213680 matches found
Design/Logic Flaw
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is a duplicate of CVE-2024-0193...
Design/Logic Flaw
In Splunk Enterprise Security ES versions below 7.1.2, an attacker can use investigation attachments to perform a denial of service DoS to the Investigation. The attachment endpoint does not properly limit the size of the request which lets an attacker cause the Investigation to become inaccessib...
Design/Logic Flaw
In Splunk Enterprise Security ES versions lower than 7.1.2, an attacker can create a malformed Investigation to perform a denial of service DoS. The malformed investigation prevents the generation and rendering of the Investigations manager until it is deleted.The vulnerability requires an...
Design/Logic Flaw
Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions. Impact summary: If an attacker can influence whether the POLY1305 MAC...
Heap overflow
EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability...
Buffer overflow
A vulnerability was found in Totolink X2000R 1.0.0-B20221212.1452. It has been declared as critical. This vulnerability affects the function formTmultiAP of the file /bin/boa of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The atta...
Improper access control
A vulnerability classified as problematic has been found in Totolink T6 4.1.9cu.5241B20210923. This affects an unknown part of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input showSyslog leads to improper access controls. It is possible to initiate the attac...
Heap overflow
EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability...
Integer overflow
EDK2 is susceptible to a vulnerability in the CreateHob function, allowing a user to trigger a integer overflow to buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability...
Buffer overflow
A buffer overflow vulnerability in TA for Linux and TA for MacOS prior to 5.8.1 allows a local user to gain elevated permissions, or cause a Denial of Service DoS, through exploiting a memory corruption issue in the TA service, which runs as root. This may also result in the disabling of event...
Buffer overflow
A vulnerability was found in Totolink T6 4.1.9cu.5241B20210923. It has been classified as critical. This affects the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument v41 leads to buffer overflow. It is possibl...
Cross site scripting
A stored cross-site scripting XSS vulnerability in Infoblox NIOS v8.5.2-409296 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the VLAN View Name field...
Code injection
A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry folder with a symboli...
Heap overflow
A vulnerability has been identified in Solid Edge SE2023 All versions V223.0 Update 10. The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process...
Race condition
A vulnerability has been identified in SIMATIC CN 4100 All versions V2.7. The affected application allows IP configuration change without authentication to the device. This could allow an attacker to cause denial of service condition...
Null pointer dereference
A vulnerability has been identified in Solid Edge SE2023 All versions V223.0 Update 10. The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current...
Design/Logic Flaw
A vulnerability has been identified in Solid Edge SE2023 All versions V223.0 Update 10. The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted PAR file. This could allow an attacker to execute code in the context of the curre...
Out-of-bounds
A vulnerability has been identified in Solid Edge SE2023 All versions V223.0 Update 10. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the...
Cross site scripting
In JetBrains YouTrack before 2023.3.22666 stored XSS via markdown was possible...
Design/Logic Flaw
A vulnerability has been identified in CP-8031 MASTER MODULE All versions CPCI85 V05.20, CP-8050 MASTER MODULE All versions CPCI85 V05.20. The network configuration service of affected devices contains a flaw in the conversion of ipv4 addresses that could lead to an uninitialized variable being...
Code injection
A vulnerability has been identified in Spectrum Power 7 All versions V23Q4. The affected product's sudo configuration permits the local administrative account to execute several entries as root user. This could allow an authenticated local attacker to inject arbitrary code and gain root access...
Heap overflow
A vulnerability has been identified in Solid Edge SE2023 All versions V223.0 Update 10. The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process...
Heap overflow
A vulnerability has been identified in Solid Edge SE2023 All versions V223.0 Update 10. The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process...
Null pointer dereference
A vulnerability has been identified in Solid Edge SE2023 All versions V223.0 Update 10. The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current...
Out-of-bounds
A vulnerability has been identified in Solid Edge SE2023 All versions V223.0 Update 10. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the...
Stack overflow
A vulnerability has been identified in Solid Edge SE2023 All versions V223.0 Update 10. The affected applications contain a stack overflow vulnerability while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process...
Null pointer dereference
A vulnerability has been identified in Solid Edge SE2023 All versions V223.0 Update 10. The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current...
Design/Logic Flaw
A vulnerability has been identified in SIMATIC CN 4100 All versions V2.7. The "intermediate installation" system state of the affected application allows an attacker to add their own login credentials to the device. This allows an attacker to remotely login as root and take control of the device...
Default credentials
A vulnerability has been identified in SIMATIC CN 4100 All versions V2.7. The "intermediate installation" system state of the affected application uses default credential with admin privileges. An attacker could use the credentials to gain complete control of the affected device...
Out-of-bounds
A vulnerability has been identified in JT2Go All versions V14.3.0.6, Teamcenter Visualization V13.3 All versions V13.3.0.13, Teamcenter Visualization V14.1 All versions V14.1.0.12, Teamcenter Visualization V14.2 All versions V14.2.0.9, Teamcenter Visualization V14.3 All versions V14.3.0.6. The...
Authentication flaw
An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service. This issue affects JetNet devices older than firmware version 2024/01...
Stack overflow
A vulnerability has been identified in JT2Go All versions V14.3.0.6, Teamcenter Visualization V13.3 All versions V13.3.0.13, Teamcenter Visualization V14.1 All versions V14.1.0.12, Teamcenter Visualization V14.2 All versions V14.2.0.9, Teamcenter Visualization V14.3 All versions V14.3.0.6. The...
Design/Logic Flaw
Network port 8899 open in WiFi firmware of BCC101/BCC102/BCC50 products, that allows an attacker to connect to the device via same WiFi network...
Information disclosure
An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables. This issue affects JetNet devices older than firmware version 2024/01...
Stack overflow
A vulnerability has been identified in JT2Go All versions V14.3.0.6, Teamcenter Visualization V13.3 All versions V13.3.0.13, Teamcenter Visualization V14.1 All versions V14.1.0.12, Teamcenter Visualization V14.2 All versions V14.2.0.9, Teamcenter Visualization V14.3 All versions V14.3.0.6. The...
Out-of-bounds
A vulnerability has been identified in Solid Edge SE2023 All versions V223.0 Update 10. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the...
Null pointer dereference
A vulnerability has been identified in JT2Go All versions V14.3.0.6, Teamcenter Visualization V13.3 All versions V13.3.0.13, Teamcenter Visualization V14.1 All versions V14.1.0.12, Teamcenter Visualization V14.2 All versions V14.2.0.9, Teamcenter Visualization V14.3 All versions V14.3.0.6. The...
Design/Logic Flaw
A vulnerability has been identified in SIMATIC IPC1047E All versions with maxView Storage Manager V4.14.00.26068 on Windows, SIMATIC IPC647E All versions with maxView Storage Manager V4.14.00.26068 on Windows, SIMATIC IPC847E All versions with maxView Storage Manager V4.14.00.26068 on Windows. In...
Stack overflow
A stack-based buffer overflow was discovered on TRENDnet TV-IP1314PI 5.5.3 200714 devices, leading to arbitrary command execution. This occurs because of lack of length validation during an sscanf of a user-entered scale field in the RTSP playback function of davinci...
Memory corruption
The Spreadsheet::ParseXLSX package before 0.28 for Perl can encounter an out-of-memory condition during parsing of a crafted XLSX document. This occurs because the memoize implementation does not have appropriate constraints on merged cells...
Command injection
An issue was discovered on TRENDnet TV-IP1314PI 5.5.3 200714 devices. Command injection can occur because the system function is used by davinci to unpack language packs without strict filtering of URL strings...
Stack overflow
Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function...
Command injection
In Appwrite CLI before 3.0.0, when using the login command, the credentials of the Appwrite user are stored in a /.appwrite/prefs.json file with 0644 as UNIX permissions. Any user of the local system can access those credentials...
Design/Logic Flaw
Qualys Jenkins Plugin for WAS prior to version and including 2.0.11 was identified to be affected by a security flaw, which was missing a permission check while performing a connectivity check to Qualys Cloud Services. This allowed any user with login access to configure or edit jobs to utilize t...
Input validation
An issue was discovered in libremotedbg.so on TRENDnet TV-IP1314PI 5.5.3 200714 devices. Filtering of debug information is mishandled during use of popen. Consequently, an attacker can bypass validation and execute a shell command...
Cross site scripting
Qualys Jenkins Plugin for Policy Compliance prior to version and including 1.0.5 was identified to be affected by a security flaw, which was missing a permission check while performing a connectivity check to Qualys Cloud Services. This allowed any user with login access and access to configure o...
Stack overflow
A vulnerability was found in Totolink NR1800X 9.1.0u.6279B20210910 and classified as critical. Affected by this issue is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to stack-based buffer overflow. The attack may be launched remotely. Th...
Design/Logic Flaw
Qualys Jenkins Plugin for Policy Compliance prior to version and including 1.0.5 was identified to be affected by a security flaw, which was missing a permission check while performing a connectivity check to Qualys Cloud Services. This allowed any user with login access to configure or edit jobs...
Cross site request forgery (csrf)
An issue was discovered in savignano S/Notify before 4.0.2 for Jira. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visiting a...
Design/Logic Flaw
An issue was discovered in savignano S/Notify before 4.0.2 for Confluence. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visitin...