Lucene search
K
Bdu FstecRecent

90509 matches found

BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.2 views

The vulnerability of the PDF component in the Google Chrome web browser, which allows a hacker to trigger a service failure

The vulnerability of the PDF component in the Google Chrome web browser relates to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to cause a service failure using a specially created PDF file...

7.5CVSS7.3AI score0.00417EPSS
Exploits0References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.3 views

The vulnerability of the Azure SDK for Java development software package lies in its authentication procedures’ flaws, which allow attackers to circumvent security restrictions.

The vulnerability of the Azure SDK for Java development software package is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor to circumvent security restrictions remotely...

9.4CVSS6AI score0.00479EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.2 views

The vulnerability of the Ancillary Function Driver for WinSock in Windows operating systems allows attackers to increase their privileges.

The vulnerability of the Ancillary Function Driver for WinSock operating systems in Windows relates to access to resources through incompatible types. Exploiting this vulnerability can allow attackers to increase their privileges...

7.8CVSS5.8AI score0.00314EPSS
Exploits0References2Affected Software21
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.1 views

The vulnerability of the AppID service for operating systems Windows allows attackers to increase their privileges.

The vulnerability of the AppID service for operating systems running on Windows lies in the fact that operations are performed outside of the buffer in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS5.9AI score0.00326EPSS
Exploits0References2Affected Software21
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.2 views

The vulnerability of the WebCodecs component in the Google Chrome web browser allows a hacker to gain access to confidential data or cause a service failure.

The vulnerability of the WebCodecs component in the Google Chrome web browser is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to gain access to confidential data or cause service failures through a specially creat...

9.4CVSS7.5AI score0.00193EPSS
Exploits0References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.3 views

The vulnerability of the TanStack library set, related to the presence of undeclared capabilities, allows a hacker to execute arbitrary code.

The vulnerability of the TanStack library set is related to the presence of undeclared features. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.8AI score0.02342EPSS
Exploits3References6Affected Software42
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.3 views

The vulnerability of the KILL_CLIENT command in the PostgreSQL PgBouncer connection pool’s software allows a hacker to trigger a service failure.

The vulnerability of the KILLCLIENT command in the PostgreSQL PgBouncer connection pool software is related to the absence of authentication. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

4.3CVSS5.7AI score0.00287EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.3 views

The vulnerability of the SAP S/4HANA software platform, related to the lack of measures taken to protect the SQL query structure, allows attackers to gain unauthorized access to protected information and trigger service failures.

The vulnerability of the SAP S/4HANA software platform is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to protected information and cause service failures by sending specially crafted S...

9.6CVSS6.1AI score0.00466EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.3 views

The vulnerability of the strlcat() function in PostgreSQL PgBouncer software allows a attacker to execute arbitrary code or cause service interruptions.

The vulnerability of the strlcat function in PostgreSQL PgBouncer software-related connectivity libraries is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or cause service failur...

8.1CVSS6.4AI score0.00372EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.3 views

The vulnerability of the TCP/IP protocol implementation in Windows operating systems allows attackers to enhance their privileges.

The vulnerability of the TCP/IP protocol implementation in Windows operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS5.8AI score0.00205EPSS
Exploits0References2Affected Software21
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.2 views

The vulnerability of the data protection software through backup using PowerProtect Data Domain for Dell EMC Data Domain Operating Systems allows a hacker to execute arbitrary commands with root privileges.

The vulnerability of the data protection software through PowerProtect Data Domain’s backup solution for Dell EMC Data Domain Operating Systems is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to execute arbitrary commands with root...

9CVSS6AI score0.00441EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.3 views

The vulnerability of the Mattermost instant messaging application, related to the lack of authentication, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Mattermost instant messaging application is related to the lack of authentication. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

4.3CVSS6.4AI score0.00165EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.4 views

The vulnerability of the Mattermost instant messaging application, related to information disclosure, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Mattermost instant messaging application is related to the disclosure of information. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

4.3CVSS5.8AI score0.00184EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.2 views

Vulnerability of specialized cryptographic modules: BC Java bcpkix on All (API modules), BC Java bcprov on All (API modules), BCPKIX FIPS bcpkix-fips on All (API modules). Libraries from Bouncy Castle allow attackers to exploit these resources excessively.

The vulnerability of specialized cryptographic modules such as BC Java bcpkix in All API modules, BC Java bcprov in All API modules, and BCPKIX FIPS bcpkix-fips in All API modules is related to unlimited resource allocation. Exploiting this vulnerability can allow a remote attacker to excessively...

5.3CVSS6.8AI score0.0043EPSS
Exploits0References5Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.4 views

The vulnerability of the GetAlertData() function on the security monitoring and threat detection platform Wazuh allows a malicious actor to trigger a service failure.

The vulnerability of the GetAlertData function on the security monitoring and threat detection platform Wazuh is related to a violation of the buffer’s initial limit. Exploiting this vulnerability could allow an attacker to trigger a service failure...

5.5CVSS5.8AI score0.00169EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.3 views

The vulnerability of the Axon Code Parser AI-tool for developing Axon Code Models allows a perpetrator to execute arbitrary code.

The vulnerability of Axon Code Parser AI-tool for developing Axon Code Models exists due to the incorrect use of incompatible command parsers shell-quote libraries based on Unix for analyzing commands on the Windows platform. Additionally, there are issues with the improper handling of escape...

10CVSS6.2AI score0.01376EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.2 views

The vulnerability in the web interface for controlling the Cisco Unity Connection integrated messaging system allows a attacker to perform an SSRF attack.

The vulnerability in the web interface for managing the Cisco Unity Connection integrated messaging system is related to insufficient validation of requests on the server side. Exploiting this vulnerability allows a malicious actor to perform an SSRF attack remotely...

7.2CVSS5.7AI score0.00427EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.2 views

The vulnerability of the file-xwd.c component of the GIMP graphic editor allows a hacker to cause a service failure.

The vulnerability of the file-xwd.c component of the GIMP graphic editor is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to cause a service failure using the malicious file...

7.8CVSS7.2AI score0.00622EPSS
Exploits0References13Affected Software6
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.5 views

The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in their uncontrolled resource consumption, which allows attackers to cause service interruptions.

The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to uncontrolled resource consumption. Exploiting these vulnerabilities can allow attackers to cause service interruptions remotel...

7.8CVSS5.7AI score0.15933EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.3 views

The vulnerability of the microprogrammed network interface cards of SONICWALL series SMA 1000 allows a intruder to elevate their privileges to the level of an administrator.

The vulnerability of the microprogrammed network interface cards of SONICWALL series SMA 1000 is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability can allow an attacker to elevate their privileges to the level of administrator...

9CVSS7.3AI score0.00613EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.3 views

The vulnerability of the tplgdecode_control_mixer1 function in the library for interacting with kernel audio drivers from Alsa-lib, which allows a hacker to cause a service failure.

The vulnerability of the tplgDecodeControlmixer1 function in the library for interacting with kernel audio drivers is related to unvalidated array indexing. Exploiting this vulnerability could allow a malicious actor to cause service failures through a specially created file...

4.3CVSS5.8AI score0.00191EPSS
Exploits0References9Affected Software6
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.3 views

The vulnerability in the web interface for controlling the Cisco Unity Connection integrated messaging system allows a perpetrator to execute arbitrary code.

The vulnerability in the web interface for managing the Cisco Unity Connection integrated messaging system is related to an incorrect restriction on the path name to the directory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

9CVSS6.1AI score0.00712EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.2 views

The vulnerability of the Cisco IOS XE operating system’s command-line interface allows a hacker to trigger a service failure.

The vulnerability of the Cisco IOS XE operating system’s command-line interface is related to the improper assignment of privileges. Exploiting this vulnerability can allow an attacker to cause a service failure...

6.5CVSS6.1AI score0.00092EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.2 views

The software for email security from SonicWall has a vulnerability related to incorrect input validation. This allows attackers to gain unauthorized access to protected information.

The vulnerability of SonicWall Email Security’s email security software lies in the improper validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

5.5CVSS5.8AI score0.00321EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.2 views

The vulnerability of the Security component of the Oracle Java SE software platform, as well as the Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines, allows attackers to gain access to read, modify, and delete data.

The vulnerability of the Security component of the Oracle Java SE software platform, as well as of the Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines, is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker to...

2.9CVSS7.2AI score0.00124EPSS
Exploits0References8Affected Software8
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.5 views

The vulnerability of the Cisco IOS XE operating system’s loader allows a hacker to execute arbitrary code.

The vulnerability of the Cisco IOS XE operating system loader is related to a violation of the initial buffer boundary. Exploiting this vulnerability allows an attacker to execute arbitrary code...

6.6CVSS6.2AI score0.00162EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.2 views

The vulnerability of the library that accesses HTTP servers via LibSoup allows a perpetrator to gain access to confidential data or cause service failures.

The vulnerability of the LibSoup library for HTTP servers is related to a countable loss of significance. Exploiting this vulnerability could allow an attacker to gain access to confidential data or cause service failures...

6.5CVSS6.6AI score0.0042EPSS
Exploits0References9Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.2 views

The vulnerability of the ClonePixelCacheRepository() function in the magick/cache.c component of the ImageMagick console graphics editor allows a hacker to cause a service failure.

The vulnerability of the ClonePixelCacheRepository function in the magick/cache.c component of the ImageMagick console graphics editor is related to pointer dereferencing errors. Exploiting this vulnerability could allow an attacker to cause a service failure through the use of a specially create...

5.3CVSS6.7AI score0.00429EPSS
Exploits0References10Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.2 views

The vulnerability of the MSLEndElement() function in the coders/msl.c component of the ImageMagick console graphics editor allows a hacker to cause a service failure.

The vulnerability of the MSLEndElement function in the ImageMagick console graphics editor’s coders/msl.c component is related to pointer dereferencing errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

7.5CVSS6.5AI score0.0043EPSS
Exploits1References11Affected Software7
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.2 views

The vulnerability of the SubtableUnicodesCache::create() function in the src/hb-ot-cmap-table.hh file of the HarfBuzz text conversion library allows a hacker to trigger a service failure.

The vulnerability of the SubtableUnicodesCache::create function in the src/hb-ot-cmap-table.hh file of the HarfBuzz text conversion library is related to pointer dereferencing errors. Exploiting this vulnerability could allow an attacker to cause service failures...

5.3CVSS6AI score0.00377EPSS
Exploits1References11Affected Software6
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.2 views

The vulnerability of the sch_teql component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the schteql component in the Linux operating system’s kernel is related to the dereferencing of a pointer whose validity has expired. Exploiting this vulnerability can allow an attacker to trigger a service failure...

7CVSS7AI score0.00134EPSS
Exploits0References18Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.5 views

The vulnerability of the Mattermost instant messaging application, related to access control errors, allows a malicious user to reduce the privileges of arbitrary users.

The vulnerability of the Mattermost instant messaging application is related to access control errors. Exploiting this vulnerability could allow a malicious actor to reduce the privileges of arbitrary users...

5.5CVSS5.9AI score0.00159EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.3 views

The vulnerability of the REST API interface of the H2O machine learning platform allows a perpetrator to execute arbitrary code.

The vulnerability of the REST API interface of the H2O machine learning platform is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.6AI score0.0064EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.4 views

The vulnerability of the Win32K component – ICOMP in Windows operating systems, which allows attackers to exploit their privileges.

The vulnerability of the Win32K component – ICOMP in Windows operating systems is related to access to resources through incompatible types. Exploiting this vulnerability can allow attackers to increase their privileges...

7.8CVSS5.8AI score0.00345EPSS
Exploits0References2Affected Software14
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.2 views

The vulnerability of DVB (Digital Video Broadcasting) plugins of the Gstreamer multimedia framework allows a hacker to execute arbitrary code.

The vulnerability of DVB Digital Video Broadcasting plugins of the Gstreamer multimedia framework is related to the lack of proper validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.8CVSS7.5AI score0.00729EPSS
Exploits0References7Affected Software11
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.2 views

The vulnerability of the libpng library, which allows a hacker to gain access to freed memory

The vulnerability of the libpng library lies in the transfer of a pointer obtained from functions like pnggetPLTE, pnggettRNS, or pnggethIST back to the corresponding function for setting values for the same pair of structures pngstruct and pnginfo. This causes reading from the freed memory and...

5.1CVSS5.9AI score0.00195EPSS
Exploits1References10Affected Software11
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.3 views

The vulnerability of the data protection software through backup using PowerProtect Data Domain for Dell EMC Data Domain Operating Systems allows attackers to gain unauthorized access to protected information.

The vulnerability of the data protection software through backup using PowerProtect Data Domain for Dell EMC Data Domain Operating Systems is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability could allow an attacker to gain unauthorized access to...

6.8CVSS5.8AI score0.00368EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.2 views

The vulnerability of the software for centralized identity management systems like FreeIPA allows a perpetrator to gain access to confidential data.

The vulnerability of the FreeIPA identity management software is related to deficiencies in the authorization process. Exploiting this vulnerability could allow a perpetrator to gain access to confidential data...

5.5CVSS6AI score0.00226EPSS
Exploits0References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.2 views

Vulnerabilities in web browsers Firefox and Firefox ESR, as well as the Thunderbird email client, allow attackers to gain access to confidential data and compromise its integrity.

The vulnerabilities in web browsers Firefox and Firefox ESR, as well as the email client Thunderbird, are related to insufficient input data validation. Exploiting these vulnerabilities can allow an attacker to gain access to confidential data and compromise its integrity...

8CVSS7.2AI score0.00417EPSS
Exploits0References15Affected Software6
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.2 views

The vulnerability of the `tt_var_load_item_variation_store` function in the 2D component of the Oracle Java SE software platform, as well as in the Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines, allows a malicious actor to cause a service failure.

The vulnerability of the ttvarloaditemvariationstore function in the 2D component of the Oracle Java SE software platform, as well as in the Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines, relates to reading data beyond the allowed range of memory. Exploitation of...

5.4CVSS7.2AI score0.00141EPSS
Exploits0References7Affected Software7
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.2 views

The vulnerability of the JAXP component of the Oracle Java SE software platform, as well as of the Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines, allows attackers to gain unauthorized access to devices.

The vulnerability of the JAXP component in the Oracle Java SE software platform and the Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker, operating remotely, to...

7.8CVSS7.2AI score0.00702EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.3 views

The vulnerability of the JSE component of Oracle Java SE software, as well as of the Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines, allows attackers to trigger a service failure.

The vulnerability of the JSE component of Oracle Java SE software, as well as of the Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines, is related to a breach of data protection mechanisms. Exploiting this vulnerability can allow an attacker, operating remotely, to cau...

5.4CVSS7.2AI score0.00305EPSS
Exploits0References8Affected Software8
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.2 views

The vulnerability of the data protection software through backup using PowerProtect Data Domain for Dell EMC Data Domain Operating Systems allows a hacker to execute arbitrary commands with root privileges.

The vulnerability of the data protection software through PowerProtect Data Domain’s backup solution for Dell EMC Data Domain Operating Systems is related to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability could allow an attacker to execute arbitrary...

6.8CVSS6AI score0.00571EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.3 views

The vulnerability of the print spooler daemon on Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the Windows Print Spooler in operating systems related to the print queue is associated with synchronization errors when using shared resources. Exploiting this vulnerability can allow attackers to increase their privileges...

7CVSS5.8AI score0.0029EPSS
Exploits0References2Affected Software21
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.2 views

The vulnerability of the Thunderbird email client, allowing a hacker to gain access to confidential data

The vulnerability of the Thunderbird email client is related to the lack of mechanisms for encoding or shielding output data. Exploiting this vulnerability can allow a remote attacker to gain access to confidential data...

5CVSS7AI score0.00159EPSS
Exploits0References10Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.4 views

The vulnerability of the Cisco IOS XE operating system’s TLS library allows attackers to trigger memory exhaustion or service failure.

The vulnerability of the Cisco IOS XE operating system’s TLS library is related to the absence of references to an active, allocated resource. Exploiting this vulnerability can allow a malicious actor to induce memory exhaustion or service failure from a remote perspective...

7.4CVSS5.8AI score0.00179EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.7 views

The vulnerability of the LibreOffice office software package, related to writing beyond the buffer limit, allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the LibreOffice office software package is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS7.2AI score0.00078EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.3 views

Vulnerabilities in web browsers Firefox and Firefox ESR, as well as the Thunderbird email client, allow attackers to trigger a service failure.

The vulnerabilities in web browsers Firefox and Firefox ESR, as well as the Thunderbird email client, are related to the use of memory after it is freed. Exploiting these vulnerabilities can allow an attacker to cause service interruptions remotely...

10CVSS7.3AI score0.00423EPSS
Exploits0References17Affected Software6
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.3 views

The vulnerability of the msl.c component in the console-based image editing tool ImageMagick allows a hacker to gain access to confidential data or cause a service failure.

The vulnerability of the msl.c component in the console-based image editing tool ImageMagick is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to gain access to confidential data or cause service interruptions...

7.4CVSS7.4AI score0.00272EPSS
Exploits0References9Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.2 views

The vulnerabilities of the `png_set_TRNX` and `png_set_PLTE` functions in the LIBPNG library allow attackers to execute arbitrary code or cause service interruptions.

The vulnerability of the pngsettRNS and pngsetPLTE functions in the LIBPNG library is related to improper memory management during data deallocation. Exploiting this vulnerability may allow an attacker to gain access to the freed memory area, which could lead to the execution of arbitrary code or...

7.6CVSS6.6AI score0.01052EPSS
Exploits1References11Affected Software9
Total number of security vulnerabilities90509