314 matches found
The vulnerability of the Windows operating system’s Storage Management Provider component allows a hacker to gain unauthorized access to protected information.
The vulnerability of the Windows operating system’s Storage Management Provider component is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
Schneider Electric Modicon Controllers 跨站脚本漏洞
Schneider Electric Modicon Controllers are a series of Modicon series programmable logic controllers from Schneider Electric, France. A cross-site scripting vulnerability exists in Schneider Electric Modicon Controllers that originates from improper input neutralization during web page generation...
CVE-2024-24942
In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives...
CVE-2024-23261
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.4, macOS Ventura 13.6.8. An attacker may be able to read information belonging to another user...
CVE-2023-22055
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.7.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...
CVE-2023-22105
Vulnerability in the BI Publisher product of Oracle Analytics component: Web Server. Supported versions that are affected are 6.4.0.0.0 and 7.0.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise BI Publisher. Successful attacks requir...
CVE-2023-21960
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server...
CVE-2023-21992
Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft component: Administer Workforce. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...
CVE-2023-5465
The Popup with fancybox plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 3.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2021-2448
Vulnerability in the Oracle Financial Services Crime and Compliance Investigation Hub product of Oracle Financial Services Applications component: Reports. The supported version that is affected is 20.1.2. Difficult to exploit vulnerability allows high privileged attacker with logon to the...
The vulnerability of the Web Threat Defense (WTD.sys) driver for Windows operating systems allows a perpetrator to trigger a service failure.
The vulnerability of the Web Threat Defense WTD.sys driver for Windows operating systems is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
CVE-2024-51445
CVE-2024-51445 affects Siemens Polarion: Polarion V2310 (All versions) and Polarion V2404 (All versions
openjdk: Improve compiler transformations (Oracle CPU 2025-04)
Vulnerability in Oracle Java SE component: Compiler. Supported versions that are affected are Oracle Java SE: 21.0.6, 24; Oracle GraalVM for JDK: 21.0.6 and 24. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java...
Qualcomm Chipsets 安全漏洞
Qualcomm Chipsets are a family of chipsets from Qualcomm, an American company. A security vulnerability exists in Qualcomm Chipsets that originates from a memory corruption that occurs when reading data from an EEPROM copy...
Areal Topkapi 跨站脚本漏洞
AREAL Topkapi, a multi-sector solution from the French company AREAL, is an innovative software platform that provides functionality far beyond the traditional capabilities of SCADA software. A cross-site scripting vulnerability exists in Areal Topkapi that originates from a cross-site scripting...
The vulnerability of the cuobjdump software tool for parallel computing on NVIDIA CUDA GPUs allows a hacker to trigger a service failure.
The vulnerability of the cuobjdump software tool for parallel computing on NVIDIA CUDA GPUs involves reading data beyond the allowable range in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...
CVE-2025-1223
CVE-2025-1223 affects Citrix Secure Access Client for Mac. The Citrix bulletin and related feeds indicate local-privilege escalation where an attacker can gain application privileges to modify or read data. Affected versions are Citrix Secure Access Client for Mac before 25.01.2. Recommended reme...
PT-2025-6859 · Citrix · Citrix Secure Access Client For Mac
Name of the Vulnerable Software and Affected Versions: Citrix Secure Access Client for Mac affected versions not specified Description: An attacker can gain application privileges to perform limited modification and/or read arbitrary data. Recommendations: At the moment, there is no information...
GNU GRUB 缓冲区错误漏洞
GNU GRUB is a Linux system boot program from the GNU community. A buffer overflow vulnerability exists in GNU GRUB. The vulnerability stems from the romsfs module containing an integer overflow issue when handling symbolic links, resulting in a heap-based out-of-bounds write when reading data. No...
mysql: Client: mysqldump unspecified vulnerability (CPU Apr 2024)
A flaw was found in the MySQL Server product of Oracle MySQL component: Client: mysqldump. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can resul...