NVIDIA Megatron-LM Code Injection Vulnerability

NVIDIA Megatron-LM is a PyTorch-based distributed training framework from NVIDIA that specializes in training large Transformer language models. NVIDIA Megatron-LM suffers from a code injection vulnerability that originates in a tool component and can be exploited by an attacker to modify the...

Apache Answer Competitive Conditions Issue Vulnerability

Apache Answer is a community platform of the Apache USA Foundation. Apache Answer 1.2.1 and prior versions suffer from a Competing Conditions vulnerability, which arises from improper handling of concurrent access when concurrent code requires mutually exclusive access to shared resources during...

IBM Security Guardium XML External Entity Injection Vulnerability (CNVD-2024-12704)

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. IBM Security Guardium Key Lifecycle Manager suffers from an...

Apache InLong Data Forgery Issue Vulnerability

Apache InLong is the U.S. Apache Apache Foundation's one-stop massive data integration framework. Provides automated, secure and reliable data transfer capabilities. Apache InLong versions 1.4.0 through 1.8.0 are vulnerable to a data forgery issue that arises from a networked system or product th...

Adobe Illustrator Buffer Overflow Vulnerability (CNVD-2023-76935)

Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. Adobe Illustrator suffers from a buffer overflow vulnerability that originates when a networked system or product performs an operation in memory without properly validating data boundaries...

Adobe Illustrator Out-of-Bounds Write Vulnerability (CNVD-2023-74542)

Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. Adobe Illustrator suffers from an out-of-bounds write vulnerability that originates when a networked system or product performs an operation in memory without properly validating the data...

Siemens TIA Portal Path Traversal Vulnerability (CNVD-2023-35760)

Siemens TIA Portal is a fully integrated automation portal from Siemens, Germany.TIA Portal gives you unlimited access to the full range of digital automation services, from digital planning to integrated engineering and transparent operation. A path traversal vulnerability exists in Siemens TIA...

Adobe ColdFusion Path Traversal Vulnerability (CNVD-2023-100303)

Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. A path traversal vulnerability exists in Adobe ColdFusion. The vulnerability arises from a failure of a...

Apache DolphinScheduler path traversal vulnerability

Apache DolphinScheduler, a distributed DAG visualization-based workflow task scheduling system from the Apache Foundation, has a path traversal vulnerability in versions prior to Apache DolphinScheduler 2.0.6, which stems from the failure of a networked system or product to properly filter...

Dell GeoDrive Path Traversal Vulnerability

Dell GeoDrive is a free application from Dell, Inc. It provides access to Dell EMC ECS and Atmos storage from Microsoft Windows desktops and servers. A path traversal vulnerability exists in Dell GeoDrive versions prior to 2.2.3. The vulnerability stems from a failure of a networked system or...

Dell Hybrid Client Path Traversal Vulnerability

Dell Hybrid Client is a software application from Dell USA Inc. It provides a client computing software with hybrid cloud management capabilities. A path traversal vulnerability exists in Dell Hybrid Client versions prior to 1.8. The vulnerability stems from a failure of a networked system or...

IBM CICS TX Cross-Site Request Forgery Vulnerability

IBM CICS TX Advanced is a comprehensive, single transaction runtime package from IBM USA, Inc. It can provide a cloud-native deployment model for standalone applications. IBM CICS TX Advanced version 11.1 contains a security vulnerability that stems from a lack of authentication measures or...

Google Android 缓冲区错误漏洞

Google Android is a Linux-based open source operating system from Google. A code execution vulnerability exists in Google Android. The vulnerability arises from a failure of a networked system or product to properly filter specific elements of externally entered data during the construction of a...

October CMS Competitive Conditions Issue Vulnerability

October CMS is an open source content management system CMS based on PHP and Laravel web application framework. October CMS suffers from a Competing Conditions Issue vulnerability. The vulnerability stems from improper handling of concurrent access when concurrent code requires mutually exclusive...

ASG technologies ASG-Zena Cross Platform Server Enterprise Edition XML External Entity Injection Vulnerability

ASG technologies ASG-Zena Cross Platform Server Enterprise Edition is a modern multi-platform workload automation solution from ASG technologies, Inc. An XML external entity injection vulnerability exists in ASG technologies ASG-Zena Cross Platform Server Enterprise Edition version 4.2.1, which...

Adobe InDesign Code Execution Vulnerability (CNVD-2022-76625)

A security vulnerability exists in Adobe InDesign, a set of typesetting and editing applications from Adobe. The vulnerability stems from a networked system or product that does not properly validate data boundaries when performing operations on memory, and can be exploited by an attacker to...

Microsoft Windows Storage Spaces Controller Elevation of Privilege Vulnerability (CNVD-2022-70064)

An elevation-of-privilege vulnerability exists in Microsoft Windows Storage Spaces Controller, a driver necessary to provide storage space functionality for Microsoft Corporation. The vulnerability stems from improper handling of concurrent access when concurrent code needs to mutually exclusive...

Adobe Framemaker Out-of-Bounds Write Vulnerability (CNVD-2022-41737)

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A security vulnerability exists in Adobe Framemaker. The vulnerability stems from a networked system or product th...

Adobe InCopy out-of-bounds write vulnerability (CNVD-2022-76627)

Adobe InCopy is a text editing software for authoring from Adobe U.S. An out-of-bounds write vulnerability exists in Adobe InCopy, which stems from a networked system or product that does not properly validate data boundaries when performing operations on memory and can be exploited by an attacke...

Adobe InDesign Code Execution Vulnerability

Adobe InDesign is a set of layout and editing applications from the American company Audobee Adobe. A code execution vulnerability exists in Adobe InDesign. The vulnerability arises from a networked system or product that does not properly validate data boundaries when performing operations in...