195539 matches found
SolarWinds Observability Self-Hosted 跨站脚本漏洞
SolarWinds Observability Self-Hosted is an observability platform developed by the American company SolarWinds. SolarWinds Observability Self-Hosted has a cross-site scripting vulnerability, which stems from a storage-based cross-site scripting vulnerability. This vulnerability may lead to...
Apple iOS和Apple iPadOS 安全漏洞
Apple iOS and Apple iPadOS are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Versions of Apple iOS prior to 26.4 and iPadOS prior to 26.4 contained security vulnerabilities. These...
SourceCodester Sales and Inventory System SQL注入漏洞
The SourceCodester Sales and Inventory System is an open-source sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Sales and Inventory System contains a SQL injection vulnerability. This vulnerability arises from incorrect handling of parameters i...
itsourcecode Free Hotel Reservation System SQL注入漏洞
itsourcecode Free Hotel Reservation System is an open-source hotel reservation system developed by itsourcecode. Version 1.0 of the system has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter accountid in the file /hotel/admin/modusers/index.php,...
WordPress plugin Xhanch - My Advanced Settings 跨站请求伪造漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress plugin Injection Guard 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
BlueStacks 安全漏洞
BlueStacks is an Android emulator for Windows systems developed by the American company BlueStacks. Version 4.80.0.1060 of BlueStacks has a security vulnerability. This vulnerability stems from excessive input in the search field, which could allow local attackers to trigger the search operation...
pybbs 代码注入漏洞
pybbs is a Java-developed community platform created by iuiu’s individual developers. Version 6.0.0 of pybbs contains a code injection vulnerability. This vulnerability stems from a cross-site scripting attack in the create function located in the file...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 146.0.7680.153 contained a security vulnerability, which was caused by the reuse of WebRTC after it was released, potentially leading to heap corruption...
PySpector 安全漏洞
PySpector is a high-performance Python static security analysis framework based on graphs, developed by Tommaso Bona. Versions of PySpector 0.1.6 and earlier contain security vulnerabilities. These vulnerabilities stem from a security verification bypass in the plugin system, which may lead to th...
Memray 跨站脚本漏洞
Memray is a memory analysis tool open source by Bloomberg. Versions of Memray prior to 1.19.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from HTML reports generated without escaping the command-line parameters of the tracking process. As a result, parameters...
WordPress plugin Post SMTP 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
Dell Integrated Dell Remote Access Controller 安全漏洞
Dell Integrated Dell Remote Access Controller is an embedded controller for remote management and monitoring of servers from Dell USA. An information disclosure vulnerability exists in Dell Integrated Dell Remote Access Controller. The vulnerability stems from the failure to clear debugging...
WordPress plugin NEX-Forms – Ultimate Forms Plugin for WordPress 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
ASSA ABLOY Visionline 安全漏洞
ASSA ABLOY Visionline is a public area access control management platform developed by ASSA ABLOY Japan. Versions of ASSA ABLOY Visionline prior to version 1.33 contained security vulnerabilities. These vulnerabilities were caused by incorrect default permissions on Windows, execution of...
Microsoft Windows Resilient File System 缓冲区错误漏洞
Microsoft Windows Resilient File System ReFS is an elastic file system developed by Microsoft Corporation. The Microsoft Windows Resilient File System ReFS contains a buffer error vulnerability. Attackers can exploit this vulnerability to gain elevated privileges. The following products and...
Parse Server 安全漏洞
Parse Server is an open-source backend developed by the Parse Platform. It can be deployed on any infrastructure that supports Node.js. There were security vulnerabilities in versions of Parse Server from 9.3.1-alpha.3 to 9.5.0-alpha.10. These vulnerabilities stemmed from a bypass of interception...
WordPress plugin WP All Import 代码注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
WordPress plugin Widget Options 代码注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense 安全漏洞
Cisco Secure Firewall Adaptive Security Appliance and Cisco Secure Firewall Threat Defense are products of Cisco, a US company. Cisco Secure Firewall Adaptive Security Appliance is an enterprise-level firewall software. Cisco Secure Firewall Threat Defense is an integrated firewall platform. Both...
Hardware Read & Write Utility 安全漏洞
The Hardware Read & Write Utility is a hardware register modification tool developed by Nil Hardware Editor’s individual developers. Versions of the Hardware Read & Write Utility prior to v1.25.11.26 contained security vulnerabilities. These vulnerabilities stemmed from defects in the HwRwDrv.sys...
Free CRM 安全漏洞
Free CRM is a customer relationship management software developed by go2ismail’s individual developers. Free CRM has a security vulnerability; this vulnerability arises from operations on the Administrative Interface of components, which may lead to redirection and subsequent execution...
SonicWALL SonicOS 安全漏洞
SonicWALL SonicOS is a set of operating systems designed for SonicWall firewall appliances from SonicWALL, Inc. A buffer overflow vulnerability exists in SonicWALL SonicOS. The vulnerability stems from improper API endpoint boundary checking and can be exploited by an attacker to execute arbitrar...
Tenable Security Center 安全漏洞
Tenable Security Center is a security center provided by the American company Tenable. There is a security vulnerability present in Tenable Security Center, which stems from an insecure direct object reference in the owner parameter, potentially leading to privilege escalation...
Tanium Asset 安全漏洞
Tanium Asset is an IT asset inventory and management software developed by the American company Tanium. Tanium Asset has a security vulnerability, which stems from improper handling of SQL injections...
WordPress plugin YayMail – WooCommerce Email Customizer 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
JIZHICMS(极致CMS) 安全漏洞
JIZHICMS is an open-source content management system developed by JIZHI Corporation in China. Version 2.5.6 of JIZHICMS contains a security vulnerability. This vulnerability arises from the lack of validation for the data parameters in functions like Article/deleteAll and Extmolds/deleteAll, whic...
WordPress plugin Magic Login Mail or QR Code 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
HP App 安全漏洞
HP App is an integrated management tool developed by the American company Hewlett-Packard HP. There is a security vulnerability in HP App, which stems from the use of outdated versions. This vulnerability may lead to cross-site scripting attacks...
Intel NPU Drivers 代码问题漏洞
Intel NPU Drivers are driver programs for Intel’s Neural Network Processing Units. There are code vulnerabilities in Intel NPU Drivers, which stem from improper firmware conditional checks. These vulnerabilities may lead to denial-of-service attacks...
AMD多款产品 安全漏洞
AMD EPYC and other products are developed by American semiconductor company AMD. AMD EPYC is a high-performance server processor. Amd Epyc™ Embedded Processors are embedded processors. AMD EPYC Processors are a series of multi-core processors. Several AMD products have security vulnerabilities;...
WukongCRM 授权问题漏洞
WukongCRM is a Customer Relationship Management CRM system developed by Wukong Corporation in China. Versions of WukongCRM 11.3.3 and earlier contained an authorization vulnerability. This vulnerability stemmed from incorrect handling of a file in the component’s URL Handler, specifically the...
OpenSTAManager SQL注入漏洞
OpenSTAManager is an open-source management software for technical assistance and billing developed by Devcode. Versions of OpenSTAManager prior to v2.9.8 contained a SQL injection vulnerability. This vulnerability stemmed from insufficient validation of the idrecords array in the batch operation...
OpenSTAManager SQL注入漏洞
OpenSTAManager is an open-source management software for technical assistance and billing developed by Devcode. Versions of OpenSTAManager 2.9.8 and earlier contained a SQL injection vulnerability. This vulnerability stemmed from the ajaxselect.php endpoint during componenti operations, allowing...
TeamViewer Host和TeamViewer Full 安全漏洞
TeamViewer Host and TeamViewer Full are remote control software products developed by the German company TeamViewer. Versions of TeamViewer Host and TeamViewer Full prior to version 15.74.5 contained security vulnerabilities. These vulnerabilities were due to improper access control mechanisms,...
Mitsubishi Electric FREQSHIP-mini 安全漏洞
Mitsubishi Electric FREQSHIP-mini is an automatic power supply shutdown software developed by Mitsubishi Electric, a Japanese company. There are security vulnerabilities in the versions of Mitsubishi Electric FREQSHIP-mini from 8.0.0 to 8.0.2. These vulnerabilities stem from improper default...
WordPress plugin SportsPress 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
OpenVPN security vulnerabilities
OpenVPN is a software package developed by OpenVPN Inc. in the United States, used to create encrypted VPN tunnels. It utilizes the OpenSSL library to encrypt data and control information, and allows the created VPNs to use public keys, electronic certificates, or username/password for...
ibaPDA security vulnerabilities
ibaPDA is an industrial process data acquisition and analysis system developed by the German company iba. There is a security vulnerability in ibaPDA, which allows unauthorized operations on the file system under certain conditions. This vulnerability may affect the confidentiality, integrity, or...
DynamicWeb security vulnerabilities
DynamicWeb is a full-stack digital experience platform developed by the American company DynamicWeb. Versions of DynamicWeb prior to 9.12.8 contained security vulnerabilities. These vulnerabilities were caused by logical issues that allowed new administrator users to be added, potentially leading...
WordPress Plugin Lawyer Directory Security Vulnerabilities
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
Incus path traversal vulnerability
Incus is a system container and virtual machine manager developed by LXC. Versions of Incus prior to 6.21.0 contained a path traversal vulnerability. This vulnerability stemmed from directory traversal or symbolic link issues within the template functionality, which could lead to arbitrary file...
NVIDIA CUDA toolkit code issues and vulnerabilities
The NVIDIA CUDA toolkit is a toolset developed by NVIDIA Corporation in the United States. It provides a development environment for creating high-performance GPU-accelerated applications. The CUDA toolkit has code vulnerabilities that stem from defects in the application’s DLL loading mechanism...
Juniper Networks Junos OS and Juniper Networks Junos OS Evolved security vulnerabilities
Juniper Networks Junos OS and Juniper Networks Junos OS Evolved are both products of the American company Juniper Networks. Juniper Networks Junos OS is a network operating system specifically designed for the company’s hardware devices. This operating system provides secure programming interface...
Microsoft Windows Cloud Files Mini Filter Driver 安全漏洞
Microsoft Windows Cloud Files Mini Filter Driver is a cloud file filter driver from Microsoft USA. An elevation of privilege vulnerability exists in Microsoft Windows Cloud Files Mini Filter Driver, which can be exploited by an attacker to elevate privileges...
Microsoft Windows Shell 安全漏洞
The Microsoft Windows Shell is the graphical user interface for the Windows operating system from Microsoft USA.Easily recognizable elements of the Windows shell include features such as the desktop, the taskbar, the start menu, the task switcher, and autoplay. On some versions of Windows, featur...
xmall 安全漏洞
XMall is a distributed e-commerce shopping mall based on SOA architecture by the individual developer of Exrick. A security vulnerability exists in version 1.1 of xmall, which stems from improper access control of the /member/orderList API, and could lead to an attacker accessing other users' ord...
Red Hat Undertow 安全漏洞
Red Hat Undertow is a Java-based embedded web server from Red Hat, Inc. and is the default web server for Wildfly Java Application Server. A security vulnerability exists in Red Hat Undertow that stems from not properly validating the Host header, which could lead to cache poisoning, internal...
libsodium 安全漏洞
libsodium is a cryptographic software library by the individual developer Frank Denis. A security vulnerability exists in libsodium, which stems from the inclusion of a vulnerable version of libsodium that could lead to improper validation of elliptic curve points...
WordPress plugin WING WordPress Migrator 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...