195539 matches found
SourceCodester Web-based Pharmacy Product Management System 注入漏洞
SourceCodester Web-based Pharmacy Product Management System is SourceCodester open source a Web-based pharmacy product management system . An injection vulnerability exists in the SourceCodester Web-based Pharmacy Product Management System version 1.0, which results from SQL injection due to...
Oracle MySQL 安全漏洞
Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in Oracle MySQL Server, which stems from improper handling of the Server: DDL component and can be exploited by an...
YesWiki 路径遍历漏洞
YesWiki is a wiki system written in PHP by the French organization YesWiki. It is used to create and manage websites in a collaborative manner. A path traversal vulnerability exists in YesWiki versions prior to 4.5.2, which stems from the squelette parameter being vulnerable to a path traversal...
FoxCMS 代码注入漏洞
FoxCMS is a free commercial open source content management system from China Qianxu FoxCMS company. A security vulnerability exists in FoxCMS version 1.2.5, which originates from the index.html component that allows execution of arbitrary code...
Keylime 代码问题漏洞
Keylime is an open source extensible trust system utilizing TPM technology from Keylime Open Source. A code issue vulnerability exists in Keylime version 7.12.0 that stems from strict type checking and could lead to proxy registration failure...
WordPress plugin Post Lockdown 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly handling peer hash locks and RCU callbacks, which could lead to a deadlock...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the scxmovetask function not properly detecting automated group migrations, which could result in a warning...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a null pointer dereference to ctx-activefmt in calctxv4l2initformats...
Linux kernel 代码问题漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a code issue vulnerability that stems from the bnxt driver not properly recalculating network device characteristics after XDP is disabled, which...
Barco多款产品 安全漏洞
Barco ClickShare CX-30/20 and others are products of Barco Belgium.Barco ClickShare CX-30/20 is a seamless wireless conferencing solution for small and medium-sized meeting rooms.Barco ClickShare C-5/10 is a seamless wireless The Barco ClickShare Bar Pro/Core is an advanced all-in-one video...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from the presence of an object reference loop problem...
Intel Neural Compressor 输入验证错误漏洞
Intel Neural Compressor is an open source project from Intel Corporation USA designed to help developers easily implement AI model optimization. A security vulnerability exists in Intel Neural Compressor versions prior to v3.0 that stems from improper input validation. An attacker exploiting the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a problem with passing a stopped vif to a driver...
WordPress plugin WP Job Manager - Resume Manager 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
Microsoft Simple Certificate Enrollment Protocol 资源管理错误漏洞
Microsoft Simple Certificate Enrollment Protocol is a Microsoft Corporation USA protocol for automating certificate enrollment that allows devices to request and receive certificates through a simple process. A resource management error vulnerability exists in Microsoft Simple Certificate...
Django 安全漏洞
Django is a set of open source web application frameworks based on the Python language from the Django Foundation. The framework includes an object-oriented mapper, view system, template system, and more. A security vulnerability exists in Django versions v5.1.1, v5.0.9 and v4.2.16. An attacker...
Microsoft Remote Desktop Client 资源管理错误漏洞
Microsoft Remote Desktop Client is a remote desktop client from Microsoft Corporation USA. A resource management error vulnerability exists in Microsoft Remote Desktop Client. An attacker could exploit this vulnerability to remotely execute code. The following products and versions are affected:...
HCL Nomad 安全漏洞
HCL Nomad is an application for using and managing the Domino application development platform in mobile devices from HCL Corporation, USA. A security vulnerability exists in HCL Nomad, which stems from being affected by an open proxy vulnerability...
ArubaOS 安全漏洞
ArubaOS is an operating system for Aruba Mobility-Defined Networks including Mobility Controllers and Mobility Access Switches from Aruba, USA. A security vulnerability exists in ArubaOS. An attacker could exploit the vulnerability by installing unsigned software packages on the underlying...
Hitachi Energy MicroSCADA X SYS600 参数注入漏洞
Hitachi Energy MicroSCADA X SYS600 is a SCADA product from Hitachi, Japan. It ensures optimal control and reliable operation of your switching station through seamless integration and connectivity between different devices and systems. The Hitachi Energy MicroSCADA X SYS600 suffers from a paramet...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the soc:qcom:icc-bwmon module issuing a warning due to an imbalance in reference counts during bwmonremove,...
Fortinet FortiOS 访问控制错误漏洞
Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. An access control error...
Raisecom MSG1200、Raisecom MSG2100E、Raisecom MSG2200和Raisecom MSG2300 操作系统命令注入漏洞
The Raisecom MSG1200 and others are a Gigabit Converged Gateway from Raisecom China. An OS command injection vulnerability exists in the Raisecom MSG1200, Raisecom MSG2100E, Raisecom MSG2200, and Raisecom MSG2300 version 3.90, which originates from the parameter template/ in file...
WordPress plugin CTT Expresso para WooCommerce 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin Newspack Blocks Information Disclosure Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...
WordPress plugin Responsive Image Gallery security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
key-serializer security vulnerability
key-serializer is a library by Harvey Woo Personal Developer. It is used to serialize keys and query keys deep within objects. A security vulnerability exists in key-serializer version 0.2.5, which stems from a function containing prototype contamination that allows an attacker to execute arbitra...
WordPress Security Vulnerabilities
WordPress is a suite of blogging platforms developed in the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security vulnerability exists in WordPress versions prior to 6.5.5, which stems from insufficient input clean...
IBM i Security Vulnerabilities
IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. A security vulnerability exists in IBM i versions 7.3, 7.4, and 7.5. An attacker exploiting this vulnerability could elevate privileges to gain root access to the host...
Microsoft Azure Backlink Vulnerability
Microsoft Azure is a suite of open, enterprise-grade cloud computing platforms from Microsoft Corporation USA. A backlink vulnerability exists in Microsoft Azure File Sync. An attacker could exploit the vulnerability to elevate privileges. The following products and versions are affected:Azure Fi...
WordPress plugin Sensei Pro (WC Paid Courses) Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerabili...
netplan Security Vulnerabilities
netplan is a utility program from the netplan team for easy network configuration on Linux systems. A security vulnerability exists in Netplan 1.0 and earlier versions, which stems from disclosing the private key of wireguard to local users...
Moodle Security Breach
Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle versions 4.3 through 4.3.3. An attacker exploited the vulnerability to perform a cross-site...
Moodle Security Breach
Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A security vulnerability exists in Moodle versions 4.3 through 4.3.3, which stems from an insufficient check to see if ReCAPTCHA is...
Adobe Acrobat Reader 访问控制错误漏洞
Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. Adobe Acrobat Reader has a security vulnerability that can be exploited by an attacker to cause arbitrary code execution in the context of the current user...
Nuki Bridge 安全漏洞
Nuki Bridge is a smart lock control software from Nuki. A security vulnerability exists in Nuki Bridge v1.x prior to v1.22.0 and v2.x prior to v2.13.2, and Nuki Keypad v1.9.2 prior to v1.9.2, which stems from a publicly available HTTP API that uses an unencrypted channel to provide a management...
Maxon Cinema 4D 安全漏洞
Maxon Cinema 4D is a 3D drawing software from Maxon, a German company. A security vulnerability exists in Maxon Cinema 4D that originates from a post-release reuse vulnerability in the analysis of SKP files. An attacker can exploit the vulnerability to execute remote code...
Foxit PDF Reader 安全漏洞
Foxit PDF Reader is China Foxit Foxit company a PDF reader. A remote code execution vulnerability exists in Foxit PDF Reader, which can be exploited by an attacker to execute arbitrary code...
LG Simple Editor 安全漏洞
LG Simple Editor is a simple editor from Luckin LG Korea that creates new content by simplifying the process and instant playback on signage. A remote code execution vulnerability exists in LG Simple Editor due to an exposed and dangerous feature. An attacker could exploit the vulnerability to...
WordPress plugin Advanced Post List 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...
Tenda AC500 安全漏洞
The Tenda AC500 is a Gigabit port access controller from Tenda, China. A security vulnerability exists in Tenda AC500 version 2.0.1.91307, which originates from a buffer overflow in the funcpara1 parameter of the formSetCfm method of the /goform/setcfm file. No details of the vulnerability are...
Adobe Animate 输入验证错误漏洞
Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. Adobe Animate suffers from an input validation error vulnerability that stems from the application's susceptibility to integer overflow, which can be exploited by an attacker to execute arbitrary code in t...
Microsoft OLE 安全漏洞
Microsoft OLE is an object-oriented technology from Microsoft Corporation USA. A security vulnerability exists in Microsoft OLE. The following products and versions are affected:Microsoft SQL Server 2019 for x64-based Systems GDR,Microsoft SQL Server 2022 for x64-based Systems GDR,Microsoft OLE D...
Microsoft ODBC Driver 安全漏洞
Microsoft ODBC Driver is a driver from Microsoft Corporation USA. It allows applications to access data in a database management system DBMS using SQL as the standard for accessing data. A security vulnerability exists in Microsoft ODBC Driver. An attacker could exploit the vulnerability to...
Microsoft OLE DB Provider for SQL Server 安全漏洞
Microsoft OLE DB Driver for SQL Server is a standalone data access application programming interface API for OLE DB. A remote code execution vulnerability exists in Microsoft OLE DB Driver for SQL Server, which can be exploited by an attacker to execute arbitrary code on the system...
WordPress Plugin wp-schema-pro 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability previously...
AMSS++ Cross-Site Scripting Vulnerability
AMSS++ is a tool for office management support systems from Amssplus. A cross-site scripting vulnerability exists in AMSS++ version 4.31, which stems from a cross-site scripting vulnerability in the bid parameter of the /amssplus/modules/book/main/bookdetailkhetperson.php page...
WordPress Plugin Error Log Viewer by BestWebSoft Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...
Fortinet FortiOS Authorization Issues Vulnerability
Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with a variety of security features such as firewall, antivirus, IPSec/SSLVPN, Web content filtering, and antispam. An authorization issue...