The vulnerability of the CGI Gem software lies in the use of regular expressions with inefficient computational complexity, which allows attackers to trigger a service failure.

The vulnerability of the CGI Gem software lies in the use of a regular expression with inefficient computational complexity. Exploiting this vulnerability allows an attacker operating remotely to cause service interruptions...

The vulnerability of the AdvSetMacMtuWan function in the microprogramming software for Tenda AC10 routers allows a hacker to cause a service failure.

The vulnerability of the AdvSetMacMtuWan function in the microprogramming software for Tenda AC10 routers is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to trigger a service failure using the cloneType2 key...

The vulnerability of the embedded software of Netgear XR1000, Netgear XR1000v2, and Netgear XR500 lies in improper code generation, allowing attackers to execute arbitrary code.

The vulnerability of the embedded software on Netgear XR1000, Netgear XR1000v2, and Netgear XR500 is related to incorrect code generation. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

The vulnerability of the Dell ECS storage platform, related to insufficient validation of input data, allows attackers to compromise the integrity of the protected information.

The vulnerability of the Dell ECS storage platform is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to compromise the integrity of the protected information...

The vulnerability of the formWifiMacFilterSet function in the Tenda i12 wireless access point’s microprogramming software allows a intruder to influence the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formWifiMacFilterSet function in the Tenda i12 wireless access point’s microprogramming software lies in the reading of data outside the buffer in memory when processing the index parameter. Exploiting this vulnerability allows a remote attacker to compromise the...

The vulnerability of the corporate version of the GitHub Enterprise Server, related to improper code generation management, allows a perpetrator to execute arbitrary code.

The vulnerability of the corporate version of the GitHub Enterprise Server is related to improper code generation management. Exploitation of this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the corporate version of the GitHub Enterprise Server, related to the lack of measures taken to protect the website structure, allows attackers to carry out cross-site scripting attacks.

The vulnerability of the corporate version of the GitHub Enterprise Server is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out a cross-site scripting attack remotely...

The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena arises from buffer overflows in the stack, allowing attackers to disclose sensitive information and execute arbitrary code.

The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to disclose sensitive information and execute arbitrary code, provided that the user opens a...

The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena arises from reading data beyond the acceptable range in memory. This allows attackers to exploit the protected information and execute arbitrary code.

The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena relates to reading data beyond the allowable range in memory. Exploiting this vulnerability can allow an attacker to disclose sensitive information and execute arbitrary code, provided that the...

The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena arises from reading data beyond the acceptable range in memory. This allows attackers to exploit the protected information and execute arbitrary code.

The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena relates to reading data beyond the allowable range in memory. Exploiting this vulnerability can allow an attacker to disclose sensitive information and execute arbitrary code, provided that the...

The vulnerability of microprogrammed software in PLANET Technology devices stems from the lack of authenticity verification for a critical function. This allows attackers to create accounts with root privileges.

The vulnerability of PLANET Technology’s microprogrammed software for switches is related to the lack of authenticity verification for a critical function. Exploiting this vulnerability could allow a malicious actor, operating remotely, to create a user account with root privileges...

The vulnerability of microprogrammed software in PLANET Technology switches arises from the failure to take measures to neutralize special elements, allowing attackers to execute arbitrary commands.

The vulnerability of PLANET Technology’s microprogrammed software exists due to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the Avaya Equinox collaboration platform, related to deficiencies in the mechanism for checking uploaded files, allows a hacker to execute arbitrary code.

The vulnerability of the Avaya Equinox collaboration platform is related to deficiencies in the mechanism for checking uploaded files. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by uploading a specially crafted file into the system...

The vulnerability of the update mechanism of the software-hardware protection system ViPNet Client 4 allows a perpetrator to execute software that simulates an update.

The vulnerability of the software-hardware protection mechanism ViPNet Client 4 is related to the insufficient number of verifications of the legitimacy of updates sent via the mftp transport protocol. This vulnerability can only be exploited by a internal intruder with elevated privileges who...

The vulnerability of the aswbidsdriver driver of the Avast Free Antivirus protection allows a hacker to escalate their privileges and execute arbitrary code.

The vulnerability of the aswbidsdriver driver of the Avast Free Antivirus antivirus software is related to a numerical overflow vulnerability. Exploiting this vulnerability can allow an attacker to increase their privileges and execute arbitrary code...

The vulnerability of the mfd component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the mfd component in the Linux operating system’s kernel is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Linux operating system’s crypto kernel component, which allows a hacker to trigger a service failure

The vulnerability of the Linux operating system’s crypto kernel component is related to improper validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the powerpc/fadump components in the Linux operating system’s kernel allows a hacker to gain elevated privileges within the system.

The vulnerability of the powerpc/fadump components in the Linux operating system’s kernel is related to an incorrect use after release. Exploiting this vulnerability can allow an attacker to increase their privileges within the system...

The vulnerability of the sunrpc component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the sunrpc component in the Linux operating system’s kernel is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the bpf component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the bpf component in the Linux operating system’s kernel is related to improper blocking mechanisms. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the hv_uio_probe() function in the drivers/uio/uio_hvgeneric.c module of the Linux kernel allows a hacker to gain access to protected information.

The vulnerability of the hvuioprobe function in the drivers/uio/uiohvgeneric.c module of the Linux kernel is related to security configuration errors. Exploiting this vulnerability can allow an attacker to gain access to protected information...

The vulnerability of the Dell ECS storage platform, related to errors in the authentication process, allows an intruder to gain unauthorized access to protected information.

The vulnerability of the Dell ECS storage platform is related to errors in the certificate validation process. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Git-based software platform for collaborative code development on GitLab EE/CE lies in its unlimited resource distribution, which allows attackers to trigger service interruptions.

The vulnerability of the Git-based software platform for collaborative code development in GitLab EE/CE relates to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the Ingress controller in the Kubernetes cluster ingress-nginx, related to errors in processing Ingress object annotations, allows a hacker to execute arbitrary code.

The vulnerability of the Ingress controller in the Kubernetes cluster ingress-nginx is related to errors in processing Ingress object annotations. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Ingress controller in the Kubernetes cluster ingress-nginx, related to errors in processing Ingress object annotations, allows a hacker to execute arbitrary code.

The vulnerability of the Ingress controller in the Kubernetes cluster ingress-nginx is related to errors in processing Ingress object annotations. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the getty component of the finite initialization system allows a intruder to gain unauthorized access to the system.

The vulnerability of the getty component of the FINIT initialization routine is related to the lack of argument separation when accessing the /bin/login process via the command line. Exploiting this vulnerability can allow an attacker to gain unauthorized access to the system...

The vulnerability of operating systems iOS, iPadOS, and macOS arises from incorrect restrictions on path names in restricted access directories, allowing attackers to gain unauthorized access to confidential data.

The vulnerability of iOS, iPadOS, and macOS operating systems is related to incorrect restrictions on path names in restricted access directories. Exploiting this vulnerability can allow an attacker to gain unauthorized access to confidential data...

The vulnerability of iOS and iPadOS operating systems, related to incorrect authorization, allows attackers to disclose sensitive information.

The vulnerability of iOS and iPadOS operating systems is related to improper authorization. Exploiting this vulnerability can allow attackers to disclose protected information...

The vulnerability in macOS operating systems, related to improper validation of input data, allows attackers to trigger a service failure.

The vulnerability of macOS operating systems is related to improper validation of input data. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

The vulnerability of iOS, iPadOS, and macOS operating systems stems from improper validation of input data, allowing attackers to gain unauthorized access to confidential information.

The vulnerability of iOS, iPadOS, and macOS operating systems is related to improper validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to confidential data...

Vulnerability of the init_dell_smbios_wmi() function in the drivers/platform/x86/dell-smbios-wmi.c module – This driver provides support for X86 device controllers in the Linux operating system, allowing an attacker to cause a service failure.

Vulnerability of the initdellsmbioswmi function in the drivers/platform/x86/dell-smbios-wmi.c module – The Linux X86 kernel device support drivers are vulnerable due to improper control of resource identifiers “resource injection”. Exploiting this vulnerability could allow an attacker to cause...

The vulnerability of the `btrfs_log_new_name()` function in the `fs/btrfs/tree-log.c` module of the file system support module for Linux’s kernel allows a hacker to cause a service failure.

The vulnerability of the btrfslognewname function in the fs/btrfs/tree-log.c module of the btrfs file system support module in Linux systems is related to improper control of resource identifiers “resource injection”. Exploiting this vulnerability could allow an attacker to trigger a service...

Vulnerability of the mcp251x_stop() function in the drivers/net/can/spi/mcp251x.c module – This driver supports network devices of the Linux kernel, which can be exploited by attackers to cause service failures.

Vulnerability of the mcp251xstop function in the drivers/net/can/spi/mcp251x.c module – The Linux kernel’s CAN network device driver relies on the assignment of the NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

Vulnerability of the do_read() function in the drivers/infiniband/sw/rxe/rxe_comp.c module – The Linux kernel’s InfiniBand support driver allows a hacker to cause a service failure.

Vulnerability of the doread function in the drivers/infiniband/sw/rxe/rxecomp.c module – The Linux kernel’s InfiniBand support driver has a vulnerability related to incorrect input validation. Exploiting this vulnerability could allow an attacker to cause service failures...

Vulnerability of the hid_ctrl() function in the drivers/hid/usbhid/hid-core.c module – The driver for the user interface devices of the Linux kernel allows a hacker to compromise the confidentiality and accessibility of protected information.

Vulnerability of the hidctrl function in the drivers/hid/usbhid/hid-core.c module – The driver for the user interface devices in the Linux kernel is vulnerable to a memory leak before the last reference is freed. Exploiting this vulnerability could allow an attacker to compromise the...

The vulnerability of the get_ccwgroupdev_by_busid() function in the arch/s390/include/asm/ccwgroup.h module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the getccwgroupdevbybusid function in the arch/s390/include/asm/ccwgroup.h module of the Linux operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of the phpseclib cryptographic protocol library, related to incorrect input validation, allows attackers to trigger a service failure.

The vulnerability of the phpseclib cryptographic protocol library is related to insufficient checks on the data entered by users. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability of the Bluetooth driver’s firmware microprogramming software of MediaTek’s chips, which allows a hacker to cause a service failure.

The vulnerability of the Bluetooth driver’s firmware microprogramming software from MediaTek is related to the lack of use of the assert function. Exploiting this vulnerability can allow attackers to cause system failures...

The vulnerability of the telnet CLI service in NETGEAR’s integrated software routers FVS336Gv2 and FVS336Gv3 allows a hacker to execute arbitrary commands with root privileges.

The vulnerability of the telnet CLI service in NETGEAR’s integrated router software products like FVS336Gv2 and FVS336Gv3 exists due to the lack of measures to neutralize specific components. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands with root privileges...

The vulnerability of the spin_lock() function in the vfs component of the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the spinlock function in the vfs component of the Linux operating system’s kernel is related to improper locking mechanisms. Exploiting this vulnerability could allow an attacker to trigger a service failure...

The vulnerability of the Linux operating system’s USB kernel component, which allows a hacker to cause a service failure

The vulnerability of the Linux operating system’s USB kernel component is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Linux operating system’s kernel’s media component, which allows a hacker to cause a service failure

The vulnerability of the Linux operating system’s kernel media component is related to a reachable assertion. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Linux operating system’s powerpc/pseries kernel components, which allows a hacker to cause a service failure

The vulnerability of the Linux operating system’s powerpc/pseries kernel components is related to improper blocking mechanisms. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Process component in the Symfony software development and web application management platform allows attackers to bypass security restrictions.

The vulnerability of the Process component in the Symfony software development and web application management platform is related to deficiencies in the authentication process due to the use of the Remember-me cookie. Exploiting this vulnerability allows a malicious actor to circumvent security...

The vulnerability of the mailbox component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the mailbox component in the Linux operating system’s kernel is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of the qdisc_pkt_len_init() function in the Linux kernel component allows a hacker to trigger a service failure.

The vulnerability of the qdiscpktleninit function in the Linux kernel component is related to incorrect input validation. Exploiting this vulnerability could allow an attacker to cause a system failure...

The vulnerability of the ocfs2 component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the ocfs2 component in the Linux operating system is related to improper locking mechanisms. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the ocfs2_journal_shutdown() function in the ocfs2 component of the Linux kernel allows a attacker to cause a service failure.

The vulnerability of the ocfs2journalshutdown function in the ocfs2 component of the Linux operating system is related to the assignment of the NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the __jbd2_log_wait_for_space() function in the fs/jbd2/checkpoint.c module, which supports Linux kernel-based file systems, allows a attacker to trigger a service failure.

The vulnerability of the jbd2logwaitforspace function in the fs/jbd2/checkpoint.c module, which is part of the Linux kernel’s file system support, is related to improper control of resource identifiers “resource injection”. Exploiting this vulnerability could allow an attacker to trigger a servic...

The vulnerability of the ioc_forgive_debts() function in the blk_iocost component of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the iocforgivedebts function in the blkiocost component of the Linux operating system is related to read-out errors beyond the boundary. Exploiting this vulnerability can allow an attacker to cause a service failure...