90509 matches found
The vulnerability of the Google Chrome browser’s Media component, which allows a hacker to execute arbitrary code.
The vulnerability of the Google Chrome browser’s Media component is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted HTML page...
The vulnerability of the Downloads component of the Google Chrome browser allows a hacker to bypass existing security restrictions and replace the user interface.
The vulnerability of the Downloads component in the Google Chrome browser is related to the ability to bypass authentication through spoofing. Exploiting this vulnerability allows a malicious actor to circumvent existing security measures and replace the user interface by sending a specially...
Vulnerability of the AI module of the Grafana monitoring and observation platform, which allows a hacker to bypass existing security mechanisms and disclose sensitive information
The vulnerability of the Grafana monitoring and observation platform’s AI module relates to bypassing authentication by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to circumvent existing security mechanisms and disclose sensitive information by...
The vulnerability of the AI agent OpenClaw (formerly known as ClawdBot or MoltBot) relates to synchronization errors when using a shared resource, allowing a hacker to execute arbitrary commands.
The vulnerability of the AI agent OpenClaw formerly known as ClawdBot or MoltBot is related to synchronization errors when using a shared resource. Exploiting this vulnerability allows a hacker to execute arbitrary commands...
The vulnerability of the allowlist mode of the AI agent OpenClaw (formerly ClawdBot or MoltBot) allows a violator to execute arbitrary commands.
The vulnerability of the allowlist mode for the AI agent OpenClaw previously – ClawdBot or MoltBot is related to the use of an incomplete black list. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the stageSandboxMedia() function in the AI agent OpenClaw (previously ClawdBot or MoltBot) allows a violator to write any files they want.
The vulnerability of the stageSandboxMedia function in the AI agent OpenClaw previously ClawdBot or MoltBot is related to an incorrect definition of symbolic references before accessing a file. Exploiting this vulnerability allows a hacker to write arbitrary files...
The vulnerability of the setVpnPassCfg() function in the cstecgi.cgi script of the TOTOLINK A7100RU router’s software allows a hacker to execute arbitrary commands.
The vulnerability of the setVpnPassCfg function in the cstecgi.cgi script of the TOTOLINK A7100RU router’s software is related to the failure to eliminate special elements during the processing of the pptpPassThru parameter. Exploiting this vulnerability allows a remote attacker to execute...
The vulnerability of Google Chrome’s WebCodecs interface allows attackers to disclose protected information.
The vulnerability of Google Chrome’s WebCodecs interface is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to disclose sensitive information by sending a specially crafted HTML page...
The vulnerability of the AI agent OpenClaw (formerly known as ClawdBot or MoltBot) is related to the use of an incomplete black list, allowing the intruder to execute arbitrary commands.
The vulnerability of the AI agent OpenClaw formerly known as ClawdBot or MoltBot is related to the use of an incomplete black list. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability in the src/daemon/schtasks.ts script of the AI agent OpenClaw (previously known as ClawdBot or MoltBot) allows a perpetrator to execute arbitrary commands.
The vulnerability in the src/daemon/schtasks.ts script of the AI agent OpenClaw previously known as ClawdBot or MoltBot relates to the failure to take measures to neutralize special elements. Exploiting this vulnerability allows a perpetrator to execute arbitrary commands...
The vulnerability of the PAN-OS operating system, which allows a perpetrator to gain unauthorized access to protected information
The vulnerability of the PAN-OS operating system is related to the disclosure of system data by unauthorized parties within the controlled area. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the WebML component in the Google Chrome browser for Windows operating systems allows a hacker to disclose protected information.
The vulnerability of the WebML component in the Google Chrome browser for Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information by sending a specially crafted HTML page...
The vulnerability of the Omnibox address bar in the Google Chrome browser on iOS operating systems allows a hacker to replace the content in the URL bar.
The vulnerability of the Omnibox address bar in Google Chrome browsers on iOS operating systems is related to information representation errors in the user interface. Exploiting this vulnerability allows a malicious actor to replace the content in the URL bar using a specially created domain name...
The vulnerability in the web panel 3x-ui, related to the lack of protection for the website structure, allows attackers to execute arbitrary JavaScript code.
The vulnerability of the 3x-ui web panel is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a remote attacker to execute arbitrary JavaScript code...
The vulnerability in the extensions/lobster/src/lobster-tool.ts script of the AI agent OpenClaw (previously known as ClawdBot or MoltBot) allows a violator to execute arbitrary commands.
The vulnerability in the extensions/lobster/src/lobster-tool.ts script of the AI agent OpenClaw previously known as ClawdBot or MoltBot relates to the failure to take measures to neutralize special elements. Exploiting this vulnerability allows a perpetrator to execute arbitrary commands...
The vulnerability of the AI agent OpenClaw (formerly known as ClawdBot or MoltBot) involves unlimited distribution of resources, allowing a hacker to cause a service failure.
The vulnerability of the AI agent OpenClaw formerly known as ClawdBot or MoltBot is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a remote attacker to cause service failures...
The vulnerability of the sigd_send() function in Linux operating system kernels, which allows a hacker to trigger a service failure
The vulnerability of the sigdsend function in Linux operating system kernels is related to unreliable pointer dereferencing. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the formCrossBandSwitch function in the /goform/formCrossBandSwitch module of the Belkin F9K1015 router’s microprogramming system, which allows a intruder to trigger a service failure.
The vulnerability of the formCrossBandSwitch function in the /goform/formCrossBandSwitch module of the Belkin F9K1015 router microprogramming system is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to cause a service failure remotely...
The vulnerability of the HMAC algorithm (Hash-based Message Authentication Code) of the AI agent OpenClaw (formerly known as ClawdBot or MoltBot) allows a perpetrator to compromise the integrity and accessibility of the protected information.
The vulnerability of the HMAC-based Message Authentication Code algorithm used by the AI agent OpenClaw formerly known as ClawdBot or MoltBot relates to the possibility of bypassing the authentication process. Exploiting this vulnerability could allow a malicious actor to compromise the integrity...
The vulnerability in the src/infra/archive.ts script of the AI agent OpenClaw (previously known as ClawdBot or MoltBot) allows a violator to write arbitrary files.
The vulnerability in the src/infra/archive.ts script of the AI agent OpenClaw previously known as ClawdBot or MoltBot is related to synchronization errors when using a shared resource. Exploiting this vulnerability allows an attacker to write arbitrary files...
The vulnerability of embedded software developed by Qualcomm, related to the execution of operations outside the buffer in memory, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of embedded Qualcomm software is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability in the `src/node-host/invoke-system-run-plan.ts` script of the AI agent OpenClaw (previously known as ClawdBot or MoltBot) allows a perpetrator to execute arbitrary code.
The vulnerability in the src/node-host/invoke-system-run-plan.ts script of the AI agent OpenClaw previously known as ClawdBot or MoltBot relates to the implementation or modification of arguments. Exploiting this vulnerability allows a perpetrator to execute arbitrary code...
The vulnerability in the implementation of IOCTL commands in Qualcomm’s embedded software allows a hacker to damage memory.
The vulnerability of the IOCTL command implementation in Qualcomm’s embedded software lies in the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow an attacker to damage the memory...
The vulnerability of embedded software developed by Qualcomm, related to the possibility of using memory after release, allows a hacker to cause memory corruption.
The vulnerability of embedded software developed by Qualcomm relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause damage to the memory...
The vulnerability of embedded software developed by Qualcomm, related to the execution of operations outside the buffer in memory, allows attackers to cause memory corruption.
The vulnerability of embedded software developed by Qualcomm relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to cause damage to the memory...
The vulnerability in the implementation of IOCTL commands in Qualcomm’s embedded software allows a hacker to damage memory.
The vulnerability of the IOCTL command implementation in Qualcomm’s embedded software lies in the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow an attacker to cause memory corruption...
The vulnerability of the Transport Layer Security library GnuTLS, related to its algorithmic complexity, allows attackers to induce a service failure.
The vulnerability of the Transport Layer Security library GnuTLS is related to its algorithmic complexity. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the Binary Handler component of the PDF viewing software, which supports formats such as EPUB, MOBI, FB2, CHM, XPS, and DjVu, as well as SumatraPDF, allows a hacker to execute arbitrary code.
The vulnerability of the BinaryHandler component in the PDF, EPUB, MOBI, FB2, CHM, XPS, and DjVu document viewing software, SumatraPDF, is related to the use of an insecure search path. Exploiting this vulnerability allows an attacker to execute arbitrary code...
The vulnerability of the tools.exec.safeBins configuration in the AI agent OpenClaw (previously known as ClawdBot or MoltBot) allows a hacker to bypass existing security mechanisms.
The vulnerability of the tools.exec.safeBins configuration in the AI agent OpenClaw previously known as ClawdBot or MoltBot relates to the failure to take measures to neutralize special elements. Exploiting this vulnerability allows a perpetrator to bypass existing security mechanisms...
The vulnerability of the Libraesva ESG software, related to the lack of measures taken to clean data at the management level, allows a perpetrator to execute arbitrary commands.
The vulnerability of the Libraesva ESG software is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability could allow a remote attacker to execute arbitrary commands...
The vulnerability of the Linkwarden bookmark management server relates to external control of file names or paths, allowing attackers to disclose protected information.
The vulnerability of the Linkwarden bookmark management server relates to external control of file names or paths. Exploiting this vulnerability could allow attackers to disclose protected information...
The vulnerability of the /admin/edit-user.php web application in the PHPGurukul Small CRM customer relationship management system allows a attacker to bypass existing security restrictions.
The vulnerability of the /admin/edit-user.php web application in the PHPGurukul Small CRM customer relationship management system is related to deficiencies in the authentication process. Exploiting this vulnerability allows an attacker to bypass existing security restrictions remotely...
The vulnerability of the `createAnnotation` method in the library for creating PDF files using jsPDF allows a violator to execute arbitrary code.
The vulnerability of the createAnnotation method in the jsPDF library relates to improper encoding or escaping of output data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by injecting specially crafted PDF files...
The vulnerability of the AI agent OpenClaw (formerly known as ClawdBot or MoltBot) arises from an incorrect restriction on the path name to the restricted-access catalog, allowing attackers to read arbitrary files.
The vulnerability of the AI agent OpenClaw formerly known as ClawdBot or MoltBot is related to an incorrect restriction on the path name to the restricted-access catalog. Exploiting this vulnerability allows a malicious actor, operating remotely, to read arbitrary files...
The vulnerability of the collectConfigEnvVars() function in the OpenClaw AI agent (previously known as ClawdBot or MoltBot) allows a violator to execute arbitrary code.
The vulnerability of the collectConfigEnvVars function in the OpenClaw AI agent previously known as ClawdBot or MoltBot is related to errors in system configuration or settings. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the stripBotMention() function in the AI agent OpenClaw (previously known as ClawdBot or MoltBot) allows a violator to trigger a service denial.
The vulnerability of the stripBotMention function in the AI agent OpenClaw previously known as ClawdBot or MoltBot is related to the use of a regular expression with inefficient computational complexity. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of the Avahi service detection system in local networks, related to uncontrolled recursion, allows a hacker to trigger a service failure.
The vulnerability of the Avahi service detection system in local networks is related to uncontrolled recursion. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the g_unichar_to_utf8() function in the GLib library allows a attacker to cause a service failure.
The vulnerability of the gunichartoutf8 function in the GLib library is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows a remote attacker to cause a service failure...
The vulnerability of the vvdec_push_data2() function in the HEIF File Parser component, a decoder and file format parser library, allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the vvdecpushdata2 function in the HEIF File Parser component, a decoder and file format parser library, is related to the execution of operations outside of the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to gain unauthorized access to...
The vulnerability of the distributed data storage system RustFS, related to insufficient validation of input data, allows attackers to compromise the integrity and accessibility of the protected information.
The vulnerability of the distributed data storage system RustFS is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to compromise the integrity and accessibility of the protected information...
The vulnerability of the OpenEMR system for managing medical documents, related to incorrect encoding or filtering of output data, allows a malicious individual to read arbitrary files.
The vulnerability of the OpenEMR system for medical documentation is related to incorrect encoding or masking of output data. Exploiting this vulnerability could allow a malicious actor to read arbitrary files...
The vulnerability of the OpenEMR system for managing medical documents, related to the lack of measures taken to protect the website structure, allows a hacker to execute arbitrary codes.
The vulnerability of the OpenEMR system for medical documentation is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary codes remotely...
The vulnerability of the OpenEMR system for managing medical documents, related to improper behavior, allows a violator to escalate their privileges.
The vulnerability of the OpenEMR system for medical documentation is related to improper behavior patterns. Exploiting this vulnerability can allow a malicious actor, operating remotely, to increase their privileges...
The vulnerability of the UltraJSON programming language package in Python, related to integer overflow, allows attackers to trigger a service failure.
The vulnerability of the UltraJSON programming language package in Python is related to integer overflow. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
The vulnerability of the AI agent OpenClaw (formerly known as ClawdBot or MoltBot) in Windows operating systems arises from the failure to take measures to neutralize special elements. This vulnerability allows a perpetrator to execute arbitrary commands.
The vulnerability of the AI agent OpenClaw formerly known as ClawdBot or MoltBot in Windows operating systems is related to the failure to take measures to neutralize special elements. Exploiting this vulnerability allows a hacker to execute arbitrary commands...
The vulnerability of the system for monitoring and analyzing physical activity and health status of FITSTATS Technologies AthleteMonitoring, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site attacks.
The vulnerability of the FITSTATS Technologies AthleteMonitoring system for monitoring and analyzing physical activity and health status is related to the lack of measures taken to protect the website’s structure. Exploiting this vulnerability could allow a malicious actor to perform cross-site...
The vulnerability of the parse_header() function in the GLib library allows a hacker to cause a service failure.
The vulnerability of the parseheader function in the GLib library is related to the violation of the buffer’s initial boundary. Exploiting this vulnerability allows an attacker to trigger a service failure...
The vulnerability of the g_assert_not_reached() function in the Lasso library, which allows a violator to trigger a service failure
The vulnerability of the gassertnotreached function in the Lasso library is related to an uncontrolled reachable assertion. Exploiting this vulnerability could allow a malicious actor, operating remotely, to trigger a service failure by sending specially crafted SAML packets...
The vulnerability of the software platform for automating work processes in Kubernetes Argo Events, related to incorrect privilege assignment, allows a perpetrator to escalate their privileges.
The vulnerability of the software platform for automating work processes in Kubernetes Argo Events is related to the improper assignment of privileges. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...
The vulnerability of the FreeScout support service management system lies in the failure to remove script-related HTML tags from web pages, allowing attackers to carry out XSS attacks.
The vulnerability of the FreeScout support service management system lies in the failure to remove script-related HTML tags from web pages. Exploiting this vulnerability allows a remote attacker to carry out XSS attacks...