74701 matches found
The vulnerability of the Elasticsearch search engine, related to the unlimited distribution of resources, allows a hacker to cause a service failure.
The vulnerability of the Elasticsearch search engine, related to unlimited resource distribution. Exploiting this vulnerability can allow a malicious actor to cause service failures by sending specially crafted SQL queries...
Vulnerabilities of the `iscsi_sw_tcp_host_get_param()` and `iscsi_sw_tcp_session_create()` functions in Linux kernel, allowing attackers to cause service interruptions
The vulnerabilities of the iscsiswtcphostgetparam and iscsiswtcpsessioncreate functions in the Linux kernel are related to the use of memory after it has been freed. Exploiting these vulnerabilities can allow an attacker to cause a service failure...
The vulnerability of the virtio-scsi, virtio-blk, and virtio-crypt components of the QEMU hardware emulation driver’s virtqueue_push() function allows a attacker to disclose sensitive information.
The vulnerability of the virtio-scsi, virtio-blk, and virtio-crypt components of the QEMU hardware emulation driver’s virtqueuepush function is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker to disclose protected information through the...
The vulnerability of the ViewState mechanism of the ConnectWise ScreenConnect remote access software allows a perpetrator to execute arbitrary code.
The vulnerability of the ViewState mechanism of the ConnectWise ScreenConnect remote access software lies in the deficiencies of the authentication process. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially crafted ViewState request...
The vulnerability of the sys_login function in the /cgi-bin/login.cgi script of the WAVLINK QUANTUM D2G, QUANTUM D3G, WL-WN530G3A, WL-WN530HG3, WL-WN532A3, and WL-WN576K1 routers allows a hacker to execute arbitrary code.
The vulnerability of the syslogin function in the /cgi-bin/login.cgi script of the WAVLINK QUANTUM D2G, QUANTUM D3G, WL-WN530G3A, WL-WN530HG3, WL-WN532A3, and WL-WN576K1 routers is related to the copying of buffers without checking the size of the input data during the processing of the loginpage...
Vulnerabilities of the kfree(), ucsi_resume_work(), and ucsi_unregister() functions in the Linux operating system, allowing a hacker to cause a service failure
The vulnerability of the kfree, ucsiresumework, and ucsiunregister functions in the Linux operating system is related to the assignment of pointers. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the fib_metrics_match() function in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the fibmetricsmatch function in the Linux operating system’s kernel is related to the lack of memory release. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the CRD AdmissionPolicyGroup component in the Kubernetes cluster “kubewarden-controller” allows a attacker to gain unauthorized access to modify data or disclose sensitive information.
The vulnerability of the CRD AdmissionPolicyGroup component in the Kubernetes cluster “kubewarden-controller” is related to improper authorization. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to modify data or expose sensitive information...
Vulnerability of the Server:Options component of the Oracle MySQL Server database management system and the Cluster:General component of the MySQL Cluster database management system, which allows a hacker to gain unauthorized access to protected information.
The vulnerability of the Server:Options component of the Oracle MySQL Server database management system and the Cluster:General component of the MySQL Cluster database management system is related to the improper assignment of permissions for critical resources. Exploiting this vulnerability can...
The vulnerability of the Interaction Center web client component of the SAP CRM system, which is used for managing customer relationships, as well as the SAP S/4HANA software platform, allows a attacker to perform a SSRF attack.
The vulnerability of the Interaction Center web client component of the SAP CRM and SAP S/4HANA software system relates to insufficient validation of incoming requests. Exploiting this vulnerability could allow a malicious actor to execute an SSRF attack remotely...
The vulnerability of the `init_ISA_irqs()` and `make_8259A_irq()` functions in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the initISAirqs and make8259Airq functions in the Linux operating system is related to the swapping of pointers. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the `squashfs_read_xattr_id_table()` function in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the squashfsreadxattridtable function in the Linux kernel is related to read errors outside of the allowed range. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the skb_segment_list() function in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the skbsegmentlist function in the Linux operating system is related to the pointer swapping. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the vcs_read() function in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the vcsread function in the Linux operating system’s kernel is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the CLI interface of HPE Aruba Networking Access Point software allows a perpetrator to execute arbitrary code.
The vulnerability of the CLI interface of HPE Aruba Networking Access Point software relates to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted packets to the UDP port...
The vulnerability of the CLI interface of HPE Aruba Networking Access Point software allows a perpetrator to execute arbitrary code.
The vulnerability of the CLI interface of HPE Aruba Networking Access Point software relates to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted packets to the UDP port...
The vulnerability of the debugfs_add_domain_dir() function in the Linux operating system, which allows a hacker to cause a service failure
The vulnerability of the debugfsadddomaindir function in the Linux operating system is related to the lack of memory release. Exploiting this vulnerability could allow an attacker to cause a service failure...
Vulnerability of the `bfq_check_ioprio_change()` and `__bfq_bic_change_cgroup()` functions in the Linux operating system, allowing a hacker to trigger a service failure
The vulnerability of the bfqcheckiopriochange and bfqbicchangecgroup functions in the Linux kernel is related to the use of memory after deallocation. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability in the driver module/driver/block/ublk_drv.c of the Linux operating system allows a hacker to cause a service failure.
The vulnerability in the drivers/block/ublkdrv.c module of the Linux operating system is related to reading beyond the allowed range. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Houzez Login plugin in the WordPress content management system allows a hacker to increase their privileges.
The vulnerability of the Houzez Login plugin in the WordPress content management system is related to incorrect privilege assignment. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...
The vulnerability of the Houzez Theme plugin of the WordPress content management system allows attackers to increase their privileges.
The vulnerability of the Houzez Theme plugin for WordPress content management systems is related to incorrect privilege assignment. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...
The vulnerability of the NVIDIA GPU Display Driver allows a malicious individual to gain unauthorized access to modify data, expose sensitive information, or cause service failures.
The vulnerability of the NVIDIA GPU Display Driver software driver is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to data, disclose confidential information, or cause system failures...
The vulnerability of the h11 library, related to deficiencies in HTTP request processing, allows attackers to influence the confidentiality and integrity of the protected information.
The vulnerability of the h11 library is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality and integrity of the protected information...
The vulnerabilities of the `update_parent_subparts_cpumask()` and `spin_lock_irq()` functions in the Linux operating system’s kernel allow a hacker to trigger a service failure.
The vulnerabilities of the updateparentsubpartscpumask and spinlockirq functions in Linux kernel code are related to improper validation of input data. Exploiting these vulnerabilities can allow attackers to trigger service failures...
The vulnerability of the lru_gen_migrate_mm() function in the MM component of the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the lrugenmigratemm function in the MM component of the Linux operating system’s kernel is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of Junos OS and Junos OS Evolved routers from the MX, MX304, EX9200, and PTX Series series lies in the insufficient handling of exceptional states, allowing attackers to trigger service interruptions.
The vulnerability of Junos OS and Junos OS Evolved routers from the MX, MX304, EX9200, and PTX Series series lies in the insufficient handling of exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...
The vulnerability of the simulation_jalr() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the simulationjalr function in the Linux operating system’s kernel is related to parallel execution using a shared resource with incorrect synchronization. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the `ioctl_send_response()` function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the ioctlsendresponse function in the Linux operating system is related to the lack of memory release. Exploiting this vulnerability could allow an attacker to trigger a service failure...
The vulnerability in the arch/arm64/boot/dts/freescale/imx8mm-verdin.dtsi module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability in the arch/arm64/boot/dts/freescale/imx8mm-verdin.dtsi module of the Linux operating system is related to the use of memory after deallocation. Exploiting this vulnerability can allow an attacker to cause a service failure...
Vulnerabilities of the functions isotp_rcv_echo(), isotp_tx_timer_handler(), isotp_release(), and isotp_init() in the Linux operating system, allowing a hacker to cause a service failure
The vulnerabilities of the functions isotprcvecho, isotptxtimerhandler, isotprelease, and isotpinit in the Linux operating system are related to resource management errors. Exploiting these vulnerabilities can allow an attacker to cause service failures...
The vulnerability of Microsoft Defender for Endpoint on Linux operating systems, related to access control errors, allows attackers to increase their privileges.
The vulnerability of Microsoft Defender for Endpoint on Linux operating systems is related to access control errors. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the hv_balloondebugfs_init() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the hvballoondebugfsinit function in the Linux operating system is related to the lack of memory release. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the CORS mechanism in browsers such as Mozilla Firefox, Firefox ESR, and the email client Thunderbird allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the CORS mechanism in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to the lack of verification of the reliability of data sources or messages. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability of the “Copy as” function in browsers such as Mozilla Firefox, Firefox ESR, and the email client Thunderbird on Windows operating systems allows a hacker to execute arbitrary code.
The vulnerability of the “Copy as” function in browsers such as Mozilla Firefox, Firefox ESR, and the email client Thunderbird on Windows operating systems is related to the lack of data cleaning measures at the management level. Exploiting this vulnerability allows an attacker to execute arbitra...
The vulnerability of the CORS mechanism in browsers such as Mozilla Firefox, Firefox ESR, and the email client Thunderbird allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the CORS mechanism in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to the lack of verification of the reliability of data sources or messages. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability in the “Copy as” function of Mozilla Firefox, Firefox ESR, and the Thunderbird email client allows a hacker to execute arbitrary code.
The vulnerability of the “Copy as” function in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to the lack of data cleaning measures at the management level. Exploiting this vulnerability allows an attacker to execute arbitrary code...
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird lies in the lack of data cleaning at the management level, allowing attackers to execute arbitrary code.
The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird are related to the lack of measures taken to clean data at the management level. Exploiting these vulnerabilities allows a remote attacker to execute arbitrary code...
The vulnerability of the Mozilla Firefox browser and the Thunderbird email client, related to the transmission of confidential information in plaintext, allows attackers to gain unauthorized access to protected information.
The vulnerability of the Mozilla Firefox browser and the Thunderbird email client is related to the transmission of confidential information in plaintext. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the Mozilla Firefox browser and the Thunderbird email client relates to the execution of operations beyond the buffer in memory, allowing an attacker to execute arbitrary code.
The vulnerability of the Mozilla Firefox browser and the Thunderbird email client is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the preview function of the DevTools set of web development tools for Mozilla Firefox and the Thunderbird email client allows a hacker to bypass the Content Security Policy (CSP) protection mechanism.
The vulnerability of the pre-viewing function of the DevTools set of web development tools for Mozilla Firefox and the Thunderbird email client is related to a lack of mechanisms for encoding or blocking output data when processing headers. Exploiting this vulnerability could allow an attacker to...
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird lies in improper restrictions on the displayed layers of the user interface, which allows attackers to carry out clickjacking attacks.
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to an improper limitation on the visually displayed layers of the user interface. Exploiting this vulnerability allows a malicious actor to carry out a clickjacking attack remotely...
The vulnerability of Mozilla Firefox ESR and the Thunderbird email client relates to the execution of operations beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.
The vulnerability of Mozilla Firefox ESR and the Thunderbird email client is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Hibernate query service implementation in the Kaiten project management system lies in the lack of protective measures for the SQL query structure. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the Hibernate query service implementation in the Kaiten project management tool is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of th...
The vulnerability of the SimpleOne ITSM automation system, related to deficiencies in authentication procedures, allows a perpetrator to gain access to user accounts.
The vulnerability of the SimpleOne ITSM automation system is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to user accounts...
The vulnerability in the cstecgi.cgi microprogramming software for Totolink-A810R allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the cstecgi.cgi microprogramming system for Totolink-A810R routers is related to buffer overflow attacks. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the Intel Hyperscan library, related to improper handling of streams, allows a perpetrator to cause a service failure.
The vulnerability of the Intel Hyperscan library is related to improper handling of streams. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the control_panel_sw() function in the /cgi-bin/sysconf.cgi script of the Linksys FGW3000-AH and FGW3000-HK Wi-Fi router microprogramming system allows a hacker to execute arbitrary commands.
The vulnerability of the controlpanelsw function in the /cgi-bin/sysconf.cgi script of the Linksys FGW3000-AH and FGW3000-HK Wi-Fi routers is related to incorrect elimination of special elements in the output data when processing the parameter filename. Exploiting this vulnerability allows an...
The vulnerability of the sub_4153FC function in the /cgi-bin/sysconf.cgi script of the Linksys FGW3000-AH and FGW3000-HK Wi-Fi router microprogramming system allows a hacker to execute arbitrary commands.
The vulnerability of the sub4153FC function in the /cgi-bin/sysconf.cgi script of the Linksys FGW3000-AH and FGW3000-HK Wi-Fi router microprogramming system is related to incorrect elimination of certain elements in the output data during the processing of the supplicantrndiden parameter...
The vulnerability of the explain function in the MongoDB database management system allows a hacker to cause a service failure.
The vulnerability of the explain function in the MongoDB database management system is related to deficiencies in handling exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
The vulnerability of the sanitiseMatchedBytes configuration of the firewall for protecting web applications, ModSecurity, allows attackers to trigger a denial-of-service attack.
The vulnerability of the sanitiseMatchedBytes configuration on the network interface for protecting web applications with ModSecurity is related to excessive resource consumption during the cycle. Exploiting this vulnerability can allow an attacker to cause service interruptions...