The vulnerability of the built-in boa server (/boafrm/formSysCmd) of the TOTOLINK EX1200T router’s microprogramming system allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the built-in server boa /boafrm/formSysCmd of the TOTOLINK EX1200T router’s microprogramming system lies in the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and...

The vulnerability of the built-in boa server (/boafrm/formSysLog) of the TOTOLINK EX1200T router’s microprogramming software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the built-in boa server /boafrm/formSysLog of the TOTOLINK EX1200T router’s microprogramming system is related to the issue of the operation exceeding the buffer in memory when processing the submit-url parameter. Exploiting this vulnerability allows a malicious actor to...

The vulnerability of the built-in boa server (/boafrm/formNtp) of TOTOLINK EX1200T router microprogramming software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the built-in boa server /boafrm/formNtp of the TOTOLINK EX1200T router’s microprogramming system is related to the issue of the operation going beyond the buffer in memory when processing the submit-url parameter. Exploiting this vulnerability allows a malicious actor to...

The vulnerability of the Yealink Meeting Server lies in the lack of measures taken at the management level to ensure data hygiene, allowing attackers to execute arbitrary codes.

The vulnerability of the Yealink Meeting Server lies in the lack of measures taken at the management level to protect data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

The vulnerability of the Yealink Meeting Server, related to the disclosure of information, allows a perpetrator to gain unauthorized access to confidential data.

The vulnerability of the Yealink Meeting Server relates to the disclosure of information. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to confidential information...

The vulnerability of the built-in boa server (/boafrm/formSaveConfig) of the TOTOLINK EX1200T router’s microprogramming software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the built-in boa server /boafrm/formSaveConfig of the TOTOLINK EX1200T router’s microprogramming software is related to the issue of the operation going beyond the buffer in memory when processing the submit-url parameter. Exploiting this vulnerability allows a malicious acto...

The vulnerability of the built-in boa server (/boafrm/formStats) of the TOTOLINK EX1200T router’s microprogramming software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the built-in boa server /boafrm/formStats of the TOTOLINK EX1200T router’s microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, an...

The vulnerability of the built-in server boa (/boafrm/formWirelessTbl) of the TOTOLINK EX1200T router’s microprogramming software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the built-in server boa /boafrm/formWirelessTbl of the TOTOLINK EX1200T router’s microprogramming software is related to the issue of the operation exceeding the buffer in memory when processing the submit-url parameter. Exploiting this vulnerability allows a malicious actor ...

The vulnerability of the vChamilo plugin of the eLearning and content management system Chamilo LMS lies in the lack of verification of the validity of XML objects’ sequences. This allows attackers to execute arbitrary SQL queries.

The vulnerability of the vChamilo plugin in the Chamilo LMS system is related to the lack of verification for the validity of XML objects’ sequences. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

The vulnerability of the Chamilo LMS electronic learning and content management system lies in the lack of verification of the validity of XML objects’ sequences. This allows attackers to execute arbitrary SQL queries.

The vulnerability of the Chamilo LMS, a system for electronic teaching and content management, lies in the lack of verification of the validity of XML objects’ sequences. Exploiting this vulnerability could allow an attacker, operating remotely, to execute arbitrary SQL queries...

The vulnerability of the Chamilo LMS electronic learning and content management system lies in the lack of verification of the validity of XML objects’ sequences. This allows attackers to execute arbitrary SQL queries.

The vulnerability of the Chamilo LMS, a system for electronic teaching and content management, lies in the lack of verification of the validity of XML objects’ sequences. Exploiting this vulnerability could allow an attacker, operating remotely, to execute arbitrary SQL queries...

The vulnerability of the OpenID authentication module of the Chamilo LMS system, related to the lack of verification of the validity of XML objects’ sequences, allows attackers to execute arbitrary SQL queries.

The vulnerability of the OpenID authentication module in the Chamilo LMS system relates to the lack of verification of the authenticity of XML objects. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

The vulnerability of the Chamilo LMS electronic learning and content management system lies in the lack of verification of the validity of XML objects’ sequences. This allows attackers to execute arbitrary SQL queries.

The vulnerability of the Chamilo LMS, a system for electronic teaching and content management, lies in the lack of verification of the validity of XML objects’ sequences. Exploiting this vulnerability could allow an attacker, operating remotely, to execute arbitrary SQL queries...

The vulnerability of the Chamilo LMS electronic learning and content management system lies in the lack of measures to neutralize special elements used within the operating system, allowing attackers to execute arbitrary SQL queries.

The vulnerability of the Chamilo LMS, a system for electronic teaching and content management, lies in the lack of measures taken to neutralize special elements used in the operating system. Exploiting this vulnerability could allow a malicious actor to execute arbitrary SQL queries remotely...

The vulnerability of the Chamilo LMS electronic learning and content management system lies in the lack of measures to neutralize special elements used within the operating system, allowing attackers to execute arbitrary SQL queries.

The vulnerability of the Chamilo LMS, a system for electronic teaching and content management, lies in the lack of measures taken to neutralize special elements used in the operating system. Exploiting this vulnerability could allow a malicious actor to execute arbitrary SQL queries remotely...

The vulnerability of the Chamilo LMS electronic learning and content management system lies in the lack of measures to neutralize special elements used within the operating system, allowing attackers to execute arbitrary SQL queries.

The vulnerability of the Chamilo LMS, a system for electronic teaching and content management, lies in the lack of measures taken to neutralize special elements used in the operating system. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute arbitrary SQL...

The vulnerability of the Chamilo LMS electronic learning and content management system lies in the lack of measures to neutralize special elements used within the operating system, allowing attackers to execute arbitrary SQL queries.

The vulnerability of the Chamilo LMS, a system for electronic teaching and content management, lies in the lack of measures taken to neutralize special elements used in the operating system. Exploiting this vulnerability could allow a malicious actor to execute arbitrary SQL queries remotely...

The vulnerability of the Chamilo LMS electronic learning and content management system lies in the lack of measures to neutralize special elements used within the operating system, allowing attackers to execute arbitrary SQL queries.

The vulnerability of the Chamilo LMS, a system for electronic teaching and content management, lies in the lack of measures taken to neutralize special elements used in the operating system. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute arbitrary SQL...

Vulnerability eliminated

...

The vulnerability of the Chamilo LMS electronic learning and content management system, related to deficiencies in the deserialization mechanism used by the operating system, allows attackers to create arbitrary classes.

The vulnerability of the Chamilo LMS, a system for electronic teaching and content management, is related to deficiencies in the deserialization mechanisms used in the operating system. Exploiting this vulnerability could allow an attacker to create arbitrary classes...

The vulnerability of the Chamilo LMS system for electronic learning and content management lies in the insufficient verification of incoming requests used by the operating system. This allows attackers to execute arbitrary HTTP requests.

The vulnerability of the Chamilo LMS, a system for electronic teaching and content management, lies in the insufficient verification of incoming requests used by the operating system. Exploiting this vulnerability could allow a malicious actor to execute arbitrary HTTP requests remotely...

The vulnerability of the AsIO3.sys driver, a software for managing and configuring Asus Armoury Crate devices, allows a hacker to elevate their privileges in the Windows operating system to the SYSTEM level.

The vulnerability of the AsIO3.sys driver, a software for managing and configuring Asus Armoury Crate devices, is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to elevate their privileges in the Windows operating system to SYSTE...

The vulnerability of the iTop web tool for managing IT services arises from the lack of measures to neutralize special elements, allowing attackers to execute arbitrary code.

The vulnerability of the iTop IT service management web tool is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

XWiki () Has been postponed

...

The Network Configuration Manager (NCM) software, which is related to the failure to protect the structure of web pages, allows attackers to carry out XSS attacks.

The Network Configuration Manager NCM software is associated with the failure to take measures to protect the structure of web pages. Exploiting this vulnerability can allow a malicious actor to carry out XSS attacks remotely...

The vulnerability of the setWizardCfg() function (/cgi-bin/cstecgi.cgi) in the TOTOLINK T10 router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the setWizardCfg function /cgi-bin/cstecgi.cgi of the TOTOLINK T10 router software is related to the issue of data being written outside the buffer in memory when processing the parameter ssid5g. Exploiting this vulnerability allows a malicious actor to compromise the...

The vulnerability of the XWiki platform for creating collaborative web applications lies in its lack of protection for website structures. This allows attackers to execute arbitrary JavaScript code.

The vulnerability of the XWiki Platform lies in the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code remotely...

The vulnerability of Contour.Talk video conferencing software for macOS, related to the use of an insecure search path, allows attackers to escalate their privileges and gain unauthorized access to the system.

The vulnerability of Contour.Talk software for macOS-related video conferencing systems is related to the use of an insecure search path. Exploiting this vulnerability can allow attackers to enhance their privileges and gain unauthorized access to the system...

The vulnerability of the virtual learning environment Moodle, which allows a intruder to gain unauthorized access to protected information

The vulnerability in the virtual learning environment Moodle is related to the disclosure of information. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

XWiki () Has been postponed

...

The vulnerability of the web interfaces of IBM OpenPages and IBM OpenPages with Watson allows a hacker to intercept user sessions.

The vulnerability of the IBM OpenPages and IBM OpenPages with Watson web interfaces relates to improper session management. Exploiting this vulnerability can allow a malicious actor to intercept a user’s session...

The vulnerability in the web interface of the risk management platforms IBM OpenPages and IBM OpenPages with Watson allows a attacker to perform a CSRF attack.

The vulnerability of the web interfaces of IBM OpenPages and IBM OpenPages with Watson relates to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to execute a CSRF attack remotely...

The vulnerability in the web interface of the risk management platforms IBM OpenPages and IBM OpenPages with Watson allows attackers to carry out XXE attacks.

The vulnerability of the IBM OpenPages and IBM OpenPages with Watson web interfaces relates to incorrect restrictions on XML links to external objects. Exploiting this vulnerability allows a malicious actor to perform XXE attacks remotely...

The vulnerability of the web interfaces of IBM OpenPages and IBM OpenPages with Watson allows a hacker to gain access to confidential information.

The vulnerability of the IBM OpenPages and IBM OpenPages with Watson risk management web interfaces is related to improper verification of certificate authenticity. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to confidential information...

The vulnerability of the software product lies in its ability to identify, simulate, and visualize application architectures in real time. The IBMTivoli Application Dependency Discovery Manager (TADDM) is susceptible to this vulnerability due to the lack of measures taken to protect the structure of web pages. This allows attackers to execute cross-site scripting attacks.

The vulnerability of the software product for identifying, modeling, and visualizing application architectures in real time – IBMTivoli Application Dependency Discovery Manager TADDM – is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability...

The vulnerability of the web interface of IBM OpenPages and IBM OpenPages with Watson allows a hacker to inject any command they desire.

The vulnerability of the IBM OpenPages and IBM OpenPages with Watson web interfaces relates to improper processing of output data for registration logs. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

The vulnerability in the web interface of the risk management platforms IBM OpenPages and IBM OpenPages with Watson allows a hacker to execute arbitrary HTML code.

The vulnerability of the web interface of IBM OpenPages and IBM OpenPages with Watson relates to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary HTML code remotely...

The vulnerability of the IBM i operating system, related to an uncontrolled element in the search process, allows a perpetrator to execute arbitrary code with administrator privileges.

The vulnerability of the IBM i operating system is related to an uncontrolled element in the search process. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

The vulnerability in the web interface of the risk management platforms IBM OpenPages and IBM OpenPages with Watson allows a perpetrator to write or re-write any files as desired.

The vulnerability of the IBM OpenPages and IBM OpenPages with Watson web interfaces relates to incorrect restrictions on the path name to the restricted catalog. Exploitation of this vulnerability could allow a malicious actor to write to or re-write any files remotely...

The vulnerability of the web interface of the risk management platforms IBM OpenPages and IBM OpenPages with Watson allows attackers to compromise the integrity of protected information.

The vulnerability of the web interface of IBM OpenPages and IBM OpenPages with Watson relates to the lack of traceability in the trust chain during certificate verification. Exploitation of this vulnerability could allow a malicious actor, operating remotely, to compromise the integrity of the...

The vulnerability of the IBM Watson Query on Cloud Pak for Data software lies in the insecure management of privileges, allowing an attacker to gain unauthorized access to protected information.

The vulnerability of IBM Watson Query on Cloud Pak for Data relates to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to unlimited resource distribution, allows a hacker to cause a service failure.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to unlimited resource distribution, allows a hacker to cause a service failure.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the unlimited distribution of resources during HTTP response processing. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to bypassing authentication via a user-controlled key, allows unauthorized access to protected information.

The vulnerability of the Git-based software platform for collaborative code development on GitLab relates to bypassing authentication using a key controlled by the user. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the implementation of the WOPI protocol for the ONLYOFFICE Docs office online package allows a perpetrator to carry out cross-site scripting attacks.

The vulnerability of the WOPI protocol implementation in the ONLYOFFICE Docs online package DocumentServer is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks by sending specially...

The vulnerability of the Git-based software platform for collaborative code development on GitLab arises from the execution of a loop with an unreachable exit condition, allowing a hacker to trigger a service failure.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to unlimited resource distribution, allows a hacker to cause a service failure.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the unlimited distribution of resources when processing token names. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

The vulnerability of the Git-based software platform for collaborative code development on GitLab arises from synchronization errors when using a shared resource. This vulnerability allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the software platform based on Git for collaborative code development in GitLab Enterprise Edition (EE) is related to deficiencies in the authentication process, which allows attackers to gain read and edit access to data.

The vulnerability of the Git-based software platform for collaborative code development in GitLab Enterprise Edition is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain read and edit access to data...

The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from the lack of protective measures for website structures, allowing attackers to gain access to user accounts.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to a user’s account...