SAP MDG Review Match Groups Application 安全漏洞

The SAP MDG Review Match Groups Application is a data duplication detection tool developed by SAP, a German company. This application has security vulnerabilities; these vulnerabilities stem from the lack of necessary authorization checks, which may lead to privilege escalation...

PT-2026-47826

NVIDIA DALI contains a vulnerability in a component where an attacker could cause an improper index validation. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, and information disclosure...

ROS-20260609-73-0034

The vulnerability in Thunderbird is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

Dell iDRAC Tools 后置链接漏洞

Dell iDRAC Tools are a series of tools developed by the American company Dell for managing and maintaining Dell servers. Versions of Dell iDRAC Tools prior to 11.4.1.0 contained a post-link vulnerability, which stemmed from improper link resolution before file access. This vulnerability could all...

PT-2026-48184

Shenzhen Tenda Technology Co., Ltd Tenda O3v3 v1.0.0.5 was discovered to contain a stack overflow in the save list data parameter of the formSetCfm function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

FreeBSD Security Advisory - FreeBSD-SA-26:26.ktls

FreeBSD Security Advisory - The KTLS receive path decrypted each record in place, assuming that the mbufs holding received data were anonymous and safe to modify. This assumption does not hold for data placed on a socket by sendfile2, which can reference file-backed memory directly through...

Microsoft Visual Studio Code 信息泄露漏洞

Microsoft Visual Studio Code is an open-source code editor developed by the American company Microsoft. Microsoft Visual Studio Code has a vulnerability related to information leakage. Attackers can exploit this vulnerability to obtain sensitive information...

Microsoft Exchange Server 代码问题漏洞

Microsoft Exchange Server is a email service program provided by the American company Microsoft. It offers features such as email access, storage, forwarding, voicemail handling, and email filtering. There are code vulnerabilities in Microsoft Exchange Server. Attackers can exploit these...

Microsoft Office 安全漏洞

Microsoft Office is a suite of office software products developed by Microsoft Corporation in the United States. Common components of this product include Word, Excel, Access, PowerPoint, and FrontPage. There is a security vulnerability in Microsoft Office, which stems from excessive reading of...

Svelte 跨站脚本漏洞

Svelte is an open-source approach to building web applications. Versions of Svelte prior to 5.55.7 contained a cross-site scripting vulnerability. This vulnerability stemmed from the use of extended syntax for rendering untrusted data, causing event handling properties to be included in the HTML...

PT-2026-48325

Name of the Vulnerable Software and Affected Versions Spring Data REST versions 3.7.0 through 3.7.19 Spring Data REST versions 4.3.0 through 4.3.16 Spring Data REST versions 4.4.0 through 4.4.14 Spring Data REST versions 4.5.0 through 4.5.11 Spring Data REST versions 5.0.0 through 5.0.5 Descripti...

PT-2026-48324

Name of the Vulnerable Software and Affected Versions Spring Data REST versions 3.7.0 through 3.7.19 Spring Data REST versions 4.3.0 through 4.3.16 Spring Data REST versions 4.4.0 through 4.4.14 Spring Data REST versions 4.5.0 through 4.5.11 Spring Data REST versions 5.0.0 through 5.0.5 Descripti...

LimeSurvey SQL注入漏洞

LimeSurvey PHPSurveyor is a set of open-source online survey programs developed by the LimeSurvey team. It supports survey program development, survey questionnaire publishing, and data collection functions. LimeSurvey has a SQL injection vulnerability. This vulnerability arises from the...

FreeSWITCH 安全漏洞

FreeSWITCH is a free and open-source communication software developed by Anthony Minessale, an individual developer from the United States. This software can be used to create audio, video, and messaging-related products and applications. Prior to FreeSWITCH version 1.11.1, there were security...

Hermes Web UI 安全漏洞

Hermes Web UI is a lightweight, dark-themed web interface developed by Nathan Esquenazi. Versions of Hermes Web UI prior to 0.51.269 contained security vulnerabilities. These vulnerabilities were caused by a configuration file isolation bypass issue, which could allow authenticated users to acces...

CVE-2025-55651

CVE-2025-55651 describes a NULL pointer dereference in GPAC MP4Box v2.4, within gf_isom_get_user_data_count (isomedia/isom_read.c). The vulnerability can cause a Denial of Service when processing a crafted MP4 file. The connected sources confirm a PoC exists, but no specific patch/version or reme...

PT-2026-48316

Name of the Vulnerable Software and Affected Versions Spring Data Commons versions 4.0.0 through 4.0.5 Spring Data Commons versions 3.5.0 through 3.5.11 Spring Data Commons versions 3.4.0 through 3.4.14 Spring Data Commons versions 3.3.0 through 3.3.16 Spring Data Commons versions 3.2.0 through...

CVE-2025-52293

GPAC MP4Box v2.4 contains a DoS vulnerability in the gf_hevc_read_sps_bs_internal function (media_tools/av_parsers.c) when processing crafted HEVC SPS data. This results in a segmentation fault and possible denial of service under network conditions with no user interaction. The CVSS vector indic...

PT-2026-47534

Name of the Vulnerable Software and Affected Versions SAP NetWeaver Application Server ABAP and ABAP Platform affected versions not specified Description An authenticated attacker with normal privileges can obtain a valid signed message and send modified signed XML documents to the verifier. This...

WordPress plugin PICA Photo Gallery SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...