195539 matches found
Emby MediaBrowser 安全漏洞
Emby MediaBrowser is a media server software from Emby. A security vulnerability exists in Emby MediaBrowser, which can be exploited by an attacker to bypass authorization via a user control key...
WordPress plugin Eventin 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
Siemens SENTRON 7KT PAC1260 Data Manager 操作系统命令注入漏洞
Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. The Siemens SENTRON 7KT PAC1260 Data Manager suffers from an OS command injection vulnerability that stems from not cleaning up the language parameter of a specific POST request,...
Adobe Acrobat Reader 缓冲区错误漏洞
Adobe Acrobat is the United States of America Odo than Adobe company's set of software suite used to create, edit, view and print PDF Portable Document Format files. A security vulnerability exists in Adobe Acrobat, which stems from an out-of-bounds read issue that can be exploited by an attacker...
WordPress plugin A/B Image Optimizer 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blogging sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversa...
Hanwha Vision NVR 安全漏洞
Hanwha Vision NVR is a series of network video recorder devices from Hanwha Vision, a South Korean company. A security vulnerability exists in the Hanwha Vision NVR that originates from an attacker being able to create log files in a directory one level higher than the directory where the NVR log...
WordPress plugin Easy Appointments 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
Drupal 安全漏洞
Drupal is an open source content management system developed in the PHP language by the Drupal community. A security vulnerability exists in Drupal version 10.0.X prior to 10.2.10, which stems from the presence of an allowed file manipulation vulnerability...
angular-base64-upload 安全漏洞
angular-base64-upload is a library by the individual developers of Adones Pitogo. A security vulnerability exists in angular-base64-upload prior to version 0.1.21, which stems from vulnerability to an unauthenticated remote code execution attack via demo/server.php...
Microsoft Internet Small Computer Systems Interface 资源管理错误漏洞
Microsoft Internet Small Computer Systems Interface is an IP network-based storage technology from Microsoft that allows computer systems to access remote SCSI storage devices over existing network infrastructures such as Ethernet. A resource management error vulnerability exists in Microsoft...
uPlot 安全漏洞
uPlot is a fast, memory-efficient Canvas 2D-based chart for drawing time series, lines, areas, ohlc, and bars from leeoniya personal developer. A security vulnerability exists in uPlot versions prior to 1.6.31, which stems from a lack of checking whether attributes resolve to object prototypes...
WordPress plugin Brave Popup Builder 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
NATS Server Security Vulnerability
NATS Server is an open source messaging system. The system is primarily used for cloud-native applications, IoT messaging, and microservices architectures. NATS.io A security vulnerability exists in NATS Server versions prior to 2.8.2 and Streaming Server versions prior to 0.24.6, which stems fro...
Number withdrawn
PyTorch is a Python package in the PyTorch open source. This CVE number has been withdrawn...
Foxit Reader 信任管理问题漏洞
Foxit Reader is a Chinese Foxit Foxit company's a PDF document reader. A trust management issue vulnerability exists in Foxit Reader version 2024.2.0.25138, which stems from an elevation of privilege vulnerability. No details of the vulnerability are available at this time...
GLPI 安全漏洞
GLPI is an open source IT and asset management software from an individual developer. The software provides a full-featured IT resource management interface that you can use to build databases to fully manage IT computers, monitors, servers, printers, network devices, phones, and even toner and i...
LG Simple Editor 安全漏洞
LG Simple Editor is a simple editor from Luckin LG Korea that creates new content by simplifying the process and instant playback on signage. LG Simple Editor suffers from an XML External Entity Handling vulnerability due to an improper restriction on XML External Entity XXE references, where a...
Flowise 安全漏洞
Flowise is a tool for easily building LLM applications. A security vulnerability exists in Flowise version 1.6.5 that stems from the presence of an authentication bypass vulnerability...
Microsoft OLE DB Provider for SQL Server 安全漏洞
Microsoft OLE DB Provider for SQL Server is an API from Microsoft Corporation that allows access to data from a variety of sources in a unified way. A security vulnerability exists in Microsoft OLE DB Provider for SQL Server. An attacker could exploit the vulnerability to remotely execute code. T...
Microsoft ODBC Driver 安全漏洞
Microsoft ODBC Driver is a driver from Microsoft Corporation USA. It allows applications to access data in a database management system DBMS using SQL as the standard for accessing data. A security vulnerability exists in Microsoft ODBC Driver. An attacker could exploit the vulnerability to...
WordPress Plugin Avada 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers running PHP and MySQL.WordPress plugin i...
Microsoft Xbox Gaming Services 安全漏洞
Microsoft Xbox Gaming Services is an Xbox-related gaming service from Microsoft Corporation USA. A security vulnerability exists in Microsoft Xbox Gaming Services that stems from the presence of an elevation of privilege vulnerability...
WordPress Plugin JetElements Code Injection Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...
Fortinet FortiVoice Security Vulnerability
Fortinet FortiSwitch and others are products of Fortinet, Inc. FortiSwitch is a switch product and Fortinet FortiVoice is a product of tine and others are products of tine, Inc. tine is a team collaboration software. A security vulnerability exists in Fortinet FortiVoiceEnterprise, FortiSwitch,...
Microsoft ODBC Driver Security Vulnerability
Microsoft ODBC Driver is a driver from Microsoft. It allows applications to access data in a database management system DBMS using SQL as the standard for accessing data. A security vulnerability exists in Microsoft ODBC Driver. An attacker could exploit the vulnerability to remotely execute code...
GitLab Data Forgery Issue Vulnerability
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. GitLab is vulnerable to a data forgery issue. No information about this...
Jupyter Server 输入验证错误漏洞
Jupyter Server is an application used by the Jupyter organization to provide back-end services for Jupyter Web applications. An input validation error vulnerability exists in versions of Jupyter Server prior to 2.7.2, which stems from the presence of an open redirection vulnerability that could...
WordPress Plugin Donation Forms by Charitable 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
Microsoft ASP.NET Core Security Vulnerability
Microsoft ASP.NET Core is a framework of cross-platform open source framework from Microsoft. The framework is used to build cloud-based applications such as Web applications, Internet of Things applications, and mobile backends. ASP.NET has a security vulnerability. An attacker could exploit the...
Wrodpress Plugin LionScripts: IP Blocker Lite 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. Wrodpress Plugin LionScripts: IP Blocker Li...
Milesight UR32L 操作系统命令注入漏洞
The Milesight UR32L is a 4G industrial router from China's Milesight. The Milesight UR32L vtyshubus toolshexcute.constprop.1 feature suffers from a command injection vulnerability that can be exploited by an attacker to execute arbitrary commands on the system...
WordPress plugin Integration for Contact Form 7 and Zoho CRM, Bigin SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin Integration for Contact Fo...
MinIO 安全漏洞
MinIO is an open source object storage server from US-based MinIO. The product supports building infrastructures for machine learning, analytics, and application data workloads. A security vulnerability exists in Minio Console versions prior to 0.28.0 that stems from Unicode RIGHT-TO-LEFT OVERRID...
Tuleap 跨站脚本漏洞
Tuleap is open source an application lifecycle management system that facilitates agile software development, design projects, V-modeling, requirements management and IT service management. A security vulnerability in Tuleap community versions prior to 14.8.99.60, enterprise versions prior to...
WordPress plugin Shoppable Images 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
Netflix Lemur 安全特征问题漏洞
Netflix Lemur is Netflix's tool for managing TLS credential creation. A security vulnerability exists in Netflix Lemur versions prior to 1.3.2, which stems from an insufficiently randomized value used when generating default credentials, and which could be exploited by an attacker to guess...
XWiki Commons 跨站脚本漏洞
XWiki Commons is a technology library shared by several other top XWiki projects. A security vulnerability exists in XWiki Commons, which stems from the fact that if the last author of a page's content has scripting privileges, a user without scripting privileges can use the Live Data macro to...
Microsoft SQL Server 安全漏洞
Microsoft SQL Server is a large commercial database system from Microsoft that is used under Microsoft Windows. A security vulnerability exists in Microsoft SQL Server. The following products and editions are affected: Microsoft SQL Server 2008 for 32-bit Systems Service Pack 4 QFE, Microsoft SQL...
etcd 授权问题漏洞
etcd is a key-value storage system for distributed systems written in the Go language. A security vulnerability exists in Etcd-io version v.3.4.10. A remote attacker could exploit the vulnerability to elevate privileges via the debugging feature...
phpMyFAQ 跨站脚本漏洞
phpMyFAQ is a multi-language, fully database-driven FAQ system by the individual developer Thorsten Rinne. A cross-site scripting vulnerability exists in phpMyFAQ versions prior to 3.1.12. An attacker can exploit this vulnerability to perform cross-site scripting attacks...
FFmpeg 资源管理错误漏洞
FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in FFmpeg versions prior to 5.1.2. An attacker can exploit this vulnerability to execute arbitrary code...
VISAM VBASE 代码问题漏洞
VISAM VBASE is a data acquisition and monitoring system from VISAM Germany. A code issue vulnerability exists in VISAM VBASE Automation Base prior to version 11.7.5, which stems from an improper restriction on XML external entity references, and can be exploited by an attacker to trick a user int...
Snappy 代码问题漏洞
Snappy is a PHP library from the individual developers at KNP Labs that allows thumbnails, snapshots or PDFs to be generated from url or html pages. A code issue vulnerability exists in versions of Snappy prior to 1.4.2 that stems from a lack of protocol checks. An attacker can exploit this...
Microsoft PostScript Printer Driver 安全漏洞
Microsoft PostScript Printer Driver is a Microsoft standard printer driver for PostScript printers from Microsoft USA. Microsoft PCL6 Class Printer Driver is a printer driver software from Microsoft Corporation. Microsoft PostScript and PCL6 Class Printer Driver contains an elevation of privilege...
Microsoft Excel 安全漏洞
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...
Fortinet FortiWeb 路径遍历漏洞
Fortinet FortiWeb is a Web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning, and other attacks to secure Web applications and protect sensitive database content. A security vulnerability exists in Fortinet...
Qualcomm 芯片安全漏洞
A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and often fabricated on the surface of semiconductor wafers. A security vulnerability exists in the Qualcomm chip wlan driver, which stems fro...
WordPress plugin Icon Widget 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
Dust.js 安全漏洞
Dust.js is a LinkedIn open source asynchronous Javascript template for browsers and servers. A security vulnerability exists in Dust.js version 3.0.0, which stems from some unknown functionality that manipulates to cause improperly controlled modification of object prototype properties "prototype...
Appsmith 代码问题漏洞
Appsmith is an open source platform for building, deploying and maintaining in-house applications from Appsmith Open Source. A server-side request forgery vulnerability exists in Appsmith versions prior to 1.8.2, which can be exploited by an attacker to perform authenticated server-side request...