195539 matches found
WordPress plugin WP Headless CMS Framework 安全漏洞
The WordPress WP Headless CMS Framework plugin is a tool for converting WordPress to HeadlessCMS Headless Content Management System, separating content management from front-end presentation via RESTAPI or GraphQL interfaces. The WordPress WP Headless CMS Framework plugin suffers from a protectio...
Survision LPR Camera 访问控制错误漏洞
Survision LPR Camera is a license plate recognition camera from Survision France. An access control error vulnerability exists in Survision LPR Camera that stems from password protection not being enforced by default, which could lead to unauthorized access...
OPEXUS FOIAXpress 安全漏洞
OPEXUS FOIAXpress is an information disclosure management software from OPEXUS Corporation. A security vulnerability exists in OPEXUS FOIAXpress versions prior to 11.13.3.0 that originates from an administrative user being able to inject JavaScript or other content into the annual report template...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a defrag path triggering a jbd2 assertion failure, which could lead to a system crash...
Esri Portal For ArcGIS 跨站脚本漏洞
Esri Portal For ArcGIS is a component of Esri that allows maps, scenes, applications, and other geographic information to be shared with others within an organization. A cross-site scripting vulnerability exists in Esri Portal For ArcGIS version 11.4 and earlier, which stems from a remote...
Flock Safety The Bravo Compute Box 安全漏洞
Flock Safety The Bravo Compute Box is an edge computing device from Flock Safety USA. A security vulnerability exists in Flock Safety The Bravo Compute Box BRAVO00.00local20241017 version, which stems from a disabled secure boot, which could lead to an attacker flashing specially crafted firmware...
WordPress plugin DethemeKit For Elementor 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
OpenAI Codex CLI 输入验证错误漏洞
OpenAI Codex CLI is an OpenAI open source lightweight coding agent software that runs in the terminal. An input validation error vulnerability exists in OpenAI Codex CLI versions 0.2.0 through 0.38.0, which stems from an error in the sandbox configuration logic and could lead to arbitrary file...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly handling the debugfslookup return value, which could lead to a memory leak...
The Bastion 安全漏洞
The Bastion is an open source authentication system from OVHcloud. A security vulnerability exists in The Bastion that stems from a script that fails to properly sign a file, potentially leading to data integrity issues...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unvalidated USB endpoint type that could lead to an internal error...
Zabbix 安全漏洞
Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring and application monitoring. A security vulnerability exists in Zabbix that stems from the hostprototype.get method listing all host prototypes to users with unassign...
WordPress plugin WP Scriptcase 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site...
WordPress plugin PhpList Subber 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
Microsoft Windows Routing and Remote Access Service 安全漏洞
Microsoft Windows Routing and Remote Access Service is a network service from Microsoft Corporation USA that is used to perform functions such as network routing, virtual private networks VPNs, and dial-up connections. A security vulnerability exists in Microsoft Windows Routing and Remote Access...
Vite 访问控制错误漏洞
Vite is a new front-end build tool from Vite Open Source. An access control error vulnerability exists in Vite versions prior to 7.1.5, 7.0.7, 6.3.6, and 5.4.20, which stems from file access that bypasses the server.fs setting...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the wifi: ath12k module accessing uninitialized arvif-ar in the event of beacon loss...
Komari 跨站脚本漏洞
Komari is a simple server monitoring tool from the Komari Moniter open source. A cross-site scripting vulnerability exists in versions prior to Komari 1.0.4-fix1, which stems from the WebSocket updater disabling origin checking, and could lead to cross-site WebSocket hijacking and remote code...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from failure to prevent A-MSDU attacks in mesh networks, which could lead to spoofing vulnerabilities...
Microsoft Windows Ancillary Function Driver for WinSock 代码问题漏洞
Microsoft Windows Ancillary Function Driver for WinSock is a helper function driver for Winsock from Microsoft Corporation USA. A code issue vulnerability exists in Microsoft Windows Ancillary Function Driver for WinSock. An attacker could exploit the vulnerability to elevate privileges. The...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from an information disclosure vulnerability that can be exploited by an attacker to compromise confidentiality...
Apple macOS 安全漏洞
Apple macOS Sequoia is an operating system from the American company Apple Apple. Apple macOS Sequoia suffers from an out-of-bounds read vulnerability that stems from insufficient input validation, which can be exploited by an attacker to cause the contents of memory to be disclosed when processi...
CampCodes Courier Management System 注入漏洞
CampCodes Courier Management System is a courier management system from CampCodes Philippines. An injection vulnerability exists in CampCodes Courier Management System version 1.0, which originates from a SQL injection due to a mishandling of the parameter ID in the file /edituser.php...
WordPress plugin Gutentor 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress Gutentor plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, whi...
Mercusys MW301R 安全漏洞
Mercusys MW301R is a router from Mercusys, China. A security vulnerability exists in Mercusys MW301R version 1.0.2 Build 190726 Rel.59423n, which stems from an improperly restricted authentication attempt in the Login component...
Metasoft MetaCRM 代码问题漏洞
Metasoft MetaCRM is a customer relationship management system software from China Metasoft Metasoft. A code issue vulnerability exists in Metasoft MetaCRM 6.4.2 and prior versions, which stems from an incorrect operation of the File parameter in the file mobileupload.jsp that results in an...
Jinher OA 代码问题漏洞
Jinher OA is a collaborative management software from China Jinher Jinher Company. A code issue vulnerability exists in Jinher OA version 1.1, which stems from an incorrect operation of the file XmlHttp.aspx resulting in an XML external entity reference...
Broadcom Brocade SANnav 安全漏洞
Broadcom Brocade SANnav is a storage area network management and automation software platform from Broadcom, Inc. A security vulnerability exists in Broadcom Brocade SANnav versions prior to 2.4.0a, which stems from logging plaintext password phrases in the logs...
Jenkins plugin Testsigma Test Plan run security vulnerability
Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...
Docusaurus gists plugin 信息泄露漏洞
Docusaurus gists plugin is an automation plugin by Webber Takken Personal Developer. An information disclosure vulnerability exists in Docusaurus gists plugin versions prior to 4.0.0, which stems from a GitHub token disclosure that could lead to credential disclosure...
WordPress plugin Simple User Registration 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
Versa Director 安全漏洞
Versa Director is a virtualization and service creation platform from Versa USA. that simplifies the creation, automation and delivery of services using Versa FlexVNF. A security vulnerability exists in Versa Director that stems from improperly restricted file upload permissions, which could lead...
Apple iOS和Apple iPadOS 安全漏洞
Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS and Apple iPadOS that stems from insufficient input validation, which could...
WordPress plugin Solace Extra 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...
IBM i 信任管理问题漏洞
IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. IBM i is vulnerable to a trust management issue vulnerability that stems from improper handling of IBM i Netserver authentication, no details of the vulnerability are...
Docker Registry Access Management 安全漏洞
Docker Registry Access Management is a registry access management program from Docker Inc. in the United States. A security vulnerability exists in Docker Registry Access Management that stems from a MacOS configuration file that does not have a RAM policy applied, which could lead to the downloa...
XGrammar 安全漏洞
XGrammar is a fast, flexible and portable structured generation tool from mlc-ai open source. A security vulnerability exists in XGrammar versions prior to 0.1.18, which stems from unrestricted caching that could lead to a denial of service...
Juniper Networks Junos OS和Juniper Networks Junos OS Evolved 安全漏洞
Juniper Networks Junos OS and Juniper Networks Junos OS Evolved are both products of Juniper Networks, Inc.Juniper Networks Junos OS is a network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. Juniper...
Adobe Premiere Pro 安全漏洞
Adobe Premiere Pro is a set of non-linear editing video editing software from the American company Audobee Adobe. A buffer overflow vulnerability exists in Adobe Premiere Pro, which can be exploited by an attacker to execute arbitrary code...
Microsoft Office 安全漏洞
Microsoft Office is an office software suite product from the American company Microsoft Microsoft. Commonly used components of this product include Word, Excel, Access, Powerpoint, FrontPage, and others. A security vulnerability exists in Microsoft Office. An attacker exploiting this vulnerabili...
WordPress plugin BWD Elementor Addons 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blogging sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
Splunk Cloud Platform和Splunk Enterprise 输入验证错误漏洞
Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. An input validation error vulnerability exists...
ZenML 资源管理错误漏洞
ZenML is an extensible open source MLOps framework from ZenML Open Source for creating portable, production-ready machine learning pipelines. A resource management error vulnerability exists in ZenML version 0.66.0, which stems from a flaw in the multipart request boundary handling mechanism that...
CamaleonCMS 安全漏洞
CamaleonCMS is an advanced dynamic content management system CMS based on RubyonRails by the CamaleonCMS team. A security vulnerability exists in CamaleonCMS that stems from a mass assignment that could lead to elevation of privilege...
xml-crypto 数据伪造问题漏洞
NPM xml-crypto is a digital signature and encryption library from NPM. A security vulnerability exists in xml-crypto version 6.0.0 and earlier that stems from bypassing authentication or authorization mechanisms, allowing an attacker to modify valid signed XML messages...
Snowflake JDBC Driver 日志信息泄露漏洞
Snowflake JDBC Driver is an open source Snowflake JDBC driver from Snowflake Computing. A log information disclosure vulnerability exists in Snowflake JDBC Driver versions 3.0.13 through 3.23.0, which stems from the Driver locally logging the client-side encryption master key for the target phase...
Palo Alto Networks GlobalProtect 安全漏洞
Palo Alto Networks GlobalProtect is a suite of network protection software from Palo Alto Networks, USA. The software provides features such as firewall monitoring and threat prevention. A security vulnerability exists in Palo Alto Networks GlobalProtect that stems from a reliance on untrustworth...
Cordaware bestinformed 安全漏洞
Cordaware bestinformed is a mass notification system from Cordaware, Germany. A security vulnerability exists in Cordaware bestinformed that stems from a server address modification permission issue that could result in local privileges being elevated to SYSTEM...
Microsoft Office 资源管理错误漏洞
Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to execute...
Fortinet FortiOS 安全漏洞
Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A resource management error...