196 matches found
Google Android Information Disclosure Vulnerability
Google Android is a Linux-based open source operating system from Google. An information disclosure vulnerability exists in Google Android versions prior to 10, 11, and 12. The vulnerability arises from a configuration error in the network system or product during operation. An attacker could...
TOTOLINK Technology Routers Command Injection Vulnerability (CNVD-2022-17113)
TOTOLink T6 is a wireless dual-band router from TotoLink, China.TOTOLink T10 is a wireless network system router from TotoLink, China.The recvSlaveUpgstatus function of TOTOLINK Technology Routers T6 and T10 is vulnerable to command injection. vulnerability. An attacker can exploit this...
Apache Cassandra Code Injection Vulnerability
Apache Cassandra is a distributed Nosql database from the American Apache Apache Foundation. Apache Cassandra suffers from a code injection vulnerability that stems from a network system or product failing to properly filter specific elements of externally entered data during the construction of ...
Samsung telephony information disclosure vulnerability (CNVD-2022-70759)
Samsung Telephony is a telephony feature of Samsung mobile devices. samsung telephony is vulnerable to an information disclosure vulnerability that results from a configuration error in the network system or product during operation. An attacker could use the vulnerability to obtain Cell Location...
Schneider Electric Interactive Graphical SCADA System Authorization Issues Vulnerability
Schneider Electric Interactive Graphical SCADA System IGSS is a SCADA Data Acquisition and Supervisory System system for monitoring and controlling industrial processes from Schneider Electric, France. An authorization issue vulnerability exists in the Schneider Electric Interactive Graphical SCA...
Apache Superset Information Disclosure Vulnerability (CNVD-2022-14706)
Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. Apache Superset suffers from an information disclosure vulnerability that originates from errors such as configuration during operation of a networked system or product. An attacker could exploit...
Microsoft Visual Studio Code Code Injection Vulnerability (CNVD-2022-29568)
A code injection vulnerability exists in Microsoft Visual Studio Code, an open source code editor from Microsoft Corporation. The vulnerability stems from a network system or product that does not properly filter special elements in code segments constructed from external input data. An attacker...
Reolink RLC-410W Command Injection Vulnerability
Reolink Rlc-410W is a Wifi security camera from Reolink China.A command injection vulnerability exists in Reolink RLC-410W version v3.0.0.13620121102, which stems from the failure of the network system or product to properly filter special characters, commands, etc., during the execution of...
Nextcloud Android app information disclosure vulnerability (CNVD-2022-18414)
Nextcloud Android app is an Android-based mobile application for accessing Nextcloud servers from the German company Nextcloud. information disclosure in versions of Nextcloud Android app prior to 3.17.1, the vulnerability stems from a network system or product that has a configuration and other...
Moxa TN-5900 Command Injection Vulnerability
Moxa Tn-5900 is a series of En50155 wall-mounted routers from Moxa, China.A command injection vulnerability exists in Moxa TN-5900, which is caused when the network system or product fails to properly filter special characters, commands, etc. during the execution of commands entered by the user. ...
OneBlog Permission License and Access Control Issues Vulnerability
OneBlog is a beautiful, powerful Java blog. OneBlog in version 2.2.8 and earlier suffers from a Permissions Permission and Access Control Issues vulnerability that arises from a network system or product that does not properly restrict access to resources from unauthorized roles. An attacker coul...
Apache ShenYu Information Disclosure Vulnerability
Apache ShenYu is an asynchronous , high-performance , cross-language , responsive API gateway of the United States Apache Apache Foundation . An information disclosure vulnerability exists in Apache ShenYu versions 2.4.0 and 2.4.1, which arises from a configuration or other error in the operation...
Dell EMC Data Protection Central Input Validation Error Vulnerability
Dell Emc Data Protection Central is a management console from Dell USA Inc. It is used for data protection. A security vulnerability exists in Dell EMC Data Protection Central that originates from a network system or product that does not properly validate incoming data. No details of the...
Unisys Messaging Integration Services存在未明漏洞
Unisys Messaging Integration Services Ntsi is a messaging-based interface between two programs from Unisys, Inc. A security vulnerability exists in Unisys Messaging Integration Services Ntsi, which stems from a network system or product that does not The vulnerability is caused by a network syste...
Mozilla Thunderbird SQL注入漏洞
Mozilla Thunderbird is the United States Mozilla Foundation's set of independent from the Mozilla Application Suite e-mail client software. The software supports the IMAP and POP mail protocols as well as the HTML mail format. Mozilla Thunderbird suffers from an SQL injection vulnerability that...
Lexmark input validation error vulnerability
Lexmark is a series of printers in the U.S. A security vulnerability exists in Lexmark, which stems from a network system or product that does not properly filter special elements in code segments constructed from external input data. An attacker could exploit the vulnerability to generate an...
microweber access control error vulnerability
Microweber is an online store management system from the Microweber community in the United States that provides drag-and-drop functionality. The system includes modules for adding products, images, and more. microweber is vulnerable to an access control error, which stems from a network system o...
Lexmark Command Injection Vulnerability
Lexmark is a series of printers in the U.S. A command injection vulnerability exists in Lexmark, which stems from the failure of a network system or product to properly filter special characters, commands, etc. during the execution of commands entered by a user into the construct. An attacker cou...
Mattermost Access Control Error Vulnerability
Mattermost is an open source collaboration platform from Mattermost, Inc. An access control error vulnerability exists in Mattermost versions 6.1 and earlier, which stems from a network system or product that does not properly restrict access to resources from unauthorized roles, and could be...
IBM FileNet Content Manager Command Injection Vulnerability
IBM FileNet Content Manager is a content management solution for the FileNet P8 platform from IBM of America. The solution combines document management with ready-to-use workflow tools to manage images, videos, Web content, compliance documents, etc. IBM FileNet Content Manager in versions 5.5.4,...