The vulnerability of the Telnet service of the Tenda W18E router’s microprogramming software allows a intruder to gain unauthorized access to the device.

The vulnerability of the Telnet service in the Tenda W18E router microprogramming system lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to the device...

The vulnerability of HP LaserJet Pro printer’s microprogramming software, related to improper handling of unexpected data types, allows attackers to trigger malfunctions during maintenance.

The vulnerability of HP LaserJet Pro printer’s microprogramming software is related to improper handling of unexpected types of data. Exploiting this vulnerability can allow an attacker to cause a service failure by sending a JPEG-file via IPP Internet Printing Protocol...

The vulnerability of the operational-tactical radio communication device in hard-to-access areas, Meshtastic, is related to buffer overflows in dynamic memory, allowing a intruder to execute arbitrary code.

The vulnerability of the operational-tactical radio communication system in hard-to-access areas like Meshtastic is related to buffer overflows in dynamic memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code by sending specially crafted protobuf data...

The vulnerability of the C-ares asynchronous DNS query library, related to the possibility of using memory after it is freed, allows a hacker to cause a service failure.

The vulnerability of the C-ares asynchronous DNS query library is related to the possibility of using memory after it is freed. Exploiting this vulnerability could allow a malicious actor to cause a service failure...

The vulnerability of the Amnezia VPN client for macOS operating systems relates to insecure management of privileges, allowing a malicious individual to elevate their privileges to root level.

The vulnerability of the Amnezia VPN client for macOS operating systems is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to elevate their privileges to the root level...

The vulnerability of the Mullvad VPN client, related to deficiencies in access control, allows attackers to enhance their privileges.

The vulnerability of the Mullvad VPN client is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the ImageSpec::metadata_val() function in the src/libOpenImageIO/formatspec.cpp module of the OpenImageIO library allows a attacker to cause a service failure.

The vulnerability of the ImageSpec::metadataval function in the src/libOpenImageIO/formatspec.cpp module of the OpenImageIO library is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the HTTPS protocol implementation in ConneXium Network Manager’s software for network management allows a perpetrator to carry out a “man-in-the-middle” attack.

The vulnerability of the HTTPS protocol implementation in ConneXium Network Manager software relates to the use of files and directories accessible to external parties. Exploiting this vulnerability could allow a malicious actor to carry out a “man-in-the-middle” attack...

The vulnerability of the SAML (Security Assertion Markup Language) technology in the PAN-OS operating system allows a perpetrator to increase their privileges.

The vulnerability of the SAML Security Assertion Markup Language technology in the PAN-OS operating system is related to improper session management. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...

The vulnerability of ConneXium Network Manager software, related to insufficient validation of input data, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of ConneXium Network Manager software relates to insufficient verification of input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the CoreAudio component in operating systems such as MacOS Sequoia, tvOS, visionOS, iOS, and iPadOS allows a hacker to execute arbitrary code.

The vulnerability of the CoreAudio component in MacOS Sequoia, tvOS, visionOS, iOS, and iPadOS relates to reading beyond the buffer boundary in memory. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

The vulnerability of the CLI interface of HPE Aruba Networking Access Point software allows a perpetrator to execute arbitrary code.

The vulnerability of the CLI interface of HPE Aruba Networking Access Point software relates to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted packets to the UDP port...

Vulnerability of the cgiSysScheduleRebootSet() function (Program:/bin/httpd) in Tenda W12 and i24 router microprogramming systems, allowing a hacker to execute arbitrary code

The vulnerability of the cgiSysScheduleRebootSet function Program:/bin/httpd in the Tenda W12 and i24 router microprogramming systems is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to execute arbitrary code during the processing of the rebootDate...

The vulnerability of the cgiPingSet() function (Program:/bin/httpd) in the Tenda W12 and i24 router microprogramming software allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the cgiPingSet function Program:/bin/httpd in the Tenda W12 and i24 router microprogramming systems is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

Vulnerability of the cgiSysUplinkCheckSet() function (Program:/bin/httpd) in Tenda W12 and i24 router microsoftware, allowing a hacker to execute arbitrary code

The vulnerability of the cgiSysUplinkCheckSet function Program:/bin/httpd in the Tenda W12 and i24 router microprogramming systems is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to execute arbitrary code when processing the hostIp1 and hostIp2...

The vulnerability of the CreateProject method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, allowing a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the CreateProject method in the software for managing and monitoring removed objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a...

The vulnerability of the UpdateSmtpSettings method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, allowing a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the UpdateSmtpSettings method in software for managing and monitoring deleted objects in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromise the...

The vulnerability of the VerifyUser method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems of the TeleControl Server Basic allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the VerifyUser method in software for managing and monitoring deleted objects in telemetry and telemechanics systems related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to compromise the confidentiality,...

The vulnerability of the ImportDatabase method in software for managing and monitoring deleted objects in telemetry and telemechanics systems allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the ImportDatabase method in software for managing and monitoring removed objects in telemetry and telemechanics systems related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to compromise the confidentiality,...

The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena lies in the ability to write code beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena lies in the writing beyond buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created DOE file...

The vulnerability of the CloudKit component in iPadOS and macOS operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the CloudKit component in iPadOS and macOS is related to lack of access control. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena arises from reading data beyond the buffer boundaries in memory. This allows a hacker to execute arbitrary code.

The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created DOE file...

The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena, related to errors during initialization of variables, allows a perpetrator to execute arbitrary code.

The vulnerability of the software for discrete event simulation and automation in Rockwell Automation Arena is related to errors during initialization of variables. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created DOE file...

The vulnerability of TP-Link Tapo H200 smart home control software, related to the storage of information in an open manner, allows a intruder to obtain Wi-Fi credentials.

The vulnerability of TP-Link Tapo H200 smart home control software relates to the storage of information in an open manner. Exploiting this vulnerability could allow a intruder to obtain Wi-Fi credentials...

The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena, related to errors during initialization of variables, allows a perpetrator to execute arbitrary code.

The vulnerability of the software for discrete event simulation and automation in Rockwell Automation Arena is related to errors during initialization of variables. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created DOE file...

The vulnerability of the Demon Routing Protocol Daemon (RPD) in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause a service failure.

The vulnerability of the Demon Routing Protocol Daemon RPD in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to insufficient checking of exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the /boafrm/formStaticDHCP file of the Authorization Interface component in D-Link DWR-M961 microprogrammed router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the /boafrm/formStaticDHCP file of the Authorization Interface component in D-Link DWR-M961 routers’ microprogramming software is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

The vulnerability of the UpdateGateways method in the software for managing and monitoring remote devices in telemetering and telemechanics systems allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the UpdateGateways method in the software for managing and monitoring remote devices in telemetering and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to compromise the...

The vulnerability of the RestoreFromBackup method in software for managing and monitoring deleted objects in telemetry and telemechanics systems of the TeleControl Server Basic allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the RestoreFromBackup method in software for managing and monitoring deleted objects in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to compromise the...

The vulnerability of the UpdateUsers method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, allowing a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the UpdateUsers method in software for managing and monitoring removed objects in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to compromise the confidentiality,...

The vulnerability of the UpdateConnectionVariables method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, allowing a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the UpdateConnectionVariables method in software for managing and monitoring deleted objects in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to compromise the...

The vulnerability of the sshd service in the OpenSSH encryption protection mechanism allows a hacker to compromise the integrity of the protected information.

The vulnerability of the sshd service in the OpenSSH encryption protection mechanism is related to a discrepancy between the declared functionality of the DisableForwarding directive in the documentation. Exploiting this vulnerability could allow an attacker to compromise the integrity of the...

The vulnerability of the component “koko” in the security audit system for the operation and maintenance of JumpServer, which allows a perpetrator to obtain a cluster token from Kubernetes.

The vulnerability of the koko component in the system for auditing security operations and maintenance of JumpServer is related to improper privilege assignment. Exploiting this vulnerability allows a malicious actor, operating remotely, to obtain a Kubernetes cluster token...

The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit, related to the occurrence of operations outside the buffer in memory, allows attackers to trigger a service failure.

The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by processing or loading specially created web...

The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena lies in the ability to write code beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena lies in the writing beyond buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created DOE file...

The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in their inadequate authentication procedures, which allow attackers to escalate their privileges.

The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to deficiencies in authentication procedures. Exploiting these vulnerabilities can allow attackers to enhance their privileges...

The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena, related to errors during initialization of variables, allows a perpetrator to execute arbitrary code.

The vulnerability of the software for discrete event simulation and automation in Rockwell Automation Arena is related to errors during initialization of variables. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created DOE file...

The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in their lack of access control mechanisms. This allows attackers to circumvent existing security restrictions.

The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to deficiencies in access control. Exploiting these vulnerabilities can allow attackers to bypass existing security restrictions...

The vulnerability of the pgAdmin 4 database management tool, related to the lack of authentication, allows a hacker to bypass the authentication checks and execute arbitrary code.

The vulnerability of the pgAdmin 4 database management tool is related to the absence of authentication. Exploiting this vulnerability allows a malicious actor to bypass authentication checks and execute arbitrary code...

The vulnerability in the virtual learning environment Moodle, related to the manipulation of cross-site requests, allows a hacker to perform a CSRF attack.

The vulnerability in the virtual learning environment Moodle is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to perform a CSRF attack remotely...

The vulnerability of the parse_pre function in the ps-pdf.cxx component of the HTMLDOC document conversion tool allows a attacker to cause a service failure.

The vulnerability of the parsepre function in the ps-pdf.cxx component of the HTMLDOC conversion tool is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows an attacker to cause service interruptions...

The vulnerability of the parse_paragraph function in the ps-pdf.cxx component of the HTMLDOC document conversion tool allows a attacker to cause a service failure.

The vulnerability of the parseparagraph function in the ps-pdf.cxx component of the HTMLDOC document conversion tool is related to writing beyond buffer boundaries. Exploiting this vulnerability allows an attacker to trigger a service failure remotely...

The vulnerability of the convert() and queryConvert() functions in the collections of POCO libraries for the C++ programming language allows a hacker to execute arbitrary code.

The vulnerability of the convert and queryConvert functions in POCO mobile phones is related to integer overflow. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

The vulnerability of the UpdateOpcSettings method in the software for managing and monitoring removed objects in telemetry and telemechanics systems, allowing a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the UpdateOpcSettings method in the software for managing and monitoring removed objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allo...

The vulnerability of the UpdateBufferingSettings method in the software for managing and monitoring removed objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the UpdateBufferingSettings method in software for managing and monitoring removed objects in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromise th...

The vulnerability of the UpdateTcmSettings method in the software for managing and monitoring removed objects in telemetering and telemechanics systems allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the UpdateTcmSettings method in the software for managing and monitoring removed objects in telemetering and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to compromise the...

The vulnerability of the Authenticate method in software for managing and monitoring remote objects in telemetry and telemechanics systems, allowing a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Authenticate method in software for managing and monitoring remote objects in telemetry and telemechanics systems related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromise the...

The vulnerability of the CreateTrace method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, allowing a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the CreateTrace method in software for managing and monitoring deleted objects in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to compromise the confidentiality,...

The vulnerability of the UpdateProjectConnections method in the software for managing and monitoring removed objects in telemetry and telemechanics systems, allowing a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the UpdateProjectConnections method in the software for managing and monitoring removed objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerabili...

The vulnerability of the save() function in the HAX CMS PHP content management system allows a hacker to download files with the required extension and execute arbitrary code.

The vulnerability of the save function in the HAX CMS PHP content management system is related to the ability to download files of a dangerous type without limitation. Exploiting this vulnerability allows an attacker to remotely download files with the required extensions and execute arbitrary co...