CVE-2024-5452

A remote code execution RCE vulnerability exists in the lightning-ai/pytorch-lightning library version 2.2.1 due to improper handling of deserialized user input and mismanagement of dunder attributes by the deepdiff library. The library uses deepdiff.Delta objects to modify application state base...

The vulnerability of the application software interface of the microprogramming system for programmable logic controllers AutomationDirect P3-550E allows a intruder to trigger a service failure.

The vulnerability of the application software interface for Microprogramming Systems, AutomationDirect P3-550E, is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

Check Point Security Gateways 安全漏洞

Check Point Security Gateways is an AI-powered NGFW security gateway from Check Point Israel. A security vulnerability exists in Check Point Security Gateways. An attacker could exploit the vulnerability to obtain sensitive information...

Vulnerability of the Server component: The Optimizer component of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Oracle MySQL Server component of the database management system’s optimizer is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...

pgAdmin Cross-Site Scripting Vulnerability

pgAdmin is an open source management and development platform for the open source database PostgreSQL. A cross-site scripting vulnerability exists in pgAdmin 8.5 and earlier versions, which stems from a cross-site scripting vulnerability in the /settings/store endpoint that responds to a json loa...

CVE-2024-20363

Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System IPS rule engine that could allow an unauthenticated, remote attacker to bypass the configured rules on an affected system. This vulnerability is due to incorrect HTTP packet handling. An attacker coul...

TOTOLINK X5000R ipsecPsk Parameter Code Execution Vulnerability

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. The TOTOLINK X5000R suffers from a code execution vulnerability that stems from the ipsecPsk parameter of cstecgi.cgi failing to properly filter the special elements of constructed snippets. An attacker could exploit this...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel. An attacker exploits the vulnerability to cause a memory leak...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel. An attacker exploits the vulnerability to cause a memory leak...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel. An attacker exploits the vulnerability to cause data corruption...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel. An attacker exploits the vulnerability to cause a memory leak...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel. An attacker exploits the vulnerability to cause a migration to resume from an entry that does not belong to the block being...

CVE-2024-35110

A reflected XSS vulnerability has been found in YzmCMS 7.1. The vulnerability exists in yzmphp/core/class/application.class.php: when logged-in users access a malicious link, their cookies can be captured by an attacker...

Siemens RUGGEDCOM CROSSBOW Information Disclosure Vulnerability

Siemens RUGGEDCOM CROSSBOW is a proven secure access management solution from Siemens, Germany. Siemens RUGGEDCOM CROSSBOW suffers from an information disclosure vulnerability due to the fact that an affected system may allow log messages to be forwarded to specific clients under certain...

Siemens Solid Edge Out-of-Bounds Read Vulnerability (CNVD-2024-23112)

Siemens Solid Edge is a 3D CAD software from Siemens Germany. The software can be used for part design, assembly design, sheet metal design, welding design and other industries. Siemens Solid Edge suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute cod...

Siemens Solid Edge Heap Buffer Overflow Vulnerability (CNVD-2024-23110)

Siemens Solid Edge is a 3D CAD software from Siemens Germany. The software can be used for part design, assembly design, sheet metal design, welding design and other industries. Siemens Solid Edge suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute co...

Mozilla Firefox Security Bypass Vulnerability (CNVD-2024-23344)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the U.S. Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of e-mail client software that is separate from the Mozilla Application Suite. Mozilla Thunderbird is ...

CVE-2023-44411

D-Link D-View InstallApplication Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. The specific flaw exist...

FATEK FvDesigner 安全漏洞

FATEK FvDesigner is a hardware device from the Chinese company Yonghong Electric FATEK. It provides a human-machine interface. A security vulnerability exists in FATEK FvDesigner that stems from a lack of proper validation of user-supplied data. An attacker can exploit the vulnerability to execut...

Fatek FvDesigner 安全漏洞

FATEK FvDesigner is a hardware device from the Chinese company Yonghong Electric FATEK. It provides a human-machine interface. A security vulnerability exists in Fatek FvDesigner that originates from not properly initializing a pointer before accessing it. An attacker could exploit the...