74701 matches found
The vulnerability of the EXTN Element ID Parser component in Qualcomm’s embedded software allows a hacker to execute arbitrary code.
The vulnerability of the EXTN Element ID Parser component in Qualcomm’s embedded software lies in its ability to read data beyond the permitted range of memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability of the AirDrop wireless data transmission component allows a perpetrator to gain unauthorized access to protected information on operating systems such as iPadOS, iOS, tvOS, and MacOS.
The vulnerability of the AirDrop wireless data transmission component in operating systems such as iPadOS, iOS, tvOS, and MacOS lies in the reading of data beyond the allowed range in memory. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...
The vulnerability of the CoreText component in iPadOS, iOS, tvOS, and MacOS operating systems allows attackers to gain unauthorized access to protected information.
The vulnerability of the CoreText component in iPadOS, iOS, tvOS, and MacOS operating systems relates to reading data beyond the permitted range of memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability of the Safari browser in operating systems such as visionOS, macOS, iOS, and iPadOS allows attackers to influence the privacy and integrity of protected information.
The vulnerability of the Safari browser on operating systems such as visionOS, macOS, iOS, and iPadOS is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality and integrity of protected information...
The vulnerability of MacOS operating systems, related to reading beyond the buffer limit of memory, allows an attacker to execute arbitrary code.
The vulnerability of MacOS operating systems is related to reading data beyond the buffer limit of memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of FaceTime video/audio call technology in operating systems iPadOS and iOS allows a perpetrator to cause a service failure.
The vulnerability of FaceTime video telephony technology in iPadOS and iOS operating systems is related to the incorrect duration of a call session. Exploiting this vulnerability can allow an attacker to trigger a service failure...
The vulnerability of the AppleJPEG framework in operating systems such as macOS, tvOS, iPadOS, iOS, visionOS, and watchOS allows attackers to trigger a service failure.
The vulnerability of the AppleJPEG framework in operating systems such as macOS, tvOS, iPadOS, iOS, visionOS, and watchOS is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of the FrontBoard component in iPadOS and iOS operating systems allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the FrontBoard component in iPadOS and iOS operating systems is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...
The vulnerability of the Codecs components of Google Chrome and Microsoft Edge allows a hacker to execute arbitrary code.
The vulnerability of the Codecs components in Google Chrome and Microsoft Edge is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...
The vulnerability of the Kibana data visualization service, related to the unlimited loading of malicious files, allows attackers to upload harmful files.
The vulnerability of the Kibana data visualization service is related to the unlimited loading of malicious files. Exploiting this vulnerability allows a remote attacker to upload malicious files...
The vulnerability of the Windows Common Log File System Driver in the Windows operating system allows a hacker to gain increased privileges.
The vulnerability of the Windows Common Log File System Driver in the operating system is related to the possibility of using memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the Power Automate for Desktop automation platform on Windows operating systems stems from an uncontrolled search path element, which allows a malicious individual to disclose protected information.
The vulnerability of the Power Automate for Desktop automation platform for Windows operating systems is related to an uncontrolled element in the search process. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information that is protected by the system...
The vulnerability of Microsoft Defender for Endpoint on Linux operating systems, related to improper external management of file names or paths, allows attackers to escalate their privileges.
The vulnerability of Microsoft Defender for Endpoint on Linux operating systems is related to incorrect external management of file names or file paths. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of Microsoft Office and Microsoft 365 Apps for Enterprise packages lies in their ability to exploit memory after it is freed, allowing an attacker to execute arbitrary code.
The vulnerability of Microsoft Office and Microsoft 365 Apps for Enterprise packages relates to the possibility of using memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, which allows attackers to execute XSS attacks.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks...
The vulnerability of the Adobe Animate program for creating multimedia and computer animations lies in the ability to read data beyond the buffer in memory. This allows attackers to gain unauthorized access to protected information and circumvent the ASLR protection mechanism.
The vulnerability of the Adobe Animate program for creating multimedia and computer animations is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information and bypass the ASLR protection mechanism...
The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat 2024, as well as Adobe Acrobat Reader 2020, are related to reading beyond the buffer memory limit. This allows attackers to gain unauthorized access to protected information.
The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 are related to reading data beyond the buffer memory. Exploiting these vulnerabilities can allow attackers to gain...
The vulnerability of D-Link DIR-859 router’s microprogramming software, related to deficiencies in authentication procedures, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of D-Link DIR-859 router microprogramming software is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the /goform/formSetPassword function in D-Link’s DIR-618 and DIR-605L router microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the /goform/formSetPassword function in D-Link DIR-618 and DIR-605L router microprogramming systems is related to access control errors. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the sub_41710C function (/goform/diag_nslookup) in the D-Link DIR-823X AX3000 router’s microprogramming system allows a hacker to execute arbitrary commands.
The vulnerability of the sub41710C function /goform/diagnslookup in the D-Link DIR-823X AX3000 router’s microprogramming system exists due to the failure to implement measures to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands...
The vulnerability of the ipsec_road_asp function in D-Link DI-8100 router microprogramming software allows a attacker to execute arbitrary code.
The vulnerability of the ipsecroadasp function in D-Link DI-8100 router microprogramming software is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the formSetWAN_Wizard534 function in D-Link DIR-605L router microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the formSetWANWizard534 function in the microprogramming software for D-Link DIR-605L routers is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code using the...
The vulnerability of the formSetLog function in the D-Link DIR-600L router’s microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the formSetLog function in the D-Link DIR-600L router’s microprogramming software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code by using the host...
The vulnerability of the formEasySetupWizard3 function in the D-Link DIR-600L router’s microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the formEasySetupWizard3 function in the microprogramming software of the D-Link DIR-600L router is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely by...
The vulnerability of the formEasySetupWizard function in D-Link DIR-619L router software allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the formEasySetupWizard function in D-Link DIR-619L router microprogramming software is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and...
The vulnerability of the sub_454F2C function in D-Link DIR-605L router microprogramming software allows a hacker to execute arbitrary commands.
The vulnerability of the sub454F2C function in D-Link DIR-605L router microprogramming software is related to the lack of measures taken to clean data at the control level. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the formSetWAN_Wizard55 function in D-Link DIR-605L router microprogramming software allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the formSetWANWizard55 function in D-Link DIR-605L router microprogramming software is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
The vulnerability of the formEasySetupWizard3 function in D-Link DIR-619L router microprogramming software allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the formEasySetupWizard3 function in D-Link DIR-619L router microprogramming software is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
The vulnerability of the Adobe Dreamweaver HTML editor, related to errors in data type mixing, allows attackers to execute arbitrary code.
The vulnerability of the Adobe Dreamweaver HTML editor is related to errors in data type mixing. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the formSetWizard2 function in the D-Link DIR-619L router’s microprogramming software allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the formSetWizard2 function in D-Link DIR-619L router microprogramming software is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
The vulnerability of the ColdFusion software platform, related to the failure to take measures to neutralize special elements used in the operating system’s command set, allows attackers to circumvent existing security restrictions and execute arbitrary code.
The vulnerability of the ColdFusion software platform lies in the lack of measures taken to neutralize special elements used in the operating system’s command line. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and execute arbitrary code...
The vulnerability of the ColdFusion software platform, related to deficiencies in the authentication mechanism, allows attackers to circumvent existing security restrictions and execute arbitrary code.
The vulnerability of the ColdFusion software platform is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and execute arbitrary code...
The vulnerability of Adobe Connect web conference software lies in the lack of measures taken to protect the structure of web pages, allowing attackers to perform cross-site scripting attacks (XSS).
The vulnerability of Adobe Connect web conferencing software relates to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS by injecting malicious scripts into form fields...
The vulnerability of Adobe Dimension’s 3D design software relates to the execution of operations beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.
The vulnerability of Adobe Dimension’s 3D design software relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability of VMware NSX network virtualization platform, related to insecure management of privileges, allows attackers to escalate their privileges.
The vulnerability of VMware NSX network virtualization platform is related to insecure management of privileges. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...
The vulnerability of the monitoring tool for VMware Aria Operations, related to errors in privilege management, allows a perpetrator to escalate their privileges.
The vulnerability of the monitoring tool for VMware Aria Operations is related to errors in privilege management. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of embedded software developed by Qualcomm, related to the swapping of a non-trustworthy pointer, allows a perpetrator to trigger a service failure.
The vulnerability of embedded software developed by Qualcomm relates to the use of an unreliable pointer. Exploiting this vulnerability can allow attackers to cause system failures...
The vulnerability of the JAR File Handler component in MacOS operating systems allows attackers to disclose confidential information.
The vulnerability of the JAR File Handler component in MacOS operating systems is related to the disclosure of information. Exploiting this vulnerability can allow an attacker to disclose confidential information...
The vulnerability of MacOS operating systems, related to access control deficiencies, allows attackers to gain read and modify access to system files.
The vulnerability of MacOS operating systems is related to lack of access control. Exploiting this vulnerability can allow an attacker to gain read and modify access to system files...
The vulnerability of the Safari browser on macOS, iOS, and iPadOS operating systems allows a hacker to execute arbitrary code.
The vulnerability of the Safari browser in operating systems macOS, iOS, and iPadOS is related to the lack of security measures for handling SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of MacOS operating systems, related to errors in the use of standard permissions, allows attackers to increase their privileges.
The vulnerability of MacOS operating systems is related to errors in the use of standard permissions. Exploiting this vulnerability can allow a remote attacker to increase their privileges...
The vulnerability of the Power Management component in operating systems such as visionOS, MacOS, tvOS, iPadOS, and iOS allows attackers to trigger service failures.
The vulnerability of the Power Management component in operating systems such as visionOS, MacOS, tvOS, iPadOS, and iOS is related to lack of access control. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerabilities of the libxml2 and libxpc libraries in MacOS, iPadOS, iOS operating systems allow attackers to execute XSS attacks.
The vulnerability of the libxml2 and libxpc libraries in MacOS, iPadOS, and iOS operating systems stems from the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
The vulnerability of the MacOS operating system, related to insufficient validation of input data, allows a hacker to gain access to and modify system files.
The vulnerability of the MacOS operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain access to and modify system files...
The vulnerability of the traceroute utility in the microprogramming system of the RUGGEDCOM ROX routing and switching platform for models MX (MX5000, MX5000RE) and RX (RX1400, RX1501, RX1510, RX1511, RX1512, RX1524, RX1536, and RX5000) allows a hacker to execute arbitrary code.
The vulnerability of the traceroute utility in the microprogramming-based routing and switching platform RUGGEDCOM ROX for series MX MX5000, MX5000RE and RX RX1400, RX1501, RX1510, RX1511, RX1512, RX1524, RX1536, and RX5000 lies in the absence of a mechanism to verify input data on the server sid...
The vulnerability of the IT service management tool Ivanti Neurons for ITSM relates to the bypassing of the authentication process, allowing an intruder to gain unauthorized access to the system with administrator privileges.
The vulnerability of the IT service management tool Ivanti Neurons for ITSM is related to the bypassing of the authentication process. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to the system with administrator privileges...
The vulnerability of the Core Bluetooth framework in operating systems such as macOS, tvOS, iPadOS, iOS, visionOS, and watchOS allows attackers to disclose sensitive information.
The vulnerability of the Core Bluetooth framework in operating systems such as macOS, tvOS, iPadOS, iOS, visionOS, and watchOS is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to disclose sensitive information that should be protected...
The vulnerability of the CoreMedia component in operating systems such as macOS, tvOS, iPadOS, iOS, visionOS, and watchOS allows attackers to execute arbitrary code or cause service interruptions.
The vulnerability of the CoreMedia component in operating systems such as macOS, tvOS, iPadOS, iOS, visionOS, and watchOS is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause service interruptions...
The vulnerability in the embedded web server of the microprogramming software for Rockwell Automation’s Micrologix 1100 and 1400 allows a perpetrator to carry out cross-site scripting attacks.
The vulnerability of the embedded web server software used in Rockwell Automation’s Micrologix 1100 and 1400 programmable logic controllers is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a remote attacker to perform cross-site scripti...
The vulnerability of the Windows Routing and Remote Access Service (RRAS) on Windows operating systems allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Windows Routing and Remote Access Service RRAS on Windows operating systems is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected informati...