The vulnerability of the CDUP command in the Freefloat FTP Server allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the CDUP command in the Freefloat FTP server is related to the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause service interruptions...

The vulnerability of the built-in web server boa (/boafrm/formDMZ) of TOTOLINK X15 router’s microprogramming software allows a perpetrator to execute arbitrary commands or cause service failure.

The vulnerability of the built-in web server boa /boafrm/formDMZ of TOTOLINK X15 router microprogramming software is related to the issue of the operation exceeding the buffer in memory when processing the submit-url parameter. Exploiting this vulnerability allows a remote attacker to execute...

The vulnerability in the built-in web server boa (/boafrm/formWirelessTbl) of TOTOLINK X15 router microprogramming software allows a intruder to execute arbitrary commands or cause a service failure.

The vulnerability of the built-in web server boa /boafrm/formWirelessTbl of TOTOLINK X15 router microprogramming software is related to the issue where the operation results are written out of the buffer into memory when processing the submit-url parameter. Exploiting this vulnerability allows a...

The vulnerability of the DIV_ROUND_CLOSEST() function in the Nuvoton NCT6775F circuit driver (drivers/hwmon/nct6775-core.c) in the Linux operating system allows a hacker to manipulate the accessibility of protected information.

The vulnerability of the DIVROUNDCLOSEST function in the Nuvoton NCT6775F circuit driver drivers/hwmon/nct6775-core.c in the Linux operating system is related to the occurrence of operations outside the memory buffer. Exploiting this vulnerability could allow an attacker to compromise the...

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain access to read, modify, or delete data, or to cause a service failure.

The vulnerability of the Core component of the Oracle VM VirtualBox software lies in an improper access to common directories due to incorrectly implemented authentication procedures. Exploiting this vulnerability can allow an attacker to gain read, modify, or delete access to data, or cause...

The vulnerability of IBM DB2 database management systems and IBM DB2 Connect Server lies in buffer overflows in the stack, which allows attackers to cause service interruptions.

The vulnerability of IBM DB2 database management systems, including IBM DB2 Connect Server, is related to buffer overflows in the stack. Exploiting this vulnerability can allow an attacker to cause service interruptions by sending specially crafted requests...

The vulnerability of the SSH server in the Golang programming language, related to uncontrolled resource consumption, allows a hacker to trigger a service failure.

The vulnerability of the SSH server in the Golang programming language is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the Framework component of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the Framework component in the Android operating system relates to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the System component of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of the System component of the Android operating system is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the System component of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of the System component of the Android operating system is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Framework component of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the Framework component in the Android operating system relates to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Framework component of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the Framework component in the Android operating system relates to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Vim text editor, related to the introduction or modification of arguments, allows attackers to gain access to confidential information.

The vulnerability of the Vim text editor is related to the implementation or modification of arguments. Exploiting this vulnerability can allow an attacker to access confidential information...

The vulnerability of the “Tab Strip” control element in the Google Chrome browser allows a hacker to replace the user interface.

The vulnerability of the Tab Strip control element in Google Chrome relates to the bypassing of authentication processes through spoofing. Exploiting this vulnerability allows a malicious actor to replace the user interface with a specially created HTML link...

The vulnerability of the FileSystemAccess API programming interface of the Google Chrome browser, which allows attackers to perform spoofing attacks

The vulnerability of the FileSystemAccess API of the Google Chrome browser’s software interface is related to errors in information representation by the user interface. Exploiting this vulnerability allows a malicious actor to perform spear-phishing attacks using a specially created HTML page...

The vulnerability of the `ksmbd_vfs_kern_path_locked()` function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the ksmbdvfskernpathlocked function in the Linux operating system is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Cisco Identity Services Engine (ISE) platform, which relates to the use of strictly encrypted login credentials, allows a hacker to alter the software configuration.

The vulnerability of the Cisco Identity Services Engine ISE platform relates to the use of strictly encrypted login credentials. Exploiting this vulnerability could allow a malicious actor to remotely modify the software configuration...

The vulnerability of the NAT Mapping configuration of the Virtual Server module in the microprogramming-based router software of TOTOLINK A3002RU allows attackers to carry out cross-site scripting (XSS) attacks.

The vulnerability of the NAT Mapping configuration of the Virtual Server module in the TOTOLINK A3002RU router software lies in the lack of protection for the website structure when processing the Service Type parameter. Exploiting this vulnerability allows an attacker to perform cross-site...

The vulnerability of the IP/Port Filtering configuration of the Firewall module of TOTOLINK A3002RU microprogrammed router software allows attackers to carry out cross-site scripting (XSS) attacks.

The vulnerability of the IP/Port Filtering configuration of the Firewall module in TOTOLINK A3002RU microprogrammed router software is related to the lack of protection for the website structure when processing the Comment parameter. Exploiting this vulnerability allows a remote attacker to perfo...

The vulnerability of the formMapReboot() function in the embedded server of the TOTOLINK X15 router’s microprogramming software allows a intruder to execute arbitrary commands.

The vulnerability of the formMapReboot function in the embedded server of the TOTOLINK X15 router’s microprogramming software is related to the lack of measures to clean input data during the processing of the deviceMacAddr parameter. Exploiting this vulnerability allows a remote attacker to...

The vulnerability of the MAC filtering configuration of the Firewall module in TOTOLINK A3002RU microprogrammed router software allows attackers to perform cross-site scripting (XSS) attacks.

The vulnerability of the MAC filtering configuration in the TOTOLINK A3002RU router’s microprogrammed software firewall module is related to the lack of protection for the website structure when processing the “Comment” parameter. Exploiting this vulnerability allows a remote attacker to perform...

The vulnerability of the Ribbon Communications Apollo 9608 platform, related to the use of rigidly encrypted account data, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Ribbon Communications Apollo 9608 optical transport network platform lies in the use of rigidly encrypted account data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the dtale library, related to the use of strictly encrypted credentials during the processing of the SECRET_KEY parameter, allows a hacker to bypass existing security restrictions and execute arbitrary code on the server.

The vulnerability of the dtale library lies in the use of strictly encrypted user credentials during the processing of the SECRETKEY parameter. Exploiting this vulnerability allows an attacker to bypass existing security restrictions and execute arbitrary code on the server...

The vulnerability in the fs/dlm/lock.c module of the Linux kernel’s locking mechanism allows a hacker to trigger a service failure.

The vulnerability in the fs/dlm/lock.c module of the Linux operating system’s locking manager, which involves pointer dereferencing errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the online business analytics service IBM Cognos Analytics, related to incorrect restrictions on XML links to external objects, allows attackers to disclose protected information or exploit memory resources.

The vulnerability of the online business analytics service IBM Cognos Analytics is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information or access memory resources...

The vulnerability of the Wi-Fi AP driver’s microprogramming software, enabling attackers to enhance their privileges.

The vulnerability of the Wi-Fi AP driver software developed by MediaTek is related to deficiencies in the authentication mechanism. Exploiting this vulnerability can allow remote attackers to gain increased privileges...

The vulnerability of the implementation of VoLTE/VoWiFi IMS microprogramming software in embedded devices from Qualcomm allows attackers to disclose protected information.

The vulnerability of VoLTE/VoWiFi IMS microprogramming system implementations in embedded Qualcomm devices stems from the operation of data out of the buffer in memory. Exploiting this vulnerability can allow a malicious actor to disclose protected information during RTCP packet processing...

The vulnerability in the `net/sched/sch_hfsc.c` module of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability in the net/sched/schhfsc.c module of the Linux operating system relates to the possibility of using memory after it is freed. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the Google Chrome browser’s messaging service allows attackers to carry out spoofing attacks on Android operating systems.

The vulnerability of the Google Chrome browser’s messaging service on Android operating systems is related to information representation errors in the user interface. Exploiting this vulnerability allows a malicious actor to carry out spam attacks using a specially created HTML page...

The vulnerability of the Compositing component in the Google Chrome browser allows attackers to execute arbitrary code or trigger a service denial.

The vulnerability of the Compositing component in the Google Chrome browser is related to the use of memory after deallocation. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause a service failure...

The vulnerability of platform monitoring systems for events detection, threat detection, and security analytics in IBM QRadar Suite and IBM Cloud Pak for Security lies in the storage of authentication data in unencrypted form within configuration files. This allows attackers to exploit their privileges.

The vulnerabilities of event monitoring platforms, threat detection systems, and security analytics tools from IBM QRadar Suite and IBM Cloud Pak for Security are related to the storage of authentication data in unencrypted form within configuration files. Exploiting these vulnerabilities can all...

The vulnerability of MediaTek’s Bluetooth driver microprogramming software allows attackers to enhance their privileges.

The vulnerability of the Bluetooth driver for Microprogramming Software MediaTek chips is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow a remote attacker to gain increased privileges...

The vulnerability of the wlan STA driver microprogramming software of MediaTek, which allows a hacker to cause a service failure.

The vulnerability of the wlan STA driver’s microprogramming software from MediaTek is related to pointer assignment errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Ribbon Communications Apollo 9608 platform, related to an uncontrolled element in the search process, allows a hacker to trigger a service failure.

The vulnerability of the Ribbon Communications Apollo 9608 optical transport network platform is related to an uncontrolled element in the search process. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

The vulnerability of the built-in server boa (/boafrm/formWsc) of the TOTOLINK X2000R router’s microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the built-in server boa /boafrm/formWsc of the TOTOLINK X2000R router microprogramming system is related to the lack of measures to sanitize input data during the processing of the peerRptPin parameter. Exploiting this vulnerability allows a remote attacker to execute arbitra...

The vulnerability of the Ribbon Communications Apollo 9608 platform, related to errors in privilege management, allows a perpetrator to influence the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Ribbon Communications Apollo 9608 optical transport network platform is related to errors in privilege management. Exploiting this vulnerability could allow an attacker to influence the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the Ribbon Communications Apollo 9608 platform, related to errors in privilege management, allows attackers to influence the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Ribbon Communications Apollo 9608 optical transport network platform is related to errors in privilege management. Exploiting this vulnerability could allow an attacker to influence the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the NAT Mapping module in TOTOLINK A3002RU software allows attackers to perform cross-site scripting (XSS) attacks.

The vulnerability of the NAT Mapping module in TOTOLINK A3002RU router microprogramming software is related to the lack of measures taken to protect the website structure when processing the Comment parameter. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting...

The vulnerability of the fromadvsetlanip() function in the Tenda AC18 router’s microprogramming software allows a hacker to induce a service failure.

The vulnerability of the fromadvsetlanip function in the Tenda AC18 router’s microprogramming software is related to buffer overflow in the stack when processing the lanMask parameter. Exploiting this vulnerability can allow an attacker to cause a service failure by sending a specially crafted PO...

The vulnerability of the Apache Felix HTTP Webconsole plugin, which stems from the lack of protective measures for website structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of the Apache Felix HTTP Webconsole plugin is related to the lack of security measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of the dev_replace_rwsem() function in the BTRFS file system of Linux kernels allows a attacker to cause a service failure.

The vulnerability of the devreplacerwsem function in the BTRFS file system of Linux operating systems is related to improper locking of resources. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability in the implementation of IOCTL commands in Qualcomm’s embedded software allows a hacker to damage memory.

The vulnerability of the IOCTL command implementation in Qualcomm’s embedded software lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to damage the memory...

The vulnerability of the Adreno GPU driver software’s microprogramming in Qualcomm embedded chips allows attackers to damage memory.

The vulnerability of the Adreno GPU driver in Qualcomm’s embedded chips relates to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to corrupt the memory...

The vulnerability of the Ribbon Communications Apollo 9608 platform, related to insufficient channel limitation for certain endpoints, allows a perpetrator to cause service interruptions.

The vulnerability of the Ribbon Communications Apollo 9608 optical transport network platform lies in the insufficient channel limitation for specified endpoints. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

The vulnerability of the saveStaticRouteData() function in Tenda RX3 software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the saveStaticRouteData function in Tenda RX3 router software lies in the issue of the operation being executed outside the buffer in memory when processing the list parameter. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service failure...

The vulnerability of the machineAccountCheck method in the HPE StoreOnce VSA storage system allows a hacker to circumvent security restrictions.

The vulnerability of the machineAccountCheck method in the HPE StoreOnce VSA storage system is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to circumvent security restrictions from a remote location...

The vulnerability of the determineInclusionAndExtract method in the HPE StoreOnce VSA virtual storage system allows a attacker to perform an SSRF attack.

The vulnerability of the determineInclusionAndExtract method in the HPE StoreOnce VSA virtual storage system is related to insufficient validation of incoming requests. Exploiting this vulnerability may allow a malicious actor to execute an SSRF attack remotely...

The vulnerability of the doExecute method in the HPE StoreOnce VSA storage virtualized system allows a attacker to execute arbitrary code.

The vulnerability of the doExecute method in the HPE StoreOnce VSA virtual storage system is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability may allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the queryHardwareReportLocally method in the HPE StoreOnce VSA virtual storage system allows a attacker to execute arbitrary code.

The vulnerability of the queryHardwareReportLocally method in the HPE StoreOnce VSA virtual storage system is related to the lack of measures taken to manage data at the administrative level. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of Autodesk Revit software for building information modeling allows a perpetrator to cause service failures, gain unauthorized access to protected information, and execute arbitrary code within the context of the current process.

The vulnerability of Autodesk Revit software for building information modeling involves the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause service failures, gain unauthorized access to protected information, and execute arbitrary code within the...