1119 matches found
WordPress Plugin Keep Backup Daily Cross-Site Scripting Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress plugin Keep Backup Daily version 2.0.2 and prior versions, which stems from insufficient...
WordPress plugin Ultimate Member 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. WordPress Ultimate...
Delta Electronics CNCSoft 安全漏洞
Delta Electronics CNCSoft is a CNC machine simulation system software from Delta Electronics, China. A security vulnerability exists in Delta Electronics CNCSoft, which can be exploited by an attacker to cause a stack buffer overflow when processing a specific project file, as the affected produc...
Delta Electronics CNCSoft 缓冲区错误漏洞
Delta Electronics CNCSoft is a CNC machine simulation system software from Delta Electronics, China. An out-of-bounds read vulnerability exists in Delta Electronics CNCSoft, which can be exploited by an attacker to cause an out-of-bounds read condition due to the affected product not properly...
WordPress 跨站脚本漏洞
WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. A cross-site scripting vulnerability exists in versions of the WordPress WP Reactions Lite plugin prior to 1.3.6. The vulnerability stems from a failure to properly clean up input on the wp-admin...
edge.js 跨站脚本漏洞
edge.js is the Node.js template engine. edges.js versions prior to 5.3.2 have a cross-site scripting vulnerability that stems from a type obfuscation vulnerability that can be exploited to bypass input cleanup when the input to be rendered is an array, even if is used, and can be used by attacker...
WordPress 插件跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the Cookie...
WordPress 跨站脚本漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports personal blog sites on servers running PHP and MySQL. A security vulnerability exists in the WordPress plugin Forms before 1.12.3, which stems from the form's "Ad...
GitLab Code Execution Vulnerability
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab 13.8 and later,...
Vulnerability fixed in Zyxel products
Due to the lack of input string cleanup in the CGI program "chgexppwd", a malicious party can inject commands inject. Zyxel has released updates to fix the vulnerability. For more information see: https://www.zyxel.com/support /Zyxel-security-advisory-for-command-injection-vulnerability-of-f...
Red Hat CloudForms Cross-Site Scripting Vulnerability (CNVD-2020-44409)
Red Hat CloudForms is a hybrid infrastructure management platform from Red Hat, Inc. The platform provides deployment, management, and other capabilities across virtual machines, clouds, containers, and physical infrastructure. A security vulnerability exists in Report Menu in Red Hat CloudForms,...
Microsoft Azure DevOps Server Cross-Site Scripting Vulnerability (CNVD-2020-19008)
Microsoft Azure DevOps Server is a suite of software development collaboration tools from Microsoft Corporation USA. The product includes features such as sharing code, work tracking, and software distribution. A cross-site scripting vulnerability exists in Azure DevOps Server that stems from the...
The vulnerability of the WriteTIFFImage function in the program for reading and editing ImageMagick graphic files involves accessing confidential data beyond the buffer limit of memory. This allows attackers to gain access to sensitive information and cause system failures.
The vulnerability of the WriteTIFFImage function in the ImageMagick program, which is used for reading and editing graphic files, is related to the absence or incomplete cleaning of input data. Exploiting this vulnerability can allow a malicious actor to compromise data confidentiality, as well a...
Git for Visual Studio Remote Code Execution Vulnerability (CNVD-2020-01956)
Microsoft Visual Studio is a family of development tool suites from Microsoft, and a fundamentally complete set of development tools that includes most of the tools needed throughout the software lifecycle.Git for Visual Studio is one of the Git Distributed Version Control Git for Visual Studio i...
Git for Visual Studio Remote Code Execution Vulnerability
Microsoft Visual Studio is a family of development tool suites from Microsoft, and a fundamentally complete set of development tools that includes most of the tools needed throughout the software lifecycle.Git for Visual Studio is one of the Git Distributed Version Control Git for Visual Studio i...
Abus Security Center 'FTP' HTML Injection Vulnerability
Abuse is a popular video game. An HTML injection vulnerability exists in Abus Security Center due to the program failing to adequately clean up user input. An attacker could exploit the vulnerability to execute arbitrary script code in the context of an affected browser to steal a user's...
The vulnerability of the Linux operating system, which allows a malicious individual to trigger a local service failure
In the HID driver for the Zeroplus gaming manipulator, there is no mechanism for cleaning the entered information, which leads to local service failure...
The vulnerability of the Linux operating system, which allows a malicious individual to trigger a local service failure
In the HID driver for various Logitech devices, there is no mechanism for cleaning the entered information in real-time. This leads to a local failure in service provision...
WordPress Sodahead Polls Plugin 2.0.2 - Multiple Cross-Site Scripting Vulnerabilities
This WordPress Sodahead Polls plugin is prone to multiple cross-site scripting vulnerabilities that fail to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal...