Microsoft Hyper-V 资源管理错误漏洞

Microsoft Hyper-V is an application developed by Microsoft Corporation in the United States. It is a system management program that enables desktop virtualization. There is a resource management vulnerability in Microsoft Hyper-V. Attackers can exploit this vulnerability to gain elevated...

Microsoft Windows 缓冲区错误漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A buffer error vulnerability exists in Microsoft Windows. An attacker could exploit this vulnerability to gain elevated privileges. The following products and versions are affected:Window...

EUVD-2025-27980

Malicious code in bioql PyPI...

CVE-2025-10374

A security flaw has been discovered in Shenzhen Sixun Business Management System 7/11. This affects an unknown part of the file /Adm/OperatorStop. Performing manipulation results in improper authorization. The attack is possible to be carried out remotely. The exploit has been released to the...

tomcat11-11.0.10-1.1 on GA media (moderate)

tomcat11-11.0.10-1.1 on GA media Announcement ID: openSUSE-SU-2025:15491-1 Rating: moderate Cross-References: CVE-2025-48989 CVSS scores: CVE-2025-48989 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-48989 SUSE : 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:...

Microsoft Windows Storage Port Driver 信息泄露漏洞

The Microsoft Windows Storage Port Driver is a system-provided storage port driver from Microsoft USA that is particularly suited for high-performance buses, such as NVMe over Fibre Channel FC or FC buses and RAID adapters. An information disclosure vulnerability exists in the Microsoft Windows...

Microsoft Windows Media Foundation 安全漏洞

Microsoft Windows Media Foundation is a multimedia development library from Microsoft that aims to provide a unified multimedia solution for the Windows platform, allowing developers to play video and sound files, encode or transcode multimedia files, and so on. Developers can use Media Foundatio...

Q-Free MAXTIME Suite 安全漏洞

Q-Free MAXTIME Suite is a software suite for local traffic signal management from Q-Free. A security vulnerability exists in Q-Free MAXTIME Suite version 2.11.0 and prior versions. An attacker could exploit the vulnerability to read sensitive files via a specially crafted HTTP request...

PT-2024-31007 · Apple · Ios +2

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 17.7 iPadOS versions prior to 17.7 watchOS versions prior to 11 Description: This issue allows an attacker with physical access to a locked device to control nearby devices via accessibility features. The issue was...

Trellix Secure Web Gateway Information Disclosure Vulnerability

Trellix Secure Web Gateway Trellix SWG is a security gateway from FireEye USA Trellix. An information disclosure vulnerability exists in Trellix Secure Web Gateway SWG version 12.x prior to 12.2.10 and version 11.x prior to 11.2.24, which stems from a browser bypassing the same-origin policy unde...

Microsoft Windows Kernel Security Vulnerability

Microsoft Windows Kernel is the kernel of the Windows operating system by Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Kernel. An attacker could exploit this vulnerability to gain elevated privileges. The following products and versions are affected:Windows 10...

CVE-2023-3652

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Digital Ant E-Commerce Software allows Reflected XSS. This issue affects E-Commerce Software: before 11...

Microsoft Windows Resilient File System (ReFS) 安全漏洞

Microsoft Windows Resilient File System ReFS is a resilient file system from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Resilient File System ReFS. The following products and versions are affected: Windows 11 Version 22H2 for ARM64-based Systems,Windows 11...

Veeam Backup&Replication 路径遍历漏洞

Veeam Backup & Replication is a suite of data protection software from the Swiss company Veeam. The software provides backup, replication and recovery for VMware and Hyper-V VMs, physical and cloud environments. A path traversal vulnerability exists in Veeam Backup & Replication 9.5U3, 9.5U4, 10....

Tenda AC11缓冲区错误漏洞

Tenda AC11 is a router from Tenda, China.The PPPoE module of Tenda AC Series Router AC11V02.03.01.104CN is vulnerable to a stack buffer overflow vulnerability, which can be exploited by attackers to cause a denial of service via specially crafted overflow data...

OpenJDK: Weak ciphers preferred over stronger ones for TLS (JSSE, 8264210)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated...

CVE-2021-0565

In wrapUserThread of AudioStream.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:...

PT-2020-2546

Name of the Vulnerable Software and Affected Versions Java SE versions 11.0.6 and 14 Description The issue is related to insufficient access control in the JSSE component of Java SE, allowing an unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks can...

UBUNTU-CVE-2019-5737

In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service DoS by establishing an HTTP or HTTPS connection in keep-alive mode and by sending headers very slowly. This keeps the connection and associated...

2026-02 Cumulative Update for Windows 11 Version 24H2 for arm64-based Systems (KB5077181) (26100.7840)

2026-02 Cumulative Update for Windows 11 Version 24H2 for arm64-based Systems KB5077181 26100.7840...