195539 matches found
WatchGuard Fireware OS 安全漏洞
WatchGuard Fireware OS is a software operated by the American company WatchGuard, running on Firebox devices. Versions 12.7 to 12.11.7 and 2025.1 to 2026.1.1 of WatchGuard Fireware OS contain security vulnerabilities. These vulnerabilities stem from reflective cross-site scripting in the Fireware...
Mozilla Firefox和Mozilla Thunderbird 安全漏洞
Mozilla Firefox and Mozilla Thunderbird are both products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla Application Suite. This software supports IMAP and POP email...
Devolutions Server 安全漏洞
Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server prior to 2025.3.14.0 contained security vulnerabilities. These vulnerabilities stemmed fro...
MajorDoMo 操作系统命令注入漏洞
MajorDoMo is an open-source DIY smart home automation platform developed by the MajorDoMo community. There is a vulnerability in the operating system’s command injection mechanism. This vulnerability stems from the $param variable passed as user input in the rc/index.php file, which is inserted...
OpenSatKit 安全漏洞
OpenSatKit is an open-source application development toolkit developed by OpenSatKit. Version 2.2.1 of OpenSatKit contains a security vulnerability. This vulnerability stems from the use of an insecure sprintf call in the EventErrStr buffer, which may lead to a stack buffer overflow...
Zulip 跨站脚本漏洞
Zulip is a powerful open-source chat application developed by the American company Zulip Corporation. It combines the immediacy of real-time conversations with the productivity benefits of threaded dialogue. Versions of Zulip from 5.0 to 11.5 had a cross-site scripting vulnerability. This...
Honeywell WIN-PACK PRO code issue vulnerability
Honeywell WIN-PACK PRO is a security management platform software developed by the American company Honeywell. Version 4.8 of Honeywell WIN-PACK PRO contains a code vulnerability. This vulnerability stems from the GuardTourService having service paths that are not enclosed in quotes, which may...
Oracle PeopleSoft security vulnerabilities
Oracle PeopleSoft is a corporate human capital management solution developed by Oracle Corporation in the United States. This product offers functions such as human capital management, financial management, and supplier relationship management. PeopleSoft Enterprise PeopleTools is a tool and...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a node page read not ending before f2fsputsuper completes, potentially leading to a file system reference...
Microsoft Windows SMB Server 竞争条件问题漏洞
Microsoft Windows SMB Server is a network file-sharing protocol from Microsoft. It allows applications on a computer to read and write files and request services from server programs on a computer network. A denial of service vulnerability exists in Microsoft Windows SMB Server, which is caused d...
Microsoft Windows Common Log File System Driver 安全漏洞
The Microsoft Windows Common Log File System Driver is Microsoft's Common Log File System CLFS API that provides a high-performance, general-purpose log file subsystem that can be used by specialized client applications and shared by multiple clients to optimize logging and access. access. A...
Microsoft Windows Virtualization-Based Security Enclave 安全漏洞
Microsoft Windows Virtualization-Based Security Enclave Microsoft Windows VBS Enclave is a software-based trusted execution environment in the address space of host applications from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Virtualization-Based Security...
fluidsynth 安全漏洞
fluidsynth is fluidsynth open source an application system . Used to generate audio by using SoundFont by reading and processing MIDI events from MIDI input devices. A security vulnerability exists in fluidsynth 2.4.6 and earlier versions, which stems from a null pointer dereference that may be...
WordPress plugin Speed Kit 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
Yonyou KSOA SQL注入漏洞
Yonyou KSOA is an enterprise management software from China's UFIDA Yonyou company. A SQL injection vulnerability exists in Yonyou KSOA version 9.0, which originates from the incorrect operation of the parameter zpjhid in the file /kp/PrintZPYG.jsp, which could lead to a SQL injection attack...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not freeing memory when clock hardware registration fails, which could lead to a memory leak...
WordPress plugin Custom 404 Pro 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...
WordPress plugin Workreap 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
CAPE 安全漏洞
CAPE is a malware sandbox by the individual developer Kevin OReilly. CAPE has a security vulnerability that stems from an analysis denial vulnerability in reporting/mongodb.py and reporting/jsondump.py, which allows an attacker to submit samples to generate deeply nested or oversized behavioral...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a double release of blkmqtags, which could cause the kernel to crash...
KNIME Business Hub 安全漏洞
KNIME Business Hub is KNIME's enterprise software for data science automation, deployment modeling, team collaboration and management workflows. A security vulnerability exists in KNIME Business Hub versions prior to 1.16.0 that originates from an unauthenticated, remote attacker who can craft...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from insufficient attribute size checking, which could lead to out-of-bounds reads...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a race condition in the fs dlm component that could lead to a null pointer dereference...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not checking the tw68riscbuffer return value and buf-cpu value, which could result in a null pointer...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an improperly set completion timeout for the ucsiacpi command, which could result in a null pointer...
Microsoft Office 资源管理错误漏洞
Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, and so on. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to...
NVIDIA BlueField 安全漏洞
NVIDIA BlueField is a series of data processing units from NVIDIA. NVIDIA BlueField has a security vulnerability that can be exploited by attackers to potentially cause a denial of service, elevation of privilege, and information disclosure...
Citrix Systems ADC and NetScaler Gateway 安全漏洞
Citrix Systems ADC and NetScaler Gateway is an application delivery controller from Citrix Systems, Inc. A security vulnerability exists in Citrix Systems ADC and NetScaler Gateway that originates from a memory overflow that could lead to unpredictable behavior or denial of service...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from mt7996thermalinit not checking the devmkasprintf return value, which could result in a null pointer...
Jenkins plugin Aqua Security Scanner 安全漏洞
Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...
Jenkins plugin HTML Publisher 安全漏洞
Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...
Brother Industries Multiple driver installers for Windows 安全漏洞
Brother Industries Multiple driver installers for Windows is a driver software from Brother Industries, Japan. A security vulnerability exists in Brother Industries Multiple driver installers for Windows, which can be exploited by an unauthenticated attacker to access the /etc/mntinfo.csv path vi...
Elecom WRC-1167GHBK2-S 跨站脚本漏洞
The Elecom WRC-1167GHBK2-S is a router from Elecom Japan. The Elecom WRC-1167GHBK2-S suffers from a cross-site scripting vulnerability that stems from susceptibility to stored cross-site scripting attacks...
Allure Report 代码问题漏洞
Allure Report is a flexible, lightweight, multi-language test reporting tool from the Allure Framework open source. A code issue vulnerability exists in Allure Report 2 versions prior to 2.34.1, which stems from xunit-xml-plugin not securely configuring the XML parser, which could lead to XXE...
Pterodactyl Panel 代码注入漏洞
Pterodactyl Panel is a free open source game server administration panel from Pterodactyl Open Source. A code injection vulnerability exists in Pterodactyl Panel versions prior to 1.11.11, which stems from the /locales/locale.json endpoint that does not validate the locale and namespace parameter...
IBM Cognos Analytics 跨站脚本漏洞
IBM Cognos Analytics is a suite of business intelligence software from International Business Machines IBM. The software includes reports, dashboards, and scorecards, and can assist organizations in adjusting their decisions by analyzing such things as key factors and key people. A cross-site...
WordPress plugin Wp Easy Allopass 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site...
WordPress plugin LayoutBoxx 代码注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a memory leak in the es58xrxerrmsg function error path...
CrushFTP 安全漏洞
CrushFTP is a file transfer server from CrushFTP, Inc. A security vulnerability exists in CrushFTP that stems from vulnerability to directory traversal attacks...
WordPress plugin Team Rosters 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from the eth bnxt module accessing a null pointer when the interface is closed...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege checking vulnerability exists in the Huawei HarmonyOS media library module, which can be exploited by an attacker to compromise confidentiality...
IBM FlashSystem 安全漏洞
IBM FlashSystem is a family of high-performance all-flash and hybrid flash storage solutions from International Business Machines IBM. A security vulnerability exists in IBM FlashSystem that originates from a specially crafted HTTP request bypassing RPCAdapter endpoint authentication...
Sitecore Experience Manager和Experience Platform 安全漏洞
Sitecore Experience Platform XP and Sitecore Experience Manager XM are both products of Sitecore, a Danish company.Sitecore Experience Platform is a suite of customer digital experience platforms.Sitecore Sitecore Experience Platform is a customer digital experience platform, and Sitecore...
FileVista 安全漏洞
FileVista is a web file manager from GleamTech Individual Developers. A security vulnerability exists in FileVista version 9.2.0.0 that originates from directory traversal during file uploads and allows remote attackers to execute code, disclose information, and elevate privileges...
WAVLINK AC3000 安全漏洞
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. An external configuration control vulnerability exists in the WAVLINK AC3000, which can be exploited by attackers to cause a privilege bypass...
SingMR HouseRent 代码问题漏洞
HouseRent is a house rental management system by Mr.W individual developer. It provides an auto-caching JWK-Set HTTP client. A code issue vulnerability exists in SingMR HouseRent version 1.0, which stems from the singleUpload/upload function in the file...
Hanwha Vision NVR 安全漏洞
Hanwha Vision NVR is a series of network video recorder devices from Hanwha Vision, a South Korean company. A security vulnerability exists in Hanwha Vision NVR that stems from improper handling of large data inputs when processing URL parameters, which could lead to a stack overflow...
Drupal 安全漏洞
Drupal is an open source content management system developed in the PHP language by the Drupal community. A security vulnerability exists in Drupal that stems from improper input neutralization during page generation, resulting in a cross-site scripting vulnerability...