Trend Micro Apex One Uncontrolled Search Path Element Vulnerability

Trend Micro Apex One is a suite of endpoint security protection software from Trend Micro that provides automated threat detection and response capabilities. Trend Micro Apex One suffers from a code issue vulnerability that stems from the application allowing the inclusion of libraries from the...

Incorrect usage of typecasting in burn lets an attacker corrupt the pool state

Handle broccoli Vulnerability details Impact In the burn function of ConcentratedLiquidityPool, when calling updatePosition, the amount of liquidity to burn is explicitly converted from uint128 to int128, which could result in a positive integer if amount is larger than 1 127 and less than 1 128...

Red Hat Jboss Enterprise Application Platform 7 代码问题漏洞

Red Hat Jboss Enterprise Application Platform 7 Red Hat Jboss Eap 7 is a middleware platform built on open standards and compatible with the Java Ee 7 specification from Red Hat USA. A code issue vulnerability exists in Red Hat JBoss Enterprise Application Platform 7 Artemis that stems from the...

多款Qualcomm产品代码问题漏洞

The Qualcomm QCA6574AU and others are products of Qualcomm Incorporated Qualcomm, U.S.A. The QCA6574AU is a central processing unit CPU product.The SD 636 is a central processing unit CPU product.The SDM630 is a central processing unit CPU product.The SDM630 is a central processing unit CPU...

Monstra CMS 代码问题漏洞

Monstra CMS is a lightweight PHP-based content management system CMS from the Ukrainian personal developer Sergey Romanenko.A code issue vulnerability exists in Monstra CMS v3.0.4, which could be exploited by attackers to execute arbitrary web scripts or HTML...

SuiteLink server 代码问题漏洞

Aveva Group SuiteLink Server is a communication server from Aveva Group, a UK-based company. A code issue vulnerability exists in SuiteLink server that stems from the product's mishandling of command 0x01...

WordPress 插件 代码问题漏洞

WordPress Plugin is an open source application plugin for WordPress. A code issue vulnerability exists in the WordPress plugin, which stems from a user-supplied URL request value being invoked by a curl request, making the Telefication plugin susceptible to open proxies and server-side request...

Libxsmm 缓冲区错误漏洞

Libxsmm is a library. for specialized dense and sparse matrix operations as well as deep learning primitives e.g., small convolutions. A security vulnerability exists in libxsmm that stems from JIT code having a heap-based buffer overflow...

owncloud 代码问题漏洞

Owncloud ownCloud is a personal cloud storage solution from the American company ownCloud Owncloud. A code issue vulnerability exists in owncloud that arises from improper design or implementation during code development of a networked system or product...

SAP Business One 代码问题漏洞

SAP Business One is a suite of enterprise management software from SAP, a German company. SAP Business One has a code issue vulnerability that stems from insufficient validation when uploading files, which could be exploited to upload any file...

Linux kernel 代码问题漏洞

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. Linux kernel has a security vulnerability that can be exploited by local attackers to cause a denial of service situation...

Nexus Control Panel Code Issue Vulnerability

Swisslog Healthcare Nexus Panel is a medical device from Swisslog Healthcare. A code download without integrity check vulnerability exists in Nexus Control Panel versions prior to 7.2.5.7. The vulnerability stems from no file validation during the upload of an update. No details of the...

多款Qualcomm产品代码问题漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc., and from time to time are manufactured on the surface of semiconductor wafers. A code issue vulnerability exists in Qualcomm chips that stems fr...

IBM Sterling Partner Engagement Manager 代码问题漏洞

IBM Sterling Partner Engagement Manager is an automated management tool from IBM USA. A code issue vulnerability exists in IBM Sterling Partner Engagement Manager. A remote attacker could exploit the vulnerability to execute arbitrary code on the system by sending specially designed data...

MELSEC-F FX3U-ENET代码问题漏洞

MELSEC-F FX3U-ENET is an Ethernet interface block from mitsubishielectric. A code issue vulnerability exists in the MELSEC-F FX3U-ENET. The vulnerability arises from an improper design or implementation during code development for a network system or product...

CVE-2021-23405

CVE-2021-23405 affects pimcore/pimcore before 10.0.7. Multiple connected sources confirm an SQL injection caused by missing validation on the storeId parameter in ClassificationstoreController’s collectionsActionGet and groupsActionGet. Impact is high (CVSSv3.1: 8.8) with network access and no us...

Mitsubishi Electric Air Conditioning Systems 代码问题漏洞

Mitsubishi Electric Air Conditioning Systems is an air conditioning system from Mitsubishi Electric, a Japanese company. Mitsubishi Electric Air Conditioning Systems has a code issue vulnerability that stems from a flaw in the product's authorization mechanism...

ThinkJS 代码问题漏洞

ThinkJS is a Javascript-based and ES2015-enabled codebase for developing Node applications organized by ThinkJS. A code issue vulnerability exists in ThinkJS's think-helper, which stems from the component accepting input from upper-level groups for object initialization and modification without...

Panasonic FPWIN Pro 代码问题漏洞

Panasonic FPWIN Pro is a controller programming software from Panasonic Corporation Japan. A code issue vulnerability exists in Panasonic FPWIN Pro 7.5.1.1 and earlier versions, which can be exploited by an attacker to disclose information that is accessible within the context of the user executi...

Wordpress Themify 代码问题漏洞

Wordpress Themify is an application plugin. The ability to build any WordPress site faster and easier. A code issue vulnerability exists in Elemin prior to Themify 1.2.2 that allows remote attackers to upload and execute arbitrary PHP code via Themify framework wp-content theme Elemin Themify...