The vulnerability of the IBM Aspera Faspex file-sharing application, related to the lack of protection for website structures, allows attackers to perform cross-site scripting attacks.

The vulnerability of the IBM Aspera Faspex file-sharing application is related to the lack of security measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of the IBM Aspera Faspex file-sharing application, related to changes in the assumed immutable data, allows a hacker to disclose protected information and perform unauthorized actions on behalf of another user.

The vulnerability of the IBM Aspera Faspex file-sharing application is related to changes in the assumed immutable data. Exploiting this vulnerability could allow a malicious actor to disclose protected information and perform unauthorized actions on behalf of another user...

The vulnerability of the Q Replication technology in the IBM DB2 database management system and IBM DB2 Connect Server allows a attacker to cause service interruptions.

The vulnerability of the Q Replication technology in IBM DB2 database management systems, including IBM DB2 Connect Server, involves unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

The vulnerability of the Craft CMS content management system, related to improper code generation, allows a hacker to execute arbitrary code.

The vulnerability of the Craft CMS content management system is related to improper handling of code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the _check_global_pid_and_forward function in the Ubuntu operating system’s error registration service allows a perpetrator to disclose protected information.

The vulnerability of the checkglobalpidandforward function in the Ubuntu operating system’s error registration service is related to the disclosure of information. Exploiting this vulnerability could allow an attacker to disclose the protected information...

The vulnerability of IBM DB2 database management systems and IBM DB2 Connect Servers lies in their uncontrolled memory distribution, which allows attackers to cause service interruptions.

The vulnerability of IBM DB2 database management systems, including IBM DB2 Connect Server, is related to uncontrolled memory allocation. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending specially crafted requests...

The vulnerability of the handle_request function in the ASUS GT-AC2900 router allows a hacker to gain unauthorized access to the administrator interface.

The vulnerability of the handlerequest function in ASUS GT-AC2900 routers is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker to gain unauthorized access to the administrator interface...

The vulnerability of operating systems visionOS, iOS, iPadOS, tvOS, and macOS, related to the use of memory after it is freed, allows a hacker to execute arbitrary code.

The vulnerability of operating systems visionOS, iOS, iPadOS, tvOS, and macOS is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Vulnerabilities of operating systems visionOS, iOS, iPadOS, tvOS, and macOS, related to deficiencies in authentication mechanisms, allow attackers to circumvent existing security restrictions.

The vulnerability of the visionOS operating system is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows an attacker to circumvent existing security restrictions...

The vulnerability in the web interface for controlling microprogrammed IP phones of the Cisco Small Business SPA500 series allows attackers to perform cross-site scripting attacks.

The vulnerability in the web interface for managing microprogrammed IP phones of the Cisco Small Business SPA500 series is related to the lack of measures taken to neutralize HTML tags. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...

The vulnerabilities of web servers OZW672 and OZW772 involve a lack of protection for SQL query structures, allowing attackers to circumvent existing security restrictions.

The vulnerabilities of web servers OZW672 and OZW772 are related to the lack of measures taken to protect the SQL query structure. Exploiting these vulnerabilities allows a malicious actor to bypass existing security restrictions remotely...

The vulnerabilities of the web servers OZW672 and OZW772, related to the failure to take measures to neutralize special elements, allow attackers to execute arbitrary code.

The vulnerability of web servers OZW672 and OZW772 is related to the failure to take measures to neutralize special elements used in the command when processing the exportDiagramPage parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary code with root privileges...

The vulnerability of the `btrfs_truncate inode items()` function in the `fs/btrfs/ctree.h` module of the Linux file system support module allows a attacker to cause a service failure.

The vulnerability of the btrfstruncate inode items function in the fs/btrfs/ctree.h module of the Linux file system support library is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause service failures...

Vulnerability of the dwc3_gadget_exit() function in the drivers/usb/dwc3/gadget.c module – The driver for supporting USB devices in the Linux kernel allows a hacker to trigger a service failure.

Vulnerability of the dwc3gadgetexit function in the drivers/usb/dwc3/gadget.c module – The driver for USB devices in Linux operating systems is vulnerable due to the repeated use of previously freed memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the shmem_mfill_atomic_pte() function in the mm/shmem.c module of the Linux operating system’s memory management subsystem allows a hacker to trigger a service failure.

The vulnerability of the shmemmfillatomicpte function in the mm/shmem.c module of the Linux kernel’s memory management subsystem is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the do_uaccessFlush_fixups() function in the arch/powerpc/lib/feature-fixups.c module, which is part of the PowerPC platform support for the Linux operating system, allows a hacker to trigger a service failure.

The vulnerability of the douaccessFlushfixups function in the arch/powerpc/lib/feature-fixups.c module of the PowerPC platform support for the Linux operating system is related to incorrect input validation. Exploiting this vulnerability could allow an attacker to cause a service failure...

Vulnerability of the mcp251xfd_probe() function in the drivers/net/can/spi/mcp251xfd/mcp251xfd-core.c module – The Linux kernel’s CAN network device driver allows attackers to access protected information or cause service failures.

Vulnerability of the mcp251xfdprobe function in the drivers/net/can/spi/mcp251xfd/mcp251xfd-core.c module – The Linux system’s CAN device driver framework is vulnerable due to a pointer issue related to NULL pointers. Exploiting this vulnerability could allow an attacker to access protected...

The vulnerability of the nf_tables_newobj() function in the net/netfilter/nf_tables_api.c module of the netfilter component of the Linux operating system allows a attacker to access protected information or cause a service failure.

The vulnerability of the nftablesnewobj function in the net/netfilter/nftablesapi.c module of the netfilter component of the Linux operating system is related to improper memory release before deleting the last reference memory leak. Exploiting this vulnerability may allow an attacker to access...

The vulnerability of the `local_daif_inherit()` function in the `arch/arm64/include/asm/daifflags.h` header, which is part of the ARM 64-bit kernel support for the Linux operating system, allows a hacker to trigger a service failure.

The vulnerability of the localdaifinherit function in the arch/arm64/include/asm/daifflags.h header, which is part of the ARM 64-bit kernel support for Linux operating systems, is related to incorrect input validation. Exploiting this vulnerability could allow an attacker to trigger a system...

The vulnerability of the svc_rqst_free() function in the net/sunrpc/svc.c module of the RPC protocol implementation in the Linux operating system allows a attacker to cause a service failure.

The vulnerability of the svcrqstfree function in the net/sunrpc/svc.c module of the RPC protocol implementation in the Linux operating system is related to the assignment of the NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the idxd_cmd_exec() function in the drivers/dma/idxd/device.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the idxdcmdexec function in the drivers/dma/idxd/device.c module of the Linux operating system is related to the assignment of the NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the breakpoint_handler() function in the arch/arm/kernel/hw_breakpoint.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the breakpointhandler function in the arch/arm/kernel/hwbreakpoint.c module of the Linux operating system is related to incorrect checking of the return value of the function. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the f2fs_resize_fs() function in the fs/f2fs/gc.c module of the F2FS file system support in Linux operating systems allows a hacker to cause a service failure.

The vulnerability of the f2fsresizefs function in the fs/f2fs/gc.c module of the F2FS file system support in Linux operating systems is related to insufficient checking of exception states. Exploiting this vulnerability could allow an attacker to cause a service failure...

Vulnerability of the pci_epf_test_bind() function in the driver/pci/endpoint/functions/pci-epf-test.c module – This driver is part of the Linux operating system’s PCI device support framework. It allows a hacker to trigger a service failure.

Vulnerability of the pciepftestbind function in the driver/pci/endpoint/functions/pci-epf-test.c module – The Linux operating system’s PCI device support driver is vulnerable due to a reliance on the NULL pointer pointer. Exploiting this vulnerability could allow an attacker to cause a service...

The vulnerability of the Dell PowerScale OneFS operating system, related to synchronization errors when using shared resources, allows a hacker to trigger a service failure.

The vulnerability of the Dell PowerScale OneFS operating system is related to synchronization errors when using shared resources “Race Conditions”. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the sev_vcpu_deliver_sipi_vector() function in the arch/x86/kvm/svm/sev.c module of the virtualization subsystem on the Linux kernel-based x86 platform allows a attacker to cause a service failure.

The vulnerability of the sevvcpudeliversipivector function in the arch/x86/kvm/svm/sev.c module of the virtualization subsystem on the Linux kernel-based x86 platform is related to the assignment of the NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the tpm_seal() function in the security/keys/trusted-keys/trusted_tpm1.c kernel module of the Linux operating system allows a perpetrator to gain access to protected information or cause service failures.

The vulnerability of the tpmseal function in the security/keys/trusted-keys/trustedtpm1.c kernel module of the Linux operating system is related to improper memory release before deleting the last reference memory leak. Exploiting this vulnerability may allow an attacker to access protected...

Vulnerability of the bnxt_rx_pkt() function in the drivers/net/ethernet/broadcom/bnxt/bnxt.c module – A Linux kernel Ethernet network adapter driver support mechanism that allows an attacker to access protected information or cause service failure.

Vulnerability of the bnxtrxpkt function in the drivers/net/ethernet/broadcom/bnxt/bnxt.c module – The Linux kernel’s Ethernet network adapter support driver has vulnerabilities related to indexing mechanisms. Exploiting this vulnerability could allow attackers to access protected information or...

The vulnerability of the mvme147_timer_int() function in the arch/m68k/mvme147/config.c file of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the mvme147timerint function in the arch/m68k/mvme147/config.c file of the Linux operating system’s kernel is related to incorrect input validation. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the Dell PowerScale OneFS operating system, related to writing beyond buffer boundaries into memory, allows a attacker to trigger a service failure.

The vulnerability of the Dell PowerScale OneFS operating system lies in writing beyond buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the __set_fixmap() function in the arch/powerpc/include/asm/book3s/64/pgtable.h file allows a hacker to trigger a service failure on the PowerPC platform of the Linux operating system.

The vulnerability of the setfixmap function in the arch/powerpc/include/asm/book3s/64/pgtable.h file, which is part of the PowerPC platform support for the Linux operating system, is related to incorrect input validation. Exploiting this vulnerability could allow an attacker to cause a service...

Vulnerability of the mt7915_unregister_device() function in the drivers/net/wireless/mediatek/mt76/mt7915/init.c file – This driver is part of the Linux kernel’s wireless adapter support mechanism; it allows a hacker to cause a service failure.

Vulnerability of the mt7915unregisterdevice function in the drivers/net/wireless/mediatek/mt76/mt7915/init.c module – The Linux kernel’s wireless adapter support driver has vulnerabilities related to security configuration errors. Exploiting this vulnerability could allow an attacker to cause...

Vulnerability of the mt7921pci_suspend() function in the drivers/net/wireless/mediatek/mt76/mt7921/pci.c module – This driver provides support for wireless communication adapters in the Linux operating system. It can be exploited by attackers to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the mt7921pcisuspend function in the drivers/net/wireless/mediatek/mt76/mt7921/pci.c module – The driver for supporting wireless connection adapters in the Linux operating system contains errors in its code. Exploiting this vulnerability could allow an attacker to compromise the...

Vulnerability of the mt7615_unregister_device() function in the driver/net/wireless/mediatek/mt76/mt7615/pci_init.c file – This is a driver for supporting wireless connection adapters in the Linux operating system. It allows an attacker to gain access to protected information.

Vulnerability of the mt7615unregisterdevice function in the driver/net/wireless/mediatek/mt76/mt7615/pciinit.c file – The Linux kernel’s wireless adapter support driver is vulnerable to a memory leak before the last reference is freed. Exploiting this vulnerability could allow an attacker to acce...

The vulnerability of the dm thin kernel component in the Linux operating system, which allows a hacker to cause a service failure

The vulnerability of the dm thin kernel component in the Linux operating system is related to memory reading beyond the allocated buffer in the getfirstthin function in drivers/md/dm-thin.c. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the acpi_nfit_ctl() function in the drivers/acpi/nfit/core.c file of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the acpinfitctl function in the drivers/acpi/nfit/core.c file of the Linux kernel is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the virtio-blk component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the virtio-blk component in the Linux operating system’s kernel is related to insufficient validation of input data in the functions virtblkremove and virtblkrestore in drivers/block/virtioblk.c. Exploiting this vulnerability could allow an attacker to trigger a service failu...

Vulnerability of the _scsih_expander_node_remove() function in the drivers/scsi/mpt3sas/mpt3sas_scsih.c module – This driver is a Linux system kernel driver for supporting SCSI devices. It allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the scsihexpandernoderemove function in the drivers/scsi/mpt3sas/mpt3sasscsih.c module – The drivers for SCSI devices in Linux operating systems are related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the...

The vulnerability of the rxrpc_exit_net() function in the net/rxrpc/net_ns.c module, which implements networking functions for the Linux kernel, allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the rxrpcexitnet function in the net/rxrpc/netns.c module, which implements networking functions in the Linux kernel, is related to the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

The vulnerability of the LZ4_decompress_generic() function in the lib/lz4/lz4_decompress.c file, which is part of the lz4 compression module for Linux kernel, allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the LZ4decompressgeneric function in the lib/lz4/lz4decompress.c module relates to the reutilization of previously freed memory in Linux kernel-based compression algorithms. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, an...

The vulnerability of the Thunderbird email client, related to the redirection of URLs to unreliable websites, allows a hacker to redirect users to arbitrary URL addresses.

The vulnerability of the Thunderbird email client relates to the redirection of URLs to unreliable websites when loading the login page. Exploiting this vulnerability allows a malicious actor to redirect users to arbitrary URL addresses...

Vulnerability of the usbassign_descriptors() function in the drivers/usb/gadget/config.c module – The Linux kernel’s USB device support driver allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the usbassigndescriptors function in the drivers/usb/gadget/config.c module – The Linux kernel’s USB device driver support is related to the assignment of a NULL pointer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

Vulnerability of components of Linux operating system’s kernel/mlx5, allowing a hacker to cause a service failure

The vulnerability of the net/mlx5 component in the Linux operating system’s kernel is related to incorrect blocking in the cmdworkhandler function in drivers/net/ethernet/mellanox/mlx5/core/cmd.c. Exploiting this vulnerability can allow an attacker to cause a service failure...

Vulnerability of the zpa2326_fill_sample_buffer() function in the drivers/iio/pressure/zpa2326.c module – This driver supports various types of built-in sensors in the Linux operating system. An attacker can exploit this vulnerability to gain access to protected information or cause service failures.

Vulnerability of the zpa2326fillsamplebuffer function in the drivers/iio/pressure/zpa2326.c module – The driver for supporting various types of embedded sensors in the Linux operating system involves the use of an uninitialized resource. Exploiting this vulnerability could allow an attacker to...

Vulnerability of the rockchip_saradc_trigger_handler() function in the drivers/iio/adc/rockchip_saradc.c module – This driver supports various types of built-in sensors in the Linux operating system. An attacker could exploit this vulnerability to gain access to protected information or cause service failures.

Vulnerability of the rockchipsaradctriggerhandler function in the drivers/iio/adc/rockchipsaradc.c module – The drivers for supporting various types of embedded sensors in the Linux operating system rely on the use of uninitialized resources. Exploiting this vulnerability could allow an attacker ...

The vulnerability of Nomad application orchestrators, related to the disclosure of information through registration files, allows attackers to gain access to the client’s secret token.

The vulnerability of Nomad application orchestrators is related to the disclosure of information through registration files. Exploiting this vulnerability can allow a remote attacker to gain access to the client’s secret token...

The vulnerability of the Jinja HTML templating compiler lies in its failure to properly eliminate special elements during template creation. This allows attackers to trigger a service failure.

The vulnerability of the Jinja HTML template compiler relates to the lack of measures taken to neutralize special elements in the template creation mechanism. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of the Vim text editor, related to the introduction or modification of arguments, allows attackers to gain access to confidential information.

The vulnerability of the Vim text editor is related to the implementation or modification of arguments. Exploiting this vulnerability can allow an attacker to access confidential information...

The vulnerability of the GNOME graphical interface library libsoup allows a attacker to perform a “HTTP request hijacking” attack.

The vulnerability of the GNOME graphical interface’s libsoup library is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a remote attacker to carry out an “HTTP request hijacking” attack...

The vulnerability of the soup_headers_parse_request() function in the libsoup library, a graphical interface library for GNOME, allows a hacker to trigger a service failure.

The vulnerability of the soupheadersparserequest function in the GNOME graphical interface library libsoup is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause a service failure by sending a special...