Envoy 代码问题漏洞

Envoy is an open source distributed proxy server. A code issue vulnerability exists in the Envoy functionality that stems from an invalid state transition from CLOSED to DRAINING in the same I/O event...

IEC104 代码问题漏洞

IEC104 is an international standard of the International Electrotechnical Commission IEC standards organization widely used in the electric power, urban rail transit and other industries. A code issue vulnerability exists in IEC104 v1.0, which can be exploited by an attacker to cause a denial of...

Aveva SuiteLink Server 代码问题漏洞

Aveva SuiteLink Server is a communication server from AVEVA Aveva UK. A code issue vulnerability exists in AVEVA SuiteLink Server that stems from a null pointer dereference in the SuiteLink Server when the SuiteLink Server processes command 0x07...

Shopware code issue vulnerability (CNVD-2021-63766)

Shopware is a suite of open source e-commerce software from the German company Shopware. versions of Shopware prior to 6.4.3.1 are vulnerable to a code issue that allows an authenticated attacker to upload files via URL to trigger server-side request forgery. No detailed vulnerability details are...

Discourse code issue vulnerability

Discourse is an open source community discussion platform. The platform includes community, email, and chat room features.A code issue vulnerability exists in versions of Discourse prior to 2.7.8 and prior to 2.8.0.beta4. No detailed vulnerability details are currently available...

SAP Business One code issue vulnerability

SAP Business One is a suite of enterprise management software from SAP, a German company. SAP Business One has a code issue vulnerability that stems from insufficient validation when uploading files, which could be exploited to upload any file...

WAL-G 代码问题漏洞

WAL-G is an archive recovery tool for PostgreSQL, MySQL/MariaDB and MS SQL Server MongoDB and Redis beta. A code issue vulnerability exists in WAL-G prior to 1.1, which stems from a lack of checking for the existence of libsodium keys in non-libsodium builds...

Apache OFBiz 代码问题漏洞

Apache OFBiz is the United States Apache Apache Foundation of a set of enterprise resource planning ERP system. The system provides a suite of Java-based Web application components and tools. Apache OFBiz has a security vulnerability that stems from having insecure deserialization mitigation...

SAP NetWeaver 代码问题漏洞

SAP NetWeaver Development Infrastructure is a SAP company that provides a consistent development environment, development team, and support for software development throughout the product lifecycle. A code issue vulnerability exists in SAP NetWeaver Development Infrastructure, which is due to...

Liferay Portal and Liferay DXP code issue vulnerability

Liferay Portal and Liferay DXP are both products of Liferay, a J2EE-based portal solution that uses EJB and JMS technologies and serves as a web publishing and shared workspace, enterprise collaboration platform, social network, etc. Liferay DXP is a digital experience collaboration platform...

DELL EMC PowerScale code issue vulnerability

A code issue vulnerability exists in Dell EMC PowerScale OneFS, a laterally scalable storage system for unstructured data from Dell DELL, U.S.A. The vulnerability stems from improper inspection of anomalies or exceptions. An authenticated attacker with low privileges could exploit the vulnerabili...

Liferay Portal和Liferay DXP 代码问题漏洞

Liferay Portal and Liferay DXP are both products of Liferay, a J2EE-based portal solution that uses EJB and JMS technologies and serves as a web publishing and shared workspace, enterprise collaboration platform, social network, etc. Liferay DXP is a digital experience collaboration platform...

Dell Technologies Dell PowerScale OneFS代码问题漏洞

Dell PowerScale OneFS is a PowerScale OneFS operating system that provides a horizontally scalable NAS. Dell PowerScale OneFS has a security vulnerability that could be exploited by an attacker to gain elevated privileges on the system...

多款Qualcomm产品代码问题漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc. and are often manufactured on the surface of semiconductor wafers. A code issue vulnerability exists in Qualcomm chips, which arises from null...

Apache jUDDI code issue vulnerability

Apache jUDDI is a java implementation of UDDI open source package that serves WebServices. jUDDI versions prior to Apache jUDDI 3.3.10 have a code issue vulnerability that can be exploited by attackers to remotely run arbitrary code...

EVlink City, EVlink Parking, EVlink Smart Wallbox code issue vulnerability

Schneider Electric EVlink City and others are a charging solution for electric vehicle charging stations from Schneider Electric France. EVlink City, EVlink Parking, and EVlink Smart Wallbox are vulnerable to a code issue that The vulnerability stems from the fact that when carefully crafted...

3s-smart Software Solutions CODESYS Development System 代码问题漏洞

3s-smart Software Solutions CODESYS Development System is a suite of programming tools for use in the field of industrial controllers and automation technology from 3S-Smart Software Solutions 3s-smart Software Solutions of Germany. A code issue vulnerability exists in CODESYS Development System...

Open-xchange OX App Suite code issue vulnerability (CNVD-2022-28453)

Open-xchange OX App Suite is a set of Web-based cloud desktop environments from Open-Xchange Open-xchange USA. The environment allows users to manage email, tasks, files, etc. more intuitively. A code issue vulnerability exists in Open-xchange OX App Suite, no detailed vulnerability details are...

LearningDigital Orca HCM digital learning platform 代码问题漏洞

LearningDigital Orca HCM digital learning platform is a digital learning platform from China's LearningDigital. The Orca HCM digital learning platform suffers from a code issue vulnerability that stems from specific parameters of the platform's upload function that do not filter file formats,...

Juniper Networks Junos OS Code Issue Vulnerability (CNVD-2021-53343)

Juniper Networks Junos OS is a network operating system from Juniper Networks, Inc. that is specific to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. Junos OS is vulnerable to a code issue that stems from the use of a resource publ...