74701 matches found
The vulnerability of embedded software developed by Qualcomm, related to the execution of operations outside the buffer in memory, allows attackers to disclose protected information.
The vulnerability of microprogramming software in embedded Qualcomm chips is related to the execution of operations beyond buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to disclose protected information during RTCP protocol processing...
The vulnerability of the RP_checkFWByBBS() function in the microprogramming software for Linksys’ wireless signal amplifiers allows a hacker to execute arbitrary commands.
The vulnerability of the RPcheckFWByBBS function in the microprogramming software for Linksys wireless signal amplifiers is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute...
The vulnerability of the IBM InfoSphere Information Server software platform, related to the unencrypted storage of critical information, allows attackers to gain unauthorized access to protected data.
The vulnerability of the IBM InfoSphere Information Server software platform lies in the unencrypted storage of critical information. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected data...
Vulnerabilities of the functions check_session_id(), smb2_check_user_session(), smb2_sess_setup(), smb2_session_logoff(), smb3_decrypt_req(), ksmbd_session_lookup(), ksmbd_session_lookup_slowpath(), and ksmbd_get_encryption_key() in the Linux operating system kernel, allowing a hacker to cause a service failure.
The vulnerabilities of the functions checksessionid, smb2checkusersession, smb2sesssetup, smb2sessionlogoff, smb3decryptreq, ksmbdsessionlookup, ksmbdsessionlookupslowpath, and ksmbdgetencryptionkey in the Linux operating system are related to improper locking mechanisms. Exploiting these...
The vulnerability of embedded software developed by Qualcomm, related to the execution of operations outside the buffer in memory, allows attackers to disclose protected information.
The vulnerability of embedded Qualcomm software is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to disclose protected information during the processing of RTP packets...
The vulnerability of the NTFS file system of the Windows operating system, which allows a hacker to execute arbitrary code
The vulnerability of the NTFS file system in Windows operating systems is related to buffer overflow in the stack. Exploiting this vulnerability allows an attacker to execute arbitrary code...
The vulnerability of the SQL concat_ws() function in the SQLite database management system, allowing a hacker to cause a service failure
The vulnerability of the SQL concatws function in the SQLite database management system is related to integer overflow. Exploiting this vulnerability could allow an attacker to cause a service failure through the malloc parameter...
The vulnerability of the Linux operating system’s Bluetooth kernel component, which allows a hacker to trigger a service failure
The vulnerability of the Linux operating system’s Bluetooth kernel component is related to improper validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Linux operating system’s kernel Wi-Fi component, which allows a hacker to trigger a service failure
The vulnerability of the Linux operating system’s kernel Wi-Fi component is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the sqlite3_db_config() function in the sqlite3.c file of the SQLite database management system allows a attacker to cause a service failure.
The vulnerability of the sqlite3dbconfig function in the sqlite3.c file of the SQLite database management system is related to integer overflow. Exploiting this vulnerability could allow an attacker to cause a service failure through the sznBig parameter...
The vulnerability of the Service Diagnostics Scripts component of the OracleTeleservice module in the Oracle E-Business Suite automation system allows a perpetrator to disclose protected information.
The vulnerability of the Service Diagnostics Scripts component of the Oracle Teleservice module in the Oracle E-Business Suite system relates to insufficient protection of operational data. Exploiting this vulnerability could allow an attacker, operating remotely, to disclose protected informatio...
The vulnerability of the Citrix Secure Access Client software for secure remote access on the Mac OS lies in a flaw related to data protection mechanisms. This flaw allows attackers to gain unauthorized access and modify or read protected information.
The vulnerability of the Citrix Secure Access Client software for secure remote access on the Mac OS is related to a flaw in the data protection mechanism. Exploiting this vulnerability can allow an attacker to gain unauthorized access to and modify, or read, protected information...
The vulnerability in the fs/f2fs/extent_cache.c module of the Linux file system’s kernel allows a hacker to cause a service failure.
The vulnerability in the fs/f2fs/extentcache.c file of the Linux file system’s f2fs kernel is related to improper locking of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Citrix Secure Access Client software for secure remote access on the Mac OS, related to an uncontrolled search element, allows a malicious individual to gain unauthorized access to and modify protected information.
The vulnerability of the Citrix Secure Access Client software for secure remote access on the Mac OS is related to an uncontrolled element in the search process. Exploiting this vulnerability can allow a malicious individual to gain unauthorized access to and modify, or read, protected informatio...
The vulnerability of the formMapReboot() function (/boafrm/formMapReboot) in the TOTOLINK X15 router microprogramming software allows a intruder to execute arbitrary commands or cause a service failure.
The vulnerability of the formMapReboot function /boafrm/formMapReboot of the TOTOLINK X15 router’s microprogramming software is related to the issue of the operation exceeding the buffer boundaries in memory when processing the deviceMacAddr parameter. Exploiting this vulnerability allows a remot...
The vulnerability of the vlan_get_tci() function in the net/packet/af_packet.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the vlangettci function in the net/packet/afpacket.c module of the Linux kernel is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the JSON extension of the Ruby programming language interpreter allows a hacker to trigger a service failure.
The vulnerability of the JSON extension of the Ruby programming language interpreter involves reading data beyond the allowable range of memory. Exploiting this vulnerability could allow a malicious actor to cause a service failure by sending specially crafted data...
The vulnerability of the wirelessApcli_5g() function (/goform/wirelessApcli_5g) in D-Link DIR-816 router software allows a hacker to cause a service failure.
The vulnerability of the wirelessApcli5g function /goform/wirelessApcli5g of the D-Link DIR-816 router’s software is related to buffer overflow in the stack. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.
The vulnerability of the MySQL Server component of the database management system involves the improper assignment of permissions to a critical resource. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...
Vulnerability of the functions xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables (in the libxml2 library), which allows a hacker to execute arbitrary code.
The vulnerability of the xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables functions in the Libxml2 library is related to the possibility of using memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code by sending a specially created XML...
The vulnerability of Acronis Cyber Protect Cloud Agent lies in its improper or inadequate management of file access rights, allowing attackers to increase their privileges.
The vulnerability of Acronis Cyber Protect Cloud Agent is related to improper or insufficient management of file access rights. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of Acronis Cyber Protect 16 software-related data protection software lies in improper configuration of access rights to important system resources, allowing attackers to enhance their privileges.
The vulnerability of Acronis Cyber Protect 16 software-related data protection software is related to incorrect configuration of access rights for important system resources. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the built-in boa server (/boafrm/formMapDel) of the Totolink X2000R router’s microprogramming software allows a hacker to execute arbitrary commands.
The vulnerability of the built-in server boa /boafrm/formMapDel of the Totolink X2000R router’s microprogramming software is related to the lack of data cleaning at the management level when processing the parameter devicemac1. Exploiting this vulnerability allows an attacker operating remotely t...
The vulnerability of the ssid1MACFilter() function in the Linksys wireless signal amplifiers’ software allows a hacker to execute arbitrary commands.
The vulnerability of the ssid1MACFilter function in the Linksys wireless amplifier software-related microprogramming system is related to the lack of measures to neutralize specific elements. Exploiting this vulnerability could allow a remote attacker to execute arbitrary commands...
The vulnerability of the wlan STA driver microprogramming software of MediaTek, which allows a hacker to cause a service failure.
The vulnerability of the wlan STA driver’s microprogramming software from MediaTek is related to pointer assignment errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the ThinServer.exe executable file of the ThinServer component of Rockwell Automation’s ThinManager application management platform allows a attacker to cause a service failure.
The vulnerability of the ThinServer.exe executable file of the ThinServer component of Rockwell Automation’s ThinManager application for centralized application management involves reading data beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to cause...
The vulnerability of the JetBrains YouTrack project and task management software interface allows a hacker to gain read, edit, and delete access to data.
The vulnerability of the JetBrains YouTrack project and task management software interface lies in the lack of authentication for critical functions. Exploiting this vulnerability allows a malicious actor to gain read, edit, and delete access to data...
The vulnerability of the pci1xxxx gpio_irqu_handler() function in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the pci1xxxx gpioirthandler function in the Linux operating system is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Device Configuration component in the APIX application programming interface of the AXIS OS operating system allows a perpetrator to increase their privileges.
The vulnerability of the Device Configuration component in the APIX application programming interface of the AXIS OS operating system is related to insecure management of privileges. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the `setLocateBeaconOnHardware` method in the HPE StoreOnce VSA virtual storage system allows a intruder to execute arbitrary code.
The vulnerability of the setLocateBeaconOnHardware method in the HPE StoreOnce VSA virtual storage system is related to the lack of measures taken to manage data at the management level. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the getServerPayload method in the HPE StoreOnce VSA storage virtualized system allows a attacker to disclose protected information.
The vulnerability of the getServerPayload method in the HPE StoreOnce VSA storage virtualized environment is related to an incorrect restriction on the path name to the restricted-access directory. Exploiting this vulnerability could allow a malicious actor to disclose protected information from ...
The vulnerability of the deletePackages method in the HPE StoreOnce VSA virtual storage system allows a attacker to gain access to read and delete any files they desire.
The vulnerability of the deletePackages method in the HPE StoreOnce VSA virtual storage system is related to an incorrect restriction on the path name to the restricted-access directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to read and...
The vulnerability in the Splunk Web interface of the Splunk Enterprise operating analysis platform allows a perpetrator to execute arbitrary code.
The vulnerability in the Splunk Web interface of the Splunk Enterprise operating analysis platform is related to the lack of security measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the DuckDBVectorStore class in the LlamaIndex framework for working with large language models allows a hacker to execute arbitrary code.
The vulnerability of the DuckDBVectorStore class in the LlamaIndex framework for working with large language models involves a lack of protection for SQL query structures. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...
The vulnerability of the get_article_urls() function in the KnowledgeBaseWebReader class of the LlamaIndex framework for working with large language models allows a attacker to trigger a service denial.
The vulnerability of the getarticleurls function in the KnowledgeBaseWebReader class of the LlamaIndex framework, which is used for working with large language models, is related to an uncontrolled resource consumption when processing the maxdepth parameter. Exploiting this vulnerability could...
The vulnerability of the j1939_session_deactivate() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the j1939sessiondeactivate function in the Linux operating system is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Apache InLong data integration platform, related to shortcomings in the deserialization mechanism, allows attackers to circumvent existing security restrictions and gain access to read arbitrary files.
The vulnerability of the Apache InLong data integration platform is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and gain access to read arbitrary files...
The vulnerability of the Apache InLong data integration platform, related to deficiencies in the deserialization mechanism, allows attackers to gain unauthorized access to protected information.
The vulnerability of the Apache InLong data integration platform is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of embedded Qualcomm microprogramming software, related to access control errors, allows attackers to damage memory.
The vulnerability of embedded Qualcomm software programs is related to access control errors. Exploiting this vulnerability can allow attackers to damage memory...
The vulnerability of the WLAN HAL microprogramming system component in Qualcomm’s embedded chips allows a hacker to trigger a service failure.
The vulnerability of the WLAN HAL microprogramming system component in Qualcomm’s embedded chips relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the cacheinfo component in the Linux operating system’s kernel allows a hacker to influence the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the cacheinfo component in the Linux operating system’s kernel is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the `people_depts` function in the `people_depts.php` file of the openDCIM software management infrastructure, which allows a hacker to execute arbitrary code.
The vulnerability of the peopledepts function in the peopledepts.php file of the openDCIM software for managing data infrastructure involves the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability in the x509_main function of the apps/x509.c module in the OpenSSL library allows a attacker to replace the trusted certificate.
The vulnerability of the x509main function in the apps/x509.c module of the OpenSSL library is related to errors in the certificate validation process. Exploiting this vulnerability could allow an attacker to replace the trusted certificate...
The vulnerability of the AdmissionPolicy and AdmissionPolicyGroup settings of the Kubernetes cluster’s kubewarden-controller controller allows a malicious actor to gain unauthorized access to modify data or expose protected information.
The vulnerability of the AdmissionPolicy and AdmissionPolicyGroup settings in the Kubernetes cluster kubewarden-controller is related to improper authorization. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to modify data or expose sensitive...
The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to errors in information presentation on the user interface, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to information representation errors in the user interface. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the Activity Guide Composer component in the PeopleSoft Enterprise CC Common Application Objects suite allows a malicious individual to gain unauthorized access to read, add, modify, or delete data.
The vulnerability of the Activity Guide Composer component, a toolset for managing and processing data in PeopleSoft Enterprise CC Common Application Objects, is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to gain unauthorized acces...
The vulnerability of the Inedo ProGet package management system lies in its ability to bypass the authentication process by using an alternative path or channel. This allows a perpetrator to cause a service failure or disclose protected information.
The vulnerability of the Inedo ProGet package management system relates to bypassing the authentication process by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to cause service failures or disclose protected information...
The vulnerability of Netgear WNR614 N300 Wi-Fi router’s microprogramming software, related to bypassing authentication procedures, allows attackers to circumvent security restrictions.
The vulnerability of Netgear WNR614 N300 Wi-Fi router’s microprogramming software relates to bypassing the authentication process when adding the %00currentsetting.htm line to the URL address. Exploiting this vulnerability can allow an attacker to circumvent security restrictions remotely...
The vulnerability of the Power Hardware Management Console (HMC) device, related to errors in privilege management, allows a perpetrator to execute arbitrary commands.
The vulnerability of the Power Hardware Management Console HMC device is related to errors in privilege management. Exploiting this vulnerability could allow an attacker to execute arbitrary commands...
The vulnerability in the virtual server of the Control Plane Listener of the network traffic control and management system BIG-IP Policy Enforcement Manager allows a attacker to cause a service failure.
The vulnerability of the Control Plane Listener virtual server in the BIG-IP Policy Enforcement Manager network traffic control and management system is related to the failure to release resources after their expiration. Exploiting this vulnerability allows a malicious actor to cause service...