195539 matches found
AutoGPT 代码注入漏洞
AutoGPT is an open-source tool developed by AutoGPT. It aims to make AI accessible and usable for everyone. In versions 0.6.34 to 0.6.51 of AutoGPT, there was a code injection vulnerability. This vulnerability stemmed from the use of pickle.loads to deserialize Redis cache data without proper...
Drupal Date iCal 安全漏洞
Drupal Date iCal is a Drupal calendar export module developed by the Drupal company. Versions of Drupal Date iCal prior to 4.0.15 contained security vulnerabilities, which were due to lack of authorization and could lead to forced browsing...
Drupal Translate Drupal with GTranslate 安全漏洞
Drupal Translate Drupal with GTranslate is a Drupal content access control module developed by the Drupal company. Versions of Drupal Translate Drupal with GTranslate prior to version 3.0.5 contained security vulnerabilities; these vulnerabilities stemmed from modifications to assumed immutable...
Drupal core 跨站脚本漏洞
Drupal Core is a free, open-source content management system developed in PHP by the Drupal community. Versions of Drupal Core prior to 11.3.0 and 11.3.7 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper input validation during web page generation, which cou...
Mantis Bug Tracker 访问控制错误漏洞
Mantis Bug Tracker MantisBT is an open-source bug tracker developed by Mantis Bug Tracker. Versions of Mantis Bug Tracker 2.28.1 and earlier contained a access control vulnerability. This vulnerability stemmed from insufficient access control checks in the ProjectUsersAddCommand, allowing users...
SAMSUNG Escargot 安全漏洞
SAMSUNG Escargot is a memory-optimized JavaScript engine developed by South Korea’s Samsung Corporation. It is suitable for mid-range devices such as smartphones, tablets, and TVs. SAMSUNG Escargot has a security vulnerability that stems from a heap buffer overflow, which may lead to buffer...
SAMSUNG Escargot 安全漏洞
SAMSUNG Escargot is a memory-optimized JavaScript engine developed by South Korea’s Samsung Corporation. It is suitable for mid-range devices such as smartphones, tablets, and TVs. SAMSUNG Escargot has a security vulnerability that stems from uncontrolled recursion, which may lead to excessive...
SAMSUNG Escargot 代码问题漏洞
SAMSUNG Escargot is a memory-optimized JavaScript engine developed by South Korea’s Samsung Corporation. It is suitable for mid-range devices such as smartphones, tablets, and TVs. SAMSUNG Escargot has a code vulnerability that stems from improper exception or special case handling, which may lea...
Escargot 缓冲区错误漏洞
Escargot is a lightweight JavaScript engine developed by Samsung for use in resource-constrained embedded devices. Escargot has a buffer overflow vulnerability, which stems from out-of-buffer writes, potentially leading to buffer overflows...
Sparx Systems Sparx Pro Cloud Server 安全漏洞
Sparx Systems' Sparx Pro Cloud Server is a modeling and service platform developed by the Australian company Sparx Systems. It supports remote access to model repositories and collaborative management. Versions of Sparx Pro Cloud Server prior to version 6.1 contained security vulnerabilities. The...
Pharmacy Manegement System 安全漏洞
Pharmacy Manegement System is a drug sales and inventory management tool developed by Lalana Chamika individually. Version 5c3d028 of Pharmacy Manegement System has a security vulnerability. This vulnerability stems from the lack of an authentication middleware on the API endpoints. It allows...
Qt 代码问题漏洞
Qt is an open-source, cross-platform application development framework. Qt has code vulnerabilities, which stem from an issue with uncontrolled search path elements in the backend of OpenSSL TLS. This vulnerability allows local attackers to load malicious CA certificates as trusted system...
Nozomi Networks CMC和Nozomi Networks Guardian 跨站脚本漏洞
Nozomi Networks CMC and Nozomi Networks Guardian are both products of Nozomi Networks, a company based in the United States. Nozomi Networks CMC is a network management platform. Nozomi Networks Guardian is a security software. Both Nozomi Networks CMC and Nozomi Networks Guardian have cross-site...
Tyler Identity Local 安全漏洞
Tyler Identity Local is a government and public sector identity authentication and local identity management system developed by the American company Tyler. Tyler Identity Local has a security vulnerability, which stems from the use of documented default management credentials. Users do not need ...
WordPress plugin Fortis for WooCommerce 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
Panabit PAP-XM320 路径遍历漏洞
Panabit PAP-XM320 is an enterprise-level network traffic management and bandwidth control gateway device developed by Panabit Corporation. Versions of Panabit PAP-XM320 prior to v7.7 contain a path traversal vulnerability. This vulnerability stems from the use of a file system existence check bas...
Technitium DNS Server 安全漏洞
Technitium DNS Server is an open-source authoritative and recursive DNS server developed by the Technitium team. It can be used as a self-hosted DNS server to protect privacy and security. Versions of Technitium DNS Server prior to version 15.0 contained security vulnerabilities. These...
Keycloak 安全漏洞
Keycloak is an open-source identity and access management solution developed by Keycloak itself. Keycloak has a security vulnerability, which stems from low-privilege administrators with the view-clients role being able to exploit the evaluate-scopes management API endpoint by passing arbitrary...
Mozilla多款产品 安全漏洞
Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...
Mozilla Firefox多款产品 输入验证错误漏洞
Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...
Mozilla多款产品 输入验证错误漏洞
Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...
Mozilla多款产品 输入验证错误漏洞
Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...
Mozilla多款产品 资源管理错误漏洞
Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...
Mozilla多款产品 缓冲区错误漏洞
Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...
WordPress plugin Funnel Builder for WooCommerce Checkout 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
TYPO3 Extension Faceted Search 路径遍历漏洞
TYPO3 Extension Faceted Search is an open-source extension for TYPO3 that enables faceted search. TYPO3 Extension Faceted Search has a path traversal vulnerability. This vulnerability stems from the fact that the file indexer does not normalize the configured directory paths. As a result, backend...
Mozilla多款产品 资源管理错误漏洞
Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...
Mozilla Thunderbird 缓冲区错误漏洞
Mozilla Thunderbird is an email client software developed by the Mozilla Foundation in the United States, and it is a separate product from the Mozilla Application Suite. This software supports IMAP and POP email protocols, as well as HTML email formats. Versions 140.10 and 150 of Mozilla...
Ledger多款产品 安全漏洞
The Ledger Nano X, among others, are products of the French company Ledger. The Ledger Nano X is a hardware wallet for cryptocurrency assets. The Ledger Flex is a touch-screen hardware wallet for cryptocurrency assets. The Ledger Stax is a curved electronic ink-screen hardware wallet for...
Sparx Systems Sparx Pro Cloud Server 竞争条件问题漏洞
Sparx Pro Cloud Server is a modeling and service platform developed by Sparx Systems in Australia. It supports remote access to model repositories and collaborative management. Versions of Sparx Pro Cloud Server prior to version 6.1 contained a race condition vulnerability. This vulnerability...
OpenHarmony 安全漏洞
OpenHarmony is an open-source project for a Harmony operating system developed by the OpenAtom Foundation in China. Versions of OpenHarmony 6.0 and earlier contain security vulnerabilities, and attackers can exploit these vulnerabilities to cause information leaks...
Mozilla Firefox和Mozilla Thunderbird 安全漏洞
Mozilla Firefox and Mozilla Thunderbird are both products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla Application Suite. This software supports IMAP and POP email...
InnoShop 安全漏洞
InnoShop is an open-source e-commerce system based on Laravel 11, developed by InnoShop. Version 0.6.0 of InnoShop has a security vulnerability. This vulnerability stems from improper authorization; attackers can log in to the frontend and directly access the backend application interfaces, leadi...
SAMSUNG Escargot 安全漏洞
SAMSUNG Escargot is a memory-optimized JavaScript engine developed by South Korea’s Samsung Corporation. It is suitable for mid-range devices such as smartphones, tablets, and TVs. SAMSUNG Escargot has a security vulnerability that stems from excessively large memory allocation values, which may...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.179 contained a resource management vulnerability. This vulnerability stemmed from the reuse of DOM elements after their release, which could allow remote attackers to execute arbitrary code with...
Sparx Enterprise Architect 安全漏洞
Sparx Enterprise Architect is a modeling and design tool developed by the Australian company Sparx. Versions of Sparx Enterprise Architect prior to 17.1 contained security vulnerabilities. These vulnerabilities stemmed from security features that restricted user actions. Authorized attackers coul...
TYPO3 Extension Content Element Selector 代码问题漏洞
TYPO3 Extension Content Element Selector is an open-source extension for TYPO3 that allows users to select content elements. This extension has a code vulnerability that stems from the extension directly passing cookies controlled by the attacker to the PHP’s unserialize function without proper...
Mozilla多款产品 安全漏洞
Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...
Mozilla Firefox和Mozilla Thunderbird 安全漏洞
Mozilla Firefox and Mozilla Thunderbird are both products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla Application Suite. This software supports IMAP and POP email...
WordPress plugin Contest Gallery SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
Scalar 安全漏洞
Scalar is an interactive API documentation and testing tool developed by Scalar OpenSource. Version 0.1.13 of Scalar contains a security vulnerability. This vulnerability stems from the scalarurl query parameter on the Scalar Proxy endpoint, which involves server-side request forgeing. This could...
Sparx Systems Sparx Pro Cloud Server 安全漏洞
Sparx Pro Cloud Server is a modeling and service platform developed by Sparx Systems in Australia. It supports remote access to model repositories and collaborative management. Versions of Sparx Pro Cloud Server prior to version 6.1 contained security vulnerabilities. These vulnerabilities stemme...
Microsoft Defender 安全漏洞
Microsoft Defender is a threat protection software developed by the American company Microsoft. There is a security vulnerability in Microsoft Defender, which stems from a heap buffer overflow. Unauthorized attackers may execute code through the network as a result of this vulnerability...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. In versions prior to 148.0.7778.179, there was a resource management vulnerability that stemmed from the reuse of GPU resources after they were released. This vulnerability could allow remote attackers to execute arbitrary code within a...
Mozilla Firefox和Mozilla Thunderbird 安全漏洞
Mozilla Firefox and Mozilla Thunderbird are both products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla Application Suite. This software supports IMAP and POP email...
Mozilla Firefox和Mozilla Thunderbird 安全漏洞
Mozilla Firefox and Mozilla Thunderbird are both products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla Application Suite. This software supports IMAP and POP email...
OpenHarmony 输入验证错误漏洞
OpenHarmony is an open-source project for a Harmony operating system developed by the OpenAtom Foundation in China. Versions of OpenHarmony 6.0 and earlier contained a vulnerability related to input validation. Attackers could exploit this vulnerability to cause denial-of-service attacks...
Keycloak 安全漏洞
Keycloak is an open-source identity and access management solution developed by Keycloak. Keycloak has a security vulnerability, which stems from a session fixation issue in the login endpoint. This vulnerability could allow unauthenticated attackers to intercept the authentication process,...
TP-Link Archer AX72 安全漏洞
The TP-Link Archer AX72 is a Wi-Fi 6 wireless router produced by TP-Link Corporation. The TP-Link Archer AX72 SG v1 version has a security vulnerability. This vulnerability arises from the improper handling of invalid user inputs by the network diagnostic function, which may lead to limited...
Portrait Displays Dell Color Management 后置链接漏洞
Portrait Displays Dell Color Management is a color management software developed by Portrait Displays Corporation in the United States. Versions of Portrait Displays Dell Color Management prior to version 3.7.0 contained a backlink vulnerability. This vulnerability stemmed from the improper...