74701 matches found
The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena arises from reading data beyond the buffer boundaries in memory. This allows a hacker to execute arbitrary code.
The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created DOE file...
The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena lies in the ability to write code beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.
The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena lies in the writing beyond buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created DOE file...
The vulnerability of software platforms for developing and managing online stores like Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in their susceptibility to cross-site requests forgery attacks. This allows attackers to cause service failures.
The vulnerabilities of software platforms for developing and managing online stores like Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to the exploitation of cross-site requests. Exploiting these vulnerabilities can allow attackers to trigger service interruptions throug...
The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in their lack of access control mechanisms. This allows attackers to circumvent existing security restrictions.
The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to deficiencies in access control. Exploiting these vulnerabilities can allow attackers to bypass existing security restrictions...
The vulnerability of the Packet Forwarding Engine (PFE) module in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a hacker to trigger a service failure.
The vulnerability of the Packet Forwarding Engine PFE module in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to memory release errors. Exploiting this vulnerability can allow a malicious actor to trigger service failures using specially created ARP packets in the...
The vulnerability of the ColdFusion software platform is related to insufficient validation of input data, which allows attackers to circumvent existing security restrictions.
The vulnerability of the ColdFusion software platform is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions using a specially created file...
The vulnerability of the ColdFusion software platform, which arises due to the lack of measures taken to protect the website structure, allows attackers to carry out cross-site scripting attacks.
The vulnerability of the ColdFusion software platform exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created link...
The vulnerability of the Packet Forwarding Engine (PFE) module in Junos OS routers of the MX series allows a hacker to cause a service failure.
The vulnerability of the Packet Forwarding Engine PFE module in Junos OS routers of the MX series is related to memory release errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...
The vulnerability of the Control Protocol Director (l2cpd) in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause a service failure.
The vulnerability of the Control Protocol Director l2cpd in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to type errors in implicit conversions. Exploiting this vulnerability can allow a malicious actor to trigger a service failure by sending a specially crafted LL...
The vulnerability of the Demon Routing Protocol Daemon (RPD) in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause a service failure.
The vulnerability of the Demon Routing Protocol Daemon RPD in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to the swapping of pointers that have expired. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of the Demon Routing Protocol Daemon (RPD) in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause a service failure.
The vulnerability of the Demon Routing Protocol Daemon RPD in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to insufficient checking of exceptional states. Exploiting this vulnerability can allow an attacker to cause a service failure when the “show bgp neighbor”...
The vulnerability of the user interface of Juniper Networks’ Junos OS and Junos OS Evolved systems allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the user interface of Juniper Networks’ Junos OS and Junos OS Evolved lies in the insufficient protection of operational data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information by executing a specific command like “show...
The vulnerability of the Demon Routing Protocol Daemon (RPD) in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause a service failure.
The vulnerability of the Demon Routing Protocol Daemon RPD in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to insufficient handling of exceptional states. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of the Sampling Route Record Daemon (SRRD) in the Juniper Networks Junos OS operating system allows a hacker to cause a service failure.
The vulnerability of the Sampling Route Record Daemon SRRD in the Juniper Networks Junos OS operating system is related to a lack of mechanisms for encoding or shielding outgoing data. Exploiting this vulnerability can allow a malicious actor to trigger a service failure...
The vulnerability of the setNetworkDiag function in TOTOLINK CA300-PoE router microprogramming software allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the setNetworkDiag function in TOTOLINK CA300-PoE router microprogramming systems is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibilit...
The vulnerability of the setNetworkDiag function in TOTOLINK CA300-PoE router microprogramming software allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the setNetworkDiag function in TOTOLINK CA300-PoE router microprogramming software is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibili...
The vulnerability of the setRebootScheCfg function in the microprogrammed routing software of TOTOLINK CA300-PoE allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the setRebootScheCfg function in TOTOLINK CA300-PoE router microprogramming systems is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability can allow an attacker, operating remotely, to compromise the confidentiality,...
The vulnerability of the setNetworkDiag function in TOTOLINK CA300-PoE router microprogramming software allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the setNetworkDiag function in TOTOLINK CA300-PoE router microprogramming software is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibili...
The vulnerability of FortiWeb web applications’ network firewalls, related to improper handling of user actions, allows attackers to perform arbitrary operations on other administrators’ toolbars.
The vulnerability of FortiWeb web applications’ network firewalls is related to improper handling of user actions. Exploiting this vulnerability allows a malicious actor to perform arbitrary operations on other administrators’ toolbars using specially created requests...
The vulnerability of Fortinet’s software products lies in the insufficient restriction of communication channels for specific endpoints, which allows attackers to carry out MITM attacks.
The vulnerability of Fortinet software products is related to insufficient restrictions on communication channels for specified endpoints. Exploiting this vulnerability allows a remote attacker to carry out a Middleware-In-The-Middle MITM attack...
The vulnerability of the Adobe Media Encoder application, related to buffer overflow in dynamic memory, allows an attacker to execute arbitrary code.
The vulnerability of the Adobe Media Encoder application relates to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the Adobe Media Encoder application, related to writing beyond the buffer boundaries in memory, allows a perpetrator to execute arbitrary code.
The vulnerability of the Adobe Media Encoder application relates to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the Adobe Bridge file manager, related to buffer overflows in dynamic memory, allows an attacker to execute arbitrary code.
The vulnerability of the Adobe Bridge file manager is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
Vulnerabilities of functions gpio_rcar_configInterruptInputMode(), gpio_rcar_configGeneralInputOutputMode(), gpio_rcar_get_multiple(), gpio_rcar_set(), gpio_rcar_set_multiple(), and gpio_rcar_probe() in the Linux kernel’s drivers/gpio/gpio_rcar.c file, which allow a attacker to cause a service failure
The vulnerabilities of the functions gpiorcarconfigInterruptInputMode, gpiorcarconfigGeneralInputOutputMode, gpiorcargetmultiple, gpiorcarset, gpiorcarsetmultiple, and gpiorcarprobe drivers/gpio/gpiorcar.c in the Linux kernel are related to insufficient locking. Exploitation of these...
Vulnerabilities of functions do_migrate_range() (mm/memory_hotplug.c), get_hwpoison_page(), unmap_poisoned_folio(), and hwpoison_user_mappings() (mm/memory-failure.c) in the Linux operating system’s kernel, which allow a malicious actor to trigger a service failure
The vulnerabilities of the functions domigraterange mm/memoryhotplug.c, gethwpoisonpage, unmappoisonedfolio, and hwpoisonusermappings mm/memory-failure.c in the Linux kernel are related to resource management errors. Exploitation of these vulnerabilities could allow an attacker to cause service...
Vulnerability of functions drm_fbdev_dma_helper_fb_dirty(), drm_fbdev DMA_driver_fbdev_probe_tail(), and drm_fbdev DMA_driver_fbdev_probe() (drivers/gpu/drm/drm_fbdev_dma.c) in the Linux kernel, allowing a hacker to cause service failure
The vulnerabilities of the functions drmfbdevdmahelperfbdirty, drmfbdev DMAdriverfbdevprobetail, and drmfbdev DMAdriverfbdevprobe drivers/gpu/drm/drmfbdevdma.c in the Linux kernel are related to the use of a null pointer dereferencing. Exploitation of these vulnerabilities could allow an attacker...
The vulnerability of the software for managing and monitoring remote devices in telemetry and telemechanics systems, related to the lack of measures taken to protect the SQL query structure, allows a perpetrator to execute arbitrary SQL queries.
The vulnerability of software for managing and monitoring remote devices in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...
The vulnerability of the software for managing and monitoring remote devices in telemetry and telemechanics systems, related to the lack of measures taken to protect the SQL query structure, allows a perpetrator to execute arbitrary SQL queries.
The vulnerability of software for managing and monitoring remote devices in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...
The vulnerability of the software for managing and monitoring remote devices in telemetry and telemechanics systems, related to the lack of measures taken to protect the SQL query structure, allows a perpetrator to execute arbitrary SQL queries.
The vulnerability of software for managing and monitoring remote devices in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...
The vulnerability of the software for managing and monitoring remote devices in telemetry and telemechanics systems, related to the lack of measures taken to protect the SQL query structure, allows a perpetrator to execute arbitrary SQL queries.
The vulnerability of software for managing and monitoring remote devices in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...
The vulnerability of Zoom Apps software products, related to the use of memory after it is freed, allows a hacker to trigger a service failure.
The vulnerability of Zoom Apps software products is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...
The vulnerability of the SAP NetWeaver Application Server ABAP software integration platform, related to deficiencies in the authentication process, allows attackers to compromise the confidentiality of protected information.
The vulnerability of the SAP NetWeaver Application Server ABAP software integration platform is related to deficiencies in the authentication process. Exploiting this vulnerability allows an attacker to compromise the confidentiality of the protected information...
The vulnerability of the OData protocol implementation in SAP S4CORE Entity software allows unauthorized access to protected information.
The vulnerability of the OData protocol implementation in SAP S4CORE Entity software is related to deficiencies in displaying hidden user fields. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the RFC Enabled Function Module component in software integration platforms such as SAP NetWeaver and ABAP Platform arises from deficiencies in authentication procedures, allowing unauthorized access to protected information.
The vulnerability of the RFC Enabled Function Module in software integration platforms such as SAP NetWeaver and ABAP Platform is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected...
The vulnerability of SAP ERP BW Business Content software-related software for managing business processes arises from improper code generation, allowing attackers to execute arbitrary code.
The vulnerability of SAP ERP BW Business Content software-related business process management software is related to incorrect code generation. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the SAP KMC WPC knowledge management business application, related to deficiencies in the authentication process, allows unauthorized users to gain unauthorized access to protected information.
The vulnerability of the SAP KMC WPC knowledge management business application is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the SAP NetWeaver Application Server ABAP software integration platform, related to the lack of measures for cleaning input data, allows attackers to execute cross-site scripting attacks (XSS).
The vulnerability of the software for developing and executing applications in the ABAP language of SAP NetWeaver Application Server is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS...
The vulnerability of the SAP Commerce Cloud platform, related to the transmission of critical information in open text, allows attackers to disclose protected information.
The vulnerability of the SAP Commerce Cloud e-commerce platform lies in the transmission of critical information in plaintext. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...
The vulnerability of the formWifiBasicSet() function in the microprogramming software for Tenda AC15 routers allows a hacker to induce a service failure.
The vulnerability of the formWifiBasicSet function in the Tenda AC15 router’s microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of the delWewifiPic() function in the Tenda W18E router software allows a hacker to deliver specially created data to the application and execute arbitrary code.
The vulnerability of the delWewifiPic function in the Tenda W18E router software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a remote attacker to deliver specially crafted data to the application and execute arbitrary code...
The vulnerability of the form_fast_setting_wifi_set() function (/goform/fast_setting_wifi_set) in the Tenda AC6 router’s microprogramming software allows a hacker to trigger a service failure.
The vulnerability of the formfastsettingwifiset function /goform/fastsettingwifiset in the Tenda AC6 router’s microprogramming software is related to buffer overflow in the stack when processing the timeZone parameter. Exploiting this vulnerability could allow a remote attacker to cause a service...
The vulnerability of the WinZip archive processor relates to the inclusion of a function for processing tags from an unreliable source within the software. This allows attackers to bypass Windows security mechanisms and execute arbitrary code.
The vulnerability of the WinZip archive processor is related to the inclusion of a function for processing “MotW” tags in the software. Exploiting this vulnerability allows an attacker to bypass Windows security mechanisms and execute arbitrary code during the decompression of an archive that...
The vulnerability of the S_do_trans_invmap() function in the Perl programming language allows a hacker to trigger a service failure.
The vulnerability of the Sdotransinvmap function in the Perl programming language is related to buffer overflows in dynamic memory. Exploiting this vulnerability could allow an attacker to cause a service failure by sending specially crafted characters to the tr/../../ operator...
The vulnerability of registrars (self-checking devices) GX10, GX20, GP10, GP20, DX1000, DX2000, DX1000N, FX1000, DX1000T, DX2000T, CX1000, CX2000, R10000, and R20000, data collection systems, and data collection devices MW100 manufactured by Yokogawa lies in the possibility of initializing the authentication function with a default unsafe value, allowing unauthorized access to the device by intruders.
The vulnerability of the GX10, GX20, GP10, GP20, DX1000, DX2000, DX1000N, FX1000, DX1000T, DX2000T, CX1000, CX2000, R10000, and R20000 registrators, as well as the GM data collection systems and MW100 data collection devices manufactured by Yokogawa, is related to the possibility of initializing...
Vulnerability eliminated
...
Vulnerability eliminated
...
Vulnerability eliminated
...
The vulnerability of the Red Shield VPN client, related to insecure management of privileges, allows a hacker to elevate their own privileges.
The vulnerability of the Red Shield VPN client client is related to insecure management of privileges. Exploiting this vulnerability could allow attackers to enhance their privileges...
The vulnerability of the PHP library TCPDF, related to incorrect pathname restrictions for restricted access directories, allows attackers to gain unauthorized access to protected information.
The vulnerability of the PHP library TCPDF lies in the incorrect path limitation for the access to the restricted directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the PHP library TCPDF, related to incorrect pathname restrictions for restricted access directories, allows attackers to gain unauthorized access to protected information.
The vulnerability of the PHP library TCPDF lies in the incorrect path limitation for the access to the restricted directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...