Bently Nevada condition monitoring equipment through 2022-04-29 mishandles authentication. It utilizes the TDI command and data protocols (60005/TCP, 60007/TCP)... weiterlesen

Insufficient data validation in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass content security policy via a crafted... weiterlesen

JTEKT TOYOPUC PLCs through 2022-04-29 do not ensure data integrity. They utilize the unauthenticated CMPLink/TCP protocol for engineering purposes, including... weiterlesen

Inappropriate implementation in Web Contents in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to leak cross-origin data via a crafted... weiterlesen

Out of bounds memory access in UI Shelf in Google Chrome on Chrome OS, Lacros prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap... weiterlesen

Use after free in Bookmarks in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct... weiterlesen

Use after free in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct... weiterlesen

... weiterlesen

Type confusion in V8 in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to obtain potentially sensitive information from process memory... weiterlesen

Heap buffer overflow in WebGPU in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who had compromised the renderer process to potentially... weiterlesen

Insufficient data validation in Blink Editing in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to inject arbitrary scripts or HTML via... weiterlesen

Use after free in SwiftShader in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML... weiterlesen

Inappropriate implementation in Extensions API in Google Chrome prior to 101.0.4951.41 allowed an attacker who convinced a user to install a malicious... weiterlesen

... weiterlesen

Use after free in Ozone in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via running a Wayland... weiterlesen

Type confusion in V8 Turbofan in Google Chrome prior to 100.0.4896.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML... weiterlesen

Use after free in File System API in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted... weiterlesen

Use after free in Browser Switcher in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific user interaction... weiterlesen

Inappropriate implementation in WebGL in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted... weiterlesen

Use after free in Sharing in Google Chrome on Mac prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific user interaction... weiterlesen

Heap buffer overflow in Web UI Settings in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a... weiterlesen

In Zoho ManageEngine SupportCenter Plus before 11023, V3 API requests are vulnerable to authentication bypass. (An API request may, in effect, be executed... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash... weiterlesen

A memory leak flaw was found in the Linux kernel in acrn_dev_ioctl in the drivers/virt/acrn/hsm.c function in how the ACRN Device Model emulates virtual... weiterlesen

... weiterlesen

A vulnerability was found in GD Library 2.1.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file gd_gd2.c.... weiterlesen

A vulnerability was found in Wireshark up to 2.0.2. It has been classified as problematic. Affected is an unknown function of the file epan/dissectors/packet-mswsp.c... weiterlesen

A vulnerability classified as problematic was found in Wireshark up to 1.12.10/2.0.2. Affected by this vulnerability is an unknown functionality of the... weiterlesen

Pandora FMS v7.0NG.760 and below allows a relative path traversal in File Manager where a privileged user could upload a .php file outside the intended... weiterlesen

IBM Security Verify Information Queue 10.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized... weiterlesen

IBM Sterling Partner Engagement Manager 6.1, 6.2, and Cloud 22.2 do not limit the length of a connection which could cause the server to become unresponsive.... weiterlesen

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a user with access to the local host (client machine) to obtain a login access token.... weiterlesen

In Zoho ManageEngine SupportCenter Plus before 11023, V3 API requests are vulnerable to authentication bypass. (An API request may, in effect, be executed... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_bcode_commit()... weiterlesen

... weiterlesen

... weiterlesen

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_string_char_code_at()... weiterlesen

... weiterlesen

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow in json_parse_array() in... weiterlesen

... weiterlesen

... weiterlesen

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in getprop_builtin_foreign()... weiterlesen

A vulnerability was found in BlackBerry Enterprise Server BES up to 12.4.0. It has been rated as problematic. This issue affects some unknown processing... weiterlesen

By using warp-cli subcommands (disable-ethernet, disable-wifi), it was possible for a user without admin privileges to bypass configured Zero Trust security... weiterlesen

... weiterlesen

insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_bcode_part_get_by_offset()... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

A vulnerability was found in BlackBerry Enterprise Server BES up to 12.4.0 and classified as problematic. Affected by this issue is some unknown functionality... weiterlesen

A vulnerability has been found in BlackBerry Enterprise Server BES up to 12.4.0 and classified as problematic. Affected by this vulnerability is an unknown... weiterlesen

A vulnerability was found in Adobe Flash Player. It has been classified as critical. Affected is an unknown function of the component TextField Handler.... weiterlesen

A vulnerability has been found in Accuenergy Acuvim II NET and Acuvim IIR NET 3.08 and classified as problematic. Affected by this vulnerability is an... weiterlesen

A vulnerability, which was classified as problematic, has been found in systemd. This issue affects some unknown processing of the file tmpfiles.d/systemd.conf.... weiterlesen

A vulnerability was found in Oracle Berkeley DB up to 12.1.6.1.26. It has been classified as critical. Affected is an unknown function of the component... weiterlesen

A vulnerability was found in Oracle Berkeley DB up to 12.1.6.1.26 and classified as critical. This issue affects some unknown processing of the component... weiterlesen

A vulnerability has been found in Oracle Berkeley DB up to 12.1.6.1.26 and classified as critical. This vulnerability affects unknown code of the component... weiterlesen

A vulnerability, which was classified as critical, was found in Oracle Berkeley DB up to 12.1.6.1.26. This affects an unknown part of the component DataStore.... weiterlesen

Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to access the content of internal network... weiterlesen

untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts XML external entity references.... weiterlesen

untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts recursive entity references... weiterlesen

Open redirect vulnerability in Booked versions prior to 3.3 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct... weiterlesen

... weiterlesen

... weiterlesen

A vulnerability, which was classified as critical, has been found in Oracle MySQL Server up to 5.6.28/5.7.10. This issue affects some unknown processing... weiterlesen

A vulnerability was found in Oracle Sun Ray Software 11.1 and classified as critical. This issue affects some unknown processing of the component Sun... weiterlesen

A vulnerability classified as critical has been found in Oracle Solaris 10. Affected is an unknown function of the component Kernel. The manipulation... weiterlesen

A vulnerability, which was classified as critical, has been found in Oracle MySQL Server up to 5.7.10. Affected by this issue is some unknown functionality... weiterlesen