195539 matches found
Veritas InfoScale CmdServer 访问控制错误漏洞
Veritas InfoScale CmdServer is a command execution and remote management service component provided by Veritas Corporation in the US, designed for InfoScale cluster environments. Versions of Veritas InfoScale CmdServer prior to 7.4.2 contained an access control vulnerability, which was caused by...
WordPress plugin Boost SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress plugin Faces of Users 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...
Progress Software MOVEit 安全漏洞
Progress Software MOVEit is a secure hosted file transfer software developed by Progress Software Corporation in the United States. Versions of Progress Software MOVEit prior to 2025.0.11, as well as versions from 2025.1.0 to 2025.1.7, contained security vulnerabilities. These vulnerabilities wer...
Mesalvo Meona Client Launcher Component和Mesalvo Meona Server Component 安全漏洞
The Mesalvo Meona Client Launcher Component and the Mesalvo Meona Server Component are both products of the Mesalvo company. The Mesalvo Meona Client Launcher Component is a component designed for launching clients of medical information systems and facilitating application access. The Mesalvo...
wordpress plugin Image Photo Gallery Final Tiles Grid 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. WordPress plugins are additional applications that can b...
NVIDIA TensorRT 缓冲区错误漏洞
NVIDIA TensorRT is a software development toolkit provided by NVIDIA Corporation for the optimization of deep learning model inference and high-performance deployment. NVIDIA TensorRT has a buffer error vulnerability, which stems from out-of-bounds writes, potentially leading to data corruption...
WordPress plugin YITH WooCommerce Product Add-Ons SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress plugin Bottom Bar 跨站请求伪造漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
Siber Systems RoboForm Password Manager 安全漏洞
Siber Systems RoboForm Password Manager is a password manager offered by Siber Systems. There is a security vulnerability in Siber Systems RoboForm Password Manager. This vulnerability arises from insufficient URL validation, user confirmation, or notification when processing Android intentions. ...
NLnet Labs Unbound 安全漏洞
NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. Versions of NLnet Labs Unbound 1.25.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the DNSSEC verifier failing to account for NSEC3 hash calculation restrictions when querying D...
NLnet Labs Unbound 访问控制错误漏洞
NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. In versions 1.16.2 to 1.25.0 of NLnet Labs Unbound, there is an access control vulnerability. This vulnerability stems from a phantom domain attack. It allows attackers to control phantoms and query the vulnerable...
NLnet Labs Unbound 安全漏洞
NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. Versions of NLnet Labs Unbound 1.25.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from unbound name compression operations when handling large RRsets, which could lead to performanc...
NLnet Labs Unbound 安全漏洞
NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. There are security vulnerabilities in the version of NLnet Labs Unbound from 1.14.0 to 1.25.0. These vulnerabilities stem from the truncation of size calculations when encoding multiple NSIDs and/or DNS Cookies, as...
NLnet Labs Unbound 安全漏洞
NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. Versions of NLnet Labs Unbound 1.25.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from issues with timestamp updates in the jostle logic, which could prevent slow queries from being...
NLnet Labs Unbound 缓冲区错误漏洞
NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. In versions 1.6.2 to 1.25.0 of NLnet Labs Unbound, there is a buffer error vulnerability. This vulnerability stems from a potential stack overflow during the DNSCrypt packet reading process. Malicious attackers can...
NLnet Labs Unbound 安全漏洞
NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. Versions of NLnet Labs Unbound from 1.14.0 to 1.25.0 contain security vulnerabilities. These vulnerabilities stem from inconsistent locking mechanisms, and under certain conditions, they may lead to heap reclamation...
Progress Software MOVEit 安全漏洞
Progress Software MOVEit is a secure hosted file transfer software developed by Progress Software Corporation in the United States. Versions of Progress Software MOVEit prior to 2025.0.11, as well as versions from 2025.1.0 to 2025.1.7, contained security vulnerabilities due to unlimited resource...
Keycloak 安全漏洞
Keycloak is an open-source identity and access management solution developed by Keycloak. Keycloak has a security vulnerability that stems from cross-session verification proofs, which rely solely on local user IDs and IdP aliases without binding actual verified upstream identities. This...
Dell PowerFlex Manager 安全漏洞
Dell PowerFlex Manager is a software-defined infrastructure deployment and lifecycle management platform developed by the American company Dell. Versions of Dell PowerFlex Manager prior to 4.6.2 contain security vulnerabilities. These vulnerabilities stem from the exposure of directory list...
HP Linux Imaging and Printing Software 安全漏洞
HP Linux Imaging and Printing Software is a software package developed by American company HP, designed for the installation, use, and management of HP printers and scanners. There is a security vulnerability in HP Linux Imaging and Printing Software, which stems from integer overflows during the...
Frappe 路径遍历漏洞
Frappe is a web development framework based on Python and Mariadb, with integrated front-end pages, developed by the Indian company Frappe. Versions of Frappe prior to 15.105.0 and 16.15.0 have a path traversal vulnerability. This vulnerability arises from the possibility that path traversal may...
Rsync 安全漏洞
Rsync is a fast and versatile file copying tool developed by RsyncProject. It is used for both remote and local files. Rsync versions 3.4.2 and earlier have security vulnerabilities. These vulnerabilities stem from an authorization bypass in the access control list based on hostnames during chroo...
TeleJSON 跨站脚本漏洞
TeleJSON is an open-source JSON extension library developed by Storybook that supports complex data types. Versions of TeleJSON prior to 6.0.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from a DOM-based cross-site scripting vulnerability within the parse function...
Frappe Learning Management System 路径遍历漏洞
Frappe Learning Management System is an easy-to-use open-source learning management system developed by Frappe. Versions of the Frappe Learning Management System 2.50.0 and earlier had a path traversal vulnerability, which occurred when users uploaded SCORM ZIP packages, potentially leading files...
tickets 跨站脚本漏洞
Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from a reflection-based cross-site scripting vulnerability in the streetview.php file...
tickets 跨站脚本漏洞
Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from a reflection-based cross-site scripting flaw in the addnote.php file. It could...
Trilium Notes 跨站脚本漏洞
Trilium Notes is a hierarchical note application developed by Zadam, a personal developer. It focuses on building large-scale personal knowledge bases. Versions of Trilium Notes prior to 0.102.1 contained a cross-site scripting vulnerability. This vulnerability stemmed from deficiencies such as...
XWiki Platform 安全漏洞
The XWiki Platform is an open-source wiki platform used for creating web collaboration applications. Vulnerabilities exist in versions of the XWiki Platform prior to 18.1.0-rc-1, 17.10.3, 17.4.9, and 16.10.17. These vulnerabilities stem from the POST /wikis/wikiName API not performing...
NVIDIA Triton Inference Server 路径遍历漏洞
NVIDIA Triton Inference Server is an open-source software developed by NVIDIA Corporation. It helps standardize model deployment and provide fast, scalable AI in production environments. NVIDIA Triton Inference Server has a path traversal vulnerability, which stems from path traversal issues and...
Cisco ThousandEyes Enterprise Agent 操作系统命令注入漏洞
Cisco ThousandEyes Enterprise Agent is an application developed by Cisco, a US-based company. It provides extended visibility, automated insights, and seamless workflows. There is a vulnerability in the Cisco ThousandEyes Enterprise Agent that involves operating system command injection. This...
libsolv 安全漏洞
Libsolv is a library in OpenSUSE that is used for checking software package dependencies. Libsolv has a security vulnerability; this vulnerability stems from a heap buffer overflow that occurs when the repoaddsolv function processes specially crafted.solv files, potentially leading to a...
libsolv 安全漏洞
Libsolv is a library in OpenSUSE that is used for checking software package dependencies. Libsolv has a security vulnerability, which stems from a stack buffer overflow in the Debian metadata parser when processing specially crafted Debian repository metadata. This could lead to memory corruption...
EPSON L14150 安全漏洞
The EPSON L14150 is a multifunctional printer from the Japanese company EPSON. It supports A3+ format printing and wireless connectivity. The EPSON L14150 FL27PB version has a security vulnerability. This vulnerability stems from a buffer overflow issue in the RAW Printing Service JetDirect on po...
WordPress plugin os-diagnosis-generator 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
Progress Software MOVEit 安全漏洞
Progress Software MOVEit is a secure hosted file transfer software developed by Progress Software Corporation in the United States. Versions of Progress Software MOVEit prior to 2025.0.11, as well as versions from 2025.1.0 to 2025.1.7, contained security vulnerabilities. These vulnerabilities wer...
WordPress plugin Boost 代码问题漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...
WordPress plugin Slider Revolution 信息泄露漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress plugin Games Catalog 跨站请求伪造漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
MongoDB Compass 安全漏洞
MongoDB Compass is a free interactive tool provided by the American company MongoDB. It is used for querying, optimizing, and analyzing MongoDB data. There is a security vulnerability in MongoDB Compass, which stems from prototype pollution. This vulnerability may allow certain users to access...
wordpress plugin Gift Cards For WooCommerce Pro 代码问题漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
NVIDIA TRT-LLM 安全漏洞
NVIDIA TRT-LM is a high-performance inference framework developed by NVIDIA Corporation for optimizing the inference acceleration and deployment of large language models. NVIDIA TRT-LM contains a security vulnerability, which stems from unchecked return values leading to null pointer dereferencin...
WordPress plugin PDF for Elementor Forms + Drag And Drop Template Builder 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
Taiko AG1000-01A SMS Alert Gateway 访问控制错误漏洞
The Taiko AG1000-01A SMS Alert Gateway is an industrial communication gateway device developed by Taiko Company in Singapore. Both the Rev 7.3 and Rev 8 versions of the Taiko AG1000-01A SMS Alert Gateway contain access control vulnerability issues. This vulnerability stems from an authentication...
WordPress plugin Amazon Scraper 跨站请求伪造漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
Progress Software MOVEit 安全漏洞
Progress Software MOVEit is a secure hosted file transfer software developed by Progress Software Corporation in the United States. Versions of Progress Software MOVEit prior to 2025.0.11, as well as versions from 2025.1.0 to 2025.1.7, contained security vulnerabilities. These vulnerabilities wer...
HCL BigFix Service Management 安全漏洞
HCL BigFix Service Management is an IT service management and asset management platform developed by the Indian company HCL. HCL BigFix Service Management has a security vulnerability, which stems from configuration issues. Using outdated or insecure base images may introduce known vulnerabilitie...
WordPress plugin BLOGCHAT Chat System 跨站请求伪造漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress plugin Advanced Database Cleaner – Premium 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
Veritas Technologies Infoscale Operations Manager 跨站请求伪造漏洞
Veritas Technologies Infoscale Operations Manager is a software developed by Veritas Technologies in the United States, used for managing the entire InfoScale deployment. This software offers features such as multi-cluster management, custom interfaces, and centralized audit logging. Version 9.1....