90509 matches found
The vulnerability of Google Chrome’s Picture In Picture technology, which allows a perpetrator to compromise the integrity of protected information
The vulnerability of Google Chrome’s Picture In Picture technology is related to information representation errors in the user interface. Exploiting this vulnerability can allow a malicious actor to compromise the integrity of protected information through a specially created HTML page...
The vulnerability of Google Chrome, related to deficiencies in access control, allows attackers to circumvent navigation restrictions.
The vulnerability of Google Chrome is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass navigation restrictions by using a specially crafted HTML page...
The vulnerability of VMware Fusion and Vmware Workstation lies in the insufficient restrictions on network connections for certain endpoints, which allows attackers to interrupt or intercept network connections of other guest virtual machines.
The vulnerability of VMware Fusion and Vmware Workstation lies in the insufficient restrictions on network connections for specified endpoints. Exploiting this vulnerability allows a malicious actor to interrupt or intercept network connections to other guest virtual machines remotely...
The vulnerability of the Extensions component of the Google Chrome browser allows a hacker to replace the user interface.
The vulnerability of the Google Chrome browser’s Extensions component is related to information representation errors in the user interface. Exploiting this vulnerability could allow a malicious actor to replace the user interface...
The vulnerability of Google Chrome’s Skia graphic library allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of Google Chrome’s Skia graphics library is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the Downloads component of the Google Chrome browser allows a hacker to replace the user interface.
The vulnerability of the Downloads component of the Google Chrome browser is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to replace the user interface with a specially created HTML page...
The vulnerability of the Omnicomm Online monitoring and control service lies in its ability to disclose information, allowing a violator to expose the protected information.
The vulnerability of the Omnicomm Online monitoring and control service is related to the disclosure of information. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected information...
The vulnerability of the __dev_queue_xmit() function in the net/core/filter.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the devqueuexmit function in the net/core/filter.c module of the Linux operating system is related to improper handling of length parameters. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the ext4_writepages() function in the fs/ext4/ext4.h file of the Ext4 file system in the Linux operating system allows a attacker to cause a service failure.
The vulnerability of the ext4writepages function in the fs/ext4/ext4.h file of the Ext4 file system in the Linux operating system is related to incorrect resource locking. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the cfg80211_sme_connect() function in the net/wireless/sme.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the cfg80211smeconnect function in the net/wireless/sme.c module of the Linux kernel is related to the use of memory after it is freed. Exploiting this vulnerability allows a attacker to cause a service failure...
The vulnerability of Google Chrome, related to deficiencies in access control, allows attackers to circumvent navigation restrictions.
The vulnerability of Google Chrome is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass navigation restrictions by using a specially crafted HTML page...
The vulnerabilities of the functions psp_hdcp_initialize() and psp_dtm_initialize() in the driver drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c of the Direct Rendering Infrastructure (DRI) driver for AMD GPU cores in the Linux operating system allow a malicious actor to cause a service failure.
The vulnerabilities of the functions psphdcpinitialize and pspdtminitialize in the driver drivers/gpu/drm/amd/amdgpu/amdgpupsp.c of the Direct Rendering Infrastructure DRI driver for AMD GPU cores in the Linux operating system are related to improper initialization. Exploiting these vulnerabiliti...
The vulnerability of the fsl_qspi_probe() function in the drivers/spi/spi-fsl-qspi.c file of the Linux kernel’s SPI device driver allows a hacker to cause a service failure.
The vulnerability of the fslqspiprobe function in the drivers/spi/spi-fsl-qspi.c file of the Linux kernel’s SPI device driver is related to the improper disabling or release of resources. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the blk_register_queue() function in the block/blk-sysfs.c module, which is part of the Linux kernel’s block-level support, allows a attacker to cause a service failure.
The vulnerability of the blkregisterqueue function in the block/blk-sysfs.c module, which supports the block-level kernel in the Linux operating system, is related to the lack of memory release after the effective lifespan of the function has ended. Exploiting this vulnerability could allow an...
The vulnerability of the receive_mergeable() function in the drivers/net/virtio_net.c file of the Linux kernel’s network device driver allows a hacker to cause a service failure.
The vulnerability of the receivemergeable function in the drivers/net/virtionet.c file of the Linux kernel’s network device driver is related to improper memory release memory leak. Exploiting this vulnerability could allow an attacker to cause a system failure...
The vulnerability of the UNIX command-line utility set, BusyBox, related to access control deficiencies, allows attackers to increase their privileges.
The vulnerability of the UNIX command-line utility set of BusyBox is related to access control deficiencies. Exploiting this vulnerability can allow a remote attacker to increase their privileges...
The vulnerability of the Universal Plug and Play (UPnP) service in Windows operating systems allows a hacker to disclose protected information.
The vulnerability of the Universal Plug and Play UPnP service in Windows operating systems is related to lack of access control mechanisms. Exploiting this vulnerability can allow attackers to disclose protected information...
The vulnerability of the protobuf data serialization library lies in insufficient validation of input data, which allows attackers to trigger service failures.
The vulnerability of the protobuf data serialization library is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the Universal Plug and Play (UPnP) service in Windows operating systems allows a hacker to disclose protected information.
The vulnerability of the Universal Plug and Play UPnP service in Windows operating systems is related to the incorrect definition of symbolic links during access to files. Exploiting this vulnerability can allow attackers to disclose protected information...
Vulnerability of Cryptographic Services in Windows operating systems, allowing attackers to enhance their privileges
The vulnerability of Cryptographic Services in Windows operating systems is related to the insecure storage of confidential information. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the Windows Ancillary Function Driver for WinSock on Windows operating systems allows attackers to exploit their privileges.
The vulnerability of the Windows Ancillary Function Driver for WinSock operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the Windows Push Notifications service allows a perpetrator to escalate their privileges.
The vulnerability of Windows push-notifications services is related to synchronization errors when using a shared resource “Race Conditions”. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the golang-x-net package, a programming language, arises from insufficient resource control during its existence. This allows attackers to trigger a service failure.
The vulnerability of the golang-x-net package, a programming language, is related to insufficient resource control during its existence. Exploiting this vulnerability could allow an attacker, operating remotely, to cause service failures...
The vulnerability of the Linux operating system’s kernel, related to insufficient resource control during its existence, allows attackers to trigger service failures.
The vulnerability of the Linux operating system’s kernel is related to insufficient resource control during its existence. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the GLPI system’s request, incident, and computer equipment inventory management processes, related to the failure to protect the SQL request structure, allows attackers to execute arbitrary code.
The vulnerability of the GLPI system’s request, incident, and computer equipment inventory management processes is related to the lack of measures taken to protect the SQL request structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code...
The vulnerability of the protobuf library in the Rust programming language, related to an uncontrolled recursion, allows a hacker to trigger a service failure.
The vulnerability of the protobuf library in the Rust programming language is related to an uncontrolled recursion. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the VLC Media Player, related to reading beyond the buffer in memory, allows a hacker to cause a service failure.
The vulnerability of the VLC Media Player is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerability of the GLPI system’s request, incident, and asset inventory management, related to improper session management, allows a perpetrator to intercept the user’s session.
The vulnerability of the GLPI system for requests, incidents, and inventory management is related to improper session management. Exploiting this vulnerability can allow a malicious actor to intercept a user’s session...
The vulnerability of the Python Pillow library for image processing lies in the writing beyond buffer boundaries in memory, allowing an attacker to execute arbitrary code.
The vulnerability of the Python Pillow library for image processing is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the JavaScript file taskjobs.js in the GLPI system’s scheduling, incident, and computer equipment inventory management module allows a hacker to execute arbitrary code.
The vulnerability of the JavaScript file taskjobs.js in the GLPI system for managing requests, incidents, and inventory of computer equipment is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code...
The vulnerability of the configuration management system and remote execution of operations, related to deficiencies in authentication procedures, allows attackers to escalate their privileges.
The vulnerability of configuration management systems and remote execution of operations like Salt is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow attackers to enhance their privileges remotely...
The vulnerability of the universal monitoring system Zabbix, related to deficiencies in the authentication mechanism, allows a intruder to gain unauthorized access to protected information.
The vulnerability of the Zabbix universal monitoring system is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the xdr_datum function in the Firebird database management system allows a hacker to cause a service failure.
The vulnerability of the xdrdatum function in the Firebird database management system is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...
The vulnerability of the sdl_desc function in the Firebird database management system allows a hacker to cause a service failure.
The vulnerability of the sdldesc function in the Firebird database management system is related to the lack of checks for division by zero. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
The vulnerability of the memory management block for IOMMU operations in AMD’s microprogramming software for processors allows a hacker to gain unauthorized access to protected information.
The vulnerability of the memory management block for IOMMU operations in AMD microprogramming systems relates to the writing of data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
The vulnerability of the ASP.NET Core software platform, related to errors in verifying cryptographic signatures, allows attackers to escalate their privileges.
The vulnerability of the ASP.NET Core software platform is related to errors in checking the cryptographic signature. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...
The vulnerability of HashiCorp’s Vault Community Edition and Vault Enterprise storage platforms, related to information disclosure during data transmission, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of HashiCorp’s Vault Community Edition and Vault Enterprise, platforms for archiving corporate information, lies in the exposure of data during transmission. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of...
The vulnerability of Microsoft Office packages, Word, and 365 Apps for Enterprise allows a perpetrator to execute arbitrary code.
The vulnerability of Microsoft Office, Word, and 365 Apps for Enterprise packages is related to the use of an untrusted pointer. Exploiting this vulnerability can allow attackers to execute arbitrary code...
The vulnerability of the Projected File System component in the Windows operating system, which allows attackers to enhance their privileges
The vulnerability of the Projected File System component in the Windows operating system is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the Microsoft Component Object Model (COM) in Windows operating systems, which allows attackers to exploit their privileges.
The vulnerability of the Microsoft Component Object Model COM in Windows operating systems relates to the loading of unreliable external data alongside reliable data. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the GLPI system’s request, incident, and computer equipment inventory management processes, related to the failure to protect the SQL request structure, allows attackers to execute arbitrary code.
The vulnerability of the GLPI system’s request, incident, and computer equipment inventory management processes is related to the lack of measures taken to protect the SQL request structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code...
The vulnerability of the op_crypt_key_callback function in the Firebird database management system allows a hacker to cause a service failure.
The vulnerability of the opcryptkeycallback function in the Firebird database management system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker, operating remotely, to cause service failures...
The vulnerability of the reporting subsystem of the “Red Database” database management system allows a perpetrator to gain unauthorized access to confidential information.
The vulnerability of the reporting subsystem of the “Red Database” database management system is related to insufficient protection of registration data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to confidential information...
The vulnerability of the SDL_info function in the Firebird database management system allows a hacker to induce a service failure.
The vulnerability of the SDLinfo function in the Firebird database management system is related to the assignment of a null pointer. Exploiting this vulnerability can allow an attacker to cause service failures remotely...
The vulnerability of the IndexNodes::get function in the btr.cpp module of the “Red Database” database management system allows a hacker to cause a service failure.
The vulnerability of the IndexNodes::get function in the btr.cpp module of the “Red Database” database management system is related to synchronization errors. Exploiting this vulnerability could allow an attacker to cause service failures...
The vulnerability of Microsoft Office packages, Word, and 365 Apps for Enterprise allows a hacker to execute arbitrary code.
The vulnerability of Microsoft Office packages, Word, and 365 Apps for Enterprise lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
Vulnerability of Microsoft Office packages and 365 Apps for Enterprise, allowing a hacker to execute arbitrary code
The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the ability to exploit memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the zip.vim plugin for the Vim text editor, which allows a hacker to execute arbitrary commands.
The vulnerability of the zip.vim plugin for the Vim text editor is related to an incorrect limitation on the path to the restricted access directory. Exploiting this vulnerability could allow a perpetrator to execute arbitrary commands...
The vulnerability of the Win32k.sys component of the Windows operating system, which allows a hacker to increase their privileges
The vulnerability of the Win32k.sys component of the Windows operating system is related to synchronization errors when using shared resources “Race Conditions”. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the window manager for desktop window managers in Windows operating systems allows attackers to escalate their privileges.
The vulnerability of the Desktop Window Manager DWM on Windows operating systems relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...