195539 matches found
WordPress plugin Saso Serial Codes Generator and Validator with WooCommerce Support 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the amtrcv function not releasing an incoming skb when a socket is not found, potentially leading to a memor...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the dmamask and dmaparms of the device object in the vmbusdeviceregister function not being properly...
WordPress plugin Hash Elements 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Hash...
Hanwha Vision NVR 安全漏洞
Hanwha Vision NVR is a series of network video recorder devices from Hanwha Vision, a South Korean company. A security vulnerability exists in Hanwha Vision NVR that stems from a NULL pointer reference issue when handling specific URL parameters, which can cause the NVR to reboot when an attacker...
WordPress plugin Element Pack Elementor Addons 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...
Citrix Systems NetScaler Gateway和NetScaler ADC 缓冲区错误漏洞
Citrix Systems NetScaler Gateway Citrix Systems Gateway and Citrix Systems NetScaler ADC are both products of Citrix Systems, Inc.Citrix Systems NetScaler Gateway is a secure remote access solution. The solution provides administrators with application-level and data-level controls to enable user...
WordPress plugin Social Auto Poster 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blogging sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...
H2O 代码问题漏洞
H2O is an in-memory platform for distributed, scalable machine learning open-sourced by H2O.ai. A code issue vulnerability exists in H2O-3 version 3.46.0.4, which stems from the fact that incorrect manipulation of the parameter query can lead to deserialization...
Flowise 安全漏洞
Flowise is a FlowiseAI open source tool for easily building LLM applications. A security vulnerability exists in Flowise version 1.8.2. An attacker exploited the vulnerability to access the API endpoint as an administrator...
Fortinet FortiProxy Security Vulnerability
Fortinet FortiProxy is a secure network proxy from Fortinet that protects employees from cyberattacks by combining a variety of detection technologies such as Web filtering, DNS filtering, DLP, anti-virus, intrusion prevention, and advanced threat protection.FortiProxy helps reduce bandwidth...
WordPress plugin Divi security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress plugin WPZOOM Addons for Elementor 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin The Plus Addons for Elementor Pro 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...
Apollo Router 安全漏洞
Apollo Router is a configurable, high-performance graphical router written in Rust. A security vulnerability exists in Apollo Router versions prior to 1.45.1, which stems from an error in the cache retrieval logic and could result in the execution of unexpected operations...
Xpdf 缓冲区错误漏洞
Xpdf is a free PDF viewer and toolkit from Xpdf, Inc. that includes a text extractor, image converter, HTML converter, and more. A security vulnerability exists in Xpdf versions 4.05 and earlier, which stems from a vulnerability that allows an attacker to trigger an out-of-bounds array write...
WordPress Plugin Zotpress SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin Zotpress is vulnerabl...
WordPress Plugin Estatik Real Estate Plugin Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. The WordPress Plugin Estatik Real Estate...
AsyncSSH Security Vulnerability
AsyncSSH is a Python package that provides an asynchronous client and server implementation of the SSHv2 protocol on top of the Python asyncio framework. A security vulnerability exists in AsyncSSH v2.14.0 and earlier versions, which stems from a vulnerability that allows an attacker to take...
Fiber Security Breach
Fiber is an open source web framework written in the Go language. A security vulnerability exists in Fiber that stems from the presence of a cross-site request forgery CSRF vulnerability. The vulnerability can be exploited by an attacker to obtain a token instead of the user and forge malicious...
Graylog 数据伪造问题漏洞
Graylog is a centralized log management solution from Graylog USA. The product supports capturing, storing, and analyzing logs in real time, among other things. Graylog suffers from a data forgery issue vulnerability that stems from vulnerability to DNS cache poisoning attacks...
Spinnaker 日志信息泄露漏洞
Spinnaker is a continuous delivery platform. It is used to release software changes with high speed and confidence. Spinnaker suffers from a log information disclosure vulnerability that stems from the possibility of granting elevated access to an uncontrolled repository...
ScanCode Command Injection Vulnerability
ScanCode is an open source tool for analyzing and scanning source code for open source license information and potential intellectual property issues. A command injection vulnerability exists in ScanCode.io versions prior to 32.5.1, which stems from a command injection vulnerability in the...
Ruijie Networks Product 代码注入漏洞
Ruijie Networks Product is a series of Ruijie wireless products from China-based Ruijie Networks. A security vulnerability exists in the Ruijie Networks Product that originates from an API privilege that allows a remote attacker to escalate via a POST request to /cgi-bin/luci/ and affects the...
Microsoft Edge 安全漏洞
Microsoft Edge is a web browser from Microsoft Corporation USA that comes with systems after Windows 10. Microsoft Edge has a security vulnerability that stems from the presence of a spoofing vulnerability...
Django 安全漏洞
Django is the Django Foundation's set of open source Web application framework based on the Python language . The framework includes an object-oriented mapper , view system , template system and so on. A security vulnerability exists in Django versions prior to 3.2.20, 4.1.10, and 4.2.3, which...
Jenkins Code Dx Plugin 安全漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
Qualcomm 芯片安全漏洞
A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuitry mainly semiconductor devices, but also passive components, etc. and is manufactured from time to time on the surface of semiconductor wafers. A security vulnerability exists in some Qualcomm products that ste...
Cloud hypervisor 资源管理错误漏洞
Cloud hypervisor is Cloud hypervisor's virtual machine monitor for modern cloud workloads. Cloud hypervisor suffers from an access control error vulnerability that originates from allowing a user to send a malicious HTTP request via an HTTP API socket, which can be exploited by an attacker to cau...
OpenZeppelin 安全漏洞
OpenZeppelin is a software application. A standard for secure blockchain applications. A security vulnerability exists in OpenZeppelin Contracts prior to version 4.8.3, which stems from the fact that if conflicting functions have different signatures and incompatible ABI encodings, an agent may...
vm2 安全漏洞
vm2 is an advanced virtual machine/sandbox for Node.js by individual developer Patrik Simek in the Czech Republic. to run untrusted code using whitelisted Node built-in modules. A security vulnerability exists in vm2 version 3.9.15 and earlier. An attacker exploits this vulnerability to bypass...
imgproxy 跨站脚本漏洞
imgproxy is imgproxy individual developer's fast and secure standalone server for tweaking and converting remote mirrors. A cross-site scripting vulnerability exists in imgproxy versions prior to 3.14.0, which stems from the presence of reflected cross-site scripting XSS...
Online Pizza Ordering System 授权问题漏洞
Online Pizza Ordering System is an online pizza ordering system by Carlo Montero, an individual developer. An authorization issue vulnerability exists in version 1.0 of the SourceCodester Online Pizza Ordering System, which stems from a security issue in admin/ajax.php?action=saveuser in the...
Discourse 安全漏洞
Discourse is an open source community discussion platform. The platform includes features such as communities, email and chat rooms. A security vulnerability exists in Discourse. An attacker logged in as an administrator could make multiple requests for backups, which would exhaust all connection...
WordPress Plugin Rextheme WP VR – 360 Panorama and Virtual Tour Builde 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. WordPress Plugin Rextheme ...
answer 跨站脚本漏洞
answer is an open source knowledge-based community software. A cross-site scripting vulnerability exists in versions of answer prior to 1.0.5. The vulnerability stems from a lack of effective filtering and escaping of user-supplied data, which can be exploited by attackers to cause cross-site...
FlatPress 跨站脚本漏洞
FlatPress is a Php-based blogging system from the FlatPress community that does not require database support. A cross-site scripting vulnerability exists in FlatPress, which stems from a problem with an unknown part of the admin/panels/entry/admin.entry.list.php file in the Admin Area component...
OpenMRS 跨站脚本漏洞
OpenMRS is an open source electronic medical record system from OpenMRS, Inc. in the United States. OpenMRS version 1.17.0 before the security vulnerability , the vulnerability stems from the component Notes Handler in the...
Silverware Games SilverwareGames.io 跨站脚本漏洞
Silverware Games SilverwareGames.io is an online gaming website from Silverware Games, Inc. Silverware Games SilverwareGames.io suffers from a cross-site scripting vulnerability that originates from allowing custom HTML attributes to be added to iframe tags...
Fortinet FortiOS授权问题漏洞
Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A security vulnerability exists i...
Xfce 参数注入漏洞
Xfce is a desktop environment by the individual developer Olivier Fourdan for Unix and Unix-like operating systems such as Linux and FreeBSD. Xfce A parameter injection vulnerability exists in Xfce xfce4-settings versions prior to 4.16.4, 4.17.x through 4.17.1, which stems from escaping character...
Delta Electronics InfraSuite Device Master 路径遍历漏洞
Delta Electronics InfraSuite Device Master is a device used to simplify and automate the monitoring of critical equipment from Delta Electronics Taiwan, China. A path traversal vulnerability exists in Delta Electronics InfraSuite Device Master 00.00.01a and prior versions, which stems from allowi...
Honeywell Saia Burgess PG5 PCD 授权问题漏洞
Honeywell Saia Burgess PG5 PCD is a Honeywell USA solution that includes SBC Instrumentation, Control and Automation ICA devices for implementation and operational automation. A security vulnerability exists in all versions of the Honeywell Saia Burgess PG5 PCD, which stems from the use of the...
Nucleus CMS 代码问题漏洞
Nucleus CMS is a website builder. A security vulnerability exists in Nucleus CMS version v3.71, which stems from the presence of a file upload vulnerability. An attacker can exploit this vulnerability to obtain sensitive information from a website...
Advantech iView 命令注入漏洞
Advantech iView, a Simple Network Protocol SNMP based software from Advantech, China, for managing B B SmartWorx devices, is vulnerable to a command injection vulnerability in versions prior to Advantech iView 5.7.04.6469, which stems from the use of a special element in a command that is not...
Jenkins Plugin ThreadFix 跨站请求伪造漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins Plugin is an application software. An authorization issue...
Splunk 信任管理问题漏洞
Splunk is a suite of data collection and analysis software from Splunk, Inc. in the United States. The software is primarily used to collect, index, and analyze and the data it generates, including data generated by all IT systems and infrastructures physical, virtual machines, and cloud. A...
Cisco Common Services Platform Collector 跨站脚本漏洞
Cisco Common Services Platform Collector CSPC is a common services platform data collector from Cisco USA. The product analyzes network performance and identifies risks and vulnerabilities by polling basic inventory and configuration data from Cisco devices.Cisco Common Services Platform Collecto...
InHand Networks InRouter302 输入验证错误漏洞
InHand Networks InRouter Series is a series of routers from InHand Networks, Inc. InHand Networks InRouter302 version V3.5.4 is vulnerable to an input validation error that originates in the libnvram.so nvramimport function userdefineinit function in the userdefinetimeoutnvram variable has...
Adobe InDesign 缓冲区错误漏洞
Adobe InDesign is a set of layout and editing applications from the American company Audobee Adobe. A code execution vulnerability exists in Adobe InDesign. The vulnerability arises from a networked system or product that does not properly validate data boundaries when performing operations in...