420 matches found
Intel Processors 缓冲区错误漏洞
Intel Processors are a series of processors developed by the American company Intel. Intel Processors have a buffer overflow vulnerability, which stems from improper buffer limits and may lead to privilege escalation. System software attackers with privileged access can potentially manipulate dat...
Intel Processors 输入验证错误漏洞
Intel Processors are a series of processors developed by the American company Intel. Intel Processors have a vulnerability related to input validation, which stems from improper input validation and may lead to privilege escalation. System software attackers with privileged access can potentially...
Intel Processors 安全漏洞
Intel Processors are a series of processors developed by the American company Intel. There are security vulnerabilities in Intel Processors, which stem from race conditions between the check time and the actual usage time. These vulnerabilities could lead to privilege escalation. System software...
Craft CMS 安全漏洞
Craft CMS is an open-source content management system developed by Craft CMS. Versions prior to Craft CMS 5.9.0-beta.1 and 4.17.0-beta.1 contained security vulnerabilities. These vulnerabilities stemmed from incomplete permission lists, which could allow attackers with specific privileges to...
CVE-2026-24351 Stored XSS in PluXml CMS
PluXml CMS is vulnerable to Stored XSS in Static Pages editing functionality. Attacker with editing privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. The vendor was notified early about this vulnerability, but didn't respond with...
CVE-2026-27973 Audiobookshelf has Stored XSS in ItemSearchCard.vue via Audiobook Metadata (Search Results on Mobile App)
Audiobookshelf is a self-hosted audiobook and podcast server. A stored cross-site scripting XSS vulnerability exists in versions prior to 0.12.0-beta of the Audiobookshelf mobile application that allows arbitrary JavaScript execution through malicious library metadata. Attackers with library...
CVE-2026-22266
Dell PowerProtect Data Manager, versions prior to 19.22, contains an Improper Verification of Source of a Communication Channel vulnerability in the REST API. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to protection mechanism bypass...
AMD Processors 安全漏洞
AMD Processors are a series of processors developed by American semiconductor company AMD. There are security vulnerabilities in AMD Processors, which stem from improper access control of on-chip debugging interfaces. This could allow privileged attackers to enable the debugging interfaces and...
CVE-2023-20514
Improper handling of parameters in the AMD Secure Processor ASP could allow a privileged attacker to pass an arbitrary memory value to functions in the trusted execution environment resulting in arbitrary code execution...
AMD Graphics Driver 安全漏洞
AMD Graphics Driver is an integrated graphics driver developed by American semiconductor company AMD. There is a security vulnerability in AMD Graphics Driver, which stems from improper logic in the hardware reset flow. This vulnerability could allow privileged attackers to control the reset...
CVE-2025-29950
Improper input validation in system management mode SMM could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution...
WordPress plugin Bucketlister 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
OpenSolution Quick.Cart 安全漏洞
OpenSolution Quick.Cart is an online store system developed by the Polish company OpenSolution. Version 6.7 of OpenSolution Quick.Cart contains a security vulnerability, which stems from storing user passwords in plaintext. This vulnerability could allow privileged attackers to access user...
CVE-2021-47918
Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php file to compromise the database management system and web application...
CVE-2021-47918
Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php file to compromise the database management system and web application...
EUVD-2021-34753
Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php file to compromise the database management system and web application...
CVE-2021-47916
The EUVD entry EUVD-2021-34755 documents a vulnerability in Simple CMS 2.1: a remote SQL injection that lets an attacker inject unvalidated SQL via the users module, exploiting unvalidated input in admin.php to compromise the database management system and the web application. The connected docum...
CVE-2021-47916
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
PT-2026-5563
Name of the Vulnerable Software and Affected Versions Simple CMS version 2.1 Description The Simple CMS software contains a remote SQL injection issue. Privileged attackers can inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php...
PT-2026-5561
Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php file to compromise the database management system and web application...