29 matches found
CVE-2026-41398
OpenClaw before 2026.4.2 contains an improper access control vulnerability in the iOS A2UI bridge that treats generic local-network pages as trusted origins. Attackers can inject unauthorized agent.request runs by loading attacker-controlled pages from local-network or tailnet hosts, polluting...
CVE-2025-55277 HCL Aftermarket DPC is affected by Use of Vulnerable/Outdated Versions vulnerability
HCL Aftermarket DPC is affected by Use of Vulnerable/Outdated Versions vulnerability using which an attacker may make use of the exploits available across the internet and craft attacks against the application...
CVE-2026-1666
CVE-2026-1666 affects the WordPress Download Manager plugin. It is a Reflected Cross-Site Scripting vulnerability in the login form shortcode via the vulnerable redirect_to GET parameter, due to insufficient input sanitization and output escaping. Affected: all versions up to and including 3.3.46...
CVE-2025-59808
An unverified password change vulnerability CWE-620 vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.2, FortiSOAR PaaS 7.5.0 through 7.5.1, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5....
Mattermost Confluence Plugin 安全漏洞
Mattermost Confluence Plugin is a plugin from Mattermost USA. Mattermost Confluence Plugin contains a security vulnerability that can be exploited by attackers to cause the plugin to crash...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A competing conditional vulnerability exists in versions of Mozilla Firefox prior to 131.0.3, which can be exploited by attackers to cause unexpected behavior and cause the browser to crash...
Adobe Acrobat Reader 资源管理错误漏洞
Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. Adobe Acrobat Reader has a security vulnerability that can be exploited by an attacker to execute arbitrary code in the current user's environment...
PT-2023-17234 · Unknown · Mattermost
Name of the Vulnerable Software and Affected Versions: Mattermost affected versions not specified Description: The issue arises when processing an email invite to a private channel on a team. Mattermost fails to validate the inviter's permission to that channel, allowing an attacker to invite...
Microsoft Word 安全漏洞
Microsoft Word is a word processing software in the Office suite of the U.S. company Microsoft Microsoft. An information disclosure vulnerability exists in Microsoft Word, which can be exploited by attackers to obtain sensitive information...
Microsoft Graphics Component 安全漏洞
Microsoft Graphics Component is a graphics driver component of Microsoft Corporation USA.An elevation of privilege vulnerability exists in Microsoft Windows Graphics Component. An attacker could exploit the vulnerability to elevate privileges...
Microsoft Windows Workstation Service 安全漏洞
Microsoft Windows Workstation is an application from Microsoft Corporation USA. It handles advanced workloads with the help of server-level data protection and performance.Microsoft Windows Workstation Service has an elevation of privilege vulnerability, which stems from the existence of improper...
CVE-2019-4639
IBM Security Secret Server 10.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 170045...
Unspecified Vulnerability in Evercoss U50A
Evercoss U50A is a smartphone. A security vulnerability exists in the com.qiku.cleaner app in Evercoss U50A build fingerprint: EVERCOSS/U50A./EVERCOSS:7.0/NRD90M/1499911028:eng/test-keys. An attacker could exploit the vulnerability to modify system properties...
CloudBees Jenkins Gearman Plugin Authorization Issues Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Gearman Plugin is used in one of the highly...
Adobe Acrobat/Reader Out-of-Bounds Read Vulnerability (CNVD-2019-22808)
Adobe Reader also known as Acrobat Reader is a PDF file reader developed by Adobe.Adobe Acrobat is a PDF editing software developed by Adobe. Adobe Acrobat/Reader has an out-of-bounds read vulnerability. An attacker can exploit this vulnerability to obtain information...
Denial of Service Vulnerability in Foxit Advanced PDF Editor 9 Enterprise Edition
Foxit Advanced PDF Editor is a PDF editor software from Fujian Foxit Software Development Co. Foxit Advanced PDF Editor 9 Enterprise Edition has a denial of service vulnerability that can be exploited by attackers to cause a denial of service...
Command Execution Vulnerability in NetShow Sino-British Enterprise Website System v5.6
WebShow Sino-British Enterprise Website System is a simple and easy-to-use website management system developed by WebTech. A command execution vulnerability exists in Nethub Sino-British Enterprise Website System v5.6, which can be exploited by attackers to execute system commands...
SAP BusinessObjects Business Intelligence Platform Server Denial of Service Vulnerability
SAP BusinessObjects Business Intelligence Platform Servers is a suite of business intelligence software and enterprise performance solutions. The product features report generation, analytics, data visualization, and more. A denial of service vulnerability exists in SAP BusinessObjects Business...
Multiple mobile browsers in China have information leakage vulnerabilities
A mobile browser is a mobile Internet tool that allows users to browse Internet content on a cell phone terminal over a wireless communication network. Information leakage vulnerabilities exist in several domestic cell phone browsers, which can be exploited by attackers to obtain sensitive...
Denial of Service Vulnerability in Extreme Office 2017 Version 1.0.3.2
Extreme office 2017 is a minimalist office office software that supports the creation, editing, reading and interface simplicity and easy operation of Extreme Writing, Extreme Forms, Extreme Presentation, developed by Beijing Haiteng Times Technology Co Ltd, covering windows, mac, android and...