16916 matches found
QEMU 安全漏洞
QEMU Quick Emulator is a simulation software for processors developed by Fabrice Bellard from France. This software features high speed and cross-platform capabilities. QEMU has a security vulnerability, which stems from the lack of length restrictions on the virtio-crypto device. This...
GO-2026-4487 Mattermost Server allows an attacker to specify a full pathname of a log file in github.com/mattermost/mattermost-server
Mattermost Server allows an attacker to specify a full pathname of a log file in github.com/mattermost/mattermost-server. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive...
USN-8046-1 frr vulnerabilities
It was discovered that FRR incorrectly handled certain malformed OSPF and update packets. A remote attacker could possibly use these issues to cause FRR to crash, resulting in a denial of service...
PT-2026-20301
Name of the Vulnerable Software and Affected Versions Dell SmartFabric OS10 Software versions prior to 10.5.6.12 Description Dell SmartFabric OS10 Software is affected by an issue related to improper neutralization of special elements used in a command, potentially leading to command execution. A...
CVE-2026-1619
Authorization Bypass Through User-Controlled Key vulnerability in Universal Software Inc. FlexCity/Kiosk allows Exploitation of Trusted Identifiers.This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36...
CVE-2020-37193
ZIP Password Recovery 2.30 contains a denial of service vulnerability that allows attackers to crash the application by providing maliciously crafted input. Attackers can create a specially prepared text file with specific characters to trigger an application crash when selecting a ZIP file...
CVE-2020-37104
ASTPP 4.0.1 contains an information disclosure vulnerability that allows unauthenticated attackers to download database backup files by predicting backup filename patterns. Attackers can generate a list of 6-digit PIN combinations and fuzz the backup download URL to exfiltrate sensitive database...
CVE-2026-21330
After Effects versions 25.6 and earlier are affected by an Access of Resource Using Incompatible Type 'Type Confusion' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a...
Nsasoft Dnss Domain Name Search Software 安全漏洞
Nsasoft Dnss Domain Name Search Software is a domain name search and analysis tool developed by the American companyNsasoft. The software has a security vulnerability, which stems from a buffer overflow in the registration key field, potentially causing the application to crash...
CVE-2026-21358
InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue...
CVE-2026-20841
Improper neutralization of special elements used in a command 'command injection' in Windows Notepad App allows an unauthorized attacker to execute code locally...
CVE-2026-21261 Microsoft Excel Information Disclosure Vulnerability
...
CVE-2026-2135
A vulnerability was detected in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub43F020 of the file /goform/formPdbUpConfig. Performing a manipulation of the argument policyNames results in command injection. It is possible to initiate the attack remotely. The exploit is now...
CVE-2026-2118
A vulnerability was determined in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub4407D4 of the file /goform/formReleaseConnect of the component rehttpd. Executing a manipulation of the argument IspName can lead to command injection. The attack can be launched remotely. The...
CVE-2025-15320 Tanium addressed a denial of service vulnerability in Tanium Client.
Tanium addressed a denial of service vulnerability in Tanium Client...
CVE-2025-70073
An issue in ChestnutCMS v.1.5.8 and before allows a remote attacker to execute arbitrary code via the template creation function...
CVE-2025-15330
Tanium addressed an improper input validation vulnerability in Deploy...
CVE-2025-61649
Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Services/CheckUserUserInfoCardService.Php. This issue affects CheckUser: from 7cedd58781d261f110651b6af4f41d2d11ae7309...
CVE-2025-8590 Information Disclosure in AKCE Software's SKSPro
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in AKCE Software Technology R&D Industry and Trade Inc. SKSPro allows Directory Indexing. This issue affects SKSPro: through 07012026...
DEBIAN-CVE-2025-6590
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLUserTextField.Php. This issue affects MediaWiki: from through 1.39.12, 1.42.76 1.43.1, 1.44.0...