Apache Airflow 安全漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. There is a security vulnerability in Apache Airflow. This...

defu 安全漏洞

Defu is a lightweight tool library developed by UnJS for recursively merging default values. Versions of Defu prior to 6.1.5 contained security vulnerabilities; these vulnerabilities stemmed from the practice of passing uncleaned user input into the Defu functions, which could lead to prototype...

OpenChatBI 路径遍历漏洞

OpenChatBI is an intelligent data analysis and visualization tool based on natural language dialogue, developed by Yu Zhong. Versions of OpenChatBI prior to 0.2.2 contained a path traversal vulnerability. This vulnerability stemmed from insufficient cleaning of the fileformat parameter input in t...

Foxit PDF Editor Cloud 安全漏洞

Foxit PDF Editor Cloud is a browser-based online PDF editing platform provided by the American company Foxit. Versions of Foxit PDF Editor Cloud prior to February 3, 2026, contained security vulnerabilities. These vulnerabilities stemmed from the inability to clean user input that was embedded in...

Blood Bank Management System 安全漏洞

Blood Bank Management System is a blood bank management system by shridhar shukla individual developer. A security vulnerability exists in Blood Bank Management System version 1.0, which stems from the updateprofile.php and rprofile.php components not cleaning up user input, which could lead to...

E-commerce 安全漏洞

E-commerce is a dynamic e-commerce website by the individual developer Bhabishya Ghimire. A security vulnerability exists in E-commerce version 1.0 that stems from the signup.inc.php endpoint not cleaning up user input, which could lead to SQL injection attacks and authentication bypass...

Snort Report 安全漏洞

Snort Report is an inspection report management system from the Snort team. A security vulnerability exists in Snort Report versions prior to 1.3.2 that stems from the nmap.php and nbtscan.php scripts not being cleaned of user input, which could lead to remote command execution...

Robot Operating System 安全漏洞

Robot Operating System is a meta-operating system for ROS 2 open source robots. A security vulnerability exists in Robot Operating System that stems from the rosbag tool's use of the eval function to process uncleaned user input, which could lead to the execution of arbitrary Python code...

AVTECH DVR 安全漏洞

AVTECH DVR is a digital video recorder from AVTECH, a Taiwan, China-based company. A security vulnerability exists in AVTECH DVR that originates from a command injection due to uncleaned input in the Search.cgi endpoint...

Smartwares CIP-37210AT和Smartwares C724IP 安全漏洞

The Smartwares CIP-37210AT and Smartwares C724IP are both products of Smartwares, Inc.The Smartwares CIP-37210AT is an IP camera device for home or office security monitoring.The Smartwares C724IP is an IP camera device that is for home or office security monitoring. A security vulnerability exis...

WordPress plugin Discover the Best Woocommerce Product Brands 跨站脚本漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress plugin Discover the Best...

WordPress plugin Catch Popup 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerabili...

Hitachi Energy RTU500 跨站脚本漏洞

RTU500 is a series of industrial control components from Hitachi, Japan, mainly used in industrial control systems. A cross-site scripting vulnerability exists in Hitachi Energy RTU500 series CMU Firmware, which originates from user input not being properly cleaned, and can be exploited by an...

Moodle SQL注入漏洞

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. Moodle suffers from a security vulnerability that stems from insufficient cleansing of user-supplied data in an external Wiki method us...

WordPress Plugin Spectra 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

The vulnerability of the Cisco Discovery Protocol implementation in the microsoftware of Cisco Analog Telephone Adapter (ATA) series 190 devices allows a perpetrator to cause memory corruption and compromise the integrity of protected information.

The vulnerability of the Cisco Discovery Protocol implementation in microprogrammed software for Cisco Analog Telephone Adapter ATA devices of the 190 series is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability can allow a malicious actor to cause memory...

The vulnerability of NETGEAR’s Wi-Fi router software, including models RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850, arises from insufficient cleaning of input data. This allows attackers to execute arbitrary commands.

The vulnerability of NETGEAR Wi-Fi router microprogramming systems, such as RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850, is related to insufficient cleaning of input data. Exploiting this vulnerability can allow a remote attacker to execute arbitrary commands...

The vulnerability of microprogramming software in server boards, server systems, and Intel computing modules arises from the lack of measures to protect input data. This allows attackers to exploit their privileges.

The vulnerability of microprogrammed software in server boards, server systems, and Intel computing modules is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability can allow a remote attacker to increase their privileges...

Juplink Intelligent Technologies RX4-1500 Injection Vulnerability

The Juplink Intelligent Technologies RX4-1500 is a wireless router from Juplink Intelligent Technologies. A security vulnerability exists in the Juplink Intelligent Technologies RX4-1500 v1.0.3, which originates from the program failing to clean user input before executing it. A remote attacker...

The vulnerability in the implementation of DHCP clients for Red Hat Enterprise Linux and Fedora allows a attacker to execute arbitrary commands with root privileges.

The vulnerability of DHCP-client implementations for Red Hat Enterprise Linux and Fedora arises due to insufficient cleaning of input data. Operating these systems may allow a malicious actor to execute arbitrary commands with root privileges remotely...