195539 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the f2fs file system not performing an integrity check on the destination block address during recovery, whi...
Microsoft Windows Fast Fat Driver 安全漏洞
Microsoft Windows Fast Fat Driver is a complete file system from Microsoft USA that solves a variety of problems such as storing data on disk, interacting with a cache manager, and handling a variety of I/O operations such as file creation, performing reads/writes to files, setting file...
vLLM 代码问题漏洞
vLLM is a vLLM open source high throughput and memory efficient inference and service engine for LLM. A code issue vulnerability exists in versions of vLLM prior to v0.7.0 that stems from arbitrary code execution during unpickling when torch.load loads malicious pickle data...
Siemens SIMATIC WinCC和Siemens SIMATIC STEP 输入验证错误漏洞
Totally Integrated Automation Portal TIA Portal is PC software that offers the complete range of Siemens digital automation services, from digital planning and integrated engineering to transparent operation. A local arbitrary code execution vulnerability exists in Siemens Engineering Platforms,...
WordPress plugin Import and export users and customers 安全漏洞
WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin Import...
Palo Alto Networks PAN-OS 安全漏洞
Palo Alto Networks PAN-OS is a next-generation firewall software from Palo Alto Networks, USA. A security vulnerability exists in Palo Alto Networks PAN-OS that stems from the presence of a memory leak. No details of the vulnerability are provided at this time...
Health Level 7 Security Vulnerability
Health Level 7 is a series of global standards for transferring clinical and administrative health data between applications from Health Level 7, Inc. A security vulnerability exists in Health Level 7 versions prior to 5.6.106 that stems from a package decompression feature in the core library th...
WordPress Plugin Image Regenerate & Select Crop Information Disclosure Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. An information disclosure vulnerability...
PTC KEPserverEX Security Vulnerability
PTC KEPserverEX is a connectivity platform from PTC. Users can connect, manage, monitor and control a variety of automation devices and software applications through an intuitive user interface. A security vulnerability exists in PTC KEPserverEX version v6.14.263.0 and prior versions. An attacker...
WordPress Plugin CodeBard s Patron Button and Widgets for Patreon Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin CodeBard s...
WordPress Plugin cf7-field-validation SQL Injection Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin cf7-field-validati...
Microsoft SQL Server Security Vulnerability
Microsoft SQL Server is a large commercial database system from Microsoft that is used under Microsoft Windows. A security vulnerability exists in Microsoft SQL Server. An attacker has exploited the vulnerability to cause a denial of service on the system. The following products and versions are...
NASA Open MCT Security Vulnerability
NASA Open MCT is an open source open mission control technology from NASA, Inc. for visualizing data on desktop and mobile devices. A security vulnerability exists in versions prior to NASA Open MCT 2.2.5 545a177, which stems from the presence of a prototype contamination vulnerability...
Jenkins Plugin Gogs 安全漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
Osprey Pump Controller 授权问题漏洞
Osprey Pump Controller is a pump controller from Osprey. A security vulnerability exists in Osprey Pump Controller version 1.01, which stems from the use of an alternate path or channel to bypass authentication, and can be exploited by an attacker to gain unauthorized access to the system...
Microsoft .NET and Visual Studio 安全漏洞
Microsoft .NET Core and Microsoft Visual Studio are both products of Microsoft Corporation USA. NET Core is a free and open source development platform. NET Core is a free, open source development platform that features multi-language support and cross-platform capabilities.Microsoft Visual Studi...
Microsoft .NET Framework 安全漏洞
Microsoft .NET Framework is a comprehensive and consistent programming model from Microsoft Corporation USA and a development platform. The platform includes the C and Visual Basic programming languages, a public language runtime library, and an extensive class library. A security vulnerability...
phpMyFAQ 跨站脚本漏洞
phpMyFAQ is a multi-language, fully database-driven FAQ system from the individual developer Thorsten Rinne. A security vulnerability exists in phpMyFAQ versions prior to 3.1.9. An attacker exploited the vulnerability to perform cross-site scripting attacks...
spring-boot-admin 代码注入漏洞
spring-boot-admin is an open source based on Spring boot Mybatis backend management system , with user management , menu management and role management 3 functions , permission control to the button level . A code injection vulnerability exists in spring-boot-admin versions prior to 2.6.10 and...
Akeneo PIM Development Repository 代码注入漏洞
Akeneo PIM Development Repository is an Akeneo open source repository . It is used to develop Akeneo PIM products. A code injection vulnerability exists in Akeneo PIM Development Repository versions prior to v5.0.119 and v6.0.53, which originates from a code injection vulnerability that could all...
Passeo 安全特征问题漏洞
Passeo is a Python password generator by the individual developer Arjun Sharda. A security signature issue vulnerability exists in versions of Passeo prior to 1.0.5 that stems from a reliance on the python random library for random value selection, which relies on a non-cryptographically secure...
GitLab 日志信息泄露漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. A security vulnerability exists in GitLab CE/EE, which stems from its ability t...
Google TensorFlow 安全漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google, Inc. in the United States. A security vulnerability exists in Google TensorFlow, which stems from the UnbatchGradOp function accepting an argument id that is assumed to be scalar. A non-scalar id ca...
npm jquery-validation 安全漏洞
npm jquery-validation is a form insertion validation application provided by npm, Inc. npm jquery-validation version 1.19.3 contains a denial of service vulnerability, which stems from the fact that an attacker who is able to provide arbitrary input to the url2 method can trigger a denial of...
pac4j 安全漏洞
pac4j is a simple yet powerful Java security engine developed by pac4j OpenSource. It is used to authenticate users, retrieve their configuration files, and manage authorizations, thereby protecting web applications and web services. There were security vulnerabilities in versions of pac4j before...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an attempt to write to a read-only memory region, which could cause the kernel to crash...
Eventlet 环境问题漏洞
Eventlet is a concurrent networking library for Python. An environmental issue vulnerability exists in versions prior to Eventlet 0.40.3 that stems from improper handling of HTTP request entrainment, which could lead to a front-end security control bypass...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a buffer overflow that could cause a system crash...
Microsoft Office 安全漏洞
Microsoft Office is an office software suite product from the American company Microsoft Microsoft. Commonly used components of this product include Word, Excel, Access, Powerpoint, FrontPage, and others. A security vulnerability exists in Microsoft Office. An attacker can exploit the vulnerabili...
WordPress plugin Elementor Header & Footer Builder 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
LiteLLM 代码问题漏洞
LiteLLM is an open source application from LiteLLM. All LLM APIs can be called using the OpenAI format. A code issue vulnerability exists in LiteLLM version 1.38.10, which stems from vulnerability to a server-side request forgery attack, where a user can specify parameters when sending a request,...
WordPress plugin User Profile Builder 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
LibreNMS 安全漏洞
LibreNMS is an open source network monitoring system based on PHP and MySQL from the LibreNMS community. The system features customizable alerts, auto-discovery of network environments and automatic updates. A security vulnerability exists in LibreNMS versions prior to 24.4.0 that stems from the...
WordPress Plugin Login Screen Manager Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
Diasoft File Replication 权限许可和访问控制问题漏洞
Diasoft File Replication is a file replication software from Diasoft. A vulnerability exists in Diasoft File Replication Pro version 7.5.0 due to privilege permission and access control issues. An attacker could exploit this vulnerability to elevate privileges by replacing legitimate files with a...
memos 授权问题漏洞
memos is an open source hosted memo center with knowledge management and social features. An authorization issue vulnerability exists in versions of memos prior to 0.9.0 that stems from incorrect authentication...
多款VMware产品缓冲区错误漏洞
VMware ESXi is a server virtualization platform that can be installed directly on physical servers, VMware Workstation is a set of virtual machine software, and VMware Fusion is a set of virtual machine software designed to run Windows applications on Macs. VMware Fusion is a suite of virtual...
daloRADIUS 安全漏洞
daloRADIUS is an advanced RADIUS web management application from Liran Tal Personal Developer. It is designed to manage hotspot and universal ISP deployments. A security vulnerability exists in daloRADIUS, which originates from the exposure of sensitive system information to unauthorized control...
SAP 3D Visual Enterprise Author 缓冲区错误漏洞
SAP 3D Visual Enterprise Author is a desktop application for managing 2D, 3D, animation, video and audio assets from SAP. A buffer overflow vulnerability exists in SAP 3D Visual Enterprise Author version 9, which stems from a lack of proper memory management and can be exploited by an attacker to...
joblib 安全漏洞
joblib is joblib open source set of tools to provide lightweight pipelining in Python. Joblib package versions prior to 1.2.0 has a security vulnerability , the vulnerability stems from its Parallel class in the predispatch flag allows an attacker to achieve arbitrary code execution through eval...
Gravitee API Management 跨站脚本漏洞
Gravitee API Management is the open source Gravitee API management tool. A security vulnerability exists in Gravitee API Management prior to version 1.25.3, which stems from a combination of HTML injection and path traversal in the email service, allowing an anonymous user to read arbitrary files...
Atlassian Bitbucket Data Center 代码问题漏洞
Atlassian Bitbucket Data Center is the data center version of Atlassian Bitbucket by Atlassian Australia. Atlassian Bitbucket Data Center suffers from a command execution vulnerability that can be exploited by an attacker to execute arbitrary code via Java deserialization...
Atlassian Jira 授权问题漏洞
Atlassian Jira is a defect tracking management system from Atlassian Australia. The system is used to track and manage all types of issues and defects in the workplace. Atlassian Jira suffers from an authorization issue vulnerability that can be exploited by an attacker to bypass authentication b...
Siemens SCALANCE竞争条件问题漏洞
The SCALANCE W-1700 products are IEEE 802.11 compliant wireless communication devices. a denial of service vulnerability exists in the Siemens SCALANCE W-1700 11ac series, which can be exploited by an attacker to cause the entire device to crash for competing conditions...
Red Hat Vscode-Xml 代码问题漏洞
Red Hat Vscode-Xml is an open source Xml language support from Red Hat. It makes it easy to edit Xml in Visual Studio Code. A code issue vulnerability exists in Red Hat Vscode-Xml, which stems from a flaw found in vcode -xml in versions prior to 0.19.0. An attacker could exploit this vulnerabilit...
Gradio 路径遍历漏洞
Gradio is an open source Python library that is a way to demonstrate machine learning models through a friendly web interface. versions of Gradio prior to 2.5.0 have a path traversal vulnerability that can be exploited by an attacker to access any file on the host...
Fluentd 资源管理错误漏洞
Fluentd is an open source log collector from the Cloud Native Computing Cloud Native Computing Foundation Foundation. It is used to collect events from various data sources and write them to files, Rdbms, NoSql, IaaS, SaaS, Hadoop and more. A resource management error vulnerability exists in...
WordPress 代码问题漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A code issue vulnerability exists in the WordPress plugin Catch Themes Demo Import in versions 1.7 a...
Joomla! CMS 安全漏洞
Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has security vulnerabilities, which stem from the lack of output escaping mechanisms. This may lead to cross-site scripting vectors in multilingual integrated components...
WordPress plugin Better Elementor Addons 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A security...