Progress Sitefinity 安全漏洞

Progress Sitefinity is an open-source platform developed by the American company Progress, used for building corporate websites and internal networks. Versions of Progress Sitefinity from 8.0.5700 to 13.3.7652 have security vulnerabilities. These vulnerabilities stem from insufficient credential...

ROS-20260417-73-0027

Vulnerability in rubygem-rack related to failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

OpenClaw 代码问题漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.25 had code vulnerabilities. These vulnerabilities stemmed from insufficient protection configurations for multiple channel extensions, which could lead to server-side request...

EUVD-2025-197806

Software installed and run as a non-privileged user may conduct improper GPU system calls to gain write permissions to memory buffers exported as read-only. This is caused by improper handling of the memory protections for the buffer resource...

CVE-2025-20305

Cisco ISE (web-based management interface) contains an information-disclosure vulnerability where certain files lack proper data protection, enabling an authenticated, read-only administrator to view passwords normally hidden to that role. Impact is limited to confidentiality (viewing sensitive c...

The vulnerability of the NTLM protocol implementation in the backup and recovery software for remote and cloud-based Veeam Service Provider Console (VSPC) users allows a hacker to bypass authentication procedures and gain unauthorized access to protected information.

The vulnerability of the NTLM protocol implementation in the backup and recovery software for remote and cloud-based Veeam Service Provider Consoles is related to insufficient protection of service data. Exploiting this vulnerability allows a malicious actor to bypass authentication procedures an...

The vulnerability of the SCADA system MasterSCADA, related to deficiencies in data protection, allows a intruder to gain access to the project configuration file.

The vulnerability of the SCADA system MasterSCADA is related to deficiencies in data protection. Exploiting this vulnerability can allow an intruder to gain unauthorized access to the project configuration file by rewriting the password hash value...

The vulnerability of software for developing and executing applications in the ABAP language on the SAP NetWeaver Application Server ABAP platform lies in the insufficient protection of operational data, which allows attackers to disclose confidential information.

The vulnerabilities of the software used for developing and executing applications in the ABAP language of SAP NetWeaver Application Server are related to insufficient protection of operational data. Exploiting these vulnerabilities can allow attackers to disclose sensitive information...

The vulnerability of Microsoft Bing Search’s search engine on the iOS operating system allows attackers to carry out spoofing attacks.

The vulnerability of Microsoft Bing Search’s search engine on the iOS operating system is related to a violation of data protection mechanisms. Exploiting this vulnerability allows an attacker to perform spear-phishing attacks remotely...

The vulnerability of the Encryption endpoint protection software, the threat detection and prevention software, and the Dell Endpoint Security Suite Enterprise and Dell Security Management Server – all of which are related to access control deficiencies – allow attackers to increase their privileges.

The vulnerability of the Encryption endpoint protection software, the threat detection and response software, and the Dell Endpoint Security Suite Enterprise and Dell Security Management Server related to security management are related to access control deficiencies. Exploiting this vulnerabilit...

The vulnerability of the `sysScheduleRebootSet` function in the wireless access point software of Tenda i29 allows a intruder to execute arbitrary code.

The vulnerability of the sysScheduleRebootSet function in the wireless access point software of Tenda i29 involves insufficient measures taken to protect input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the memcached data caching service provided by the libmemcached-awesome library allows a hacker to gain unauthorized access to protected information.

The vulnerability of the memcached data caching service provided by the libmemcached-awesome library is related to insufficient protection of operational data when processing the POLLTIMEOUT parameter, which controls the wait time for requests. Exploiting this vulnerability can allow an attacker ...

ModelSim Simulation 安全漏洞

Questa and ModelSim simulators are used worldwide to simulate, debug, and verify integrated circuit designs, etc. ModelSim Simulation and Questa Simulation do not protect sufficient credentials, and the RSA white-box implementation in the affected application does not adequately protect the...

The vulnerability of Microsoft SharePoint Server, SharePoint Foundation, and SharePoint Enterprise Server lies in their security vulnerabilities related to data protection, which allows attackers to gain unauthorized access to protected information.

The vulnerability of Microsoft SharePoint Server, SharePoint Foundation, and SharePoint Enterprise Server relates to deficiencies in data protection. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Network Address Translation (NAT) technology implementation in Windows operating systems allows a hacker to induce a service failure.

The vulnerability of the Network Address Translation NAT technology implementation in Windows operating systems is related to security flaws in service data protection. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

The vulnerability of the File Store Service, a component of the Service Fabric application, allows a perpetrator to escalate their privileges.

The vulnerability of the File Store Service of the Service Fabric application is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to enhance their privileges by modifying the configuration file and connecting to SMB or SCP ports...

Various Vulnerabilities in Norton Anti-Virus 2002

Various Vulnerabilities in Norton Anti-Virus 2002 ++++++++++++++++++++++++++++++++++++ Scope ---------- Edvice recently tested NAV 2002's ability to detect viruses in incoming e-mail messages. NAV 2002 includes an Email protection feature that scans incoming and outgoing e-mails for viruses. The...