90509 matches found
The vulnerability in the password.php script of the RoundCube Webmail email client’s password plugin allows an attacker to compromise the confidentiality and integrity of the protected information.
The vulnerability of the password.php script of the RoundCube Webmail email client relates to access to resources through incompatible types. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and integrity of the protected information...
The vulnerability of the remote image blocking function in the RoundCube Webmail client allows attackers to disclose protected information.
The vulnerability of the delete block function in the RoundCube Webmail email client is related to the lack of validation for incoming requests. Exploiting this vulnerability can allow an attacker to disclose protected information...
The vulnerability of the mod_dav_lock module in the Apache HTTP Server allows a attacker to cause a denial-of-service attack.
The vulnerability of the moddavlock module in the Apache HTTP Server is related to pointer dereferencing. Exploiting this vulnerability could allow a remote attacker to cause a denial-of-service attack...
The vulnerability of the sub_41914C() function in D-Link DWR-M960 router microprogramming software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the sub462E14 function in D-Link DWR-M960 router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause malfunctions in the device...
The vulnerability of the sub_423E00() function in D-Link DWR-M960 router microprogramming software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the sub423E00 function in D-Link DWR-M960 router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause malfunctions in the device...
The vulnerability of the sub_469104() function in D-Link DWR-M960 router microprogramming software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the sub469104 function in D-Link DWR-M960 router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause malfunctions in the device...
The vulnerability of Google Chrome’s user interface allows a hacker to execute a spear-phishing attack.
The vulnerability of Google Chrome’s user interface is related to errors in information representation by the user interface. Exploiting this vulnerability can allow a remote attacker to execute a spear-phishing attack...
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code through a specially created HTML page...
The vulnerability of the Fullscreen mode of the Google Chrome browser, which allows a hacker to replace the user interface
The vulnerability of the Fullscreen mode of the Google Chrome browser is related to information representation errors in the user interface. Exploiting this vulnerability can allow an attacker to replace the user interface with a specially created HTML page...
The vulnerability of the LocalNetworkAccess function in Google Chrome browser allows attackers to circumvent existing security restrictions.
The vulnerability of the LocalNetworkAccess function in Google Chrome relates to access control errors. Exploiting this vulnerability could allow a malicious actor to bypass existing security restrictions through a specially created HTML page...
The vulnerability of Google Chrome’s Skia graphic library allows a hacker to execute arbitrary code.
The vulnerability of Google Chrome’s Skia graphics library is related to a potential overflow condition. Exploiting this vulnerability could allow an attacker to execute arbitrary code through a specially created HTML page...
The vulnerability of the ANGLE library in the Google Chrome browser for MacOS operating systems allows a hacker to execute arbitrary code.
The vulnerability of the ANGLE library in the Google Chrome browser for MacOS operating systems is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created HTML page...
The vulnerability of the ANGLE library in the Google Chrome browser for MacOS operating systems allows a hacker to execute arbitrary code.
The vulnerability of the ANGLE library in the Google Chrome browser for MacOS operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created HTML page...
The vulnerability of the IndexedDB component affects browsers such as Mozilla Firefox, Firefox ESR, and the email client Thunderbird. This vulnerability allows attackers to compromise the confidentiality and accessibility of protected information.
The vulnerability of the IndexedDB component in browsers such as Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to the exposure of information. Exploiting this vulnerability can allow an attacker to compromise the confidentiality and accessibility of protected informati...
The vulnerability of the Apache HTTP Server’s web server, related to the splitting of HTTP requests, allows attackers to compromise the confidentiality and integrity of the protected information.
The vulnerability of the moddavlock module in the Apache HTTP Server is related to pointer dereferencing. Exploiting this vulnerability could allow a remote attacker to cause a denial-of-service attack...
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to type conversion errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created HTML page...
The vulnerability of PrivateAI’s browser component for Google Chrome allows a hacker to bypass the sandboxing protection mechanism.
The vulnerability of the PrivateAI component in Google Chrome is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to bypass the sandboxing protection mechanisms...
The vulnerability of the Google Chrome browser’s Navigation function allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of Google Chrome’s Navigation function is related to improper protection of physical external channels. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information through a specially created HTML page...
The vulnerability of Google Chrome’s Blink rendering module allows a hacker to replace the user interface.
The vulnerability of Google Chrome’s Blink rendering module is related to information representation errors in the user interface. Exploiting this vulnerability allows a malicious actor to replace the user interface with a specially created HTML page...
The vulnerability in the web interface of the Cisco Secure Firewall Management Center software (previously known as Cisco Firepower Management Center) allows a malicious actor to bypass security restrictions, execute arbitrary code, and increase their privileges.
The vulnerability of the Cisco Secure Firewall Management Center formerly known as Cisco Firepower Management Center web interface relates to bypassing authentication using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to circumvent security restrictions,...
The vulnerability of the setMacFilterRules() function in the cgi-bin/cstecgi.cgi script of the TOTOLINK N300RH router’s microprogramming software allows a intruder to execute arbitrary code or cause a service failure.
The vulnerability of the setMacFilterRules function in the cgi-bin/cstecgi.cgi script of the TOTOLINK N300RH router’s microprogramming system is related to the issue of the operation going beyond the buffer in memory when processing the macaddress parameter stored in variable v11. Exploiting this...
The vulnerability of the `setUpgradeFW()` function in the `cgi-bin/cstecgi.cgi` script of the TOTOLINK N300RH router’s microprogramming software allows a perpetrator to execute arbitrary code or cause service failures.
The vulnerability of the setUpgradeFW function in the cgi-bin/cstecgi.cgi script of the TOTOLINK N300RH router microprogramming system is related to the escape operation from memory buffers when processing the FileName variable. Exploiting this vulnerability allows an attacker to execute arbitrar...
The vulnerability of the mod_auth_digest module in the Apache HTTP Server allows attackers to circumvent security restrictions.
The vulnerability of the modauthdigest module in the Apache HTTP Server is related to the disclosure of information based on temporal discrepancies. Exploiting this vulnerability can allow a malicious actor to bypass security restrictions remotely...
The vulnerability of the sub_425FF8() function in D-Link DWR-M960 router microprogramming software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the sub425FF8 function in D-Link DWR-M960 router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause malfunctions in the device...
The vulnerability of the sub_41914C() function in D-Link DWR-M960 router microprogramming software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the sub41914C function in D-Link DWR-M960 router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause malfunctions in the device...
The vulnerability of the sub_424AFC() function in D-Link DWR-M960 router microprogramming software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the sub424AFC function in D-Link DWR-M960 router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause malfunctions in the device...
The vulnerability of the USButils utility lies in the improper release of memory before deleting the last link, allowing a malicious user to trigger a service failure.
The vulnerability of the USButils utility relates to the improper release of memory before deleting the last link. Exploiting this vulnerability could allow a hacker to cause a service failure...
The vulnerability of the DevTools set of tools for web development in the Google Chrome web browser lies in the lack of measures taken to protect the structure of web pages. This allows attackers to gain access to confidential data and compromise its integrity.
The vulnerability of the DevTools suite for web development in the Google Chrome web browser is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability can allow an attacker to gain access to confidential data and compromise its integrity...
The vulnerability of the Suricata intrusion detection and prevention system, related to the swapping of pointers, allows an intruder to trigger a service failure.
The vulnerability of the Suricata intrusion detection and prevention system is related to the handling of pointers. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service interruptions...
The vulnerability of the Telegram channel for the AI agent OpenClaw (formerly ClawdBot or MoltBot) allows a hacker to bypass existing security mechanisms.
The vulnerability of the Telegram channel of the AI agent OpenClaw formerly ClawdBot or MoltBot is related to an incorrect authorization process based on a list of permitted senders. Exploiting this vulnerability allows a malicious actor to bypass existing security mechanisms remotely...
The vulnerability of the Suricata intrusion detection and prevention system, due to its algorithmic complexity, allows an intruder to trigger a service failure.
The vulnerability of the Suricata intrusion detection and prevention system is related to the algorithmic complexity when using SMTP and MIME standards. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability in cPanel, WebHost Manager, and WordPress Squared hosting panel lies in the lack of authentication for a critical function, allowing attackers to bypass existing security mechanisms and execute arbitrary code.
The vulnerability in web hosting via cPanel, WebHost Manager, and WordPress Squared hosting panel is related to the lack of authentication for a critical function. Exploiting this vulnerability allows an attacker to bypass existing security mechanisms and execute arbitrary code...
The vulnerability of the extract_timestamp function in the Linux Audit storage and record-searching tool allows a perpetrator to trigger a service failure.
The vulnerability of the extracttimestamp function in the Linux Audit storage and record-searching tool is related to pointer dereferencing errors. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the CUPS printing server, related to pointer arithmetic errors, allows a perpetrator to cause a service failure.
The vulnerability of the CUPS printing server is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the xmlMemStrdup() function in the Libxml2 library, which allows a hacker to cause a service failure.
The vulnerability of the xmlMemStrdup function in the Libxml2 library is related to pointer manipulation errors. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the decode_krb5_flags() function in the asn1_k_encode.c component of the Kerberos authentication protocol allows a attacker to cause a service denial.
The vulnerability of the decodekrb5flags function in the asn1kencode.c component of the Kerberos authentication protocol is related to integer overflow. Exploiting this vulnerability could allow a malicious actor to cause a service denial...
The vulnerability of the Cpio archiving utility, related to integer overflow, allows an attacker to cause a service failure.
The vulnerability of the Cpio archiving utility is related to integer overflow. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the cupsArrayAddStrings function on the CUPS printing server allows a attacker to cause a service failure.
The vulnerability of the cupsArrayAddStrings function on CUPS printing servers is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the AI agent OpenClaw (formerly known as ClawdBot or MoltBot) is related to the use of the outdated cryptographic algorithm SHA-1. This vulnerability allows a hacker to disclose the protected information.
The vulnerability of the AI agent OpenClaw formerly known as ClawdBot or MoltBot is related to the use of the outdated cryptographic algorithm SHA-1. Exploiting this vulnerability allows a remote attacker to disclose the protected information...
The vulnerability of the lmathlib.c component of the Lua script interpreter allows a hacker to cause a service failure.
The vulnerability of the lmathlib.c component of the Lua script interpreter is related to a lack of data type conversion mechanisms. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the remove_whitespace function in the Corosync cluster engine, allowing a malicious actor to trigger a service failure
The vulnerability of the removewhitespace function in the Corosync cluster engine is related to buffer overflows in the stack. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability in the `src/cfgparse.c` component of the HAProxy server software allows a attacker to cause a service failure.
The vulnerability in the src/cfgparse.c component of the HAProxy server software is related to pointer dereferencing errors. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the QEMU hardware emulation software, related to insufficient input data validation, allows a hacker to trigger a service failure.
The vulnerability of the QEMU hardware emulation software is related to insufficient testing of input data. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerability of the BPF Libbpf loader library, related to errors in pointer dereferencing of NULL pointers, allows attackers to trigger a denial-of-service attack.
The vulnerability of the BPF Libbpf loader library is related to errors in pointer dereferencing involving NULL. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability in the virsocketaddr.c component of the Libvirt virtualization management library allows a attacker to trigger a service failure.
The vulnerability of the virsocketaddr.c component in the Libvirt virtualization management library is related to a potential integer overflow. Exploiting this vulnerability could allow an attacker to cause a service failure remotely...
Vulnerability of the `parsec_sock_opt_del` function in Linux Astra Modules, allowing a hacker to cause a service failure
The vulnerability of the parsecsockoptdel function in Linux Astra Modules is related to errors during thread blocking. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the coroparse.c component of the Corosync cluster engine, which allows a hacker to cause a service failure.
The vulnerability of the coroparse.c component of the Corosync cluster engine is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the raster-interpret.c component in the CUPS printing server allows a attacker to cause a service failure.
The vulnerability of the raster-interpret.c component in the CUPS printing server is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the _libssh2_ntohu32() function in the SSH2 protocol implementation library Libssh2, which allows a attacker to cause a service failure.
The vulnerability of the libssh2ntohu32 function in the SSH2 protocol implementation library Libssh2 is related to reading data beyond the allowable buffer size. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...
The vulnerability of the PARSEC security subsystem, related to pointer assignment errors, allows a perpetrator to trigger a service failure.
The vulnerability of the PARSEC security subsystem is related to pointer assignment errors. Exploiting this vulnerability could allow an attacker to trigger a service failure...