F5 BIG-IP和F5 BIG-IQ 安全漏洞

F5 BIG-IP and F5 BIG-IQ are both products from the American company F5. F5 BIG-IP is an application delivery platform that integrates functions such as network traffic management, application security management, and load balancing. F5 BIG-IQ is a software-based cloud management solution. This...

Oracle VM VirtualBox Core Component Elevation of Privilege Vulnerability (CNVD-2026-18427)

Oracle VM VirtualBox is a desktop virtualization software developed by Oracle for running multiple operating systems on a single host. An elevation of privilege vulnerability exists in Oracle VM VirtualBox. The vulnerability stems from a failure of the Core component to properly handle privilege...

Oracle VM VirtualBox Core Component Elevation of Privilege Vulnerability (CNVD-2026-18539)

Oracle VM VirtualBox is a desktop virtualization software developed by Oracle to run multiple operating systems on a single host. An elevation of privilege vulnerability exists in Oracle VM VirtualBox. The vulnerability stems from a failure of the Core component to properly handle privilege...

Oracle VM VirtualBox 安全漏洞

Oracle VM VirtualBox is a desktop virtualization software developed by Oracle for running multiple operating systems on a single host. An elevation of privilege vulnerability exists in Oracle VM VirtualBox. The vulnerability stems from a failure of the Core component to properly handle privilege...

Unspecified vulnerability in Discourse (CNVD-2026-17480)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from a security vulnerability that stems from improper privilege authentication, which can be exploited by an attacker ...

Huawei HarmonyOS and EMUI Media Library Module Privilege Authentication Bypass Vulnerability

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. A privilege authentication bypass vulnerability exists...

CVE-2025-26391

SolarWinds Observability Self-Hosted XSS Vulnerability. The SolarWinds Platform was susceptible to a XSS vulnerability that affects user-created URL fields. This vulnerability requires authentication from a low-level account...

CVE-2025-26391

CVE-2025-26391: SolarWinds Observability Self-Hosted exposes a cross-site scripting (XSS) vulnerability in user-created URL fields of the SolarWinds Platform. The issue requires authentication from a low-privilege account. Public exploitation details or concrete remediation are not provided in th...

Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS Sonoma prior to 14.8.2 and Sequoia prior to 15.7.2, which stems from insufficient privilege authentication and could result in...

📄 Perfex CRM Chatbot Cross Site Scripting

Perfex CRM's chatbot feature suffers from a persistent cross site scripting vulnerability. CVE-2025-60374 CVE-2025-60374: Stored Cross-Site Scripting XSS in Perfex CRM Chatbot ⚠️ Security Advisory A critical Stored Cross-Site Scripting vulnerability in Perfex CRM's chatbot feature --- 📋 Overview A...

EUVD-2024-31777

Malicious code in bioql PyPI...

EUVD-2022-26877

Malicious code in bioql PyPI...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the Server: Optimizer component. An attacker can cause the server to hang or crash repeatedly by sending specially crafted requests over the network while authenticated with high privileges. Details Denial of...

CVE-2024-52612

SolarWinds Platform is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input parameters. This vulnerability requires authentication by a high- privileged account to be exploitable...

CVE-2024-52612

Summary of CVE-2024-52612 (SolarWinds Platform): A reflected cross-site scripting vulnerability exists due to insufficient sanitation of input parameters. Exploitation requires authentication by a high-privileged account (and user interaction is typically required per NVD metrics), with impact on...

Devolutions Server 安全漏洞

Devolutions Server is an application from Devolutions Canada Inc. which provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2024.3.6.0 and prior versions, which stems from incorrect authorization of the Privilege...

Devolutions Remote Desktop Manager 安全漏洞

Devolutions Remote Desktop Manager is an application from Devolutions Canada Inc. It provides remote desktop management functionality. A security vulnerability exists in Devolutions Remote Desktop Manager version 2024.2.21 and prior versions, which stems from incorrect authorization in the...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is a distributed operating system developed independently by Huawei Technologies Co. Huawei EMUI is Huawei's emotional operating system based on Android. Huawei HarmonyOS/EMUI suffers from an access privilege authentication vulnerability, which originates from an access privilege...

Huawei EMUI和Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. Huawei HarmonyOS and EMUI are vulnerable to an access...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. Huawei HarmonyOS and EMUI are vulnerable to an access...