RT-Thread Input Validation Error Vulnerability (CNVD-2025-16524)

RT-Thread is an open source IoT real-time operating system RTOS open-sourced by RT-Thread. RT-Thread suffers from an input validation error vulnerability that originates from the operation of the parameter how in the file rt-thread/components/lwp/lwpsyscall.c, which can be exploited by an attacke...

RT-Thread 输入验证错误漏洞

RT-Thread is an open source IoT real-time operating system RTOS open-sourced by RT-Thread. RT-Thread suffers from an input validation error vulnerability that originates from the operation of the parameter how in the file rt-thread/components/lwp/lwpsyscall.c, which can be exploited by an attacke...

Adobe Substance 3D Painter Buffer Overflow Vulnerability (CNVD-2024-12464)

Adobe Substance 3D Painter is a 3D texturing application from the American company Audobee Adobe. A buffer overflow vulnerability exists in Adobe Substance 3D Painter 9.1.1 and prior versions, which stems from the presence of an out-of-bounds write that could lead to the execution of arbitrary co...

Adobe Substance 3D Painter Buffer Overflow Vulnerability (CNVD-2024-12465)

Adobe Substance 3D Painter is a 3D texturing application from the American company Audobee Adobe. A buffer overflow vulnerability exists in Adobe Substance 3D Painter 9.1.1 and prior versions, which stems from the presence of an out-of-bounds write vulnerability that could lead to the execution o...

Google Pixel buffer overflow vulnerability (CNVD-2023-01493)

The Google Pixel is a smartphone from Google, Inc. The vulnerability can be exploited by attackers to execute unauthorized commands, which can gain system privileges and then perform various illegal operations...

Tenda AC23 Stack Overflow Vulnerability (CNVD-2023-15697)

Tenda AC23 is a dual-band Gigabit wireless router from Tenda China. Tenda AC23 suffers from a stack overflow vulnerability, which originates from a stack overflow in the firewallEn parameter of the formSetFirewallCfg function. The vulnerability can be exploited by an attacker to execute...

Adobe InDesign Buffer Overflow Vulnerability (CNVD-2022-66017)

Adobe InDesign, a set of typesetting and editing applications from Adobe, has a buffer overflow vulnerability that originates from out-of-bounds reads and could lead to a memory leak. An attacker could use the vulnerability to execute unauthorized commands and could gain system privileges to...

Microsoft Office security feature bypass vulnerability

Microsoft Office is a suite of office software developed by Microsoft Corporation based on the Windows operating system.Microsoft Office suffers from a security feature bypass vulnerability. An attacker can exploit this vulnerability to perform certain illegal operations...

IKEA Fined $1.2M for Elaborate ‘Spying System’

IKEA’s French subsidiary was just hit with a $1.2 million fine after it was found guilty of a creepy systematic snooping scheme targeting customers, employees and even prospective hires. Prosecutors said in all, the company illegally surveilled about 400 people in total, according to the BBC. IKE...

GaussDB Kernel: Configuring the Port

To prevent unauthorized connections to the database and illegal operations on data, you need to change the default port number in time. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

openGauss: Configuring the Port

To prevent unauthorized connections to the database and illegal operations on data, you need to change the default port number in time. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Drupal cross-site request forgery vulnerability (CNVD-2021-36607)

Drupal is an open source content management system developed by the Drupal community using the PHP language. A cross-site request forgery vulnerability exists in the Drupal core Form API, which stems from the program failing to properly process form input. An attacker can exploit this vulnerabili...

Unauthorized Access Vulnerability in IEXplorer at Delta Electronics Enterprise Management (Shanghai) Co.

IEXplorer is an industrial Ethernet utility software that provides automatic searching of Delta's industrial Ethernet products, instant monitoring of device connection status, fast IP address setting and software upgrades for products such as DVS series, DVW series, IFD9506, IFD9507, RTU-EN01,...

CVE-2020-1843

Huawei HEGE-560 version 1.0.1.20SP2, OSCA-550 version 1.0.0.71SP1, OSCA-550A version 1.0.0.71SP1, OSCA-550AX version 1.0.0.71SP2, and OSCA-550X version 1.0.0.71SP2 have an insufficient verification vulnerability. An attacker can perform specific operations to exploit this vulnerability by physica...

Hard-Coded Vulnerability in Telecommunications Science and Technology No.1 Institute's In-vehicle Surveillance System Software

The First Institute of Telecommunications Science and Technology hereinafter referred to as "Telecom One" is a national professional research institute in the field of communications in China, and is now one of the core enterprises of the Institute of Telecommunications Science and Technology ITS...

Onvif protocol anonymous access vulnerability in yestv cameras

Yestv yestv camera is wireless network wifi smart monitor. Yestv cameras have an anonymous access vulnerability in the onvif protocol. The vulnerability is due to call onvif protocol interface to arbitrarily modify the network configuration, arbitrary reboot device, the attacker can write a messa...

Cyrus IMAP index_urlfetch integer overflow vulnerability(CVE-2 0 1 5-8 0 7 8)-vulnerability warning-the black bar safety net

CVECAN ID: CVE-2 0 1 5-8 0 7 8 Cyrus IMAP server Carnegie Mellon University developed the e-mail server. Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 version, imap/index. c in function indexurlfetch there is an integer overflow vulnerability, a remote attacker via urlfetch range check and sectionoffset...

MyBB 1.6.6之前版本多个安全漏洞

BUGTRAQ ID: 51962 MyBB是一款流行的Web论坛程序。 MyBB在实现上存在多个安全漏洞，攻击者可利用这些漏洞执行脚本代码、窃取Cookie身份验证凭证、泄露或修改敏感信息或执行非法操作。 0 MyBB 1.x 厂商补丁： MyBB ---- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.mybboard.com/...

CNAIPIC - Italian government hacked by #Antisec , Various Confidential documents leaked

CNAIPIC - Italian government hacked by Antisec , Various Confidential documents leaked CNAIPIC - Centro Nazionale Anticrimine Informatico per la Protezione delle Infrastrutture Critiche /National Anti-Crime Computer Centre for Critical Infrastructure Protection hacked by Anonymous Hackers for...