90509 matches found
The vulnerability of the MHTML component in Google Chrome browser allows attackers to disclose confidential information.
The vulnerability of the MHTML component in Google Chrome relates to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to disclose confidential information remotely...
The vulnerability of the Animation component in the Google Chrome browser allows a hacker to execute arbitrary code.
The vulnerability of the Animation component in Google Chrome browser relates to the possibility of using memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the Feedback component in the Google Chrome browser allows a hacker to elevate their privileges.
The vulnerability of the Feedback component in Google Chrome relates to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...
The vulnerability of the Gogs software tool for creating self-governed Git repositories stems from the lack of protective measures taken against the website structure. This allows attackers to perform cross-site scripting attacks.
The vulnerability of the Gogs self-managed Git repository creation software exists because measures to protect the structure of the web interface have not been implemented. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
The vulnerability of Ubiquiti UniFi Protect’s microprogramming software, related to deficiencies in authentication procedures, allows a intruder to gain unauthorized access to the device.
The vulnerability of Ubiquiti UniFi Protect’s microprogramming software is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow an intruder, operating remotely, to gain unauthorized access to the device...
The vulnerability of the Cast component in the Google Chrome browser allows a hacker to execute arbitrary code.
The vulnerability of the Cast component in Google Chrome browser relates to the ability to utilize memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the ANGLE library in Google Chrome browsers allows attackers to gain access to system resources beyond the limitations of the browser environment.
The vulnerability of the ANGLE library in Google Chrome browsers relates to the ability to utilize memory after it is freed. Exploiting this vulnerability could allow a remote attacker to gain access to system resources beyond the limitations of the browser environment...
The vulnerability of the Canvas component in the Google Chrome browser allows a hacker to execute arbitrary code.
The vulnerability of the Canvas component in Google Chrome browser relates to the ability to utilize memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code within a isolated programming environment, using a specially created HTML page...
The vulnerability of the Navigation component in Google Chrome allows a hacker to execute arbitrary code.
The vulnerability of the Navigation component in Google Chrome relates to the possibility of using memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code through a specially created HTML page...
The vulnerability of the Tint component in the Google Chrome browser allows a perpetrator to execute arbitrary code or disclose confidential information.
The vulnerability of the Tint component in Google Chrome browsers is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or disclose confidential information...
The vulnerability of the safe() function in the Gogs self-managed Git repository creation tool allows a hacker to perform cross-site scripting attacks.
The vulnerability of the safe function in the Gogs self-managed Git repository creation tool exists because measures to protect the website structure are not taken. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...
The vulnerability of the application programming interface of the software for creating self-governing Git repositories called Gogs allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the application programming interface of the Gogs self-managed Git repository creation software is related to the disclosure of information through query strings. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to...
The vulnerability of HashiCorp Consul Community Edition and Consul Enterprise in the configuration tool, related to improper definition of the link before accessing the file, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the HashiCorp Consul Community Edition and Consul Enterprise service configuration tools is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access t...
The vulnerability of the Angle component in the Google Chrome browser allows a hacker to elevate their privileges or execute arbitrary code.
The vulnerability of the Angle component in the Google Chrome browser is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the free() function in Google Chrome browsers, which allows a hacker to trigger memory corruption.
The vulnerability of the free function in Google Chrome browsers relates to the possibility of using memory after it is freed. Exploiting this vulnerability could allow a remote attacker to cause memory corruption...
The vulnerability of the WebView component for displaying web pages in Google Chrome allows a hacker to execute arbitrary code.
The vulnerability of the WebView component in Google Chrome browsers relates to the ability to utilize memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the Accessibility component in Google Chrome browser allows attackers to enhance their privileges.
The vulnerability of the Accessibility component in Google Chrome browser relates to the ability to utilize memory after it is freed. Exploiting this vulnerability could allow a remote attacker to gain increased privileges...
The vulnerability of the Gogs software tool for creating self-governed Git repositories stems from the lack of protective measures taken against the website structure. This allows attackers to perform cross-site scripting attacks.
The vulnerability of the Gogs self-managed Git repository creation software exists because measures to protect the structure of the web interface have not been implemented. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
Vulnerability of the fromSetCfm() function (/goform/setcfm) in the Tenda FH451 router’s software, allowing a hacker to execute arbitrary code
The vulnerability of the fromSetCfm function /goform/setcfm in the Tenda FH451 router’s microprogramming software is related to buffer overflow in the stack. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
Vulnerability of the formQuickIndex() function (/goform/QuickIndex) in the Tenda FH451 router’s software, allowing a hacker to execute arbitrary code
The vulnerability of the formQuickIndex function /goform/QuickIndex in the Tenda FH451 router’s software is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability of the strcpy() function (/goform/exeCommand) in the Tenda F453 router’s microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the strcpy function /goform/exeCommand in the Tenda F453 router’s microprogramming system is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability of Google Chrome’s Codecs component allows a hacker to execute arbitrary code.
The vulnerability of Google Chrome’s Codecs component relates to the ability to utilize memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the Google Chrome browser’s Views component allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the Google Chrome browser’s Views component relates to the possibility of memory usage after deallocation. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the JetBrains YouTrack project management and task management software lies in its inability to eliminate special elements in the template creation mechanism, allowing attackers to execute arbitrary code.
The vulnerability of the JetBrains YouTrack project and task management tool is related to the lack of measures taken to eliminate special elements in the template creation mechanism. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the formSetPassword() function in D-Link DIR-513 router software allows a hacker to cause memory corruption.
The vulnerability of the formSetPassword function in D-Link DIR-513 router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause memory corruption...
The vulnerability of the Gogs self-managed Git repository creation software lies in the possibility of manipulating arguments, allowing attackers to compromise the integrity and accessibility of the protected information.
The vulnerability of the Gogs self-managed Git repository creation software is related to the implementation or modification of arguments. Exploiting this vulnerability allows a malicious actor to compromise the integrity and accessibility of the protected information...
The vulnerability of the Chromoting component of the Google Chrome browser allows a hacker to execute arbitrary code.
The vulnerability of the Chromoting component in Google Chrome’s browser is related to the ability to utilize memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the WebMIDI component in Google Chrome browser allows a hacker to execute arbitrary code.
The vulnerability of the WebMIDI component in Google Chrome browser relates to the ability to utilize memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the pickle.loads() function in the Hugging Face LeRobot library, which allows a hacker to execute arbitrary code.
The vulnerability of the pickle.loads function in the Hugging Face LeRobot library is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the graphics processor in Google Chrome browser allows a hacker to trigger memory corruption.
The vulnerability of the Google Chrome browser’s graphics processor is related to the possibility of using memory after it is freed. Exploiting this vulnerability can allow a remote attacker to cause memory corruption...
The vulnerability of Google Chrome’s Compositing component allows attackers to gain access to protected information.
The vulnerability of Google Chrome’s Compositing component is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain access to protected information...
The vulnerability of the cross-platform MsQuic library, related to a countable loss of significance, allows attackers to increase their privileges.
The vulnerability of the cross-platform MsQuic library is related to a countable loss of significance. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the sub_3C434() function (/goform/AdvSetWan) in the Tenda FH451 router’s microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the sub3C434 function /goform/AdvSetWan of the Tenda FH451 router’s microprogramming software is related to buffer overflow in the stack. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the Google Chrome browser’s Media component, which allows a hacker to execute arbitrary code.
The vulnerability of the Google Chrome browser’s Media component relates to the possibility of using memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code within an isolated software environment, using a specially created HTML page...
The vulnerability of the rbeprev() function in Linux operating system kernels, which allows a perpetrator to compromise the accessibility of protected information
The vulnerability of the rbeprev function in Linux operating systems is related to excessive iteration. Exploiting this vulnerability can allow an attacker to compromise the accessibility of protected information...
The vulnerability of the hswep_has_limit_sbox() function in the arch/x86/events/intel/uncore_snbep.c module, which is part of the Linux kernel support for x86 processors, allows a hacker to trigger a service failure.
The vulnerability of the hswephaslimitsbox function in the arch/x86/events/intel/uncoresnbep.c module of the Linux kernel’s x86 platform is related to errors during link counter updates. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the iscsi_sw_tcp_conn_set_param() function in the drivers/scsi/iscsi_tcp.c file of the Linux operating system’s SCSI device driver allows a attacker to cause a service failure.
The vulnerability of the iscsiswtcpconnsetparam function in the drivers/scsi/iscsitcp.c file of the Linux SCSI device driver is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the ubi_wl_put_peb() function in the Linux operating system allows a attacker to compromise the accessibility of protected information.
The vulnerability of the ubiwlputpeb function in the Linux operating system is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow an attacker to compromise the accessibility of protected information...
The vulnerability of the `bnxt_rx_pkt()` function in the `drivers/net/ethernet/broadcom/bnxt/bnxt.c` file of the Linux kernel’s Ethernet adapter support driver allows a hacker to cause a system failure.
The vulnerability of the bnxtrxpkt function in the drivers/net/ethernet/broadcom/bnxt/bnxt.c file of the Linux kernel’s Ethernet adapter support driver is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to cause a system failure...
The vulnerability of the __pskb_pull_tail() function in the net/core/skbuff.c module, which supports kernel network functions in the Linux operating system, allows a hacker to trigger a service failure.
The vulnerability of the pskbpulltail function in the net/core/skbuff.c module related to kernel network functions of the Linux operating system involves disclosing confidential information. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the ext4_da_write_end() function in the fs/ext4/inode.c module of the Ext4 file system in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the ext4dawriteend function in the fs/ext4/inode.c module of the Ext4 file system in the Linux operating system is related to the copying of buffers without checking the size of the input data a classic buffer overflow attack. Exploiting this vulnerability could allow an...
The vulnerability of the xfrm_update_ae_params() function in the net/xfrm/xfrm_user.c module, which is part of the networking functions of the Linux kernel, allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the xfrmupdateaeparams function in the net/xfrm/xfrmuser.c module, which is part of the networking functions in the Linux kernel, relates to the use of the NULL pointer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
The vulnerability of the nfs_d_automount() function in the Linux operating system allows a attacker to compromise the accessibility of protected information.
The vulnerability of the nfsdautomount function in the Linux operating system is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to compromise the accessibility of protected information...
The vulnerabilities of the functions vhost_vsock_alloc_pkt() (drivers/vhost/vsock.c) and virtio_transport_free_pkt() (net/vmw_vsock/virtio_transport_common.c) in the Linux operating system’s IoTLB generic implementation for vhost and vringh kernels allow a hacker to induce a service failure.
The vulnerabilities of the functions vhostvsockallocpkt drivers/vhost/vsock.c and virtiotransportfreepkt net/vmwvsock/virtiotransportcommon.c in the Linux operating system’s IoTLB implementation are related to errors in resource allocation of large sizes. Exploiting these vulnerabilities can allo...
The vulnerability of the sock_map_free() function in the net/core/sock_map.c module exposes support for network functions in the Linux kernel, allowing an attacker to cause a service failure.
The vulnerability of the sockmapfree function in the net/core/sockmap.c module related to Linux kernel’s network function support is due to the reutilization of previously freed memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the nf_flow_table_free() function in Linux operating systems allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the nfflowtablefree function in Linux operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to compromise the accessibility of protected information...
The vulnerability of the blk_mq_elv_switchnone() function in the block/blk-mq.c module, which supports the block-level kernel in the Linux operating system. This vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the blkmqelvswitchnone function in the block/blk-mq.c module, which supports the block-level kernel in the Linux operating system, is related to the assignment of a NULL pointer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrit...
The vulnerability of the hi3660_thermal_probe() function in the drivers/thermal/hisi_thermal.c module of the Linux kernel’s temperature control driver allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the hi3660thermalprobe function in the drivers/thermal/hisithermal.c module of the Linux kernel’s temperature control driver is related to the distribution of resources without any restrictions or regulation. Exploiting this vulnerability could allow an attacker to compromise...
The vulnerability of the error_context() function in the arch/x86/kernel/cpu/mce/severity.c module, part of the Linux kernel support for x86 processors, allows a malicious actor to trigger a service failure.
The vulnerability of the errorcontext function in the arch/x86/kernel/cpu/mce/severity.c module, part of the Linux kernel support for x86 processors, is related to the improper disabling or release of resources. Exploiting this vulnerability could allow an attacker to trigger a service failure...
The vulnerability of the vmbus_disconnect() function in the drivers/hv/connection.c module of the Microsoft HyperV Linux kernel driver allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the vmbusdisconnect function in the drivers/hv/connection.c module of the Microsoft HyperV Linux operating system kernel is related to the dereferencing of the NULL pointer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, an...