Lucene search
K
Bdu FstecRecent

90509 matches found

BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.2 views

The vulnerability of the os.path.expandvars() function in the Python interpreter allows a hacker to trigger a service failure.

The vulnerability of the os.path.expandvars function in the Python programming language is related to an uncontrolled resource consumption. Exploiting this vulnerability allows a perpetrator to cause service failures...

5.5CVSS6.3AI score0.00136EPSS
Exploits0References9Affected Software7
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.4 views

The vulnerability of NetworkManager’s software for managing network connections, related to improper storage of permissions, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the NetworkManager software for managing network connections is related to improper storage of permissions. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

3.3CVSS5.8AI score0.00162EPSS
Exploits0References5Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.2 views

The vulnerability of the ssh_get_hexa() function in the application programming interface of the libssh library, which allows a hacker to cause a service failure

The vulnerability of the sshgethexa function in the application programming interface of the libssh library is related to a breach of the buffer boundary. Exploiting this vulnerability could allow an attacker, operating remotely, to cause service failures...

6.5CVSS6.7AI score0.00582EPSS
Exploits0References7Affected Software6
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.2 views

The vulnerability of the libssh library, related to the use of a regular expression with inefficient computational complexity, allows a hacker to cause a service failure.

The vulnerability of the libssh library is related to the use of a regular expression with inefficient computational complexity. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.4AI score0.00223EPSS
Exploits0References7Affected Software6
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.3 views

The vulnerability of GnuPG’s information encryption and digital signatures software, related to errors in verifying cryptographic signatures, allows attackers to circumvent existing security mechanisms.

The vulnerability of GnuPG’s information encryption and digital signatures lies in errors in verifying the cryptographic signature. Exploiting this vulnerability could allow attackers to circumvent existing security mechanisms...

5.9CVSS5.8AI score0.00104EPSS
Exploits0References5Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.3 views

The vulnerability of the Git-based software platform for collaborative code development in GitLab Enterprise Edition (EE) arises from the lack of protective measures for website structures, allowing attackers to perform cross-site scripting attacks.

The vulnerability of the Git-based software platform for collaborative code development in GitLab Enterprise Edition is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

5.5CVSS5.6AI score0.00279EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.3 views

The vulnerability of the Git-based software platform for collaborative code development in GitLab Enterprise Edition (EE) involves improper authorization, allowing an intruder to gain read and edit access to data.

The vulnerability of the Git-based software platform for collaborative code development in GitLab Enterprise Edition is related to improper authentication. Exploiting this vulnerability can allow a malicious actor to gain read and edit access to data...

4.3CVSS5.8AI score0.00311EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.2 views

The vulnerability of the R7WebsSecurityHandler() function in the Tenda i3 wireless access point software allows a hacker to bypass security restrictions and gain unauthorized access to protected information.

The vulnerability of function R7WebsSecurityHandler in the Tenda i3 wireless access point software is related to an incorrect restriction on the path to the restricted directory. Exploiting this vulnerability could allow a malicious actor to bypass security restrictions and gain unauthorized acce...

7.5CVSS7.1AI score0.00632EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.2 views

The vulnerability of D-Link DI-8003 router microprogramming software lies in the copying of buffers without checking the size of the input data. This allows a hacker to trigger a service failure.

The vulnerability of D-Link DI-8003 router microprogramming software lies in the copying of buffers without checking the size of input data during the processing of parameters name, qq, and time. Exploiting this vulnerability allows a malicious actor to cause a service failure by sending a...

7.8CVSS5.8AI score0.00492EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.1 views

The vulnerability of the setAppEasyWizardConfig function in the TOTOLink A3600R router’s microprogramming software allows a perpetrator to trigger a service failure or execute arbitrary code.

The vulnerability of the setAppEasyWizardConfig function in the TOTOLink A3600R router microprogramming system is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to cause service failures or execute arbitrary cod...

10CVSS6AI score0.00585EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.1 views

The vulnerability in the web-based tool for centralized control and configuration of QLogic adapters in the Marvell QConvergeConsole system exists due to an incorrect limitation on the path name to the restricted access catalog. This vulnerability allows attackers to disclose sensitive information that is protected by this system.

The vulnerability of the web-based tool for centralized control and configuration of QLogic adapters in the Marvell QConvergeConsole is related to an incorrect limitation on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to disclose...

9.7CVSS7.2AI score0.12281EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.2 views

The vulnerability of the NeuVector Enforcer security container arises from the lack of data cleaning at the management level, allowing a perpetrator to execute arbitrary code and trigger a service failure.

The vulnerability of the NeuVector Enforcer security container is related to the lack of data cleansing measures at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and trigger a service failure...

9.9CVSS6.2AI score0.0043EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.2 views

The vulnerability of Veeam Backup & Replication’s protection mechanism for cloud, virtual, and physical systems, related to access control errors, allows attackers to execute arbitrary code.

The vulnerability of Veeam Backup & Replication’s protection mechanisms for cloud, virtual, and physical systems stems from access control errors. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

9.1CVSS7.5AI score0.01329EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.3 views

The vulnerability of the Liebert UNITY communication and device management platform, as well as the Liebert RDU101 communication card, stems from buffer overflows in the stack. This allows an attacker to execute arbitrary code.

The vulnerability of the Liebert UNITY communication and device management platform, as well as the Liebert RDU101 communication card, is related to buffer overflow in the stack. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS6.3AI score0.00703EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.4 views

The vulnerability of the SillyTavern software platform, related to a data source confirmation error, allows a violator to execute arbitrary code.

The vulnerability of the SillyTavern software platform is related to a data source verification error. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code...

10CVSS6AI score0.00236EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.4 views

The vulnerability of the Maltrail malware detection system lies in the lack of authentication for the critical function, allowing the attacker to execute arbitrary code.

The vulnerability of the Maltrail malware detection system lies in the lack of authentication for the critical function when processing the username parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted request...

10CVSS6.2AI score0.03884EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.1 views

The vulnerability of the Employee Management System lies in the lack of measures taken to protect the SQL query structure, allowing attackers to execute arbitrary code and trigger service failures.

The vulnerability of software for collecting, storing, and managing files and documents in an Employee Record Management System is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code and cause...

10CVSS6.2AI score0.00368EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.4 views

The vulnerability of the multi-media library Ffmpeg, related to reading data beyond the buffer boundary in memory, allows a hacker to cause a service failure.

The vulnerability of the FFmpeg multimedia library relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

6.4CVSS5.9AI score0.00266EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.3 views

The vulnerability of the graphical user interface (GUI) of the FortiClient for MAC protection tool allows a perpetrator to execute arbitrary code.

The vulnerability of the graphical user interface GUI of the FortiClient for MAC security tool is related to improper code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.5CVSS7.9AI score0.00253EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.3 views

The vulnerability of the command-line interface (CLI) of the Outlookproxy plugin on the cloud platform used for FortiDLP data protection allows a hacker to gain access to the current user’s email.

The vulnerability of the command-line interface CLI of the Outlookproxy plugin on the cloud platform used for FortiDLP data protection involves deficiencies in access control for personal information. Exploiting this vulnerability could allow an attacker to gain access to the current user’s email...

6CVSS5.8AI score0.00165EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.2 views

The vulnerability of the FortiADC application delivery controller, related to insufficient protection of operational data, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the FortiADC application delivery controller is related to insufficient protection of operational data. Exploiting this vulnerability allows an attacker, operating remotely, to gain unauthorized access to protected information by sending specially crafted HTTP and HTTPS...

6.8CVSS5.8AI score0.00285EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.1 views

The vulnerability of D-Link DI-8003 router microprogramming software lies in the copying of buffers without checking the size of the input data. This allows a hacker to trigger a service failure.

The vulnerability of D-Link DI-8003 router microprogramming software lies in the copying of buffers without checking the size of input data when processing the s parameter. Exploiting this vulnerability allows a malicious actor to cause a service failure by sending a specially crafted GET request...

7.8CVSS5.8AI score0.00408EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.5 views

The vulnerability of the MediaStream component in Google Chrome and Microsoft Edge browsers allows a hacker to trigger a service failure.

The vulnerability of the MediaStream component in Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause a service failure through a specially crafted HTML page...

10CVSS7.3AI score0.00271EPSS
Exploits0References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.3 views

The vulnerability of D-Link DI-8003 router microprogramming software lies in the copying of buffers without checking the size of the input data. This allows a hacker to trigger a service failure.

The vulnerability of D-Link DI-8003 router microprogramming software lies in the copying of buffers without checking the size of input data during the processing of the iface parameter. Exploiting this vulnerability allows a malicious actor to cause a service failure by sending a specially crafte...

7.8CVSS5.8AI score0.00412EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.3 views

The vulnerability of the WebMCP component in Google Chrome and Microsoft Edge browsers allows a hacker to trigger a service failure.

The vulnerability of the WebMCP component in Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure through a specially crafted HTML page...

10CVSS7.3AI score0.00325EPSS
Exploits0References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.3 views

The vulnerability of the Lobster extension for the AI agent OpenClaw (formerly known as ClawdBot or MoltBot) in Windows operating systems allows a hacker to execute arbitrary commands.

The vulnerability of the Lobster extension for AI agents OpenClaw previously known as ClawdBot or MoltBot in Windows operating systems is related to the failure to take measures to neutralize special elements. Exploiting this vulnerability allows a hacker to execute arbitrary commands...

5.3CVSS6AI score0.00525EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.3 views

The vulnerability of the formSetRoute() function in D-Link DIR-513 router microprogramming software allows a hacker to cause memory corruption.

The vulnerability of the formSetRoute function in D-Link DIR-513 router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause memory corruption...

9CVSS7.6AI score0.0074EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.2 views

The vulnerability of the maybe_fork_scalars() function in Linux operating systems allows a perpetrator to influence the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the maybeforkscalars function in the Linux operating system’s kernel is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to influence the confidentiality, integrity, and accessibility of the protecte...

7CVSS7.3AI score0.00221EPSS
Exploits2References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.3 views

The vulnerability of the ASN.1 library pyasn1 in the Python programming language, related to unlimited resource distribution, allows attackers to cause service failures.

The vulnerability of the ASN.1 library pyasn1 in the Python programming language is related to the unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS6.7AI score0.00679EPSS
Exploits0References39Affected Software19
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.5 views

The vulnerability of the backup server of the Veeam Backup & Replication software allows a perpetrator to execute arbitrary code. This vulnerability targets systems for cloud, virtual, and physical environments.

The vulnerability of the backup server of the Veeam Backup & Replication solution for cloud, virtual, and physical systems is related to access control errors. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

9.9CVSS7.5AI score0.01128EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.2 views

The vulnerability of the http.cookies.Morsel component in the Python programming language allows a attacker to compromise the accessibility of the protected information.

The vulnerability of the http.cookies.Morsel component in the Python interpreter is related to the failure to take measures to neutralize CRLF sequences. Exploiting this vulnerability can allow an attacker, operating remotely, to compromise the accessibility of protected information...

7.5CVSS5.8AI score0.00401EPSS
Exploits0References6Affected Software6
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.1 views

The vulnerability of the bpf_skb_is_valid_access function in the net/core/filter.c module, which is part of the Linux operating system’s BPF interpreter support, allows a attacker to trigger a service failure.

The vulnerability of the bpfskbisvalidaccess function in the net/core/filter.c module, which is part of the Linux kernel’s BPF interpreter support, is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS5.8AI score0.0018EPSS
Exploits0References7Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.3 views

The vulnerability of the NetAuth component in macOS operating systems allows a perpetrator to bypass security measures and compromise the integrity and accessibility of protected information.

The vulnerability of the NetAuth component in macOS operating systems arises due to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to gain control over the system and compromise the integrity and accessibility of the protected information...

5.5CVSS5.8AI score0.00144EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2026/04/14 12:0 a.m.2 views

The vulnerability of the NFSv4.0 component in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the NFSv4.0 component in the Linux operating system is related to incorrect calculations of the size of the allocated buffer. Exploiting this vulnerability can allow an attacker to cause a service failure...

7CVSS6AI score0.0049EPSS
Exploits0References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/04/13 12:0 a.m.3 views

The vulnerability in the implementation of IOCTL commands in Qualcomm’s embedded software allows a hacker to damage memory.

The vulnerability of the IOCTL command implementation in Qualcomm’s embedded software lies in the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow an attacker to damage the memory...

7.8CVSS6.1AI score0.00096EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/04/13 12:0 a.m.5 views

The vulnerability of the framework for creating applications based on the combination of language models (LLMs) like LangChain arises from the lack of protective measures for SQL query structures. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the framework for creating applications based on the combination of language models LLMs like LangChain relates to the lack of measures taken to protect SQL query structures. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected informatio...

7.3CVSS7.2AI score0.00162EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/13 12:0 a.m.3 views

The vulnerability of the tools.exec.safeBins configuration in the AI agent OpenClaw (previously known as ClawdBot or MoltBot) allows a violator to execute arbitrary commands.

The vulnerability of the tools.exec.safeBins configuration in the AI agent OpenClaw previously known as ClawdBot or MoltBot is related to the failure to take measures to neutralize special elements. Exploiting this vulnerability allows a perpetrator to execute arbitrary commands...

7.1CVSS6AI score0.0014EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/13 12:0 a.m.2 views

The vulnerability of the Omnibox address bar in the Google Chrome browser on iOS operating systems allows a hacker to replace the user interface.

The vulnerability of the Omnibox address bar in the Google Chrome browser on iOS operating systems is related to information representation errors in the user interface. Exploiting this vulnerability allows a malicious actor to replace the user interface with a specially created HTML page...

5CVSS7.3AI score0.00154EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/13 12:0 a.m.2 views

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to trigger a service failure.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to cause service failures...

10CVSS7.3AI score0.0015EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/13 12:0 a.m.3 views

The vulnerability of the Audio component in the Google Chrome browser allows a hacker to bypass the sandboxing protection mechanism.

The vulnerability of the Audio component in Google Chrome browser is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to bypass the sandboxing protection mechanisms...

7.8CVSS7.3AI score0.00155EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/13 12:0 a.m.3 views

The vulnerability of Google Chrome’s PWA components allows attackers to install any PWA applications they desire.

The vulnerability of Google Chrome’s PWA components is related to access control errors. Exploiting this vulnerability allows a remote attacker to install arbitrary PWA applications...

7.8CVSS7.5AI score0.0017EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/13 12:0 a.m.4 views

The vulnerability of the WebAudio component in the Google Chrome browser on Mac operating systems allows a hacker to disclose protected information.

The vulnerability of the WebAudio component in the Google Chrome browser for Mac operating systems involves reading data beyond the buffer limit in memory. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information by sending a specially crafted HTML page...

7.8CVSS7.3AI score0.00218EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/13 12:0 a.m.2 views

The vulnerability of Google Chrome’s WebCodecs interface allows attackers to disclose protected information.

The vulnerability of Google Chrome’s WebCodecs interface is related to errors during variable initialization. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information through a specially created HTML page...

7.8CVSS7.2AI score0.00258EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/13 12:0 a.m.3 views

The vulnerability of the PDFium component in the Google Chrome browser allows a perpetrator to execute a brute-force attack.

The vulnerability of the PDFium component in the Google Chrome browser is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow a malicious actor to execute a brute-force attack remotely...

7.8CVSS7.3AI score0.00102EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/13 12:0 a.m.2 views

The vulnerability of the Downloads component of the Google Chrome browser for Windows operating systems allows a hacker to circumvent existing security restrictions.

The vulnerability of the Downloads component of the Google Chrome browser for Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions by sending a specially crafted HTML page...

7.8CVSS7.3AI score0.00188EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/13 12:0 a.m.4 views

The vulnerability of the Synology-chat module of the AI agent OpenClaw (formerly known as ClawdBot or MoltBot) allows a hacker to bypass existing security mechanisms.

The vulnerability of the Synology-chat module of the AI agent OpenClaw formerly known as ClawdBot or MoltBot is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass existing security mechanisms remotely...

10CVSS5.7AI score0.00321EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/13 12:0 a.m.3 views

The vulnerability of the AI agent OpenClaw (formerly known as ClawdBot or MoltBot) is related to deficiencies in the authentication process, allowing attackers to bypass existing security mechanisms.

The vulnerability of the AI agent OpenClaw formerly known as ClawdBot or MoltBot is related to deficiencies in the authorization process when processing the parameter groupPolicy=allowlist. Exploiting this vulnerability can allow a malicious actor to bypass existing security mechanisms remotely...

5.5CVSS5.7AI score0.00152EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/13 12:0 a.m.2 views

The vulnerability of the setUPnPCfg() function in the cstecgi.cgi script of the TOTOLINK A7100RU router’s microprogramming system allows a hacker to execute arbitrary commands.

The vulnerability of the setUPnPCfg function in the cstecgi.cgi script of the TOTOLINK A7100RU router’s microprogramming system is related to the lack of measures taken to neutralize special elements during the processing of the enable parameter. Exploiting this vulnerability allows a remote...

10CVSS7.6AI score0.14128EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/13 12:0 a.m.3 views

The vulnerability in the Google Chrome browser’s user interface allows a perpetrator to gain unauthorized access to the rendering process and perform a substitution of the user interface.

The vulnerability of Google Chrome’s user interface is related to an improper limitation on the visible layers of the user interface. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to the rendering process and replace the user interface by sending a speciall...

5CVSS7.3AI score0.00206EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/13 12:0 a.m.2 views

The vulnerability of the Google Chrome browser’s PDF component, which allows a hacker to circumvent existing security restrictions

The vulnerability of the Google Chrome browser’s PDF component is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to bypass existing security restrictions by sending a specially crafted HTML page...

5CVSS7.3AI score0.00159EPSS
Exploits0References4Affected Software1
Total number of security vulnerabilities90509