74701 matches found
The vulnerability of the setUpgradeFW() function in TOTOLINK CA600-PoE router microprogramming software allows a hacker to execute arbitrary commands.
The vulnerability of the setUpgradeFW function in TOTOLINK CA600-PoE router microprogramming software is related to the lack of measures taken to clean data at the management level when processing the FileName parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary...
The vulnerability of the PKI mechanism in HashiCorp’s Vault and Vault Enterprise, a platform for archiving corporate information, allows a perpetrator to trigger a service failure.
The vulnerability of the PKI mechanism in HashiCorp’s Vault and Vault Enterprise platforms for archiving corporate information is related to improper authentication. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...
The vulnerability of the Shamir’s secret platform implementation for archiving corporate information, HashiCorp Vault and Vault Enterprise, allows a intruder to gain unauthorized access to protected information.
The vulnerability of the Shamir’s secret platform implementation for archiving corporate information, both HashiCorp Vault and Vault Enterprise, is related to insufficient protection of sensitive data. Exploiting this vulnerability could allow an intruder to gain unauthorized access to the...
The vulnerability in the web interface of the corporate information archiving platform, HashiCorp Vault and Vault Enterprise, allows a attacker to perform XSS attacks.
The vulnerability of the web interface of the corporate information archiving platform, HashiCorp Vault and Vault Enterprise, is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks...
The vulnerability of HashiCorp’s Vault and Vault Enterprise archiving platforms relates to errors in the certificate validation process, allowing attackers to bypass the authentication process.
The vulnerability of the HashiCorp Vault and Vault Enterprise archiving platforms relates to errors in the certificate validation process. Exploiting this vulnerability can allow an attacker to bypass the authentication process...
The vulnerability of the msg_process() function in TOTOLINK CA300-PoE router microprogramming software allows a intruder to execute arbitrary commands.
The vulnerability of the msgprocess function in TOTOLINK CA300-PoE router microprogramming software is related to the lack of measures taken at the control level during the processing of the URL parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by...
The vulnerability of the formSafeEmailFilter() function in the Tenda FH451 router software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the formSafeEmailFilter function in the Tenda FH451 router software lies in the lack of data cleaning measures at the management level when processing the page parameter. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service failures...
The vulnerability of the msg_process() function in TOTOLINK CA300-PoE router microprogramming software allows a intruder to execute arbitrary commands.
The vulnerability of the msgprocess function in TOTOLINK CA300-PoE router microprogramming systems is related to the lack of measures taken at the control level during the processing of the Port parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by...
The vulnerability of the setUpgradeUboot() function in TOTOLINK CP900 router microprogramming software allows a intruder to execute arbitrary commands.
The vulnerability of the setUpgradeUboot function in TOTOLINK CP900 router microprogramming software is related to the lack of measures to sanitize input data during the processing of the FileName parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by...
The vulnerability of the P2pListFilter() function in the software for Tenda FH451 routers allows a hacker to execute arbitrary code or cause service failures.
The vulnerability of the P2pListFilter function in the Tenda FH451 router’s software is related to buffer overflows during the processing of the page parameter. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service failures...
The vulnerability of the setUploadUserData() function in TOTOLINK CP900 router microprogramming software allows a hacker to execute arbitrary commands.
The vulnerability of the setUploadUserData function in TOTOLINK CP900 router microprogramming software is related to the lack of measures to sanitize input data during the processing of the FileName parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by...
The vulnerability of the CloudSrvUserdataVersionCheck() function in TOTOLINK CP900 router’s software allows a hacker to execute arbitrary commands.
The vulnerability of the CloudSrvUserdataVersionCheck function in TOTOLINK CP900 router’s software lies in the lack of measures to sanitize input data when processing parameters like url and magicid. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by sending...
The vulnerability of the setApRebootScheCfg() function in TOTOLINK CP900 router microprogramming software allows a intruder to execute arbitrary commands.
The vulnerability of the setApRebootScheCfg function in TOTOLINK CP900 router microprogramming software is related to the lack of measures to clean input data during the processing of the hour and minute parameters. Exploiting this vulnerability allows a remote attacker to execute arbitrary...
The vulnerability of the Device Admin App operating system ctrlX OS allows a perpetrator to trigger a service failure.
The vulnerability of the Device Admin App on the ctrlX OS operating system relates to the unlimited distribution of resources. Exploiting this vulnerability allows a malicious actor to cause service interruptions by sending specially crafted HTTP requests remotely...
The vulnerability of the Device Admin App operating system ctrlX OS allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Device Admin App on the ctrlX OS platform is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information by sending specially crafted HTTP requests...
The vulnerability of the setNoticeCfg() function in the TOTOLink A950RG router’s microprogramming software allows a intruder to execute arbitrary commands and gain full control over the device.
The vulnerability of the setNoticeCfg function in the TOTOLink A950RG router’s microprogramming software lies in the lack of measures taken to clean up data at the control level when processing the IpTo parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary command...
The vulnerability of the UnlockGateway method in the software for managing and monitoring remote devices in telemetering and telemechanics systems allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.
The vulnerability of the UnlockGateway method in software for managing and monitoring remote devices in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass security...
The vulnerability of the soup_header_parse_quality_list() function in the libsoup library allows a hacker to trigger a service failure.
The vulnerability of the soupheaderparsequalitylist function in the libsoup library is related to memory leaks. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of the Grade Report Handler component in the virtual learning environment Moodle allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Grade Report Handler component in the virtual training environment is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of VideoGrace video conferencing software, related to insufficient access control checks, allows a intruder to create a user account on the server.
The vulnerability of VideoGrace video conferencing software is related to insufficient verification of access rights. Exploiting this vulnerability allows a malicious actor to create a user account on the server by sending a specially crafted POST request...
The vulnerability of the “Uploading user list from CSV file” function in the VideoGrace videoconferencing software allows a perpetrator to cause service failure.
The vulnerability of the “Uploading user list from CSV file” function in the VideoGrace videoconferencing software relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions by uploading a specially crafted file...
The vulnerability of the client creation function of the VideoGrace software allows a hacker to execute XSS attacks.
The vulnerability of the client creation function of the VideoGrace video conferencing software relates to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks remotely...
The vulnerability of VideoGrace software-related video conferencing systems lies in the insufficient limitation on authentication attempts, allowing attackers to execute brute-force attacks.
The vulnerability of VideoGrace video conferencing software is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability allows a malicious actor to carry out a brute-force attack remotely...
The vulnerability of VideoGrace video conference software, related to insufficient validation of input data, allows a intruder to trigger a service failure.
The vulnerability of VideoGrace video conferencing software is related to insufficient verification of input data. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of VideoGrace software, related to insufficient verification of the authenticity of executed requests, allows a hacker to carry out a CSRF attack.
The vulnerability of VideoGrace video conferencing software lies in insufficient verification of the authenticity of the requests being made. Exploiting this vulnerability could allow an attacker to execute a CSRF attack...
The vulnerability of the LockTcmSettings method in the software for managing and monitoring remote devices in telemetry and telemechanics systems allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.
The vulnerability of the LockTcmSettings method in the software for managing and monitoring remote devices in telemetering and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass security...
The vulnerability of the GetTraces method in the software for managing and monitoring remote devices in telemetry and telemechanics systems allows a hacker to bypass security restrictions, read and write arbitrary files, and execute arbitrary code.
The vulnerability of the GetTraces method in software for managing and monitoring remote devices in telemetry and telemechanics systems related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass security restrictions, rea...
The vulnerability of VideoGrace video conference software, related to insufficient validation of input data, allows a perpetrator to cause service failures.
The vulnerability of VideoGrace video conferencing software is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of VideoGrace video conferencing software lies in the insufficient validation of input data, allowing attackers to create new conferences with incorrect user names.
The vulnerability of VideoGrace video conferencing software is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to create new conferences with incorrect user names...
The vulnerability of VideoGrace video conference software, related to insufficient validation of input data, allows a perpetrator to cause service failures.
The vulnerability of VideoGrace video conferencing software is related to insufficient verification of input data. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of VideoGrace video conference software, related to insufficient validation of input data, allows a intruder to trigger a service failure.
The vulnerability of VideoGrace video conferencing software is related to insufficient verification of input data. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of VideoGrace video conferencing software, related to insufficient validation of input data, allows a hacker to send messages to arbitrary users.
The vulnerability of VideoGrace video conferencing software is related to insufficient verification of input data. Exploiting this vulnerability allows a malicious actor to send messages to arbitrary users remotely...
The vulnerability of VideoGrace video conferencing software relates to the exposure of authentication information, which allows attackers to enhance their privileges within the system.
The vulnerability of VideoGrace video conferencing software is related to the disclosure of authentication information. Exploiting this vulnerability can allow a malicious actor to enhance their privileges within the system...
The vulnerability of the recvUpgradeNewFw() function in TOTOLINK CA300-PoE router’s software allows a hacker to execute arbitrary commands.
The vulnerability of the recvUpgradeNewFw function in TOTOLINK CA300-PoE router microprogramming software is related to the lack of measures taken to clean data at the management level when processing the fwUrl parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary...
The vulnerability of the software’s new user creation function in video conferencing applications like VideoGrace allows attackers to execute XSS attacks.
The vulnerability of the software’s new user creation function for video conferencing applications, VideoGrace, is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks remotely...
The vulnerability of VideoGrace video conferencing software, related to insufficient validation of input data, allows attackers to compromise the integrity of protected information.
The vulnerability of VideoGrace video conferencing software is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to compromise the integrity of the protected information...
The vulnerability of the Device Admin App operating system ctrlX OS allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Device Admin App on the ctrlX OS platform is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information by sending specially crafted HTTP requests...
The vulnerability of the jffs2_rtime_decompress() function in the fs/jffs2/compr_rtime.c module of the Linux kernel file system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the jffs2rtimedecompress function in the fs/jffs2/comprrtime.c module of the Linux kernel operating system is related to buffer overflow attacks. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...
The vulnerability of the sctp component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the sctp component in the Linux operating system’s kernel is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the netfilter component in the Linux operating system’s kernel allows a hacker to induce a service failure.
The vulnerability of the netfilter component in the Linux operating system’s kernel is related to the operation of data out of the buffer into memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the sctp component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the sctp component in the Linux operating system’s kernel is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the `net_sched` component in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the netsched component in the Linux operating system is related to the violation of the buffer boundary. Exploiting this vulnerability can allow an attacker to trigger a service failure...
The vulnerability of the afs component in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the afs component in the Linux operating system’s kernel is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerabilities of the s390/cpum_sf components of the Linux operating system’s kernel allow attackers to cause service failures.
The vulnerability of the s390/cpumsf components in Linux operating systems is related to the use of memory after it has been freed. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of VideoGrace video conferencing software, related to improper access control, allows a intruder to compromise the accessibility of protected information.
The vulnerability of VideoGrace video conferencing software is related to improper access control. Exploiting this vulnerability can allow a remote attacker to compromise the accessibility of protected information...
The vulnerability of the CreateLog method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, as well as in the TeleControl Server Basic, allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.
The vulnerability of the CreateLog method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass security...
The vulnerability of the CloudSrvUserdataVersionCheck() function in TOTOLINK CA300-PoE router’s software allows a hacker to execute arbitrary commands.
The vulnerability of the CloudSrvUserdataVersionCheck function in TOTOLINK CA300-PoE router’s software lies in the lack of measures taken at the control level during the processing of the url parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by sendin...
The vulnerability of VideoGrace video conferencing software, related to the disclosure of information, allows a intruder to gain unauthorized access to protected information.
The vulnerability of VideoGrace video conferencing software is related to the disclosure of information in an open manner. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the UnlockOpcSettings method in the software for managing and monitoring remote devices in telemetering and telemechanics systems allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.
The vulnerability of the UnlockOpcSettings method in the software for managing and monitoring remote devices in telemetering and telemechanics systems is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass...
The vulnerability of the sysfs component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the sysfs component in the Linux operating system is related to the lack of checks for division by zero. Exploiting this vulnerability can allow an attacker to cause a service failure...