function in the Google Chrome web browser is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to cause a service failure through a specially created HTML page...
The vulnerability of the Storport Miniport Driver for Windows operating systems allows a hacker to trigger a service failure.
The vulnerability of the Storport Miniport Driver for Windows operating systems is related to pointer aliasing. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the Microsoft Message Queuing (MSMQ) queue service on Windows operating systems allows a perpetrator to execute arbitrary code.
The vulnerability of the Microsoft Message Queuing MSMQ queue service on Windows operating systems is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the Windows operating system’s kernel, which allows a hacker to increase their privileges
The vulnerability of the Windows operating system’s kernel is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the SFTP component in the LibSSH authentication library allows a attacker to induce a service failure.
The vulnerability of the SFTP component in the LibSSH authentication library lies in the escape of the operation beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...
The vulnerability of the ANGLE component in the Google Chrome web browser, which allows a hacker to access confidential data
The vulnerability of the ANGLE web browser component in Google Chrome is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker to gain access to confidential data through a specially created HTML page...
The vulnerability of the Navigation function in the Google Chrome web browser, which allows a hacker to trigger a service failure
The vulnerability of the Navigation function in the Google Chrome web browser is related to the use of memory after it is freed. Exploiting this vulnerability could allow a malicious actor to cause a service failure through a specially created HTML page...
The vulnerability of the mbuf_get_bytes() and mbuf_get_chars() functions in PostgreSQL PgBouncer’s connection pool allows a attacker to cause a service failure.
The vulnerability of the mbufgetbytes and mbufgetchars functions in PostgreSQL’s PgBouncer connection pool lies in integer overflow. Exploiting this vulnerability could allow a malicious actor to cause a service failure by sending a specially crafted authentication packet called SCRAM...
The vulnerability of PostgreSQL PgBouncer’s connection pool software, related to the swapping of the zero pointer, allows a hacker to trigger a service failure.
The vulnerability of the PostgreSQL PgBouncer connection pool software relates to the assignment of the null pointer. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the Telnet Client command-line tool for Windows operating systems allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Telnet Client command-line tool for Windows operating systems relates to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow an attacker, working remotely, to gain unauthorized access to protected information...
The vulnerability of the Win32K component – GRFX in Windows operating systems – allows attackers to enhance their privileges.
The vulnerability of the Win32K component in Windows operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to gain increased privileges...
The vulnerability of the WebCodecs component in the Google Chrome web browser, which allows a hacker to trigger a service failure
The vulnerability of the WebCodecs component in the Google Chrome web browser relates to the use of memory after it is freed. Exploiting this vulnerability could allow a malicious actor to cause a service failure through a specially created HTML page...
The vulnerability of the JavaScript script handler in Google Chrome’s V8 browser allows a hacker to trigger a service failure.
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to the copying of buffers without checking the input data. Exploiting this vulnerability can allow an attacker to cause a service failure through a specially created HTML page...
The vulnerability of the WebGL component in Google Chrome web browser allows a hacker to trigger a service failure.
The vulnerability of the WebGL component in Google Chrome browser is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure through a specially created HTML page...