1238 matches found
WordPress Friends plugin code issue vulnerability
WordPress Friends plugin is a plugin for social interaction. WordPress Friends plugin has a code issue vulnerability that stems from improper deserialization of the queryvars parameter, which can be exploited by an attacker to cause code execution...
WordPress plugin AIT CSV import/export code issue vulnerability
WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin AIT CSV import/export has a code issue vulnerability , the vulnerability stems from the...
7-Zip 代码问题漏洞
7-Zip is a compression software from the 7-Zip open source. A code issue vulnerability exists in versions prior to 7-Zip 25.0.0 that stems from the presence of a null pointer dereference in the Compound handler, which could lead to a denial of service...
Adobe Experience Manager code issue vulnerability (CNVD-2025-16245)
Adobe Experience Manager is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Audobee Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A code...
Time Line 代码问题漏洞
Time Line is a timeline application from the Time Line Official individual developer. A code issue vulnerability exists in Time Line that stems from insufficient file upload validation, which could result in a malicious file upload or denial of service...
Emerson ValveLink 代码问题漏洞
Emerson ValveLink is a suite of digital valve configuration and diagnostic software from Emerson Electric USA. A code issue vulnerability exists in Emerson ValveLink that stems from an improperly controlled resource search path that could lead to unintended behavior...
GnuTLS 代码问题漏洞
GnuTLS is a free secure communication library for implementing SSL, TLS and DTLS protocols from the GnuTLS open source. A code issue vulnerability exists in GnuTLS that stems from a null pointer dereference in the gnutlsfigurecommonciphersuite function, which could lead to memory corruption and...
IBM Analytics Content Hub 代码问题漏洞
IBM Analytics Content Hub is a clean streaming experience from International Business Machines IBM that visualizes relevant analytics by extracting content from IBM and other analytics providers. A code issue vulnerability exists in IBM Analytics Content Hub versions 2.0, 2.1, 2.2, and 2.3 that...
WordPress Forminator Forms Code Issue Vulnerability
WordPress Forminator Forms is a powerful free form builder plugin that supports the creation of many types of interactive forms. WordPress Forminator Forms suffers from a code issue vulnerability that stems from deserializing untrusted inputs in the function entrydeleteuploadfiles, which can be...
WordPress WP Optimize By xTraffic Code Issue Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. A code issue vulnerability exists in WordPress WP Optimize By xTraffic that stems from the application not properly validating user-submitted code, which can be exploited b...
Microsoft Windows tcp/ip 代码问题漏洞
Microsoft Windows tcp/ip is a Tcp/Ip support service for Windows from Microsoft Corporation USA. A code issue vulnerability exists in Microsoft Windows tcp/ip. An attacker could exploit the vulnerability to elevate privileges. The following products and versions are affected:Windows Server 2019...
Library System Code Issue Vulnerability
Library System is a library system. Library System has a code issue vulnerability that stems from the lack of valid validation of uploaded files by the parameter image in the file /profile.php. An attacker can exploit this vulnerability to upload malicious files...
Nimesa Backup and Recovery 代码问题漏洞
Nimesa Backup and Recovery is a data backup and recovery software from Nimesa India. Nimesa Backup and Recovery suffers from a code issue vulnerability that stems from vulnerability to a server-side request forgery attack that could send unexpected requests to an internal server...
Pilz IndustrialPI 代码问题漏洞
Pilz IndustrialPI is a gateway for the Industrial Internet of Things from Pilz Individual Developers in Germany. A code issue vulnerability exists in Pilz IndustrialPI that stems from an unauthenticated login bypass resulting in a setting change...
Akamai CloudTest 代码问题漏洞
Akamai CloudTest is a suite of scalable load testing platforms from Akamai Corporation. A code issue vulnerability exists in Akamai CloudTest versions prior to 2025.06.09 that stems from vulnerability to server-side request forgery attacks...
ABB Lite Panel Pro 代码问题漏洞
ABB Lite Panel Pro is a human-machine interface product from ABB Switzerland. A code issue vulnerability exists in ABB Lite Panel Pro 1.0.1 and prior versions, which stems from insufficient session expiration...
CVE-2025-38086
In the Linux kernel, the following vulnerability has been resolved: net: ch9200: fix uninitialised access during miinwayrestart In miinwayrestart the code attempts to call mii-mdioread which is ch9200mdioread. ch9200mdioread utilises a local buffer called "buff", which is initialised with...
WordPress Beaver Builder plugin code issue vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A code issue vulnerability exists in the WordPress Beaver Builder plugin that stems from a lack of file type validation, which can be exploited by an attacker to cause an...
WordPress Auto Upload Images plugin code issue vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A code issue vulnerability exists in the WordPress Auto Upload Images plugin that stems from the server not implementing an adequate authentication mechanism to confirm the orig...
MICROSENS NMP Web+ 代码问题漏洞
MICROSENS NMP Web+ is a network management platform from MICROSENS Germany. A code issue vulnerability exists in MICROSENS NMP Web+ that stems from a JSON Web token that has not expired and could lead to system access...