195539 matches found
Cisco AsyncOS 安全漏洞
Cisco AsyncOS is an operating system for Cisco devices from Cisco USA. A security vulnerability exists in Cisco AsyncOS Software for Cisco Secure Email, Web Manager, and Secure Email Gateway, which arises from insufficient validation of user input, allowing an authenticated, remote attacker to...
WordPress plugin Barcode Scanner with Inventory & Order Manager 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. The WordPress plugin Barcode Scanner with...
Siemens Solid Edge 安全漏洞
Siemens Solid Edge is a 3D CAD software from Siemens Germany. The software can be used for part design, assembly design, sheet metal design, welding design and other industries. Siemens Solid Edge suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute co...
D-Link DAP-1360 安全漏洞
The D-Link DAP-1360 is a router from China-based AUO D-Link. The D-Link DAP-1360 suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code...
Unified Automation UaGateway 安全漏洞
Unified Automation UaGateway is a high-performance wrapper/agent from Unified Automation programmed in C++. A security vulnerability exists in Unified Automation UaGateway that stems from a specific flaw in the implementation of the ImportXML function that allows an attacker to create a denial of...
NETGEAR RAX30 安全漏洞
The NETGEAR RAX30 is a wireless router from NETGEAR. The NETGEAR RAX30 suffers from a command injection vulnerability that stems from a command injection vulnerability when processing UPnP port mapping requests, which can be exploited by an attacker to execute arbitrary commands...
Apache Kafka 安全漏洞
Apache Kafka is an open source distributed streaming platform from the Apache Foundation in the United States. The platform is capable of acquiring real-time data for building applications that react in real time to changes in the data stream. Apache Kafka suffers from a denial-of-acceptance...
Microsoft Outlook 安全漏洞
Microsoft Outlook is a suite of e-mail applications from the American company Microsoft. Microsoft Outlook has a spoofing vulnerability that can be exploited by attackers to conduct spoofing attacks...
D-Link DNS-320 信任管理问题漏洞
The D-Link DNS-320 is a NAS Network Attached Storage device from China's Terasic D-Link Corporation. A trust management issue vulnerability exists in the D-Link DNS-320L, which originates from a trust management issue vulnerability in the file /cgi-bin/nassharing.cgi. Affected products and...
Dell PowerEdge Server BIOS 和 Dell Precision Rack BIOS 安全漏洞
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS are both products of Dell USA.Dell PowerEdge Server BIOS is a system update driver from Dell.Dell Precision Rack BIOS is the Dell Precision Rack BIOS is a BIOS utility for high performance workstation products. A security vulnerability exist...
Docassemble 安全漏洞
Docassemble is a free, open source expert system for guided interviews and document assembly. An information disclosure vulnerability exists in Docassemble versions 1.4.53 through 1.4.96, which can be exploited by an attacker to gain unauthorized access to system information by manipulating a URL...
Aruba Networks ArubaOS Security Vulnerabilities
Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks, including Mobility Controllers and Mobility Access Switches, from Aruba Networks, Inc. A security vulnerability exists in Aruba Networks ArubaOS that originates from an authenticated command injection vulnerability...
WordPress Plugin AI Engine Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
WordPress Plugin NEX-Forms Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from allowing in-place attempts to send commands when the DMCUB is not powered on...
Hugin Resource Management Error Vulnerability
Hugin is a cross-platform open source panoramic photography image stitching software by Hugin Open Source. A resource management error vulnerability exists in Hugin version v2022.0.0, which stems from a vulnerability that allows an attacker to cause the heap to be reused after release by parsing ...
WordPress plugin Droit Elementor Addons Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
Google Android Security Vulnerability
Google Android is a Linux-based open source operating system from Google Inc. A security vulnerability exists in Google Android, which stems from a vulnerability in Framework that could lead to local privilege escalation...
WordPress Plugin WP Ultimate Exporter Information Disclosure Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...
Wavelink Avalanche Security Vulnerability
Wavelink Avalanche is a mobile device management system from Wavelink, Inc. in the United States. A security vulnerability exists in Wavelink Avalanche version 6.4.2. An attacker exploiting this vulnerability could send a specially crafted request that could lead to the disclosure of sensitive da...
Red Hat Keycloak Security Vulnerability
Red Hat Keycloak is a suite of software from Red Hat, Inc. that provides authentication and management capabilities for modern applications and services. A security vulnerability exists in Red Hat Keycloak version 22.0.5, which stems from a log injection issue that could allow an attacker to inje...
Adobe Acrobat Reader 安全漏洞
Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. A security vulnerability exists in Adobe Acrobat Reader version 23.006.20360 and earlier and version 20.005.30524 and earlier, which can be exploited by an attacker ...
MediaWiki Information Disclosure Vulnerability
MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. It can be used to deploy in-house knowledge management and content management systems. An information disclosure vulnerability exists in MediaWiki before 1.35.12, versions 1.36.x through 1.39.5...
WordPress plugin ChatBot SQL Injection Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
Nextcloud Code Issues Vulnerabilities
Nextcloud is an open source, self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A code issue vulnerability exists in Nextcloud mail, which stems from a lack of checking of the source, target, and cookie...
Juniper Networks Junos and Junos EVO Buffer Error Vulnerability
Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos and Junos EVO, which is caused by a stack-based buffer overflow...
PortlandLabs Concrete CMS 代码问题漏洞
PortlandLabs Concrete CMS is a team-oriented open source content management system of the United States PortlandLabs company . An arbitrary file upload vulnerability exists in PortlandLabs Concrete CMS version v9.2.1, which stems from the application's lack of effective validation of uploaded...
Microsoft Azure DevOps Server Security Vulnerability
Microsoft Azure DevOps Server is a suite of software development collaboration tools from Microsoft Corporation USA. The product includes features such as code sharing, work tracking, and software distribution. A security vulnerability exists in Microsoft Azure DevOps Server. An attacker can...
Generex CS141 Cross-Site Scripting Vulnerability
The Generex CS141 is a series of Ethernet adapters from the German company Generex. A cross-site scripting vulnerability exists in Generex CS141 versions prior to 2.06, which stems from allowing the upload of files containing HTML content...
WordPress plugin Happy Elementor Addons Pro Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
NVIDIA DGX Security Vulnerability
NVIDIA DGX is a high-performance workstation for deep learning applications from NVIDIA. The NVIDIA DGX H100 suffers from a security vulnerability that stems from a security flaw in the KVM service that allows an unauthenticated attacker to cause session token leakage to other users by observing...
AnythingLLM Security Vulnerability
AnythingLLM is a business-compliant document chatbot. A security vulnerability exists in versions of AnythingLLM prior to 0.0.1 that stems from the presence of relative path traversal...
GitLab 安全漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab, which stems from the fact that...
MongoDB Server 信任管理问题漏洞
MongoDB Server is the United States MongoDB company's set of open source NoSQL database . The database provides collection-oriented storage , dynamic query , data replication and automatic failover and other functions . A security vulnerability exists in MongoDB Server version v6.3, MongoDB Serve...
Linux hwclock 安全漏洞
Linux hwclock is a command from the Linux Foundation of America. It is used to display and set the hardware clock. A security vulnerability exists in Linux hwclock version 13-v2.27, which originated from a vulnerability that allows an attacker to gain escalated privileges or execute arbitrary...
Adobe Acrobat Reader Buffer Error Vulnerability
Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDFs. A buffer error vulnerability previously existed in Adobe Acrobat Reader version 23.003.20244, which originated from being affected by an out-of-bounds read...
Clario VPN client security vulnerability
Clario VPN client is a VPN client for Mac from Clario. A security vulnerability exists in Clario VPN client macOS version 5.9.1.1662, which originates when the VPN client insecurely configures the operating system so that traffic to the local network is sent outside of the VPN tunnel in cleartext...
Matrix Sydent Trust Management Issues Vulnerabilities
Matrix Sydent is an implementation of the Matrix Authentication Server API from the Matrix Foundation in the UK. A trust management issue vulnerability exists in versions of Sydent prior to 2.5.6, which stems from a vulnerability that allows an attacker with privileged access to the network to...
1Panel 操作系统命令注入漏洞
1Panel is an open source Linux server operations and management panel for the Chinese 1panel community. Operating system command injection vulnerability exists in versions prior to 1Panel 1.4.3. The vulnerability stems from the presence of an operating system command injection vulnerability, whic...
Juniper Networks Junos OS SRX 安全漏洞
Juniper Networks Junos OS SRX is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS SRX that originates from a check or...
Auto-GPT 代码注入漏洞
Auto-GPT is an artificial intelligence software agent program open-sourced by Significant Gravitas. A code injection vulnerability exists in versions of Auto-GPT prior to 0.4.3, which stems from the ability to achieve arbitrary code execution on a host running Auto-GPT by overwriting...
SonicWALL Analytics和GMS 安全漏洞
SonicWALL Analytics and SonicWALL GMS are both products of SonicWALL, Inc. of the U.S. SonicWALL Analytics is a high-performance management and reporting engine for the Web.SonicWALL GMS is a global management system. A powerful and intuitive solution for organizations, distributed enterprises an...
Jenkins Plugin Datadog 安全漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
xalpha 代码注入漏洞
xalpha is the full process management of a fund investment by Shixin Zhang, an individual developer in China. A security vulnerability exists in xalpha version v0.11.4, which stems from vulnerability to Remote Command Execution RCE attacks...
WordPress Plugin Conditional shipping & Advanced Flat rate shipping rates / Flexible shipping for WooCommerce shipping 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Conditional shipping &...
Sealos 安全漏洞
Sealos is a cloud operating system designed for managing cloud-native applications. A security vulnerability exists in Sealos 4.2.0 and prior versions that stems from a privilege flaw where the billing interface can expose resource information...
Trend Micro Apex One 安全漏洞
Trend Micro Apex One is an endpoint protection software from Trend Micro. An elevation of privilege vulnerability exists in Trend Micro Apex One, which can be exploited by a local attacker to elevate privileges and write arbitrary values to specific entries on an affected installation...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from a code issue vulnerability that can be exploited by an attacker to cause a local privilege escalation without the need for additional execute privileges...
Siemens CP-8031 信任管理问题漏洞
The SICAM A8000 RTUs Remote Terminal Units series is a modular device family for remote control and automation applications in all areas of energy supply. A hard-coded credentials vulnerability exists in the Siemens SICAM A8000 Devices CPCI85 Firmware, which can be exploited by an attacker to log...
Linux kernel 缓冲区错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has an elevation of privilege vulnerability that originates from an out-of-bounds access to physical memory beyond the end of the buffer in the file iouring, which...