195539 matches found
SAP NetWeaver AS SQL注入漏洞
SAP NetWeaver AS is a SAP web application server from SAP, Germany. SAP NetWeaver AS suffers from a SQL injection vulnerability that originates from a program that does not properly check for authorization, which could be exploited by an attacker to gain control over data in an Informix database,...
WordPress plugin Asgard Security Scanner 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
Drupal 安全漏洞
Drupal is an open source content management system developed in the Drupal community using the PHP language. A security vulnerability exists in Drupal OAuth & OpenID Connect Single Sign On - SSO OAuth/OIDC Client versions 3.0.0 through 3.44.0, and 4.0.0 through 4.0.19, which stems from improperly...
Chat2DB 安全漏洞
Chat2DB is an AI-driven SQL client open-sourced by CodePhiliaX. A security vulnerability exists in Chat2DB version v0.3.5, which stems from the presence of XML external entity injection in the component /datagrip/upload, allowing an attacker to execute arbitrary code by providing crafted XML inpu...
WordPress plugin Gutenverse 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
SAP Adobe Document Service 安全漏洞
SAP Adobe Document Service SAP ADS is a document management service from SAP, Germany. A security vulnerability exists in SAP Adobe Document Service, which originates from an attacker authenticated as an administrator, who can use a publicly available Web service to upload or download customized...
Apache Superset 安全漏洞
Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. Apache Superset suffers from an authorization issue vulnerability that stems from improper authorization settings that can be exploited by an attacker to use this API when FABADDSECURITYAPI is...
Google Pixel 安全漏洞
Google Pixel is a smartphone from Google, an American company. A security vulnerability exists in Google Pixel, which stems from a lack of bounds checking in getbinary in vendor/mediatek/proprietary/hardware/connectivity/gps/gpshal/src/datacoder.c, where out-of-bounds writes may exist...
WordPress plugin Dollie Hub 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
Foxit PDF Reader 资源管理错误漏洞
Foxit PDF Reader is a PDF reader from the Chinese company Foxit. A resource management error vulnerability exists in Foxit PDF Reader, which stems from the Annotation feature that contains a reuse-after-release, leading to a remote code execution vulnerability...
WordPress plugin Responsive Data Table 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
changedetection.io 安全漏洞
changedetection.io is a website change detection, monitoring, and notification application from the individual developers at dgtlmoon. A security vulnerability exists in changedetection.io versions prior to 0.47.5, which stems from a flaw in the restriction of local file access that could result ...
PowerDNS 安全漏洞
PowerDNS is an open source DNS server from PowerDNS. PowerDNS uses Access mdb file to record DNS information under Win32, and MySQL to record DNS information under Linux/Unix. Whether it is mdb or MySQL, backup is very convenient. A security vulnerability exists in PowerDNS that allows an attacke...
TEM Opera Plus FM Family Transmitter 跨站请求伪造漏洞
The TEM Opera Plus FM Family Transmitter is a frequency modulation FM transmitter device from TEM. A cross-site request forgery vulnerability exists in TEM Opera Plus FM Family Transmitter version 35.45, which originates from allowing a user to perform certain actions via HTTP requests without...
Proxmox Virtual Environment 安全漏洞
Proxmox Virtual Environment Proxmox VE is an open source server virtualization environment Linux distribution from Proxmox. A security vulnerability exists in Proxmox Virtual Environment, which stems from insufficient protection against malicious API response values, and allows an authenticated...
GitLab 安全漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A security vulnerability exists in GitLab EE versions 16.6 to before 17.1.7,...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a memory misreference vulnerability that is caused by a free use in WebAudio. An attacker can exploit this vulnerability to execute arbitrary code on a system...
Hitachi Energy MicroSCADA X SYS600 参数注入漏洞
Hitachi Energy MicroSCADA X SYS600 is a SCADA product from Hitachi, Japan. It ensures optimal control and reliable operation of your switching station through seamless integration and connectivity between different devices and systems. The Hitachi Energy MicroSCADA X SYS600 suffers from a paramet...
Mattermost 安全漏洞
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a permissions issue vulnerability that stems from a failure to properly enforce permissions, which can be exploited by an attacker to perform write operations on a team...
Microsoft Office PowerPoint 资源管理错误漏洞
Microsoft Office PowerPoint is an American Microsoft Microsoft company's software for creating, presentations PPT. A resource management error vulnerability exists in Microsoft Office PowerPoint. An attacker could exploit this vulnerability to execute arbitrary code on the system...
GitLab CE/EE Security Vulnerabilities
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab CE/EE. An attacker exploited the...
Citrix Systems NetScaler Gateway and Citrix Systems NetScaler ADC Security Vulnerabilities
Citrix Systems NetScaler Gateway Citrix Systems Gateway and Citrix Systems NetScaler ADC are both products of Citrix Systems, Inc.Citrix Systems NetScaler Gateway is a secure remote access solution. The solution provides administrators with application-level and data-level controls to enable user...
Drupal Wiki Security Vulnerabilities
Drupal Wiki is a free and open source content management system from Drupal Wiki, Inc. A security vulnerability exists in Drupal Wiki versions prior to 8.31.1, which stems from allowing cross-site scripting XSS attacks via comments, titles, and image captions on Wiki pages...
WordPress plugin LearnPress Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
Botan Security Vulnerabilities
Botan is a library of cryptographic algorithms written in C++. It supports a variety of algorithms including AES, DES, SHA-1, RSA, DSA and Diffie-Hellman. A security vulnerability exists in Botan that stems from allowing the use of explicit encoding to present ECDSA X.509 certificates, which, whe...
Microsoft Visual Studio 访问控制错误漏洞
Microsoft Visual Studio is a family of development tool suites from Microsoft, and a largely complete development toolset that includes most of the tools needed throughout the software life cycle. An elevation of privilege vulnerability exists in Microsoft Visual Studio, which can be exploited by...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a memory leak in mcbausb...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a vulnerability in the net:tls module...
WordPress plugin GMAce 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...
Qualcomm Chipsets 安全漏洞
Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a memory corruption that occurs when multiple listeners are registered to the same file descriptor...
Tenda AC500 安全漏洞
The Tenda AC500 is a Gigabit port access controller from Tenda, China. A security vulnerability exists in Tenda AC500 version 2.0.1.91307, which originates from a buffer overflow in the funcpara1 parameter of the formSetCfm method of the /goform/setcfm file. No details of the vulnerability are...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability that can be exploited by attackers to perform UI spoofing via a crafted Chrome extension...
Microsoft OLE DB Provider for SQL Server 安全漏洞
Microsoft OLE DB Provider for SQL Server is an API from Microsoft Corporation that allows access to data from a variety of sources in a unified way. A security vulnerability exists in Microsoft OLE DB Provider for SQL Server. An attacker could exploit the vulnerability to remotely execute code. T...
Microsoft OLE DB Provider for SQL Server 安全漏洞
Microsoft OLE DB Driver for SQL Server is a standalone data access application programming interface API for OLE DB. A remote code execution vulnerability exists in Microsoft OLE DB Driver for SQL Server, which can be exploited by an attacker to execute arbitrary code on the system...
VMware Security Vulnerabilities in Multiple Products
VMware ESXi is a server virtualization platform that can be installed directly on physical servers, VMware Workstation is a set of virtual machine software, and VMware Fusion is a set of virtual machine software designed to run Windows applications on Macs. VMware Fusion is a suite of virtual...
WordPress Plugin AI Engine Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
Red Hat Undertow Resource Management Error Vulnerability
Red Hat Undertow is a Java-based embedded web server from Red Hat, Inc. and is the default web server for Wildfly Java Application Server. Red Hat Undertow suffers from a resource management error vulnerability that stems from an out-of-memory error after closing a connection multiple times using...
Snapcast Security Breach
Snapcast is a multi-room client-server audio player where all clients are synchronized with server time to play perfectly synchronized audio. A security vulnerability exists in Snapcast version 0.27.0, which stems from a vulnerability that could allow a remote attacker to execute arbitrary code a...
WordPress plugin Demo Import security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...
WordPress Plugin iframe Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
Qualcomm Chipsets Security Vulnerability
Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a denial of service in the modem after receiving an RRC setup message...
Libde265 Security Vulnerability
Libde265 is a German h.265 video codec. A security vulnerability exists in Libde265 version v1.10.12, which stems from the presence of a buffer overflow vulnerability that allows a local attacker to cause a denial of service...
Pimcore Security Vulnerability
Pimcore is Austria Pimcore company's set of open source for creating and managing Web applications Web content management platform. The platform integrates Web content management, e-commerce framework and product information management applications. A security vulnerability exists in Pimcore...
Rockwell Automation FactoryTalk Services Platform 授权问题漏洞
Rockwell Automation FactoryTalk Services Platform is a suite of services platforms from Rockwell Automation that provides routine services for applications such as diagnostic information, health monitoring and real-time data access. A security vulnerability exists in Rockwell Automation FactoryTa...
Juniper Networks Junos and Junos EVO Buffer Error Vulnerability
Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos and Junos EVO, which is caused by a stack-based buffer overflow...
Zebra Technologies Industrial Printers Security Breach
Zebra Technologies Industrial Printers is an industrial printer from Zebra Technologies. A security vulnerability exists in Zebra Technologies Industrial Printers that could allow an attacker to change the username and password of a web page by sending a specially crafted POST request to the...
Fortinet FortiOS 安全漏洞
Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. An Access Control Error...
Microsoft Windows Power Management Service Security Vulnerability
Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in Microsoft Windows Power Management Service. An attacker could exploit this vulnerability to obtain sensitive information. The...
PrestaShop Security Breach
PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides a variety of payment methods , short message alerts and product image zoom and other features . A security vulnerability exists in MyPrestaModules Prestashop Module version v6.2.9,...
Microsoft SharePoint 安全漏洞
Microsoft SharePoint Server is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. An elevation o...