196 matches found
Dell SmartFabric storage software command injection vulnerability
Dell SmartFabric Storage Software is a stand-alone storage software solution from Dell USA. A command injection vulnerability exists in Dell SmartFabric storage software version 1.0.0, which arises from a failure of a network system or product to properly filter special characters, commands, etc...
Microsoft Azure Site Recovery Remote Code Execution Vulnerability (CNVD-2022-84112)
Microsoft Azure Site Recovery is a site recovery DRaaS from Microsoft Corporation for cloud and hybrid cloud architectures. The vulnerability stems from the failure of a network system or product to properly filter special elements of code segments during the construction of external input data. ...
IBM DataPower Gateway XML External Entity Injection Vulnerability (CNVD-2022-56970)
IBM DataPower Gateway is a set of security and integration platforms from IBM USA designed specifically for mobile, cloud, application programming interface API, web, service-oriented architecture SOA, B2B, and cloud workloads. The platform protects, integrates, and optimizes access across channe...
Google Android Code Execution Vulnerability (CNVD-2022-65638)
Google Android is a Linux-based open source operating system from Google. A code execution vulnerability exists in Google Android. The vulnerability arises from a failure of a networked system or product to properly filter specific elements of externally entered data during the construction of a...
Google Android Buffer Overflow Vulnerability (CNVD-2023-25101)
Google Android is a Linux-based open-source operating system from Google, a U.S. company. The vulnerability stems from the failure of a network system or product to properly filter special elements of code segments during the construction of external input data. An attacker could exploit the...
Jenkins Recipe Plugin XML External Entity Injection Vulnerability
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project. jenkins Plugin is an application software. jenkins Recipe Plugin version 1...
Aruba ClearPass Policy Manager Command Injection Vulnerability (CNVD-2022-64231)
Aruba ClearPass Policy Manager is an application of the U.S. company Aruba to provide wireless network security access management system Aruba ClearPass Policy Manager has a command injection vulnerability, the vulnerability stems from the user input structure to execute the command process, the...
Microsoft Windows Remote Access Connection Manager Information Disclosure Vulnerability
Microsoft Windows Remote Access Connection Manager is a Windows service from Microsoft that manages virtual private network VPN connections from your computer to the Internet. An information disclosure vulnerability exists in Microsoft Windows Remote Access Connection Manager. The vulnerability...
Adobe Framemaker Out-of-Bounds Read Vulnerability (CNVD-2022-41739)
Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A security vulnerability exists in Adobe Framemaker. The vulnerability originates from a network system or a...
Microsoft Visual Studio Remote Code Execution Vulnerability (CNVD-2022-60134)
Microsoft Visual Studio is a family of development tool suites from Microsoft, and a largely complete development toolset that includes most of the tools needed throughout the software life cycle. A remote code execution vulnerability exists in Microsoft Visual Studio that originates when a...
Microsoft Windows Remote Desktop Protocol Information Disclosure Vulnerability (CNVD-2022-70061)
Microsoft Windows Remote Desktop Protocol RDP is an application used to connect to remote Windows desktops from Microsoft Corporation USA.Microsoft Windows Remote Desktop is vulnerable to information disclosure. The vulnerability stems from a configuration or other error in the operation of the...
Microsoft Windows Print Spooler Components Information Disclosure Vulnerability
An information disclosure vulnerability exists in Microsoft Windows Print Spooler Components, a print backend processor component of Microsoft Corporation. The vulnerability stems from a configuration or other error in the operation of the network system or product. An attacker could use this...
Microsoft Windows Remote Procedure Call Runtime Remote Code Execution Vulnerability
Microsoft Windows Remote Procedure Call Runtime is a technology used to create distributed client/server programs from Microsoft Corporation USA.Microsoft Windows Remote Procedure Call Runtime is vulnerable to remote code execution vulnerability. The vulnerability stems from the failure of a...
Microsoft Windows WLAN Auto Config Service Information Disclosure Vulnerability
Microsoft Windows WLAN AutoConfig Service is a wireless network card configuration service for Microsoft Windows Vista and later operating systems. An information disclosure vulnerability exists in Microsoft Windows WLAN Auto Config Service. The vulnerability is caused by a configuration error in...
Microsoft Visual Studio Code Remote Code Execution Vulnerability (CNVD-2022-60132)
Microsoft Visual Studio Code is an open source code editor from Microsoft USA. A remote code execution vulnerability exists in Microsoft Visual Studio Code, which arises from a failure of a networked system or product to properly filter specific elements of externally entered data during the...
IBM Navigator for i Access Control Error Vulnerability
IBM Navigator for i is an IBM console interface used in IBMi to perform and manage critical tasks in IBMi. IBM Navigator for i versions 7.2, 7.3 and 7.4 are vulnerable to an access control error that stems from a network system or product that does not properly restrict access to resources from...
Google Android Information Disclosure Vulnerability (CNVD-2022-45920)
Google Android is a Linux-based open-source operating system from Google, a U.S. company. The vulnerability is caused by a configuration error in the network system or product during operation. An attacker could use this vulnerability to cause an information leak...
Apache CouchDB Access Control Error Vulnerability
Apache CouchDB is a document-oriented database system developed by the Apache Foundation using Erlang.An access control error vulnerability exists in versions prior to Apache CouchDB 3.2.2, which stems from a network system or product that does not properly restrict access to resources from...
Zimbra Access Control Error Vulnerability
Zimbra Collaboration aka ZCS versions 8.8.15 and 9.0 are vulnerable to an access control error. The vulnerability stems from a network system or product that does not properly restrict access to resources from unauthorized roles. An unauthenticated attacker could exploit the vulnerability to inje...
Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2022-65612)
The Microsoft Windows Kernel is the kernel of the Windows operating system from the American company Microsoft. An information disclosure vulnerability exists in Microsoft Windows Kernel. The vulnerability arises from errors in configuration, etc. in the operation of a networked system or product...