The vulnerability in the files IntroMessageBuilder.Php, PermissionManager.Php, and RestrictionStore.Php of the MediaWiki software, which are used to implement a hypertext environment, allows a malicious user to gain unauthorized access to protected information.

The vulnerability of the IntroMessageBuilder.Php, PermissionManager.Php, and RestrictionStore.Php files of the MediaWiki hypertext environment implementation is related to improper storage of permissions. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protect...

The vulnerability of the qla2x00_do_dpc() function in the drivers/scsi/qla2xxx/qla_os.c module of the Linux system’s SCSI device support driver allows a hacker to gain increased privileges.

The vulnerability of the qla2x00dodpc function in the drivers/scsi/qla2xxx/qlaos.c module of the Linux SCSI device support driver relates to the possibility of using memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the powerpc component functions fixup_device_tree_chrp(), fixup_device_tree_pmac(), and fixup_device_tree() in the arch/powerpc/kernel/prom_init.c file of the Linux operating system kernel allows a attacker to cause a service failure.

The vulnerability of the powerpc functions fixupdevicetreechrp, fixupdevicetreepmac, and fixupdevicetree in the arch/powerpc/kernel/prominit.c file of the Linux operating system kernel is related to resource management errors. Exploiting this vulnerability could allow an attacker to cause a servi...

The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software lies in the improper assignment of permissions for critical resources, allowing attackers to enhance their privileges and gain unauthorized access to protected information.

The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software is related to the improper assignment of permissions for critical resources. Exploiting this vulnerability can allow attackers to enhance their privileges and gain unauthorized access to protected...

The vulnerability of the SINEMA Remote Connect Edge Client microprogramming software for industrial switches from Siemens, model Siemens Scalance LPE9403, allows a perpetrator to bypass authentication procedures and gain access to read and modify configuration parameters.

The vulnerability of the SINEMA Remote Connect Edge Client microprogramming software for Siemens Scalance LPE9403 industrial switches in remote connection mode is related to the ability to bypass the authentication process by using an alternative path or channel. Exploiting this vulnerability...

The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software lies in errors during the assignment of permissions to critical resources, allowing attackers to gain unauthorized access to protected information.

The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software is related to errors in assigning permissions for critical resources. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

The vulnerability of the dcpd service in the microprogramming software of Siemens Scalance LPE9403 allows a hacker to trigger a maintenance failure.

The vulnerability of the dcpd service in Siemens Scalance LPE9403 microprogrammed switching devices is related to the use of uninitialized variables. Exploiting this vulnerability could allow a malicious actor to trigger a service failure by sending specially crafted malware packages...

The vulnerability of the dccp_feat_change_recv() function in the net/dccp/feat.c module of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the dccpfeatchangerecv function in the net/dccp/feat.c module of the Linux kernel is related to the lack of memory release after the effective lifespan has ended. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the dcpd service in the microprogramming software of Siemens Scalance LPE9403 allows a hacker to trigger a maintenance failure.

The vulnerability of the dcpd service in Siemens Scalance LPE9403 microprogramming software lies in the reading outside the buffer boundaries. Exploiting this vulnerability can allow a malicious actor to cause a service failure by sending specially crafted malware packages...

The vulnerability of the dcpd service in the microprogramming software of Siemens Scalance LPE9403 allows a hacker to trigger a maintenance failure.

The vulnerability of the dcpd service in Siemens Scalance LPE9403 microprogramming software lies in the reading outside the buffer boundaries. Exploiting this vulnerability can allow a malicious actor to cause a service failure by sending specially crafted malware packages...

The vulnerability of the gr gpio_probe() function in the drivers/gpio/gpio-grgpio.c file of the Linux kernel’s GPIO driver allows a attacker to cause a service failure.

The vulnerability of the gr gpioprobe function in the drivers/gpio/gpio-grgpio.c file of the Linux kernel’s GPIO driver is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a system failure...

The vulnerability of the Yii2::createObject() method in the Yii PHP framework allows a attacker to execute arbitrary code.

The vulnerability of the Yii2::createObject method in the Yii PHP framework is related to improper protection of the alternative path. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of the sctp component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the sctp component in the Linux operating system’s kernel is related to the assignment of the NULL pointer in the procsctpdoalphabeta function. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the websReadEvent() function in the script /rame/ptdc.cgi of the D-Link DCS-5020L microprogrammed camera software allows a intruder to execute arbitrary code.

The vulnerability of the websReadEvent function in the /rame/ptdc.cgi script of the D-Link DCS-5020L microprogrammed IP camera is related to the reading of data beyond the buffer boundaries in memory during the processing of the Authorization: Digest Basic request. Exploiting this vulnerability...

The vulnerability of the SimpleOne ITSM automation system allows a perpetrator to carry out an SSRF attack and gain unauthorized access to protected information.

The vulnerability of the SimpleOne ITSM automation system is related to insufficient verification of incoming requests. Exploiting this vulnerability could allow a malicious actor to carry out an SRF attack and gain unauthorized access to protected information...

The vulnerability of the SimpleOne ITSM automation system lies in its ability to use strictly encrypted user data, which allows a malicious actor to compromise the domain name.

The vulnerability of the SimpleOne ITSM automation system relates to the possibility of using strictly encrypted user data. Exploiting this vulnerability could allow a malicious actor to compromise the domain name...

The vulnerability of the Cisco AnyConnect server and the Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway network devices allows a perpetrator to cause service interruptions.

The vulnerability of the Cisco AnyConnect server and the Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway network devices is related to the use of an uninitialized variable. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird lies in the fact that data is written beyond the buffer limit in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird lies in the writing beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Front End User Registration (sr_feuser_register) extension of the TYPO3 content management system allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Front End User Registration srfeuserregister extension of the TYPO3 content management system is related to the use of a insecure direct link to an object IDOR. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

The vulnerability of the UBtech Freepass system management system, related to the disclosure of information through discrepancies, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the UBtech Freepass robot and device management system lies in the exposure of information through inconsistencies. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the null_timeout_rq() function in the drivers/block/null_blk/main.c module of the Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the nulltimeoutrq function in the drivers/block/nullblk/main.c module of the Linux kernel is related to a memory overflow issue. Exploiting this vulnerability could allow an attacker to cause a system failure...

The vulnerability of the formDhcpv6s interface in the BOA microprogramming software of TOTOLINK A3002R routers allows a perpetrator to compromise the confidentiality and integrity of the protected information.

The vulnerability of the formDhcpv6s interface in the boa microprogramming software of TOTOLINK A3002R routers is related to buffer overflow during the processing of the addrPoolEnd parameter. Exploiting this vulnerability allows an attacker to compromise the confidentiality and integrity of the...

The vulnerability of the formMapDelDevice interface in the boa web server’s embedded microprogramming software used in TOTOLINK A3002R routers allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formMapDelDevice interface in the boa microprogramming software integrated into the TOTOLINK A3002R router server is related to buffer overflow during the processing of the macstr parameter. Exploiting this vulnerability allows a remote attacker to compromise the...

The vulnerability of the driver/platform/chrome/cros_ec_chardev.c module in the Linux operating system allows a hacker to disclose protected information.

The vulnerability of the drivers/platforms/chrome/crosecchardev.c module in the Linux operating system is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability of the memcpy() function in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the memcpy function in the Linux operating system’s kernel is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...

The vulnerability in the module drivers/gpu/drm/vmwgfx/vmwgfx_kms.c of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the drivers/gpu/drm/vmwgfx/vmwgfxkms.c kernel module in the Linux operating system is related to state management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the command processor in the OpenWire software platform from Apache ActiveMQ, which allows a attacker to cause a service failure.

The vulnerability of the OpenWire command processor in the Apache ActiveMQ software platform lies in the lack of control over the data entered by users. Exploiting this vulnerability allows a malicious actor to cause service failures by sending specially crafted packets...

The vulnerability of the getObjWGFServiceApiByApiName() function in the security monitoring and management tool Trend Micro Apex Central allows a attacker to execute arbitrary code.

The vulnerability of the getObjWGFServiceApiByApiName function in the monitoring and security management tool Trend Micro Apex Central is related to unpredictable behavior of the function due to inconsistencies in parameter values. Exploiting this vulnerability could allow an attacker operating...

The vulnerability of the getBlock() function in the monitoring and security management tool Trend Micro Apex Central allows a threat to execute arbitrary code.

The vulnerability of the getBlock function in the Trend Micro Apex Central security monitoring and management tool is related to the failure to take measures to neutralize specific elements in the output data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the parse_mf_symlink() function in the fs/cifs/link.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the parsemfsymlink function in the fs/cifs/link.c module of the Linux operating system is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability in the include/trace/events/sunrpc.h module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the include/trace/events/sunrpc.h module of the Linux operating system is related to the swapping of pointers. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the virt_addr_valid() function in the arch/powerpc/include/asm/page.h module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the virtaddrvalid function in the arch/powerpc/include/asm/page.h module of the Linux operating system is related to incorrect error handling. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the ili9341_dbi_probe() function in the drivers/gpu/drm/panel/panel-ilitek-ili9341.c module of the Linux kernel allows a hacker to cause a system failure.

The vulnerability of the ili9341dbiprobe function in the drivers/gpu/drm/panel/panel-ilitek-ili9341.c module of the Linux kernel is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the Webhook extension of the TYPO3 content management system allows a hacker to perform an SSRF attack.

The vulnerability of the Webhook extension of the TYPO3 content management system is related to insufficient validation of requests on the server side. Exploiting this vulnerability allows a malicious actor to perform an SSRF attack remotely...

The vulnerability of the Database Abstraction Layer (DBAL) of the TYPO3 content management system allows attackers to disclose protected information.

The vulnerability of the Database Abstraction Layer DBAL of the TYPO3 content management system is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to disclose protected information...

The vulnerability of the DataHandler module and the Setup Module of the TYPO3 content management system allows attackers to bypass security restrictions and gain unauthorized access to protected information.

The vulnerability of the DataHandler module and the Setup Module in the TYPO3 content management system is related to the lack of necessary checks during password changes. Exploiting this vulnerability allows an attacker to bypass security restrictions and gain unauthorized access to protected...

The vulnerability of the File Abstraction Layer (FAL) of the TYPO3 content management system allows a hacker to upload arbitrary files.

The vulnerability of the File Abstraction Layer FAL used for processing media files in the TYPO3 content management system is related to the ability to download unlimited number of dangerous types of files. Exploiting this vulnerability allows a remote attacker to download arbitrary files...

The vulnerability of the altr_tse_pcs() function in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the altrtsepcs function in the Linux operating system is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the OCFS2 cluster file system in Linux kernel allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the OCFS2 cluster file system in Linux operating systems relates to operations that go beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code or cause service failures...

The vulnerability of the nft_payload() function in the net/netfilter module /nft_payload.c of the netfilter component in the Linux kernel allows a hacker to induce a service failure.

The vulnerability of the nftpayload function in the net/netfilter module, located in the netfilter component of the Linux kernel, is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to cause a system failure...

The vulnerability of the IBM Security Directory Integrator, a software tool for synchronizing identity data, and the IBM Security Verify Directory Integrator, an integration tool, lies in their ability to disclose protected information by reading directory files.

The vulnerability of the IBM Security Directory Integrator and IBM Security Verify Directory Integrator software lies in their ability to disclose information by reading directory files. Exploiting this vulnerability allows a malicious actor to disclose protected information...

The vulnerability of the `gslibctx_stash_sanitized_arg` function in the `base/gslibctx.c` file of the Ghostscript processing, conversion, and generation software set allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the gsLib ctxstashsanitizedarg function in the base/gslibctx.c file of the Ghostscript processing, conversion, and generation software set is related to improper border removal of critical data. Exploiting this vulnerability may allow an attacker to gain unauthorized access t...

The vulnerability of Firefox browser for iOS exists due to the improper functioning of the ms-cxh and ms-cxh-ful handlers, allowing attackers to compromise the integrity of protected information.

The vulnerability of Firefox browsers for iOS exists due to the improper functioning of the ms-cxh and ms-cxh-ful handlers. Exploiting this vulnerability allows a malicious actor to compromise the integrity of protected information...

The vulnerability of the modTMCM widget of the security monitoring and management tool Trend Micro Apex Central allows a malicious actor to upload arbitrary files.

The vulnerability of the modTMCM widget in the Trend Micro Apex Central security monitoring and management tool is related to unpredictable behavior of the function due to inconsistencies in parameter values. Exploiting this vulnerability allows an attacker operating remotely to upload arbitrary...

The vulnerability of the do_remove_conflicted_framebuffers() function in the drivers/video/fbdev/core/fbmem.c module of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the doRemoveConflictingFrameBuffers function in the drivers/video/fbdev/core/fbmem.c file of the Linux kernel lies in the pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerabilities of the `gpiochip_to_irq()` and `gpiochip_add_irqchip()` functions in the Linux operating system’s kernel allow a hacker to trigger a service failure.

The vulnerability of the gpiochiptoirq and gpiochipaddirqchip functions in the Linux operating system’s kernel is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a system failure...

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to the distribution of resources without any restrictions or regulations, allows a violator to cause service failure.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the distribution of resources without any restrictions or regulations. Exploiting this vulnerability allows a malicious actor to cause service interruptions remotely...

The vulnerability of the UBtech Freepass system management system, related to the redirection of URLs to unreliable websites, allows a hacker to redirect users to arbitrary URL addresses.

The vulnerability of the UBtech Freepass system management system lies in the redirection of URLs to unreliable websites. Exploiting this vulnerability allows a malicious actor to redirect users to arbitrary URL addresses...

The vulnerability of the Download Manager extension reint_downloadmanager in the TYPO3 content management system allows a hacker to upload arbitrary files.

The vulnerability of the Download Manager reintdownloadmanager extension of the TYPO3 content management system is related to the use of a insecure direct link to an object IDOR when processing the downloaduid parameter in the downloadAction structure. Exploiting this vulnerability could allow an...

The vulnerability of the smc_pnet_find_ib() function in the net/smc/smc_pnet.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the smcpnetfindib function in the net/smc/smcpnet.c module of the Linux operating system is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...