1395 matches found
H3C N12 V100R005 安全漏洞
The H3C N12 V100R005 is a wireless router from China's Xinhua San H3C. A security vulnerability exists in the H3C N12 V100R005 version, which stems from a lack of length validation in the 5G wireless network processing function, which could lead to an attacker crashing a remote target device or...
CVE-2024-12131
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.5 due to missing validation on a user controlled key. This makes it possible for authenticated...
UBUNTU-CVE-2023-6604
A flaw was found in FFmpeg. This vulnerability allows unexpected additional CPU load and storage consumption, potentially leading to degraded performance or denial of service via the demuxing of arbitrary data as XBIN-formatted data without proper format validation...
PT-2025-2407 · Qualcomm · Snapdragon +32
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to memory corruption that occurs when input parameter validation for the number of fences is missing for fence frame IOCTL calls...
CVE-2024-10903
The Broken Link Checker WordPress plugin before 2.4.2 does not validate a the link URLs before making a request to them, which could allow admin users to perform SSRF attack, for example on a multisite installation...
PT-2024-17683 · WordPress · Wplegalpages
Name of the Vulnerable Software and Affected Versions: WP Legal Pages plugin for WordPress versions up to, and including, 3.2.6 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the create popup delete process function. This allows...
PT-2024-36737 · Altair · Altair
Name of the Vulnerable Software and Affected Versions: Altair versions prior to v12.24Q4.1 Description: The issue is related to a lack of validation and authentication in the image proxy for compressing and resizing remote files, which could allow attacks affecting availability. This could result...
CVE-2024-55545
Missing input validation in the ORing IAP-420 web-interface allows Cross-Site Scripting XSS.This issue affects IAP-420 version 2.01e and below...
CVE-2024-55544
Missing input validation in the ORing IAP-420 web-interface allows authenticated Command Injections on OS level.This issue affects IAP-420 version 2.01e and below...
CVE-2024-9252
Foxit PDF Reader AcroForm Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2024-9729
Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target mus...
CVE-2024-9725
Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target mus...
CVE-2024-11525
IrfanView DXF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or...
WordPress plugin SimpleGMaps 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...
Harbor 授权问题漏洞
Harbor is an open source registry from Harbor Open Source. Artifacts are protected through policies and role-based access control to ensure that images are scanned and are not vulnerable, and that images are signed as trusted. Harbor suffers from an authorization issue vulnerability that stems fr...
Dell SmartFabric OS10 命令注入漏洞
Dell SmartFabric OS10 is a Debian Linux-based network operating system from Dell Networking designed to run on its PowerSwitch platform. A command injection vulnerability exists in Dell SmartFabric OS10 that stems from the system not filtering and validating user input at command execution. An...
PT-2024-39789 · Trimble · Trimble Sketchup Viewer
Name of the Vulnerable Software and Affected Versions: Trimble SketchUp Viewer affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this issue, where...
PT-2024-39134
Name of the Vulnerable Software and Affected Versions: JobSearch WP Job Board plugin for WordPress versions up to, and including, 2.6.7 Description: The issue is related to missing file type validation in the jobsearch wp handle upload function, allowing authenticated attackers with...
Gitsign 安全漏洞
Gitsign is a tool from the individual developers of Gitsign that enables key-free completion of signing Git commits. A security vulnerability exists in Gitsign that stems from the fact that there is no additional validation to ensure that the hash of an entry matches the payload being validated...
PT-2024-39629 · WordPress · Wpglobus Translate Options
Name of the Vulnerable Software and Affected Versions: WPGlobus Translate Options plugin for WordPress versions up to, and including, 2.2.0 Description: The issue is due to missing or incorrect nonce validation on the on translate options page function, making it possible for unauthenticated...