74701 matches found
The vulnerability of the software for programming operator panels of the VT series, such as VT-Designer, arises from writing beyond buffer boundaries, allowing a hacker to execute arbitrary code.
The vulnerability of the software for programming operator panels of the VT series, such as VT-Designer, lies in the writing beyond buffer boundaries when processing PM3 files. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the AMD Store Queue system for Windows operating systems allows a perpetrator to gain access to confidential information.
The vulnerability of the AMD Store Queue system for Windows operating systems is related to the disclosure of information. Exploiting this vulnerability can allow an attacker to access confidential information...
The vulnerability of the Wlan AP Driver software driver in MediaTek microprogramming chips allows attackers to enhance their privileges and disclose protected information.
The vulnerability of the Wlan AP Driver software driver from MediaTek relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow attackers to enhance their privileges and disclose sensitive information...
The vulnerability of Windows operating system DHCP clients allows a perpetrator to execute arbitrary code.
The vulnerability of DHCP clients of Windows operating systems is related to the execution of operations beyond the buffer in memory. Exploitation of this vulnerability can allow a remote attacker to execute arbitrary code...
The vulnerability of the WeGIA web manager, related to the failure to protect the SQL query structure, allows attackers to execute arbitrary SQL code.
The vulnerability of the WeGIA web manager is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...
The vulnerability of the formdumpeasysetup() function (/goform/formdumpeasysetup) in D-Link DIR-619L router microprogramming software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the formdumpeasysetup function /goform/formdumpeasysetup in D-Link DIR-619L router microprogramming software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...
The vulnerability of the wget_test.asp script in the D-Link DI-7300G+ router microprogramming software allows a hacker to execute arbitrary commands.
The vulnerability of the wgettest.asp script of the D-Link DI-7300G+ router microprogramming system is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the file server, related to incorrect restrictions on the path to the restricted directory, allows a hacker to bypass security restrictions.
The vulnerability of the server-filesystem is related to incorrect restrictions on the path to the restricted directory. Exploiting this vulnerability allows a malicious actor to bypass security restrictions remotely...
The vulnerability in operating systems macOS, iOS, iPadOS, and visionOS, related to revealing the password value in the log file, allows attackers to gain unauthorized access to confidential information.
The vulnerability in operating systems macOS, iOS, iPadOS, and visionOS relates to the disclosure of password values in log files. Exploiting this vulnerability can allow an attacker to gain unauthorized access to confidential information...
The vulnerability of software for installing NVIDIA video card drivers lies in the use of files and directories accessible from external parties. This allows a hacker to exploit their privileges and execute arbitrary code.
The vulnerability of software for installing NVIDIA video card drivers is related to the use of files and directories accessible from external parties. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...
The vulnerability of the AMD Store Queue system for Windows operating systems allows a perpetrator to gain access to confidential information.
The vulnerability of the AMD Store Queue system for Windows operating systems is related to the disclosure of information. Exploiting this vulnerability can allow an attacker to access confidential information...
The vulnerability of the device management platform for systems related to heating, ventilation, and air conditioning, lighting, and energy consumption within the Niagara Framework, as well as the Niagara Enterprise Security tools for access control and security, stems from the absence of necessary encryption steps. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the device management platform for systems for heating, ventilation, and air conditioning, lighting, and energy consumption, as well as the Niagara Framework and the access control and security measures, is related to the absence of the necessary encryption step. Exploiting...
The vulnerability of the SecurityAgent component in macOS operating systems allows a perpetrator to trigger a service failure.
The vulnerability of the SecurityAgent component in macOS operating systems is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the Control Data Access component of the Honeywell OneWireless Wireless Device Manager (WDM) and the microprogramming software for programmable logic controllers from Honeywell, the Experion PKS, allows a hacker to execute arbitrary code.
The vulnerability of the Control Data Access component of the Honeywell OneWireless Wireless Device Manager and the microprogrammed software for programmable logic controllers like Honeywell Experion PKS is related to the implementation by an inappropriate developer. Exploiting this vulnerability...
The vulnerability in the adicionar_raca.php script of the WeGIA web manager allows a hacker to perform cross-site scripting attacks.
The vulnerability of the adicionarraca.php script of the WeGIA web manager is related to the failure to protect the website structure when processing the raca parameter. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...
The vulnerability of the device management platform for systems related to heating, ventilation, and air conditioning, lighting, and energy consumption within the Niagara Framework, as well as the Niagara Enterprise Security tools for access control and security, stems from the ability to disclose information through a query string, allowing attackers to compromise the confidentiality of protected information.
The vulnerability of the device management platform for heating, ventilation, and air conditioning systems, lighting, and energy consumption, as well as the Niagara Framework and its access control and security measures, is related to the disclosure of information through query strings. Exploitin...
The vulnerability of the Voice Control voice control function in the macOS operating system allows a hacker to disclose protected information.
The vulnerability of Voice Control, a voice control function in the macOS operating system, is related to improper verification of the cryptographic signature. Exploiting this vulnerability could allow an attacker to disclose protected information...
The vulnerability of the Control Data Access component of the Honeywell OneWireless Wireless Device Manager and the microprogrammed logic controllers of the Honeywell Experion PKS allows a intruder to execute arbitrary code and cause a service failure.
The vulnerability of the Control Data Access component of the Honeywell OneWireless Wireless Device Manager and the microprogrammed logic controllers of the Honeywell Experion PKS is related to a countable degree of significance loss. Exploiting this vulnerability could allow an attacker to execu...
The vulnerability of P-Net’s input/output devices, related to writing beyond buffer boundaries, allows a intruder to cause a service failure.
The vulnerability of P-Net’s input/output devices is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the SUSE Manager, a tool for centralized management of IT infrastructure, relates to the lack of authentication for critical functions. This allows attackers to execute arbitrary commands with root privileges.
The vulnerability of the SUSE Manager, a tool for centralized management of IT infrastructure, is related to the lack of authentication for critical functions. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands with root privileges remotely...
The vulnerability in the implementation of the SMB protocol on macOS operating systems allows a perpetrator to trigger a service failure.
The vulnerability of the SMB protocol implementation in macOS is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the personalizacao_selecao.php web manager of WeGIA allows attackers to perform cross-site scripting attacks.
The vulnerability of the personalizacaoselecao.php web handler of the WeGIA browser is related to the lack of measures taken to protect the website structure when processing the nomecar parameter. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks XSS...
The vulnerability of the force_close() function in the inet.cpp module of the “Red Database” database management system allows a hacker to cause a service failure on the server.
The vulnerability of the forceclose function in the inet.cpp module of the “Red Database” database management system is related to incorrect serialization checks. Exploiting this vulnerability could allow an attacker to cause service failures...
The vulnerability of the readConfig() function in the TraceConfiguration.cpp module of the “Red Database” database management system allows a hacker to cause a service failure.
The vulnerability of the readConfig function in the TraceConfiguration.cpp module of the “Red Database” database management system is related to the incorrect processing of the timeformat parameter. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the SwSmiInputValue() function, a handler for System Management Interrupts in Gigabyte’s microprogramming motherboard software, allows attackers to circumvent security restrictions, gain elevated privileges, and execute arbitrary code.
The vulnerability of the SwSmiInputValue function, a handler for System Management Interrupts in Gigabyte’s microprogramming motherboard software, is related to the use of an unreliable pointer. Exploiting this vulnerability can allow attackers to bypass security restrictions, gain elevated...
The vulnerability of the Control Data Access component of the Honeywell OneWireless Wireless Device Manager (WDM) and the microprogramming software for programmable logic controllers from Honeywell, the Experion PKS, allows a hacker to execute arbitrary code.
The vulnerability of the Control Data Access component of the Honeywell OneWireless Wireless Device Manager and the microprogrammed software for programmable logic controllers from Honeywell, the Honeywell Experion PKS, is related to the presence of critical information. Exploiting this...
The vulnerability of the Mobile Security Framework (MobSF), which stems from the lack of protective measures for website structures, allows attackers to carry out cross-site scripting attacks.
The vulnerability of the Mobile Security Framework for mobile application security research relates to the lack of protective measures for website structures. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...
The vulnerability of the Mozilla Firefox browser on Android operating systems relates to a violation of data protection mechanisms, allowing attackers to circumvent existing security restrictions.
The vulnerability of the Mozilla Firefox browser on Android operating systems is related to a flaw in the data protection mechanism. Exploiting this vulnerability allows an attacker to bypass existing security restrictions remotely...
The vulnerability of the Control Data Access component of the Honeywell OneWireless Wireless Device Manager and the microprogrammed logic controllers of the Honeywell Experion PKS allows a intruder to execute arbitrary code and cause a service failure.
The vulnerability of the Control Data Access component of the Honeywell OneWireless Wireless Device Manager and the microprogrammed logic controllers of the Honeywell Experion PKS is related to a countable degree of significance loss. Exploiting this vulnerability could allow an attacker to execu...
The vulnerability of the Windows operating system’s event log allows a hacker to trigger a memory buffer overflow and re-write the XML log generated by the task scheduler.
The vulnerability of Windows operating system event logs is related to insufficient checking of values in XML log fields. Exploiting this vulnerability can allow an attacker to cause a memory buffer overflow in the event log and re-write it by sending a specially crafted XML file...
The vulnerability of the DdlNodes.epp module in the “Red Database” database management system allows a perpetrator to gain access and modify data.
The vulnerability of the DdlNodes.epp module in the “Red Database” database management system is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access and modify data...
The vulnerability of the Kerberos Helper component in operating systems like macOS, which allows a perpetrator to trigger a service failure.
The vulnerability of the Kerberos Helper component in operating systems like macOS is related to an uncontrolled consumption of resources. Exploiting this vulnerability could allow a attacker to cause service interruptions...
The vulnerability of the MFlash secure data exchange platform lies in the lack of a mechanism to protect the output data used in generating CSV files. This allows attackers to influence the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the MFlash secure data exchange platform lies in the lack of a mechanism for shielding the output data used in generating CSV files. Exploiting this vulnerability allows an attacker, operating remotely, to compromise the confidentiality, integrity, and accessibility of the...
The vulnerability of the MFlash secure data exchange platform, related to authentication errors, allows attackers to escalate their privileges.
The vulnerability of the MFlash secure data exchange platform is related to authentication errors. Exploiting this vulnerability allows a malicious actor to enhance their privileges and use the file storage system beyond the architectural limitations by intercepting API responses...
The vulnerability of the centralized system for managing user identities in FreeIPA, related to improper access control, allows a perpetrator to elevate their privileges to the level of domain administrator and affect the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the centralized system for managing user identities in FreeIPA is related to improper access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to elevate their privileges to the level of domain administrator and affect the...
The vulnerability of the Honeywell OneWireless Wireless Device Manager (WDM) and the micro-programming software for Honeywell Experion PKS programmable logic controllers arises from the occurrence of an operation outside the buffer in memory, allowing a intruder to execute arbitrary code.
The vulnerability of Honeywell OneWireless Wireless Device Manager WDM and the micro-programmed software of Honeywell Experion PKS programmable logic controllers lies in the fact that operation outputs go beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execu...
The vulnerability of the Wlan AP Driver software driver in MediaTek microprogramming chips allows attackers to enhance their privileges and disclose protected information.
The vulnerability of the Wlan AP Driver software driver from MediaTek relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow attackers to enhance their privileges and disclose sensitive information...
The vulnerability of the dsqlPass() function in the RecordSourceNodes.cpp module of the “Red Database” database management system allows a hacker to cause a service failure.
The vulnerability of the dsqlPass function in the RecordSourceNodes.cpp module of the “Red Database” database management system is related to incorrect implementation of requirements. Exploiting this vulnerability could allow an attacker to cause service interruptions...
The vulnerability in the adicionar_cor.php script of the WeGIA web manager allows a hacker to perform cross-site scripting attacks.
The vulnerability of the adicionarcor.php script of the WeGIA web manager is related to the lack of measures taken to protect the website structure during the processing of the cor parameter. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks XSS...
The vulnerability of the personalizacao_selecao.php web manager of WeGIA allows attackers to perform cross-site scripting attacks.
The vulnerability of the personalizacaoselecao.php web handler of the WeGIA browser is related to the failure to protect the website structure when processing the id parameter. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...
The vulnerability of the SwSmiInputValue() function, a handler for System Management Interrupts in Gigabyte’s microprogramming motherboard software, allows attackers to circumvent security restrictions, gain elevated privileges, and execute arbitrary code.
The vulnerability of the SwSmiInputValue function, a handler for System Management Interrupts in Gigabyte’s microprogramming motherboard software, is related to the use of an unreliable pointer. Exploiting this vulnerability can allow attackers to bypass security restrictions, gain elevated...
The vulnerability of the BCH Handler component in the End-of-Train and Head-of-Train protocols allows a attacker to trigger a service failure.
The vulnerability of the BCH Handler component in the End-of-Train and Head-of-Train protocols relates to the bypassing of authentication processes. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of the gbak() function in the burp.cpp module of the “Red Database” database management system allows a hacker to cause a service failure.
The vulnerability of the gbak function in the burp.cpp module of the “Red Database” database management system is related to incorrect validation of input data. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the Wlan AP Driver software driver from MediaTek’s microprogramming chips allows attackers to enhance their privileges.
The vulnerability of the Wlan AP Driver software driver from MediaTek is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow a remote attacker to gain increased privileges...
A vulnerability exists in the CCH_release function of the cch.cpp module of the “Red Database” database management system, which allows a hacker to cause a service failure in the server.
The vulnerability in the CCHrelease function of the cch.cpp module of the “Red Database” database management system is related to the release of page cache. Exploiting this vulnerability could allow a malicious actor to cause a service failure in the server...
The vulnerability of the CtrlCHandler() function in the why.cpp module of the “Red Database” database management system allows a hacker to cause a service failure.
The vulnerability of the CtrlCHandler function in the why.cpp module of the “Red Database” database management system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability in the adicionar_enfermidade.php web manager of the WeGIA system allows a hacker to perform cross-site scripting attacks.
The vulnerability of the adicionarenfermidade.php web handler of the WeGIA system is related to the failure to protect the website structure when processing the nome parameter. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...
The vulnerability of the cadastro_adotante.php web manager of WeGIA allows attackers to perform cross-site scripting attacks (XSS).
The vulnerability of the cadastroadotante.php script of the WeGIA web manager is related to the lack of measures taken to protect the structure of the web page when processing the cpf parameter. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS...
The vulnerability of the ERR_bugcheck_msg() function in the err.cpp module of the “Red Database” database management system allows attackers to conceal the source of attacks.
The vulnerability of the ERRbugcheckmsg function in the err.cpp module of the “Red Database” database management system is related to the occurrence of a critical error that prevented writes to the log before the server crashed. Exploiting this vulnerability could allow an attacker to remotely hi...
The vulnerability of the Dock panel on macOS operating systems allows a intruder to gain unauthorized access to protected information.
The vulnerability of the Dock panel on macOS operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to protected information...