195539 matches found
WordPress plugin AudioIgniter 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
Trimble SketchUp 安全漏洞
Trimble SketchUp is a 3D modeling software developed by Trimble in the United States. It is designed for architects, urban planning experts, producers, game developers, and professionals in related fields. Trimble SketchUp has a security vulnerability that stems from improper handling of dynamic...
WordPress plugin Location Weather 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
Devolutions Server 安全漏洞
Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server from 2026.1.6.0 to 2026.1.16.0, as well as versions prior to 2025.3.20.0, have security...
Devolutions Server 安全漏洞
Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server from 2026.1.6.0 to 2026.1.16.0, as well as versions prior to 2025.3.20.0, have security...
Devolutions Server 安全漏洞
Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server prior to 2026.1.16.0 contained security vulnerabilities. These vulnerabilities stemmed fro...
Avantra 安全漏洞
Avantra is a SAP software developed by the Avantra company. Versions of Avantra prior to 25.3.0 contained security vulnerabilities. These vulnerabilities stemmed from the insertion of sensitive information into log files, which could lead to resource leaks...
Request Tracker 授权问题漏洞
Request Tracker is a problem and ticket tracking system developed by Request Tracker Inc. Versions of Request Tracker from 5.0.9 and earlier, as well as versions 6.0.0 to 6.0.2, have a permission issue vulnerability. This vulnerability stems from an authentication bypass in RT installations that...
Google Go 安全漏洞
Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go. This vulnerability arises from parsing arbitrary HTML and using Render for rendering, which may lead ...
Google Go 安全漏洞
Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go. This vulnerability arises from parsing arbitrary HTML and using Render for rendering, which may lead ...
Google Go 安全漏洞
Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go; this vulnerability stems from the possibility of consuming excessive CPU resources when parsing...
Google Go 安全漏洞
Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from creating ed25519.PrivateKey by forced conversion of format-errorsed bytes in the...
Google Go 安全漏洞
Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from the improperly checking the revocation status of the revoked SignatureKey by CA...
Google Go 安全漏洞
Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from an integer overflow in the calculation of the internal payload size when writing dat...
Google Go 安全漏洞
Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from the unserialized constraints when adding keys. This vulnerability may lead to the...
Google Go 安全漏洞
Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, where non-empty permissions are silently discarded when an Authentication callback returns...
Google Go 安全漏洞
Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from using Render to render arbitrary HTML. This can lead to an unexpected HTML tree, and...
Google Go 安全漏洞
Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from an error in the conversion between bytes and integers. This vulnerability may cause ...
Google Go 安全漏洞
Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from an authorization bypass. If any type of callback other than a public key is passed,...
Google Go 安全漏洞
Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which occurs when using CertChecker as a public key callback without setting IsUserAuthority or IsHos...
Google Go 安全漏洞
Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from keys that accept the ConfirmBeforeUse constraint but never enforce it, resulting in...
Google Go 安全漏洞
Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, where the RSA and DSA public key parsers do not enforce size limits on key parameters, which may caus...
Google Go 安全漏洞
Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, where the Verify method does not check the presence flag of the user. This allows signatures generate...
Google Go 安全漏洞
Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from the ToASCII and ToUnicode functions accepting Punycode encoded tags that are decoded...
HP ENVY 5000 Series 安全漏洞
The HP ENVY 5000 Series is a series of integrated inkjet printers from the American company HP that support wireless printing and scanning. The HP ENVY 5000 Series VERBASPP1N003.2237A.00 version has a security vulnerability. This vulnerability stems from improper management of concurrent TCP...
Microsoft 365 Copilot 命令注入漏洞
Microsoft 365 Copilot is a generative AI collaboration assistant integrated into the Microsoft Office suite. Microsoft 365 Copilot has a command injection vulnerability, which stems from improper of special elements during command injections. This vulnerability could allow unauthorized attackers ...
Typebot 安全漏洞
Typebot is an open-source chat bot builder developed by Baptiste Arnaud. Versions of Typebot 3.15.2 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the getResultLogs API endpoint, which did not verify whether the resultId belonged to a authorized typebotId. This...
Devolutions Server 安全漏洞
Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server from 2026.1.6.0 to 2026.1.16.0, as well as versions prior to 2025.3.20.0, have security...
Microsoft Azure Privileged Identity Management 安全漏洞
Microsoft Azure Privileged Identity Management is a cloud-based privilege account and permission lifecycle management service provided by Microsoft. There is a security vulnerability in Microsoft Azure Privileged Identity Management, which stems from bypassing authorization through user-controlle...
9front 安全漏洞
9front is an open-source class Unix distributed operating system based on Plan 9. 9front has a security vulnerability, which stems from respecting the default values provided by the website for HTML file upload forms. This vulnerability could allow attackers to create websites with malicious...
Microsoft Azure Resource Manager 授权问题漏洞
Microsoft Azure Resource Manager is a deployment and management service provided by the American company Microsoft. There is an authorization issue vulnerability in Microsoft Azure Resource Manager, which stems from improper authentication practices. This vulnerability could allow unauthorized...
Microsoft Entra ID 访问控制错误漏洞
Microsoft Entra ID is a cloud-based identity and management solution provided by Microsoft Corporation. There is an access control vulnerability in Microsoft Entra ID, which stems from a source verification error. This vulnerability could allow unauthorized attackers to escalate their privileges...
Microsoft 365 Copilot 命令注入漏洞
Microsoft 365 Copilot is a generative AI collaboration assistant integrated into the Microsoft Office suite. Microsoft 365 Copilot has a command injection vulnerability, which stems from improper of special elements during command injections. This vulnerability could allow unauthorized attackers ...
Devolutions Server 安全漏洞
Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server from 2026.1.6.0 to 2026.1.16.0, as well as versions prior to 2025.3.20.0, have security...
Easy Chat Server 安全漏洞
Easy Chat Server is a LAN chat server software developed by Easy Chat Server Inc. Version 3.1 of Easy Chat Server has a security vulnerability. This vulnerability stems from a buffer overflow in the chat message function, which could allow remote attackers to obtain sensitive information and...
Dell PowerFlex Manager 信任管理问题漏洞
Dell PowerFlex Manager is a management tool developed by Dell, Inc. Versions of Dell PowerFlex Manager prior to 4.6.2 contained a trust management vulnerability. This vulnerability stemmed from improper certificate verification, which could allow unauthenticated attackers with access to adjacent...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from sending TCP, IL, RUDP, or GRE packets with a packet size smaller than the header size, potentially...
TP-Link多款产品 安全漏洞
TP-Link Archer RE650, among others, are products of the Chinese company TP-Link. The TP-Link Archer RE650 is a dual-band Gigabit wireless signal extender. The TP-Link Archer RE305 is also a dual-band Gigabit wireless signal extender. The TP-Link Archer RE360 is a wireless repeater that supports...
Avantra 安全漏洞
Avantra is a SAP software developed by the Avantra company. Versions of Avantra prior to 25.3.1 contained security vulnerabilities; these vulnerabilities were due to insufficient session expiration time, which could lead to session reuse...
Docker Desktop 安全漏洞
Docker Desktop is a desktop software by the American company Docker, based on container technology, designed for lightweight application deployment. This product provides a desktop environment that allows creating containers lightweight virtual machines on Linux/Windows/Mac OS systems, as well as...
Dell PowerFlex Manager 输入验证错误漏洞
Dell PowerFlex Manager is a product of the American company Dell. Versions of Dell PowerFlex Manager prior to 4.6.2 contained a vulnerability related to input validation. This vulnerability stemmed from open redirection, allowing unauthenticated attackers to redirect target application users to...
WordPress plugin WP ERP Pro SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
Dell PowerFlex Manager 安全漏洞
Dell PowerFlex Manager is a software-defined infrastructure deployment and lifecycle management platform developed by the American company Dell. Versions of Dell PowerFlex Manager prior to 4.6.2 contain security vulnerabilities. These vulnerabilities stem from the exposure of directory list...
Devolutions Server 安全漏洞
Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server from 2026.1.6.0 to 2026.1.16.0, as well as versions prior to 2025.3.20.0, have security...
Dell Unisphere for PowerMax vApp 授权问题漏洞
Dell Unisphere for PowerMax vApp is a virtualization management solution developed by the American company Dell. Versions of Dell Unisphere for PowerMax vApp prior to 10.0.0.2 had an authorization-related vulnerability. This vulnerability stemmed from an attempt to bypass authorization...
Devolutions Server 安全漏洞
Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server from 2026.1.6.0 to 2026.1.16.0, as well as versions prior to 2025.3.20.0, have security...
Avantra 安全漏洞
Avantra is a SAP software developed by the Avantra company. Versions of Avantra prior to 25.3.0 contained security vulnerabilities. These vulnerabilities stemmed from the use of default passwords, which could allow attempts using common or default usernames and passwords...
ZTE MU5250 安全漏洞
The ZTE MU5250 is a 5G mobile Wi-Fi device produced by ZTE Corporation. The ZTE MU5250 has a security vulnerability, which stems from improper configuration of the access control mechanism. This vulnerability may allow attackers to obtain information without proper authorization, posing a risk of...
Devolutions Server 安全漏洞
Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server from 2026.1.6.0 to 2026.1.16.0, as well as versions prior to 2025.3.20.0, have security...
Devolutions Server 安全漏洞
Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server from 2026.1.6.0 to 2026.1.16.0, as well as versions prior to 2025.3.20.0, have security...