The vulnerability of the ucsi_connector_change() function in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the ucsiconnectorchange function in the Linux operating system is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the amdtee_openSession() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the amdteeopenSession function in the Linux operating system’s kernel is related to the use of memory after it is freed in a race-like situation. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Vinteo video conference software’s interface component arises from insufficient validation of input data, allowing a hacker to execute arbitrary code in the administrator panel.

The vulnerability of the Vinteo video conference software’s interface component exists due to insufficient verification of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in the administrator panel...

The vulnerability of the Vinteo video conference software server lies in the lack of protective measures for website structures. This allows attackers to carry out XSS attacks and execute arbitrary requests.

The vulnerability of the Vinteo video conference software server lies in the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely and execute arbitrary requests...

The vulnerability of the hci_cmd_sync_clear() function in the Linux operating system’s Bluetooth kernel implementation allows a intruder to cause a service failure.

The vulnerability of the hcicmdsyncclear function in the Linux operating system’s Bluetooth kernel implementation is related to the use of memory after it is freed due to a race condition. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the commercial vBulletin web forum, related to improper protection of the alternative path, allows a hacker to execute arbitrary code.

The vulnerability of the commercial vBulletin web forum is related to improper protection of an alternative path. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the vBulletin commercial web forum, related to improper protection of the alternative path, allows attackers to bypass existing security restrictions and execute arbitrary code.

The vulnerability of the commercial vBulletin web forum is related to improper protection of an alternative path. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and execute arbitrary code...

The vulnerability of the monitoring tool for Synthetics in the Kibana data visualization service allows a violator to increase their privileges.

The vulnerability of the monitoring tool for Synthetics in the Kibana data visualization service is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to increase their privileges by sending a specially crafted HTTP request...

The vulnerability of the Libinfo library in macOS operating systems, which allows attackers to increase their privileges

The vulnerability of the Libinfo library in macOS operating systems is related to integer overflow. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

The vulnerability of the Mozilla Firefox browser, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of the Mozilla Firefox browser is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the PolicyServerWindowsService class in the PolicyServer server, which is part of Trend Micro Endpoint Encryption (TMEE), allows a perpetrator to execute arbitrary code.

The vulnerability of the PolicyServerWindowsService class in the PolicyServer server, a component of the Trend Micro Endpoint Encryption TMEE data encryption tool, is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker operating remotely to...

The vulnerability of the mobile device registration and mobile application deployment mechanism of Splunk Secure Gateway, a platform for operational analytics in Splunk Enterprise, arises from insufficient protection of registration data. This vulnerability allows attackers to gain unauthorized access to protected information.

The vulnerability of the mobile device registration and mobile application deployment mechanism of Splunk Secure Gateway, a platform for operational analytics in Splunk Enterprise, is related to insufficient protection of registration data. Exploiting this vulnerability could allow an attacker...

The vulnerability of the `mov_read_trak` function in the libavformat library, a multimedia library within FFmpeg, allows a attacker to cause a service failure.

The vulnerability of the movreadtrak function in the libavformat library, a multimedia library within FFmpeg, is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the storage mechanism in macOS operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of macOS storage operations is related to errors in the use of standard permissions. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information remotely...

The vulnerability of the kernel of iPadOS and macOS allows a hacker to gain access to read and modify data.

The vulnerability of the kernel in iPadOS and macOS is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to gain read and write access to data...

The vulnerability of the IDE Assets component in the Xcode development environment allows a hacker to gain unauthorized access to protected information.

The vulnerability of the IDE Assets component in the Xcode development environment is related to insufficient protection of sensitive data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

The vulnerability of the net_dm_monitor_start() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the netdmmonitorstart function in the Linux operating system is related to the use of uninitialized resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the `bfq_release_process_ref()` function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the bfqreleaseprocessref function in the Linux operating system is related to the repeated use of previously released memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the ACL-policy search mechanism based on application prefixing by the Nomad orchestrator allows attackers to bypass existing security mechanisms.

The vulnerability of the ACL-policy-based search mechanism of the Nomad application lies in the improper assignment of access control rules. Exploiting this vulnerability allows a malicious actor to bypass existing security mechanisms by creating tasks with special prefix names...

The vulnerability in the fs/smb/client/cached_dir.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the fs/smb/client/cacheddir.c module of the Linux operating system is related to errors during the update of the link counters. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the JDBC driver pgjdbc, which allows Java programs to connect to PostgreSQL databases, enables attackers to execute “man-in-the-middle” attacks.

The vulnerability of the JDBC driver pgjdbc, which allows Java programs to connect to PostgreSQL databases, is related to deficiencies in the authentication process. Exploiting this vulnerability could enable a malicious actor to carry out a “man-in-the-middle” attack...

Vulnerabilities of the EXPORT_SYMBOL_GPL(), iscsi_session_teardown(), and iscsi_sw_tcp_sessiondestroy() functions of the Linux operating system, allowing a hacker to cause a service failure

The vulnerabilities of the EXPORTSYMBOLGPL, iscsisessionteardown, and iscsiswtcpsessiondestroy functions in the Linux operating system are related to the use of memory after it is freed. Exploiting these vulnerabilities can allow an attacker to cause a service failure...

The vulnerability of the Custom Frontend Plugin component of the Grafana monitoring and observation platform allows attackers to perform cross-site scripting (XSS) attacks.

The vulnerability of the Custom Frontend Plugin component of the Grafana monitoring and observation platform is related to improper input validation during the creation of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting XSS attacks remotely...

The vulnerability of the “Termide Virtual Desktops Connection Monitor” software agent, which stems from insufficient verification of data authenticity, allows a perpetrator to specify a path to an arbitrary file.

The vulnerability of the “Termide Virtual Desktops Connection Monitor” software agent is related to insufficient verification of data authenticity. Exploiting this vulnerability allows a malicious actor to specify a path to an alternative executable file...

The vulnerability of the “Termide Virtual Desktops Connection Manager” software server arises from improper processing of X-Forwarded-For HTTP requests, allowing attackers to bypass authentication procedures.

The vulnerability of the “Termide Virtual Desktops Connection Manager” software server is related to the improper processing of X-Forwarded-For HTTP requests. Exploiting this vulnerability allows a malicious actor to bypass authentication procedures remotely...

The vulnerability of the session agent of the software complex “Termide Virtual Workstations Dispatching System” relates to the failure to take measures to protect the request structure, allowing attackers to enhance their privileges.

The vulnerability of the session agent component of the “Termide Virtual Desktops Connection Manager” software is related to the lack of protective measures for the request structure. Exploiting this vulnerability allows a malicious actor to enhance their privileges through specially crafted...

The vulnerability of the M-Files Server platform’s interface allows a perpetrator to read arbitrary files.

The vulnerability of the M-Files Server platform’s automation interface is related to incorrect restrictions on the path name to the restricted catalog during the processing of the final point. Exploiting this vulnerability allows a malicious actor to remotely read arbitrary files...

The vulnerability of the “Termide Virtual Desktops Connection Monitor” software agent arises from the lack of protective measures for the request structure, allowing a perpetrator to execute arbitrary code.

The vulnerability of the “Termide Virtual Desktops Connection Monitor” software agent is related to the lack of protective measures for the request structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the “Termide Virtual Desktops Connection Manager” software server system, related to deficiencies in the testing mechanism for integrations, allows a hacker to disclose protected information.

The vulnerability of the “Termide Virtual Desktops Connection Manager” software suite is related to deficiencies in the testing mechanisms for integrations. Exploiting this vulnerability allows a malicious actor to disclose sensitive information...

The vulnerability in the web interface of the “Termide Virtual Desktops Connection Manager” software allows a attacker to perform XSS attacks.

The vulnerability of the software interface “Termide Virtual Desktops Connection Manager” is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

The vulnerability of the ReadString function in the SAP MDM Server management server allows a perpetrator to cause a service failure.

The vulnerability of the ReadString function in the SAP MDM Server management server relates to the release of previously unallocated memory. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

The vulnerability of the SAP Plug-In Basis plugin of the SAP Business Warehouse system, related to deficiencies in the authentication process, allows an intruder to gain unauthorized access to protected information.

The vulnerability of the SAP Plug-In Basis component of the SAP Business Warehouse system is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the AC system’s risk management plugin, along with compliance requirements and corporate governance in SAP GRC, allows a perpetrator to gain unauthorized access to read and modify data.

The vulnerability of the AC system’s risk management plugin, as well as issues related to compliance requirements and SAP GRC Governance, Risk, and Compliance corporate management, are linked to deficiencies in the authorization process. Exploiting this vulnerability could allow an attacker...

The vulnerability of the Web Intelligence component of the SAP BusinessObjects Business Intelligence platform allows a perpetrator to upload arbitrary files.

The vulnerability of the Web Intelligence component of the SAP BusinessObjects Business Intelligence platform is related to the use of an unreliable search path. Exploiting this vulnerability allows attackers to upload arbitrary files...

The vulnerability in the web-based software modeling tool, Visual Composer, of the SAP NetWeaver software integration platform allows a hacker to gain access to and modify data.

The vulnerability of the Visual Composer web tool, a software modeling tool within the SAP NetWeaver integration platform, is related to an incorrect restriction on the path to the restricted access catalog. Exploiting this vulnerability could allow an attacker to gain read and modify access to...

The vulnerability of the gt-xsd-core and gt-wfs-ng libraries of GeoTools allows attackers to perform XXE attacks.

The vulnerability of the gt-xsd-core and gt-wfs-ng libraries of GeoTools is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability could allow a malicious actor to perform XXE attacks remotely...

The vulnerability of the BI Workspace component of the SAP BusinessObjects Business Intelligence platform allows attackers to execute cross-site scripting attacks.

The vulnerability of the BI Workspace component of the SAP BusinessObjects Business Intelligence platform is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

The vulnerability of the PROFINET protocol implementation in the modular safety system SIRIUS 3RK3 and the safety relay software SIRIUS 3SK2 allows a intruder to disclose protected information.

The vulnerability of the PROFINET protocol implementation in the modular safety system SIRIUS 3RK3 and the safety relay software SIRIUS 3SK2 is related to a weak password obfuscation during data transmission. Exploiting this vulnerability could allow an attacker, operating remotely, to disclose t...

The vulnerability of the Milestone XProtect software installer allows a intruder to disclose protected information.

The vulnerability of the Milestone XProtect video surveillance software installer is related to the lack of data encryption measures. Exploiting this vulnerability could allow a remote attacker to disclose the protected information...

The vulnerability of the PROFINET protocol implementation in the modular security system software SIRIUS 3RK3, as well as the security relay software SIRIUS 3SK2, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the PROFINET protocol implementation in the modular security system SIRIUS 3RK3 and the security relay software SIRIUS 3SK2 is related to the improper assignment of permissions for critical resources. Exploiting this vulnerability could allow an intruder to gain unauthorized...

The vulnerability of the PROFINET protocol implementation in the modular safety system SIRIUS 3RK3 and the safety relay software SIRIUS 3SK2 allows a intruder to disclose protected information.

The vulnerability of the PROFINET protocol implementation in the modular safety system SIRIUS 3RK3 and the safety relay software SIRIUS 3SK2 lies in the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow an intruder to remotely exploit the syst...

The vulnerability of the Enterprise Event Enablement component of the SAP S/4HANA software platform allows a malicious actor to elevate their privileges and execute arbitrary code.

The vulnerability of the Enterprise Event Enablement component of the SAP S/4HANA software platform is related to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...

The vulnerability of the sub_41619C() function in NETGEAR EX3700 router microprogramming software allows a hacker to induce a service failure.

The vulnerability of the sub41619C function in NETGEAR EX3700 router microprogramming software is related to buffer overflow in the stack. Exploiting this vulnerability can allow a malicious actor to trigger a service failure by sending a specially crafted GET request remotely...

The vulnerability of Microsoft SharePoint Server and SharePoint Enterprise Server lies in the lack of protective measures for SQL query structures, allowing attackers to execute arbitrary code.

The vulnerability of Microsoft SharePoint Server and SharePoint Enterprise Server lies in the lack of security measures for SQL query structures. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

The vulnerability of the Netlogon service in Microsoft Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the Netlogon service in Microsoft Windows operating systems is related to the use of an uninitialized resource. Exploiting this vulnerability could allow a malicious actor to gain increased privileges remotely...

The vulnerability of the KDC Proxy Service (KPSSVC) on Microsoft Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the KDC Proxy Service KPSSVC on Microsoft Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

The vulnerability of the File Upload plugin in the WordPress content management system allows a hacker to gain access to read, modify, or delete data.

The vulnerability of the File Upload plugin in the WordPress content management system is related to an incorrect restriction on the path to the restricted directory. Exploiting this vulnerability could allow a malicious actor to gain read, modify, or delete access to data...

The vulnerability of the SureTriggers plugin of the WordPress content management system allows attackers to increase their privileges.

The vulnerability of the SureTriggers plugin in the WordPress content management system is related to incorrect privilege assignment. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

The vulnerability of the HTTP Request Handler component of the Langflow agent and workflow creation/ deployment tool allows a attacker to execute arbitrary code.

The vulnerability of the HTTP Request Handler component of the Langflow agent and process creation/ deployment tool is related to the lack of authentication for the critical function. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the SSLVPN microprogramming software for network interfaces from SonicWall SMA 100 allows a intruder to execute arbitrary commands.

The vulnerability of the SSLVPN microprogramming software for network interfaces from SonicWall SMA 100 relates to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...