The vulnerability of the jv_string_vfmt function in the programming functional language jq, which allows a hacker to trigger a denial-of-service attack

The vulnerability of the jvstringvfmt function in thejq programming language is related to access to resources through incompatible types. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability of the SSLVPN microprogramming system for network interfaces from SonicWall SMA 100 allows a hacker to bypass security restrictions.

The vulnerability of the SSLVPN microprogramming system for network interfaces from SonicWall SMA 100 relates to an incorrect restriction on the path name to the restricted access directory. Exploiting this vulnerability could allow a malicious actor to bypass security restrictions remotely...

The vulnerability of the Android operating system, related to insufficient validation of input data, allows attackers to escalate their privileges.

The vulnerability of the Android operating system is related to insufficient checking of input data. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the TI WooCommerce Wishlist plugin for WordPress content management system allows a hacker to write arbitrary files.

The vulnerability of the TI WooCommerce Wishlist plugin for WordPress content management system is related to the ability to download files of a dangerous type without limitation. Exploiting this vulnerability could allow an attacker to write arbitrary files...

The vulnerability of the decNumberCopy function in the programming language jq, which allows a hacker to trigger a service failure.

The vulnerability of the decNumberCopy function in thejq programming language relates to access to resources through incompatible types. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the built-in web server boa (/boafrm/formDMZ) of TOTOLINK EX1200T router’s microprogramming software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the built-in web server boa /boafrm/formDMZ of TOTOLINK EX1200T routers is caused by buffer overflow. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information by sending a specially crafted...

The vulnerability of the built-in web server boa (/boafrm/formWsc) of TOTOLINK EX1200T router microprogramming software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the built-in web server boa /boafrm/formWsc of TOTOLINK EX1200T routers is caused by buffer overflow. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information by sending a specially...

The vulnerability of the JQ programming language, related to integer overflow, allows attackers to cause service failures.

The vulnerability of the JQ programming language is related to integer overflow. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the systemd-coredump service of the Systemd daemon allows a attacker to compromise the confidentiality of the protected information.

The vulnerability of the systemd-coredump daemon of Systemd is related to an incorrect configuration of the kernel parameter fs.suiddumpable. Exploiting this vulnerability could allow an attacker to compromise the confidentiality of protected information...

The vulnerability of Microsoft 365 Copilot’s intelligent virtual assistant, related to the lack of data cleaning at the management level, allows a perpetrator to disclose protected information.

The vulnerability of Microsoft 365 Copilot’s intelligent virtual assistant is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability can allow a malicious actor to disclose protected information...

The vulnerability of the fromadvsetlanip() function (/goform/AdvSetLanip) in the Tenda AC15 router software allows a hacker to cause a service failure.

The vulnerability of the fromadvsetlanip function /goform/AdvSetLanip of the Tenda AC15 router’s microprogramming software is related to the copying of buffers without checking the size of the input data when processing the lanMask parameter. Exploiting this vulnerability could allow a remote...

The vulnerability of the formSetPPTPUserList() function (/goform/setPptpUserList) in the Tenda AC6 router software allows a hacker to trigger a service failure.

The vulnerability of the formSetPPTPUserList function /goform/setPptpUserList of the Tenda AC6 router’s microprogramming software is related to the copying of buffers without checking the size of the input data when processing the list parameter. Exploiting this vulnerability could allow an...

The vulnerability of the formSetSafeWanWebMan() function (/goform/SetRemoteWebCfg) in the Tenda AC6 router software allows a hacker to trigger a service failure.

The vulnerability of the formSetSafeWanWebMan function /goform/SetRemoteWebCfg in the Tenda AC6 router software lies in the issue of the operation exceeding the buffer boundaries in memory when processing the remoteIp parameter. Exploiting this vulnerability could allow an attacker to cause a...

The vulnerability of the fromadvsetlanip() function (/goform/AdvSetLanip) in the Tenda AC6 router software allows a hacker to trigger a service failure.

The vulnerability of the fromadvsetlanip function /goform/AdvSetLanip of the Tenda AC6 router’s microprogramming software is related to the copying of buffers without checking the size of the input data when processing the lanMask parameter. Exploiting this vulnerability could allow a remote...

The vulnerability of the formSetRebootTimer() function (/goform/SetRebootTimer) in the Tenda AC6 router’s microprogramming software allows a intruder to trigger a service failure.

The vulnerability of the formSetRebootTimer function /goform/SetRebootTimer in the Tenda AC6 router’s microprogrammed software is related to the issue of the operation exceeding the buffer boundaries in memory when processing the rebootTime parameter. Exploiting this vulnerability could allow a...

The vulnerability of the Service Account Auditing service of the Windows Active Directory management and reporting software Zoho ManageEngine ADAudit Plus allows a perpetrator to execute arbitrary code.

The vulnerability of the Service Account Auditing service in the Windows Active Directory management and reporting software Zoho ManageEngine ADAudit Plus is related to the lack of security measures for the SQL query structure. Exploitation of this vulnerability could allow a malicious actor to...

The vulnerability of the fromadvsetlanip() function (/goform/AdvSetLanip) in the Tenda AC7 router software allows a hacker to trigger a service failure.

The vulnerability of the fromadvsetlanip function /goform/AdvSetLanip of the Tenda AC7 router’s microprogramming software is related to the copying of buffers without checking the size of the input data during the processing of the lanMask parameter. Exploiting this vulnerability could allow an...

The vulnerability of the formSetPPTPUserList() function (/goform/setPptpUserList) in the Tenda AC7 router software allows a hacker to trigger a service failure.

The vulnerability of the formSetPPTPUserList function /goform/setPptpUserList of the Tenda AC7 router’s microprogramming software is related to the copying of buffers without checking the size of the input data when processing the list parameter. Exploiting this vulnerability can allow an attacke...

The vulnerability of the Content Search module of the monitoring, analysis, and reporting software Zohocorp ManageEngine Exchange Reporter Plus allows a hacker to execute arbitrary code.

The vulnerability of the Content Search module in the monitoring, analysis, and reporting software Zohocorp ManageEngine Exchange Reporter Plus relates to the unlimited download of dangerous files. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability in the built-in web server boa (/boafrm/formSaveConfig) of the TOTOLINK X15 router’s microprogramming software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the built-in web server boa /boafrm/formSaveConfig of the TOTOLINK X15 router’s microprogramming software lies in the copying of buffers without checking the size of input data during the processing of the submit-url parameter. Exploiting this vulnerability allows a malicious...

The vulnerability of the built-in web server boa (/boafrm/formWlanRedirect) of the TOTOLINK X15 router’s microprogramming software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the built-in web server boa /boafrm/formWlanRedirect of the TOTOLINK X15 router’s microprogramming software is related to the copying of buffers without checking the size of input data during the processing of the redirect-url parameter. Exploiting this vulnerability allows a...

The vulnerability of the built-in web server boa (/boafrm/formDosCfg) of the TOTOLINK X15 router’s microprogramming software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the built-in web server boa /boafrm/formDosCfg of the TOTOLINK X15 router’s microprogramming software is related to the copying of buffers without checking the size of input data during the processing of the submit-url parameter. Exploiting this vulnerability allows a remote...

The vulnerability of the built-in web server boa (/boafrm/formSetLg) of the TOTOLINK X15 router’s microprogramming software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the built-in web server boa /boafrm/formSetLg of the TOTOLINK X15 router’s microprogramming software is related to the copying of buffers without checking the size of input data during the processing of the submit-url parameter. Exploiting this vulnerability allows a maliciou...

The vulnerability of the AVEVA PI Data Archive database management system, related to errors in processing exceptional states, allows a intruder to trigger a service failure and compromise the integrity of the protected information.

The vulnerability of the AVEVA PI Data Archive database management system is related to an error in processing exceptional states. Exploiting this vulnerability could allow a malicious actor to trigger service failures and compromise the integrity of the protected information...

The vulnerability of the setipsec_config() function (/goform/setipsec_config) in D-Link DIR-816 router software allows a hacker to execute arbitrary commands.

The vulnerability of the setipsecconfig function /goform/setipsecconfig of the D-Link DIR-816 router’s microprogramming software is related to the failure to take measures to neutralize special elements used in the operating system’s command for processing parameters localIP and remoteIP...

The vulnerability in the /goform/form2lansetup.cgi microprogramming system of D-Link DIR-816 allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability in the /goform/form2lansetup.cgi microprogramming system of D-Link DIR-816 relates to the issue of data being written outside the buffer in memory during the processing of the IP parameter. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality,...

The vulnerability of CNCSoft’s numerical control software lies in its ability to write beyond buffer boundaries, allowing attackers to execute arbitrary code.

The vulnerability of CNCSoft’s numerical control software lies in its ability to execute code outside the buffer boundaries. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

The vulnerability of CNCSoft’s numerical control software lies in its ability to write beyond buffer boundaries, allowing attackers to execute arbitrary code.

The vulnerability of CNCSoft’s numerical control software lies in its ability to execute code outside the buffer boundaries. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

The vulnerability of the built-in web server boa (/boafrm/formFilter) of TOTOLINK N302R Plus router’s microprogramming software allows a perpetrator to execute arbitrary code or cause a service failure.

The vulnerability of the built-in web server boa /boafrm/formFilter of TOTOLINK N302R Plus router software lies in the issue of the operation exceeding the buffer in memory when processing the url parameter. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause a...

The vulnerability of CNCSoft’s numerical control software lies in its ability to write beyond buffer boundaries, allowing attackers to execute arbitrary code.

The vulnerability of CNCSoft’s numerical control software lies in its ability to execute code outside the buffer boundaries. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

The vulnerability of the fromSysToolRestoreSet() function in the microprogramming software for Tenda AC9 allows a attacker to perform a CSRF attack.

The vulnerability of the fromSysToolRestoreSet function in the Tenda AC9 router’s microprogramming software is related to the manipulation of inter-site requests. Exploiting this vulnerability could allow a remote attacker to execute a CSRF attack...

The vulnerability of the formSetPPTPUserList() function in the Tenda AC15 router software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formSetPPTPUserList function in the Tenda AC15 router’s microprogramming software lies in the copying of buffers without checking the size of the input data when processing the list parameter. Exploiting this vulnerability could allow an attacker to compromise the...

The vulnerability of the built-in web server boa (/boafrm/formNtp) of the TOTOLINK X15 router’s microprogramming software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the built-in web server boa /boafrm/formNtp of the TOTOLINK X15 router’s microprogramming software is related to the copying of buffers without checking the size of input data during the processing of the submit-url parameter. Exploiting this vulnerability allows a remote...

The vulnerability of the SD-WAN Versa Concerto automation and orchestration platform lies in the improper assignment of permissions for critical resources during the signature verification process. This allows attackers to execute arbitrary code and increase their privileges.

The vulnerability of the SD-WAN Versa Concerto automation and orchestration platform lies in the improper assignment of permissions for critical resources during the signature verification process. Exploiting this vulnerability allows attackers to execute arbitrary code and enhance their privileg...

The vulnerability of the Internal Actuator Endpoint component of the SD-WAN automation and orchestration platform, which allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Internal Actuator Endpoint component of the SD-WAN automation and orchestration platform, Versa Concerto, relates to the possibility of bypassing authentication. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected informati...

The vulnerability of the Ivanti Cloud Services Application’s network component, related to the use of default credentials, allows a hacker to escalate their privileges.

The vulnerability of the Ivanti Cloud Services Application’s network component is related to the use of default credentials. Exploiting this vulnerability could allow an attacker to gain increased privileges...

The vulnerability of messaging and video conferencing tools arises from incorrect restrictions on the path to the restricted catalog, allowing attackers to disclose protected information.

The vulnerability of the Message and Video Conference Messaging tool is related to incorrect restrictions on the path name to the restricted catalog. Exploiting this vulnerability can allow a malicious actor to disclose protected information...

The vulnerability of the Traefik Reverse Proxy Configuration Handler component of the automation and orchestration platform for SD-WAN processes, Versa Concerto, allows a attacker to execute arbitrary code.

The vulnerability of the Traefik Reverse Proxy Configuration Handler component of the automation and orchestration platform for SD-WAN processes, Versa Concerto, relates to the possibility of bypassing authentication. Exploiting this vulnerability allows a malicious actor to execute arbitrary cod...

The vulnerability in the implementation of the Secure Boot protocol for Windows operating systems allows attackers to circumvent existing security restrictions and execute arbitrary code.

The vulnerability of the Secure Boot secure bootloading protocol for the Windows operating system is related to the use of an untrusted pointer. Exploiting this vulnerability could allow a attacker to circumvent existing security restrictions and execute arbitrary code...

The vulnerability of Cisco Unified Communications and Contact Center Solutions software products, related to improper privilege assignment, allows attackers to elevate their privileges to the root level.

The vulnerability of Cisco Unified Communications and Contact Center Solutions software products is related to the improper assignment of privileges. Exploiting this vulnerability can allow an attacker to elevate their privileges to a root level...

The vulnerability of the tool for viewing content parameters on a software platform based on Git, which is used for collaborative code development on GitLab. This vulnerability stems from the lack of protective measures for website structures, allowing attackers to carry out XSS attacks.

The vulnerability of the tool for viewing content parameters on the Git-based software platform for collaborative code development on GitLab is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS...

The vulnerability of the Cisco Webex web conferencing platform, which exists due to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.

The vulnerability of the Cisco Webex web conferencing platform exists due to the lack of security measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

The vulnerability of the Cloud Connect component of the software for managing Cisco Unified Contact Center Enterprise contact centers allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Cloud Connect component of the software for managing Cisco Unified Contact Center Enterprise CCE contact centers is related to access control errors. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected...

The vulnerability of the Cisco Webex web conferencing platform, which exists due to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.

The vulnerability of the Cisco Webex web conferencing platform exists due to the lack of security measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

The vulnerability of the Cisco Webex web conferencing platform, which exists due to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.

The vulnerability of the Cisco Webex web conferencing platform exists due to the lack of security measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

The vulnerability of the Cisco Unified Intelligence Center reporting software and the Unified Contact Center Enterprise contact center management software lies in the implementation of security functions at the client side, which allows attackers to elevate their privileges to the root level.

The vulnerability of the Cisco Unified Intelligence Center reporting software and the Unified Contact Center Enterprise contact center management software relates to the implementation of security features at the client side. Exploiting this vulnerability allows a malicious actor to elevate their...

The vulnerability of the components of the Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager, which are used in network traffic analysis, network detection, and response systems, allows attackers to compromise the integrity of protected information.

The vulnerability of the API components of Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager relates to improper authentication. Exploiting this vulnerability can allow an attacker to compromise the integrity of the protected information...

The vulnerability of the API interface of the software platform for creating reports in Cisco Unified Intelligence Center, as well as the software platform for managing contact centers in Cisco Unified Contact Center Enterprise, allows attackers to elevate their privileges to the root level.

The vulnerability of the API interface of the Cisco Unified Intelligence Center reporting software and the Unified Contact Center Enterprise contact center management software relates to bypassing authentication by using a user-controlled key. Exploiting this vulnerability allows an attacker to...

The vulnerability of the cloud-based Self-Service Portal service allows unauthorized users and Cisco Duo devices to compromise the confidentiality and integrity of the protected information.

The vulnerability of the cloud-based Self-Service Portal service, which is designed to protect applications from unauthorized users and Cisco Duo devices, stems from the lack of data cleansing measures at the management level. Exploiting this vulnerability could allow a malicious actor to...

The vulnerability of the software client service for Cisco WebEx Meetings allows a perpetrator to compromise the integrity of the protected information.

The vulnerability of Cisco Webex Meetings software client services relates to the loading of unreliable external data alongside reliable data. Exploiting this vulnerability allows a malicious actor to compromise the integrity of protected information...