1680 matches found
SQL Injection Vulnerability in MyBatis-Plus
Mybatis-Plus is a MyBatis enhancement toolkit to simplify CRUD operations . MyBatis-Plus suffers from a SQL injection vulnerability. An attacker can exploit this vulnerability to obtain sensitive information...
Unbound Infinite Loop Vulnerability
Unbound is a DNS resolver that supports validation, recursion, and caching features. An infinite loop vulnerability exists in dnamepktcopy in Unbound versions prior to 1.9.5. An attacker can exploit this vulnerability by compressing names to cause an infinite loop...
Unbound Assertion Failure Vulnerability
Unbound is a DNS resolver that supports validation, recursion, and caching features. An assertion failure vulnerability exists in dnamepktcopy in versions of Unbound prior to 1.9.5. An attacker can exploit this vulnerability by compressing names to cause an assertion failure...
Unbound Out-of-Bounds Write Vulnerability
Unbound is a DNS resolver that supports validation, recursion, and caching features. An out-of-bounds write vulnerability exists in rdatacopy in versions of Unbound prior to 1.9.5. An attacker can exploit this vulnerability by compressing names to cause an out-of-bounds write...
Unbound out-of-bounds write vulnerability (CNVD-2021-32623)
Unbound is a DNS resolver that supports validation, recursion, and caching features. An out-of-bounds write vulnerability exists in sldnsbgettokenpar in versions of Unbound prior to 1.9.5. An attacker can exploit this vulnerability to cause an out-of-bounds write...
Google Chrome Extension Security Bypass Vulnerability (CNVD-2021-35165)
Google Chrome is a web browser from Google, an American company. A security vulnerability exists in versions of Google Chrome prior to 90.0.4430.93. An attacker can exploit the vulnerability to bypass navigation restrictions...
Google Chrome Security Bypass Vulnerability (CNVD-2021-35168)
Google Chrome is a web browser from Google, an American company. A security vulnerability exists in V8 in versions prior to Google Chrome 90.0.4430.93. An attacker can exploit this vulnerability to bypass security restrictions...
CVE-2021-21222
Heap buffer overflow in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page...
Buffer overflow vulnerability in multiple Mozilla products (CNVD-2021-49139)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A buffer overflow vulnerability exists in several Mozilla products. An...
Unspecified Vulnerability in Oracle VM VirtualBox (CNVD-2021-33835)
Oracle VM VirtualBox is a powerful cross-platform virtualization software for x86 systems. A security vulnerability exists in the Core component of Oracle VM VirtualBox versions prior to 6.1.20. An attacker can exploit this vulnerability to compromise Oracle VM VirtualBox by logging into the...
Oracle MySQL Server Input Validation Error Vulnerability (CNVD-2021-30886)
Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in the Server: Replication component in Oracle MySQL Server 5.7.32, 8.0.22, and earlier versions. An attacker could exploit this vulnerability to affect availability...
Oracle MySQL Server Input Validation Error Vulnerability (CNVD-2021-30875)
Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in the Server: Group Replication Plugin component in Oracle MySQL Server 5.7.33, 8.0.23, and earlier versions. An attacker could exploit this vulnerability to affect availability...
GPAC memory leak vulnerability (CNVD-2021-30180)
GPAC is a multimedia framework for rich media and distributed under the LGPL license. A memory leak vulnerability exists in the gfhintertracknew function in GPAC version 1.0.1. An attacker can exploit this vulnerability to read memory via specially crafted files...
MGASA-2021-0194 Updated clamav packages fix security vulnerability
The updated packages fix a security vulnerability: A vulnerability in the email parsing module in Clam AntiVirus ClamAV Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability i...
Arbitrary File Deletion Vulnerability in CodeIgniter
CodeIgniter is a PHP framework. CodeIgniter has an arbitrary file deletion vulnerability. An attacker can exploit the vulnerability to delete arbitrary files...
Microsoft Windows and Windows Server Elevation of Privilege Vulnerability (CNVD-2021-29105)
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. An elevation of privilege vulnerability exists in NTFS in Microsoft Windows and Windows...
Microsoft Windows and Windows Server Elevation of Privilege Vulnerability (CNVD-2021-29104)
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. An elevation of privilege vulnerability exists in the Windows Services and Controllers...
SAP NetWeaver AS JAVA cross-site scripting vulnerability (CNVD-2021-29100)
SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A cross-site scripting vulnerability exists in SAP NetWeaver AS JAVA versions 7.10 and 7.11. An attacker can...
Denial of Service Vulnerability in Suntech Cloud QTouch Configuration Software General Edition
QTouch configuration software is a professional cross-platform automation software launched by Wuhan SunTone Intelligent Technology Co. A denial of service vulnerability exists in the general version of SunTouch Cloud QTouch Configuration Software. An attacker can exploit this vulnerability to...
Denial of Service Vulnerability in ABBYY FineReader (CNVD-2021-30853)
ABBYY FineReader is an all-in-one OCR and PDF software application. ABBYY FineReader suffers from a denial of service vulnerability. An attacker can exploit the vulnerability to cause the program to crash...