860 matches found
CVE-2024-6483 Arbitrary File/Directory Deletion in aimhubio/aim
A vulnerability in the runs/delete-batch endpoint of aimhubio/aim version 3.19.3 allows for arbitrary file or directory deletion through path traversal. The endpoint does not mitigate path traversal when handling user-specified run-names, which are used to specify log/metadata files for deletion...
WordPress plugin Starter Templates by FancyWP 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...
WordPress plugin WPGet API 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...
WordPress plugin Platform.ly for WooCommerce 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists i...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An improper access rights vulnerability exists in the Huawei HarmonyOS HDC module, which can be exploited by an attacker to compromise service confidentialit...
The vulnerability of the kernel component of the Linux operating system allows a hacker to gain unauthorized access to protected information.
The vulnerability of the kernel component of the Linux operating system is related to insufficient protection of service data. Exploiting this vulnerability can allow unauthorized access to protected information...
The vulnerability of the Linux operating system’s Ethernet kernel component, which allows a hacker to gain unauthorized access to protected information
The vulnerability of the Linux operating system’s Ethernet kernel component is related to insufficient protection of service data in the grethinitrings function. Exploiting this vulnerability can allow unauthorized access to protected information...
The vulnerability of the Find My component in MacOS operating systems allows a perpetrator to disclose protected information.
The vulnerability of the Find My component in MacOS operating systems is related to insufficient protection of service data. Exploiting this vulnerability can allow attackers to disclose protected information...
The vulnerability of MacOS operating systems, related to the lack of protection for service data, allows attackers to gain unauthorized access to protected information.
The vulnerability of MacOS operating systems is related to the lack of protection for operational data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability of MacOS operating systems, related to the lack of protection for service data, allows attackers to gain unauthorized access to protected information.
The vulnerability of MacOS operating systems is related to the lack of protection for operational data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability of the Etcd configuration store, related to insufficient protection for service data, allows a perpetrator to gain unauthorized access to the protected information.
The vulnerability of the Etcd configuration store is related to insufficient protection for service data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the monitoring tool for VMware Aria Operations, related to the lack of protection for service data, allows a perpetrator to disclose the protected information.
The vulnerability of the monitoring tool for VMware Aria Operations relates to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected information...
PT-2025-3036 · Apple · Ios +2
Name of the Vulnerable Software and Affected Versions: watchOS versions prior to 11.2 iOS versions prior to 18.2 iPadOS versions prior to 18.2 Description: The issue is related to insufficient protection of service data in the Face Gallery component of watchOS, iOS, and iPadOS operating systems. ...
The vulnerability of the BitLocker component of the Windows operating system, which allows a hacker to disclose protected information
The vulnerability of the BitLocker component of the Windows operating system is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker to disclose the protected information...
The vulnerability of the Kerberos protocol for Windows operating systems allows attackers to disclose sensitive information that is protected by this mechanism.
The vulnerability of the Kerberos protocol for Windows operating systems is related to insufficient protection of service data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...
The vulnerability of Themes components in Windows operating systems, which allows attackers to perform spoofing attacks
The vulnerability of Themes component in Windows operating systems is related to insufficient protection of service data. Exploiting this vulnerability allows a remote attacker to perform spoofing attacks...
The vulnerability of the /usr/ucb/ps component of the Solaris operating system, which allows a hacker to access confidential information
The vulnerability of the /usr/ucb/ps component of the Solaris operating system is related to insufficient protection for service data. Exploiting this vulnerability can allow an attacker to access confidential information...
The vulnerability of the Ruijie Reyee OS, related to deficiencies in data storage, allows a perpetrator to match the device serial number with the user’s phone number and a portion of the email address.
The vulnerability of the Ruijie Reyee OS is related to deficiencies in the storage of service data. Exploiting this vulnerability allows a malicious actor to match the device serial number with the user’s phone number and part of the email address...
ROS-20241216-09
Vulnerability in the Automatic ConfigProvider component of Apache Kafka Message Manager is related to insufficient protection of service data. inadequate protection of proprietary data. Exploitation of the vulnerability could allow an attacker acting remotely, disclose protected information...
CVE-2024-47776
GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in gstwavparsecuechunk within gstwavparse.c. The vulnerability happens due to a discrepancy between the size of the data buffer and the size value provided to the function. This mismatch...