CVE-2024-46878

A Cross-Site Scripting XSS vulnerability exists in the page parameter of tiki-editpage.php in Tiki version 26.3 and earlier. This vulnerability allows attackers to execute arbitrary JavaScript code via a crafted payload, leading to potential access to sensitive information or unauthorized actions...

CVE-2024-51223

A stored cross-site scripting XSS vulnerability in the component /admin/profile.php of Phpgurukul Vehicle Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Mobile Number parameter...

EUVD-2026-2439

A stored cross-site scripting XSS vulnerability exists in pH7Software pH7-Social-Dating-CMS 17.9.1 in the user profile Description field...

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A security vulnerability exists in Nagios XI versions prior to 5.8.2 and CCM versions prior to 3.1.1, which ste...

CVE-2025-60354

Unauthorized modification of arbitrary articles vulnerability exists in blog-vue-springboot...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the U.S. Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of e-mail client software that is separate from the Mozilla Application Suite. Mozilla Thunderbird is ...

Microsoft Defender 安全漏洞

Microsoft Defender for IoT is an asset discovery, vulnerability management and threat monitoring solution for IoT/OT environments. An elevation of privilege vulnerability exists in Microsoft Defender for IoT, which can be exploited by an attacker to escalate privileges...

Intern Membership Management System security breach

Intern Membership Management System is an intern membership management system. A security vulnerability exists in Intern Membership Management System. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor announcement...

JFinalCMS Security Vulnerability

JFinalCMS is a content management system by heyewei individual developer. A security vulnerability exists in JFinalCMS v5.0.0, which originates from a cross-site request forgery vulnerability in the /admin/div/delete component...

Milesight UR32L 缓冲区错误漏洞

The Milesight UR32L is an industrial router from China-based Milesight. A buffer overflow vulnerability exists in the Milesight UR32L setdmvpn function, which can be exploited by an attacker to cause a buffer overflow and execute arbitrary code on the system, or cause an application to crash...

Google Android 信任管理问题漏洞

Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor's announcement...

Google Android 资源管理错误漏洞

Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor's announcement...

Microsoft Windows Secure Socket Tunneling Protocol 安全漏洞

The Microsoft Windows Secure Socket Tunneling Protocol is a Microsoft mechanism for encapsulating Point-to-Point Protocol PPP traffic via the HTTPS protocol, as specified in RFC1945, RFC2616, and RFC2818. This protocol enables users to access private networks using HTTPS. HTTPS can traverse most...

Mozilla Firefox 资源管理错误漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozila Firefox. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor announcement...

web2py 输入验证错误漏洞

web2py is web2py open source a free and open source full stack enterprise framework. Used for agile development of secure database-driven Web-based applications. A security vulnerability exists in web2py. No information about this vulnerability is available at this time, please stay tuned to CNNV...

Owncloud ownCloud 安全漏洞

Owncloud ownCloud is a personal cloud storage solution from the American company ownCloud Owncloud. There is a security vulnerability in Owncloud owncloud, there is no information about the vulnerability at the moment, please stay tuned to CNNVD or the vendor's announcement...

3S-Smart Software Solutions CODESYS V3 web server 安全漏洞

3s-smart Software Solutions 3S-Smart Software Solutions CODESYS V3 web server is a web server from 3S-Smart Software Solutions Germany that is used in the CODESYS product. 3S-Smart Software Solutions CODESYS V3 web server is a web server used by 3S-Smart Software Solutions 3s-smart Software...

IBM Security Identity Manager 安全漏洞

IBM Security Identity Manager ISIM is a suite of identity management and governance solutions from IBM in the United States. The solution automates the creation, modification, re-authentication and termination of user privileges throughout the user lifecycle and supports policy-based password...

CVE-2019-14476

AdRem NetCrunch 10.6.0.4587 has a Server-Side Request Forgery SSRF vulnerability in the NetCrunch server. Every user can trick the server into performing SMB requests to other systems...

Denial of Service Vulnerability in Flash Art App

Flash Art APP is a collection of a large number of high-quality original novel reading software. A denial of service vulnerability exists in Flash Art APP, which can be exploited by attackers to cause a denial of service...