90509 matches found
The vulnerability of the cs_disasm() and cs_disasm_iter() functions in the Capstone compiler allows a hacker to execute arbitrary code.
The vulnerability of the csdisasm and csdisasmiter functions in Capstone’s binary code analysis engine is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerabilities of the `png_write_image_16bit()` and `png_write_image_8bit()` functions in the library for working with PNG bitmap graphics allow attackers to gain unauthorized access to protected information.
The vulnerability of the pngwriteimage16bit and pngwriteimage8bit functions in the PNG bitmap graphics library involves reading data from buffers that are beyond their allowable limits. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
The vulnerability of the csopt_mem.vsnprintf() function in the analysis engine for binary code from Capstone allows a hacker to execute arbitrary code.
The vulnerability of the csoptmem.vsnprintf function in Capstone’s binary code analysis engine is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...
The vulnerability of the ApacheCookieParse method in FortiWeb web applications allows attackers to bypass existing security restrictions and execute arbitrary commands.
The vulnerability of the ApacheCookieParse method in FortiWeb web applications relates to the reliance on cookie files without any checks to verify their authenticity and integrity. Exploiting this vulnerability allows an attacker to bypass existing security restrictions and execute arbitrary...
The vulnerability of the Jolokia application programming interface of the Apache ActiveMQ messaging broker allows a perpetrator to execute arbitrary code.
The vulnerability of the Jolokia application programming interface of the Apache ActiveMQ messaging broker is related to deficiencies in the code generation management mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a configuration XML file...
The vulnerability of the Google Chrome browser’s Media component, which allows a hacker to trigger a service failure.
The vulnerability of the Google Chrome browser’s Media component is related to a potential overflow condition. Exploiting this vulnerability could allow an attacker to cause a service failure through the use of a specially created video file...
The vulnerability of the Google Chrome browser’s Media component, which allows a hacker to trigger a service failure.
The vulnerability of the Google Chrome browser’s Media component is related to a potential overflow condition. Exploiting this vulnerability could allow an attacker to cause a service failure through the use of a specially created video file...
The vulnerability of the Omnibox address bar in Google Chrome allows attackers to perform spoofing attacks.
The vulnerability of the Omnibox address bar in Google Chrome is related to information representation errors in the user interface. Exploiting this vulnerability allows a malicious actor to carry out spam attacks using a specially created HTML page...
The vulnerability of the software for interacting with servers via cURL lies in the ability to utilize memory after it is released, allowing a hacker to cause a service failure.
The vulnerability of the software for interacting with servers via cURL is related to the possibility of using memory after it is freed. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of Google Chrome’s ServiceWorkers component, which allows a hacker to bypass security restrictions
The vulnerability of Google Chrome’s ServiceWorkers component is related to a flaw in the data protection mechanism. Exploiting this vulnerability allows an attacker to bypass security restrictions through a specially created HTML page...
The vulnerability of the LibSoup library for HTTP servers stems from deficiencies in HTTP request processing, allowing attackers to induce service failures.
The vulnerability of the HTTP server-based LibSoup library is related to deficiencies in HTTP request processing. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of the LibSoup library for HTTP servers stems from improper syntax validation during input processing. This allows attackers to send hidden HTTP requests (HTTP Request Smuggling attacks) or perform SSRF attacks.
The vulnerability of the LibSoup library for HTTP servers is related to improper syntax validation during input processing. Exploiting this vulnerability allows an attacker to send hidden HTTP requests HTTP Request Smuggling attack or perform an SSRF attack remotely...
The vulnerability of the PAM module of the Devolutions Server platform allows for the unauthorized reuse of passwords, user credentials, and confidential information. This makes it possible for attackers to reuse those passwords again.
The vulnerability of the PAM module of the Devolutions Server platform for centralized and secure management of passwords, user accounts, and confidential information exists due to a flaw in the password reset function. Exploiting this vulnerability allows a malicious actor to reuse an Oracle...
The vulnerability of the Permissions control element in the Google Chrome browser allows attackers to perform spoofing attacks.
The vulnerability of the Permissions control element in Google Chrome is related to information representation errors in the user interface. Exploiting this vulnerability can allow a malicious actor to carry out phishing attacks using a specially created HTML page...
The vulnerability of the recognize() function in the node-tesseract-ocr library of the Node.js software platform allows attackers to influence the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the recognize function in the node-tesseract-ocr library of the Node.js software platform is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability can allow a remote attacker to influence the confidentiality, integrity, and...
The vulnerability of the HTTP server libraries that use LibSoup, related to the failure to eliminate CRLF sequences, allows a violator to trigger a service denial.
The vulnerability of the HTTP server-based LibSoup library lies in the lack of measures to neutralize CRLF sequences. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...
The vulnerability of Google Chrome’s WebRTC technology, which allows a violator to trigger a service failure.
The vulnerability of Google Chrome’s WebRTC technology is related to a potential overflow condition. Exploiting this vulnerability could allow an attacker to cause a service failure through a specially created web page...
The vulnerability of the Media component of the Google Chrome browser on Android operating systems allows a perpetrator to gain access to read and modify data.
The vulnerability of the Google Chrome browser’s Media component on Android operating systems is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to gain access to and modify data...
The vulnerability of the Google Chrome browser’s CSS component, which allows a hacker to trigger a service failure
The vulnerability of the Google Chrome browser’s CSS component is related to errors in data type mixing. Exploiting this vulnerability can allow an attacker to cause a service failure by loading a specially created extension...
The vulnerability of the __jpeg_image_load() function in the image loading library GdkPixbu allows a attacker to trigger a service failure.
The vulnerability of the jpegimageload function in the image loading library GdkPixbuf is related to the situation where the operation’s output goes beyond the buffer’s boundaries when processing a specially created JPEG image. Exploiting this vulnerability could allow a malicious actor to cause...
Vulnerability of the Graphics component: Text browsers such as Mozilla Firefox, Firefox ESR, and the email client Thunderbird, allowing attackers to execute arbitrary code.
Vulnerability of the Graphics component: The text-based browsers Mozilla Firefox, Firefox ESR, and the email client Thunderbird are vulnerable to a numerical overflow vulnerability. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...
The vulnerability in the application programming interface of util.readFileIntoStream(), a function in the Adobe Reader PDF file viewing and editing software, allows a malicious actor to execute arbitrary JavaScript code.
The vulnerability of the util.readFileIntoStream function in the Adobe Reader PDF file viewing and editing application lies in the uncontrolled modification of object prototype attributes. Exploiting this vulnerability could allow an attacker to execute arbitrary JavaScript code upon the user...
The vulnerability of the Google Chrome browser’s Media component, which allows a hacker to trigger a service failure.
The vulnerability of the Google Chrome browser’s Media component is related to a numerical overflow condition. Exploiting this vulnerability could allow an attacker to cause a service failure using a specially created video file...
The vulnerability of the Google Chrome browser’s Media component, which allows a hacker to trigger a service failure.
The vulnerability of the Google Chrome browser’s Media component is related to insufficient verification of data authenticity. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using a specially created video file...
The vulnerability of the DevTools set of tools for web development in Google Chrome allows a hacker to bypass security restrictions.
The vulnerability of the DevTools suite for web development in Google Chrome relates to a data protection mechanism flaw. Exploiting this vulnerability allows an attacker to bypass security restrictions by downloading malicious extensions remotely...
The vulnerability of the iFrameSandbox component in Google Chrome allows a hacker to bypass security restrictions.
The vulnerability of the iFrameSandbox component in Google Chrome is related to a violation of data protection mechanisms. Exploiting this vulnerability allows an attacker to bypass security restrictions remotely...
The vulnerability of ESAFENET CDG’s software for encrypting electronic documents lies in the lack of protective measures for the SQL query structure, allowing attackers to execute malicious code remotely.
The vulnerability of ESAFENET CDG’s software for encrypting electronic documents is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a remote attacker to execute malicious code remotely...
The vulnerability of the ESAFENET DSM software for monitoring and managing network security, related to the lack of measures taken to clean data at the management level, allows a perpetrator to execute arbitrary commands.
The vulnerability of the ESAFENET DSM monitoring and network security management software is related to the lack of measures taken to clean data at the control level. Exploiting this vulnerability can allow attackers to execute arbitrary commands...
The vulnerability of the LibSoup library for HTTP servers arises from the lack of measures to neutralize CRLF sequences, allowing attackers to inject arbitrary HTTP headers.
The vulnerability of the LibSoup library for HTTP servers relates to the lack of measures taken to neutralize CRLF sequences. Exploiting this vulnerability allows a remote attacker to inject arbitrary HTTP headers...
The vulnerability of the soup_filter_input_stream_read_line() function in the LibSoup library allows a hacker to gain unauthorized access to protected information.
The vulnerability of the soupfilterinputstreamreadline function in the LibSoup library related to deficiencies in HTTP request processing. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
The vulnerability of the md4sum() function in the NTLM component of the access library for HTTP servers allows a hacker to cause a service failure.
The vulnerability of the md4sum function in the NTLM component of the HTTP server access library LibSoup is related to the escape of an operation beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause a service failure...
The vulnerability of the LibSoup library for HTTP servers relates to the occurrence of operations outside the buffer in memory, allowing an attacker to execute arbitrary code.
The vulnerability of the HTTP server-based LibSoup library lies in the escape of operations beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of Google Chrome browser’s Blink rendering module allows a hacker to trigger a service failure.
The vulnerability of Google Chrome’s Blink rendering module is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure through a specially created web page...
The vulnerability of the memory management subsystem mm/mseal in Linux operating systems allows a hacker to trigger a service failure.
The vulnerability of the memory management subsystem mm/mseal in Linux operating systems is related to incorrect calculations. Exploiting this vulnerability can allow attackers to cause system failures...
The vulnerability of the MariaDBFilterExpressionConverter component in the Spring AI development framework allows a hacker to execute arbitrary SQL commands.
The vulnerability of the MariaDBFilterExpressionConverter component in the Spring AI development framework relates to the lack of protective measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...
The vulnerability of the kgssapi.ko module in the operating system kernel of FreeBSD allows a hacker to execute arbitrary code.
The vulnerability of the kgssapi.ko module in FreeBSD operating systems is related to buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the History control element in Google Chrome allows a hacker to perform cross-site scripting attacks.
The vulnerability of the History control panel element in Google Chrome is related to information representation errors in the user interface. Exploiting this vulnerability could allow a remote attacker to perform cross-site scripting attacks...
The vulnerability of the Downloads component of the Google Chrome browser, which allows a hacker to circumvent security restrictions
The vulnerability of the Downloads component of the Google Chrome browser is related to insufficient protection of service data. Exploiting this vulnerability can allow a malicious actor to bypass security restrictions remotely...
The vulnerability of the Navigation API component in iOS, iPadOS, and MacOS operating systems allows attackers to bypass existing security mechanisms.
The vulnerability of the Navigation API component in iOS, iPadOS, and MacOS operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to bypass existing security mechanisms remotely...
The vulnerability of Brother MFC-L2710DW printer’s microprogramming software, related to the leakage of file and directory information, allows attackers to gain unauthorized access to protected data.
The vulnerability of Brother MFC-L2710DW printer microprogramming software is related to the leakage of information about files and directories. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability of the LibSoup library for HTTP servers relates to reading data beyond the allowed buffer limits, allowing an intruder to gain unauthorized access to protected information.
The vulnerability of the LibSoup library for HTTP servers relates to reading data beyond the allowed buffer limits. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
The vulnerability of the WebSocket component in the LibSoup library allows a attacker to cause a service failure.
The vulnerability of the WebSocket component in the HTTP server access library LibSoup is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability in the web interface of the operating system PAN-OS allows a hacker to bypass security restrictions and execute arbitrary commands.
The vulnerability of the PAN-OS operating system’s web management interface is related to the lack of measures taken to neutralize the script in the web page attributes. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and execute arbitrary commands...
The vulnerability of Google Chrome’s WebSockets component allows attackers to circumvent security restrictions.
The vulnerability of Google Chrome’s WebSockets component is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to bypass security restrictions...
The vulnerability of the WebML component in the Google Chrome browser, which allows a hacker to trigger a service failure.
The vulnerability of the WebML component in Google Chrome relates to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to cause service interruptions through a specially created web page...
The vulnerability of the _traverseJSON() function in the ORM library Sequelize allows a hacker to execute arbitrary SQL code.
The vulnerability of the traverseJSON function in the ORM library Sequelize is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary SQL code...
The vulnerability of the OAuth authentication protocol implementation in Devolutions Server allows a perpetrator to bypass multi-factor authentication, enabling centralized and secure management of passwords, user accounts, and confidential information.
The vulnerability of the OAuth authentication protocol implementation of Devolutions Server for centralized and secure management of passwords, user accounts, and confidential information is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicio...
The vulnerability of the JavaScript library for secure cleaning and protection of HTML code, DOMPurify, arises from the lack of protection for website structure. This vulnerability allows attackers to execute XSS attacks.
The vulnerability of the JavaScript library for secure cleaning and protection of HTML code, DOMPurify, is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability can allow attackers to carry out XSS attacks...
The vulnerability of the monitoring, analysis, and automatic issue resolution platform of Palo Alto Networks Autonomous Digital Experience Manager is related to errors in the certificate validation process. This allows attackers to escalate their privileges and execute arbitrary code.
The vulnerability of the monitoring, analysis, and automatic issue resolution platform used by Palo Alto Networks Autonomous Digital Experience Manager is related to errors in the certificate validation process. Exploiting this vulnerability can allow an attacker to enhance their privileges and...
The vulnerability of the `oppsdss_init_fbdev()` function in the `arch/arm/mach-omap2/display.c` file, which is part of the ARM platform support for the Linux operating system, allows a hacker to cause a system failure.
The vulnerability of the oppsdssinitfbdev function in the arch/arm/mach-omap2/display.c file, which is part of the ARM platform support for the Linux operating system, is related to errors during link time. Exploiting this vulnerability could allow an attacker to cause a system failure...