The vulnerability of the AT+MNNETSP command in the microprogramming software for Industrial Routers Microhard IPn4Gii-NA2 and BulletLTE-NA2 allows a hacker to enhance their privileges.

The vulnerability of the AT+MNNETSP command in the microprogramming software for Industrial Routers Microhard IPn4Gii-NA2 and BulletLTE-NA2 is related to the implementation or modification of certain arguments. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the AT+MFIP command in the microprogramming software of Microhard IPn4Gii-NA2 and BulletLTE-NA2 allows a hacker to increase their privileges.

The vulnerability of the AT+MFIP command in the microprogramming software of Microhard IPn4Gii-NA2 and BulletLTE-NA2 lies in the implementation or modification of certain arguments. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the AT+MFPORTFWD command in the microprogramming software for Industrial Routers Microhard IPn4Gii-NA2 and BulletLTE-NA2 allows a hacker to enhance their privileges.

The vulnerability of the AT+MFPORTFWD command in the microprogramming software for Industrial Routers Microhard IPn4Gii-NA2 and BulletLTE-NA2 is related to the implementation or modification of certain arguments. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the AT+MFMAC command in the microprogramming software for Industrial Routers Microhard IPn4Gii-NA2 and BulletLTE-NA2 allows a hacker to enhance their privileges.

The vulnerability of the AT+MFMAC microprogramming software for Industrial Routers Microhard IPn4Gii-NA2 and BulletLTE-NA2 lies in the implementation or modification of certain arguments. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the AT+MMNAME command in the microprogramming software of Microhard IPn4Gii-NA2 and BulletLTE-NA2 allows a hacker to enhance their privileges.

The vulnerability of the AT+MMNAME command in the microprogramming software of Microhard IPn4Gii-NA2 and BulletLTE-NA2 lies in the implementation or modification of certain arguments. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the AT+MFRULE command in the microprogramming software for Industrial Routers Microhard IPn4Gii-NA2 and BulletLTE-NA2 allows a hacker to increase their privileges.

The vulnerability of the AT+MFRULE command in the microprogramming software for Industrial Routers Microhard IPn4Gii-NA2 and BulletLTE-NA2 is related to the implementation or modification of certain arguments. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the formSetPPTPUserList() function in the Tenda AC18 router’s software allows a intruder to cause a service failure.

The vulnerability of the formSetPPTPUserList function in the Tenda AC18 router’s microprogramming software is related to buffer overflow during the processing of the list parameter. Exploiting this vulnerability could allow a malicious actor to cause service failure by sending a specially crafted...

The vulnerability of Mozilla VPN’s network software, related to errors in the use of standard permissions, allows a hacker to increase their privileges.

The vulnerability of Mozilla VPN’s network software is related to errors in the use of standard permissions. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability of the SIP protocol implementation in the Asterisk IP telephony management system allows attackers to carry out phishing attacks.

The vulnerability of the SIP protocol implementation in Asterisk IP telephony systems is related to improper neutralization of separators. Exploiting this vulnerability allows a malicious actor to perform phishing attacks remotely...

The vulnerability of the Polarion ALM application lifecycle management software lies in the lack of measures taken to protect the SQL query structure, allowing an attacker to execute arbitrary SQL code.

The vulnerability of the Polarion ALM application lifecycle management software is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...

The vulnerability of the DOCX import function in the Polarion ALM software for application lifecycle management allows a hacker to read arbitrary files.

The vulnerability of the DOCX import function in the Polarion ALM application lifecycle management software is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability allows a malicious actor to read arbitrary files remotely...

The vulnerability of the file loading function in the Polarion ALM application lifecycle management tool allows attackers to carry out XSS attacks.

The vulnerability of the file loading function in the Polarion ALM application lifecycle management tool is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform XSS attacks remotely...

The vulnerability of the Polarion ALM application lifecycle management software lies in its inability to properly handle incoming requests, allowing an attacker to gain unauthorized access to protected information.

The vulnerability of the Polarion ALM application lifecycle management software is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the formsetschedled() function (/goform/SetLEDCf) in the Tenda AC15 router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formsetschedled function /goform/SetLEDCf in the Tenda AC15 router’s microprogramming software is related to the operation of writing data beyond the buffer in memory when processing the Time parameter. Exploiting this vulnerability can allow a remote attacker to compromi...

The vulnerability of the built-in boa server (/boafrm/formPortFw) of TOTOLINK EX1200T router microprogramming software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the built-in server boa /boafrm/formPortFw of TOTOLINK EX1200T router microprogramming software is related to the issue of writing operations outside the buffer in memory when processing the servicetype parameter. Exploiting this vulnerability allows a remote attacker to...

The vulnerability of the formSetIptv() function (/goform/SetIPTVCfg) in the Tenda AC9 router’s microprogramming software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formSetIptv /goform/SetIPTVCfg function in the Tenda AC9 router’s microprogramming software is related to the lack of measures taken to clean data at the control level when processing the list parameter. Exploiting this vulnerability can allow a remote attacker to...

The vulnerability of the built-in boa server (/boafrm/formWlanRedirect) of TOTOLINK EX1200T router microprogramming software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the built-in boa server /boafrm/formWlanRedirect of TOTOLINK EX1200T router software is related to the issue of writing operations outside the buffer in memory when processing the redirect-url parameter. Exploiting this vulnerability allows a remote attacker to compromise the...

The vulnerability of the AT+MNPINGTM software for Industrial Routers Microhard IPn4Gii-NA2 and BulletLTE-NA2 allows a hacker to enhance their privileges.

The vulnerability of the AT+MNPINGTM software for Microhard IPn4Gii-NA2 and BulletLTE-NA2 routers lies in the implementation or modification of certain arguments within the software. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the SMB service in the RouterOS operating system of MikroTik allows a hacker to cause a service failure.

The vulnerability of the SMB service in the RouterOS operating system from MikroTik relates to pointer dereferencing errors. Exploiting this vulnerability can allow a malicious actor to cause a service failure...

The vulnerability of the formSetSafeWanWebMan() function (/goform/SetRemoteWebCfg) in the Tenda AC15 router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formSetSafeWanWebMan function /goform/SetRemoteWebCfg in the Tenda AC15 router software exists because the operation is performed outside the buffer in memory when processing the remoteIp parameter. Exploiting this vulnerability could allow a malicious actor to compromise...

The vulnerability of the DIV_ROUND_CLOSEST() function in the Nuvoton NCT6775F circuit driver (drivers/hwmon/nct6775-core.c) in the Linux operating system allows a hacker to manipulate the accessibility of protected information.

The vulnerability of the DIVROUNDCLOSEST function in the Nuvoton NCT6775F circuit driver drivers/hwmon/nct6775-core.c in the Linux operating system is related to the occurrence of operations outside the memory buffer. Exploiting this vulnerability could allow an attacker to compromise the...

The vulnerability of the data processing driver (drivers/edac/bluefield_edac.c) in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the data processing driver drivers/edac/bluefieldedac.c in Linux operating systems is related to integer overflow. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the DevTools set of tools for web development in the Google Chrome browser allows a hacker to execute arbitrary code or trigger a service failure.

The vulnerability of the DevTools set of tools for web development in Google Chrome relates to the use of memory after it is released. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or cause a service failure...

The vulnerability of the function ieee80211_if_parse_active_links() in the net/mac80211/debugfs_netdev.c kernel module of Linux systems allows a hacker to cause a service failure.

The vulnerability of the function ieee80211ifparseactivelinks in the net/mac80211/debugfsnetdev.c module of the Linux kernel is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code or cause service interruptions.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure...

The vulnerability of the lzma_stream_decoder_mt() function in the liblzma library, a data compression package for XZ Utils, allows a hacker to cause a service failure.

The vulnerability of the lzmastreamdecodermt function in the liblzma library, a component of the XZ Utils data compression package, involves premature resource release due to pointer aliasing. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

The vulnerability of the amd_get_mmconfig_range() function in the arch/x86/kernel/amd_nb.c module of Linux’s operating systems allows a hacker to gain unauthorized access to protected information.

The vulnerability of the amdgetmmconfigrange function in the arch/x86/kernel/amdnb.c module of Linux operating systems is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

The vulnerability of the mptcp_pm_nl_append_new_local_addr() function in the net/mptcp/pm_netlink.c module of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the mptcppmnlAppendNewLocalAddr function in the net/mptcp/pmnetlink.c module of the Linux kernel is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

The vulnerability of the Device Configuration component in the APIX application programming interface of the AXIS OS operating system allows a perpetrator to increase their privileges.

The vulnerability of the Device Configuration component in the APIX application programming interface of the AXIS OS operating system is related to incomplete filtering of specific elements. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...

The vulnerability of the RP_UpgradeFWByBBS() function in the microprogrammed software for Linksys wireless signal amplifiers allows a intruder to execute arbitrary commands.

The vulnerability of the RPUpgradeFWByBBS function in the Linksys wireless signal amplifiers’ software relates to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary commands by sending a specially crafted...

The vulnerability of the RP_checkCredentialsByBBS() function in the wireless signal amplifiers’ software from Linksys allows a hacker to execute arbitrary commands.

The vulnerability of the RPcheckCredentialsByBBS function in the Linksys wireless signal amplifiers’ software relates to the lack of measures taken to protect the website structure during the processing of the pwd parameter. Exploiting this vulnerability could allow a malicious actor to execute...

The vulnerability of the TarFile.extractall() and TarFile.extract() functions in the tarfile module of the Python programming language interpreter (CPython) allows attackers to write arbitrary files.

The vulnerability of the TarFile.extractall and TarFile.extract functions in the tarfile module of the CPython interpreter is related to an incorrect path name limitation for restricted access directories when processing the filter= parameter with a value of data or tar. Exploiting this...

The vulnerability in the Jupyter Core environment for interactive code development and execution, related to an uncontrolled element in the search process, allows attackers to exploit their privileges.

The vulnerability in the Jupyter Core environment for interactive code development and execution is related to an uncontrolled element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the SolarWinds DameWare Mini Remote Control software lies in its insecure management of privileges, allowing a malicious individual to escalate their privileges.

The vulnerability of the SolarWinds DameWare Mini Remote Control software-related remote access control tool is related to insecure management of privileges. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the sanitiseArg and sanitizeArg configuration in the network gateway for protecting web applications, ModSecurity, allows a attacker to cause a service failure.

The vulnerability of the sanitiseArg and sanitizeArg configuration functions in the network gateway for protecting web applications under ModSecurity is related to excessive resource consumption. Exploiting this vulnerability can allow an attacker to cause service interruptions...

The vulnerability of the qDecodeDataUrl() function in the QtCore module of the cross-platform software framework for developing Qt software, which allows a hacker to trigger a service failure.

The vulnerability of the qDecodeDataUrl function in the QtCore module of the cross-platform software framework for Qt development is related to insufficient validation of input data during the processing of the charset parameter. Exploiting this vulnerability could allow an attacker to cause...

The vulnerability of the formNatlimit() function in the microprogramming router software Tenda CH22 allows a hacker to execute arbitrary code.

The vulnerability of the formNatlimit function in the Tenda CH22 router’s microprogramming software lies in the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted POST request...

The vulnerability of the CDUP command in the Freefloat FTP Server allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the CDUP command in the Freefloat FTP server is related to the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause service interruptions...

The vulnerability in the built-in web server boa (/boafrm/formReflashClientTbl) of TOTOLINK X15 router microprogramming software allows a perpetrator to execute arbitrary commands or cause a service failure.

The vulnerability of the built-in web server software boa /boafrm/formReflashClientTbl of TOTOLINK X15 routers is related to the issue where the operation exceeds the buffer limits in memory when processing the submit-url parameter. Exploiting this vulnerability allows a remote attacker to execut...

The vulnerability of the built-in web server boa (/boafrm/formDMZ) of TOTOLINK X15 router’s microprogramming software allows a perpetrator to execute arbitrary commands or cause service failure.

The vulnerability of the built-in web server boa /boafrm/formDMZ of TOTOLINK X15 router microprogramming software is related to the issue of the operation exceeding the buffer in memory when processing the submit-url parameter. Exploiting this vulnerability allows a remote attacker to execute...

The vulnerability of the built-in web server boa (/boafrm/formWsc) of TOTOLINK X15 router’s microprogramming software allows a intruder to execute arbitrary commands or cause a service failure.

The vulnerability of the built-in web server boa /boafrm/formWsc of TOTOLINK X15 routers is related to the issue where the operation’s output goes beyond the buffer in memory when processing the submit-url parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

The vulnerability in the built-in web server boa (/boafrm/formWirelessTbl) of TOTOLINK X15 router microprogramming software allows a intruder to execute arbitrary commands or cause a service failure.

The vulnerability of the built-in web server boa /boafrm/formWirelessTbl of TOTOLINK X15 router microprogramming software is related to the issue where the operation results are written out of the buffer into memory when processing the submit-url parameter. Exploiting this vulnerability allows a...

The vulnerability of the built-in web server boa (/boafrm/formIpQoS) of TOTOLINK X15 router’s microprogramming software allows a intruder to execute arbitrary commands or cause a service failure.

The vulnerability of the built-in web server boa /boafrm/formIpQoS of TOTOLINK X15 router software is related to the issue of the operation exceeding the buffer in memory when processing the mac parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands or cau...

The vulnerability of Acronis Cyber Protect 16’s data protection software lies in its insufficient validation of incoming requests, allowing attackers to execute an SSRF attack.

The vulnerability of Acronis Cyber Protect 16 software-related data protection software is related to insufficient checking of incoming requests. Exploiting this vulnerability can allow a malicious actor, operating remotely, to execute an SSRF attack...

The vulnerability of the built-in web server boa (/boafrm/formPortFw) of TOTOLINK X15 router’s microprogramming software allows a perpetrator to execute arbitrary commands or cause service interruptions.

The vulnerability of the built-in web server boa /boafrm/formPortFw of TOTOLINK X15 router microprogramming software is related to the issue of the operation exceeding the buffer in memory when processing the servicetype parameter. Exploiting this vulnerability allows a remote attacker to execute...

The vulnerability of platform monitoring systems for events detection, threat detection, and security analytics in IBM QRadar Suite and IBM Cloud Pak for Security lies in incorrect session duration settings, which allows attackers to compromise the confidentiality and integrity of protected information.

The vulnerabilities of event monitoring platforms, threat detection systems, and security analytics tools from IBM QRadar Suite and IBM Cloud Pak for Security are related to incorrect session duration settings. Exploiting these vulnerabilities can allow attackers operating remotely to compromise...

The vulnerability of the microprogrammed software of TBK DVR4104 and TBK DVR4216 devices lies in the lack of measures to neutralize special elements used in the operating system’s command set. This allows attackers to execute arbitrary commands or cause malfunctions in the device.

The vulnerability of the microprogramming software of the TBK DVR4104 and TBK DVR4216 devices lies in the lack of measures to neutralize special elements used in the operating system’s processing of parameters mdb and mdc in the /device.rsp?opt=sys&cmd=SOSTREAMAX command. Exploiting this...

The vulnerability of platform monitoring systems for events detection, threat detection, and security analytics in IBM QRadar Suite and IBM Cloud Pak for Security lies in their ability to cache information through browser caching, allowing attackers to gain unauthorized access to protected information.

The vulnerabilities of event monitoring platforms, threat detection systems, and security analytics tools from IBM QRadar Suite and IBM Cloud Pak for Security are related to the disclosure of information through browser caching. Exploiting these vulnerabilities can allow attackers to gain...

The vulnerability of the software-based TLS protocol implementation of Acronis Cyber Protect 16 allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the software-based TLS protection implementation in Acronis Cyber Protect 16 lies in the insufficiently secure data encryption. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality and integrity of the protected information...

The vulnerability of IBM DB2 database management systems and IBM DB2 Connect Server lies in buffer overflows in the stack, which allows attackers to cause service interruptions.

The vulnerability of IBM DB2 database management systems, including IBM DB2 Connect Server, is related to buffer overflows in the stack. Exploiting this vulnerability can allow an attacker to cause service interruptions by sending specially crafted requests...