5655 matches found
Drivin Soluções 代码注入漏洞
Drivin Soluções is an application from Drivin, Inc. A code injection vulnerability exists in Drivin Soluções 20250226 and prior versions, which originates from cross-site scripting and could lead to remote attacks...
Tale Blog 授权问题漏洞
Tale Blog is a Java blog open-sourced by Tale Blog System. An authorization issue vulnerability exists in Tale Blog version 2.0.5, which stems from improper authentication and could lead to remote attacks...
CVE-2025-30066
tj-actions changed-files before 46 allows remote attackers to discover secrets by reading actions logs. The tags v1 through v45.0.7 were affected on 2025-03-14 and 2025-03-15 because they were modified by a threat actor to point at commit 0e58ed8, which contained malicious updateFeatures code...
springboot-openai-chatgpt 安全漏洞
springboot-openai-chatgpt is a SpringCloud microservices architecture based on SpringCloud by 274056675 Individual Developer. A security vulnerability exists in springboot-openai-chatgpt version e84f6f5, which stems from improper access control and could lead to remote attacks...
springboot-openai-chatgpt 安全漏洞
springboot-openai-chatgpt is a SpringCloud microservices based architecture by 274056675 individual developers. A security vulnerability exists in springboot-openai-chatgpt, which stems from hard-coded credentials and could lead to remote attacks...
springboot-openai-chatgpt 安全漏洞
springboot-openai-chatgpt is a SpringCloud microservices based architecture by 274056675 individual developers. A security vulnerability exists in springboot-openai-chatgpt that stems from improper authorization and could lead to remote attacks...
Siemens SCALANCE X-200RNA Switch Devices Improper Access Control (CVE-2015-5600)
The kbdintnextdevice function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard- interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service CPU consumpti...
Siemens SCALANCE X-200RNA Switch Devices Untrusted Search Path (CVE-2016-10009)
Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by leveraging control over a forwarded agent-socket. This plugin only works with Tenable.ot. Please visit...
CVE-2025-2218
A vulnerability has been found in LoveCards LoveCardsV2 up to 2.3.2 and classified as critical. This vulnerability affects unknown code of the file /api/system/other of the component Setting Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The...
LoveCards 代码问题漏洞
LoveCards is an open source confession wall program by LoveCards. A code issue vulnerability exists in LoveCards 2.3.2 and earlier versions, which stems from the fact that incorrect manipulation of the parameter file can lead to unlimited uploads, potentially leading to remote attacks...
CVE-2025-2208
CVE-2025-2208 affects aitangbao springboot-manager 3.0, specifically a vulnerability in the Filename Handler that processes the file at /sysFiles/upload. The issue arises from manipulation of the argument name, enabling cross-site scripting. It can be exploited remotely, and public exploits have ...
Stoque Zeev.it 代码问题漏洞
Stoque Zeev.it is a workflow automation platform from Stoque, Inc. A code issue vulnerability exists in Stoque Zeev.it version 4.24, which stems from server-side request forgery and could lead to remote attacks...
springboot-manager 代码注入漏洞
springboot-manager is a backend management system based on SpringBoot + Thymeleaf + Layui + Apache Shiro + Redis + Mybatis Plus by an individual developer in China, liwenbin. A code injection vulnerability exists in springboot-manager version 3.0, which originates from cross-site scripting and...
springboot-manager 代码注入漏洞
springboot-manager is a backend management system based on SpringBoot + Thymeleaf + Layui + Apache Shiro + Redis + Mybatis Plus by an individual developer in China, liwenbin. A code injection vulnerability exists in springboot-manager version 3.0, which originates from cross-site scripting and...
springboot-manager 代码注入漏洞
springboot-manager is a backend management system based on SpringBoot + Thymeleaf + Layui + Apache Shiro + Redis + Mybatis Plus by an individual developer in China, liwenbin. A code injection vulnerability exists in springboot-manager version 3.0, which originates from cross-site scripting and...
Claro A7600-A1 代码注入漏洞
The Claro A7600-A1 is a wireless router from Claro. A code injection vulnerability exists in the Claro A7600-A1 RNR4-A72T-2x16v2110403CLA32160817 version, which originates from cross-site scripting and could lead to remote attacks...
springboot-manager 代码注入漏洞
springboot-manager is a backend management system based on SpringBoot + Thymeleaf + Layui + Apache Shiro + Redis + Mybatis Plus by an individual developer in China, liwenbin. A code injection vulnerability exists in springboot-manager version 3.0, which originates from cross-site scripting and...
springboot-manager 代码注入漏洞
springboot-manager is a backend management system based on SpringBoot + Thymeleaf + Layui + Apache Shiro + Redis + Mybatis Plus by an individual developer in China, liwenbin. A code injection vulnerability exists in springboot-manager version 3.0, which originates from cross-site scripting and...
Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-7344-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7344-1 advisory. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use...
libzvbi 安全漏洞
libzvbi is a VBI utility in the zapping-vbi open source. A security vulnerability exists in libzvbi version 0.2.43 and earlier, which stems from uninitialized pointers and could lead to remote attacks...