Unspecified vulnerability in Huawei HarmonyOS (CNVD-2025-1587431)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS. An attacker exploited the vulnerability to affect availability...

HMS Ewon Flexy 205 安全漏洞

HMS Ewon Flexy 205 is a multi-purpose IIoT data gateway from HMS Sweden. A security vulnerability exists in HMS Ewon Flexy 205 version 14.8s0 and prior versions. An attacker exploiting this vulnerability could execute system-level commands on the device...

Microsoft Windows Remote Desktop Services Remote Code Execution Vulnerability (CNVD-2025-01186)

Microsoft Windows Remote Desktop Services is a collection of features from Microsoft USA that allow users to remotely access graphical desktops and Windows applications. A remote code vulnerability exists in Microsoft Windows Remote Desktop Services due to use after release in the Remote Desktop...

Microsoft Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability

Microsoft Windows Remote Desktop Gateway RD Gateway is a role service from Microsoft Corporation USA that allows authorized users to securely access internal network resources over the Internet. A denial of service vulnerability exists in Microsoft Windows Remote Desktop Gateway RD Gateway, which...

Adobe Animate Integer Overflow or Wrap Around Vulnerability

Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. Adobe Animate suffers from an integer overflow or wrap-around vulnerability that can be exploited by an attacker to execute arbitrary code in the current user's environment...

Adobe Connect Cross-Site Scripting Vulnerability (CNVD-2024-48907)

Adobe Connect is a software for creating meeting environments from the American company Audobee Adobe. Adobe Connect suffers from a cross-site scripting vulnerability that can be exploited by an attacker to execute arbitrary code on the system...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2025-01181)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

Huawei EMUI和Huawei HarmonyOS 安全漏洞

Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. A service logic error vulnerability exists in the Huawei EMUI and HarmonyOS system service module, which can be...

PT-2024-10365 · Gstreamer +7 · Gstreamer +7

Name of the Vulnerable Software and Affected Versions: GStreamer versions prior to 1.24.10 Description: A null pointer dereference vulnerability has been discovered in the gst matroska demux parse blockgroup or simpleblock function within matroska-demux.c. This function does not properly check th...

CVE-2024-47043

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could enable an attacker to correlate a device serial number and the user's phone number and part of the email address...

CVE-2024-48866 QTS, QuTS hero

An improper handling of URL encoding Hex Encoding vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to run the system into unexpected state. We have already fixed the vulnerability in the following...

CVE-2024-9872 Online Booking & Scheduling Calendar for WordPress by vcita <= 4.5.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting

The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vcitasaveuserdatacallback function in all versions up to, and including, 4.5.1. This makes it possible for authenticated...

The vulnerability of the vlan component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the vlan component in the Linux operating system’s kernel is related to the lack of memory release after the effective lifespan of the component has ended. Exploiting this vulnerability can allow an attacker to cause a service failure...

Cisco NX-OS Improper Verification of Cryptographic Signature (CVE-2017-12331)

A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software patch. The vulnerability is due to insufficient NX- OS signature verification for software patches. An authenticated, local attacker could exploit...

Cisco NX-OS Exposure of Resource to Wrong Sphere (CVE-2017-12342)

A vulnerability in the Open Agent Container OAC feature of Cisco Nexus Series Switches could allow an unauthenticated, local attacker to read and send packets outside the scope of the OAC. The vulnerability is due to insufficient internal security measures in the OAC feature. An attacker could...

The vulnerability of the btrfs component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the btrfs component in Linux operating systems is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the vmk80xx component of the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the vmk80xx component of the Linux operating system’s kernel is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the vhost_vdpa_probe() function in the vhost-vdpa component of Linux kernel allows a attacker to cause a service failure.

The vulnerability of the vhostvdpaprobe function in the vhost-vdpa component of Linux kernel modules is related to double memory deallocation errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2024-8820

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target...

The vulnerability of the Linux operating system’s dynamic kernel component, which allows a hacker to trigger a service failure

The vulnerability of the Linux operating system’s dynamic kernel component is related to the lack of memory release after the effective lifespan of the component. Exploiting this vulnerability can allow an attacker to cause a service failure...