Apache CXF 安全漏洞

Apache CXF is an open-source web service framework developed by the Apache Foundation in the United States. This framework supports various web service standards and multiple front-end programming APIs. There are security vulnerabilities in Apache CXF; these vulnerabilities arise from incomplete...

Linbit csync2 安全漏洞

Linbit csync2 is a cluster synchronization tool developed by the Austrian company Linbit. It is primarily used to keep files synchronized across multiple hosts within a cluster. Linbit csync2 has a security vulnerability that stems from the use of insecure temporary directories during compilation...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the misleading naming of the copyusernocache function in the x86-64 architecture. This function...

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.1 contained security vulnerabilities. These vulnerabilities stemmed from the PUT request handler in the UDR service, which failed to properly return values after request parsing or...

wolfSSL 安全漏洞

wolfSSL CyaSSL is a small, portable embedded SSL programming library developed by the American company wolfSSL, aimed at developers working with embedded systems. wolfSSL has a security vulnerability that stems from an integer underflow issue during the parsing of X.509 certificates, which may le...

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Vulnerabilities exist in versions of Apple macOS such as Sequoia 15.7.5, Sonoma 14.8.5, and Tahoe 26.4. These vulnerabilities stem from permission issues, which may allow applications to modif...

SQLite 安全漏洞

SQLite is a lightweight database developed under the open-source SQLite project. It is an ACID-compliant relational database management system. SQLite versions prior to 3.51.1 have a security vulnerability. This vulnerability stems from the zipfileInflate function in the zipfile extension, which...

Tenda G1 安全漏洞

Tenda G1 is an enterprise-level AP management router produced by the Chinese company Tenda. There is a security vulnerability in Tenda G1, which stems from hard-coded passwords in the /etc/ro/shadow file. This vulnerability could allow attackers to log in as root...

SQLE 安全漏洞

SQLE is an ActionTech open source database. A security vulnerability exists in SQLE version 4.2511.0 and earlier, which stems from incorrect manipulation of the parameter JWTSecretKey in the file sqle/utils/jwt.go, which could result in the use of a hard-coded key...

RealDefense SUPERAntiSpyware 安全漏洞

RealDefense SUPERAntiSpyware is a security tool for detecting and removing malware from RealDefense USA. A security vulnerability exists in RealDefense SUPERAntiSpyware that stems from SAS Core Service exposing dangerous functions that could lead to local elevation of privilege...

SGWBox N3 命令注入漏洞

SGWBox N3 is a network storage device from China's Pickup Dock SGWBox. A command injection vulnerability exists in SGWBox N3 version 2.0.25, which stems from incorrect manipulation of the parameter params in the file /usr/sbin/httpeshellserver, which could lead to command injection...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly cleaning up the IPcomp tunnel state, which could lead to a memory leak...

school-management-system 代码问题漏洞

school-management-system is a school management system developed in PHP for schools or small organizations by Shubham kumar individual developer. A code issue vulnerability exists in school-management-system, which stems from the incorrect manipulation of the parameter File in the file...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unchecked krealloc return value in the ext4fcrecordregions function, which could lead to a memory leak...

Linkr 安全漏洞

Linkr is a file transfer system by the individual developer Mohammad Zain. A security vulnerability exists in Linkr version 2.0.0 and earlier, which stems from failure to validate the integrity and authenticity of .linkr manifest files, and could lead to arbitrary file injection and remote code...

Yarn 安全漏洞

Yarn is an open source package installation, management tool from Yarn Open Source. A security vulnerability exists in Yarn 1.22.22 and earlier versions that stems from insufficient regular expression complexity...

my-site 安全漏洞

my-site is WinterChenS individual developer's personal website based on springboot2.0 development, integrated: personal home page, personal blog, personal works. A security vulnerability exists in my-site v1.0.2, which stems from improper access control of the preHandle function in the...

mcp-cli 安全漏洞

mcp-cli is a model context protocol checker for Wong2 Personal Developer. A security vulnerability exists in mcp-cli version 1.13.0, which stems from an incorrect operation of the function redirectToAuthorization in the file /src/oauth/provider.js resulting in os command injection...

Intel oneAPI Toolkits 代码问题漏洞

Intel oneAPI Toolkits is a set of core tools and libraries from Intel Corporation USA. It is used to develop high-performance, data-centric applications across different architectures. A code issue vulnerability exists in Intel oneAPI Toolkits that stems from an uncontrolled search path that coul...

Anheng Mingyu Security Gateway 安全漏洞

Anheng Mingyu Security Gateway is a security gateway from the Chinese company Anheng. A security vulnerability exists in Anheng Mingyu Security Gateway versions prior to v3.0-5.3p, which originates from a remote command execution vulnerability in the logtype parameter in /log/fwsecurity.mds...