195539 matches found
389 Directory Server 缓冲区错误漏洞
389 Directory Server is an open-source implementation of a highly available, fully functional, reliable, and secure LDAP server. There is a security vulnerability in 389 Directory Server, which stems from type confusion during the processing of SSO token extensions. As a result, some stack trace...
Adobe CAI Content Credentials 资源管理错误漏洞
Adobe CAI Content Credentials is a content trust marking system provided by Adobe Inc., which offers capabilities for authenticating digital content sources and tracking its editing history. The Adobe CAI Content Credentials version [email protected] and versions prior to c2pa-v0.80.1 have a resourc...
Microsoft Office Word 缓冲区错误漏洞
Microsoft Office Word is a word processing software developed by Microsoft and open sourced. There are security vulnerabilities in Microsoft Office Word. Attackers can exploit these vulnerabilities to execute code. The following products and versions are affected: Microsoft 365 Apps for Enterpris...
OpenSSL 安全漏洞
OpenSSL is an open-source encryption library developed by the OpenSSL team, capable of implementing Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure hash...
Microsoft Office Sharepoint Server 输入验证错误漏洞
Microsoft Office SharePoint is an enterprise content collaboration and document management platform developed by Microsoft Corporation. There is a vulnerability in input validation of Microsoft Office SharePoint. Attackers exploit this vulnerability to execute cross-site scripting attacks. The...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a backport of patch ea52cb24cd3f. This patch improperly handled the hugetlb VMA lock allocation,...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, where the access mode flag is set using an OR operation instead of a replacement. This vulnerability may prevent...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, caused by an error in the use of comparison operators, which may lead to out-of-bounds access to arrays...
Tenda O3 安全漏洞
The Tenda O3 is an outdoor wireless bridge produced by the Chinese company Tenda. The Tenda O3v3 1.0.0.5 version contains a security vulnerability. This vulnerability stems from a stack overflow issue in the savelistdata parameter of the formSetCfm function, which could allow attackers to cause...
bookcars 安全漏洞
Bookcars is a car rental management platform developed by Akram El Assas. Version 8.3 of Bookcars contains a security vulnerability. This vulnerability stems from the/api/create-user component, which has an unlimited file renaming vulnerability. This could allow authenticated attackers to use...
Adobe InDesign Desktop 资源管理错误漏洞
Adobe InDesign Desktop is a page layout software developed by Adobe, a company based in America. Versions of Adobe InDesign Desktop such as 21.3, 20.5.3, and earlier versions have a resource management vulnerability. This vulnerability stems from a release-after-reuse flaw, which could allow...
LIGHTNINGLINK X-VPN 安全漏洞
LIGHTNINGLINK X-VPN is a virtual private network service client provided by LIGHTNINGLINK Corporation. Versions 77.0 to 77.5 of LIGHTNINGLINK X-VPN contain security vulnerabilities. These vulnerabilities stem from race conditions and symbolic link operations within the isolation and recovery...
OpenSSL 加密问题漏洞
OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...
WordPress plugin MailerPress – Email Marketing, Newsletter, Email Automation & WooCommerce Emails 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
Adobe InCopy 安全漏洞
Adobe InCopy is a text editing software for creative purposes developed by Adobe, Inc. Versions of Adobe InCopy such as 21.3, 20.5.3, and earlier versions have security vulnerabilities. These vulnerabilities stem from stack buffer overflow exploits, which could allow arbitrary code to execute...
Microsoft Office Sharepoint Server 路径遍历漏洞
Microsoft Office SharePoint is an enterprise content collaboration and document management platform developed by Microsoft Corporation. There is a path traversal vulnerability present in Microsoft Office SharePoint. Attackers can exploit this vulnerability to execute code remotely. The following...
OpenSSL 加密问题漏洞
OpenSSL is an open-source encryption library developed by the OpenSSL team that enables the implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure has...
WordPress plugin Blocksy 代码问题漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
Adobe Experience Manager 跨站脚本漏洞
Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...
OpenSSL 资源管理错误漏洞
OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...
Microsoft Windows Hotpatch Monitoring Service 缓冲区错误漏洞
Microsoft Windows is an operating system used on personal devices by the American company Microsoft. The Microsoft Windows Hotpatch Monitoring Service has a buffer error vulnerability. The following products and versions are affected: Windows Server 2025 Server Core installation, Windows 11 Versi...
tmux 缓冲区错误漏洞
tmux is an open-source terminal multiplexer developed by tmux. Versions of tmux 3.6a and earlier contained a buffer error vulnerability. This vulnerability stemmed from the imagefree function in image.c, which allowed reusing memory after it had been freed, potentially leading to local attacks...
Malwarebytes 安全漏洞
Malwarebytes is an application software developed by the American company Malwarebytes, which provides anti-malware capabilities for devices. This software is designed to protect against viruses, spyware, Trojan horses, worms, dialers, and other malicious software. Versions of Malwarebytes 4.x an...
WordPress plugin Product Filter Widget for Elementor 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added to a...
Adobe Acrobat Reader 资源管理错误漏洞
Adobe Acrobat Reader is a PDF viewer developed by Adobe Inc. This software is used for printing, signing, and annotating PDF documents. Versions of Adobe Acrobat Reader 24.001.30365, 26.001.21651, and earlier versions have a resource management vulnerability. This vulnerability stems from the reu...
TYPO3 CMS 安全漏洞
TYPO3 CMS is a content management system developed under the TYPO3 open source framework. There is a security vulnerability in TYPO3 CMS, which stems from unauthorized backend users having access to write operations on the root directory of active files. This can lead to unauthorized moves,...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system developed by Chinese company Huawei. It is a full-scenario distributed operating system based on a microkernel architecture. There is a security vulnerability in Huawei HarmonyOS, which stems from a logic bypass in the file system. This vulnerability may...
Adobe ColdFusion 输入验证错误漏洞
Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.19, 2025.8, and earlier versions have a vulnerability related to input validation...
Microsoft Office Sharepoint Server 跨站脚本漏洞
Microsoft Office SharePoint is an enterprise content collaboration and document management platform developed by Microsoft Corporation. Microsoft Office SharePoint has a cross-site scripting vulnerability. Attackers utilize this vulnerability to carry out phishing attacks. The following products...
Fortinet多款产品 操作系统命令注入漏洞
FortiSandbox is a security sandbox product provided by Fortinet, primarily used for detecting and analyzing malware. Fortinet FortiSandbox has a vulnerability related to OS command injection. This vulnerability stems from an inability to properly neutralize the special elements used in OS command...
AMD uProf 安全漏洞
AMD uProf is a cross-platform performance analysis tool developed by AMD, Inc. for AMD processor architecture. AMD uProf has a security vulnerability; this vulnerability stems from unlimited resource allocation, which may lead to excessive consumption of system resources and resulting in usabilit...
Microsoft Function Discovery Service (fdwsd.dll) 竞争条件问题漏洞
The Microsoft Function Discovery Service is a background service provided by Microsoft Corporation. There are competition-related vulnerabilities in the Microsoft Function Discovery Service fdwsd.dll. The following products and versions are affected: Windows 11 Version 26H1 for ARM64-based System...
Tenda W15E 安全漏洞
Tenda W15E is a wireless router produced by the Chinese company Tenda. The Tenda W15E has a buffer overflow vulnerability in the webAuthWhiteUserInfo parameter. Attackers can exploit this vulnerability to cause denial-of-service attacks through specially crafted HTTP requests...
Microsoft Office Excel 缓冲区错误漏洞
Microsoft Office Excel is a spreadsheet software developed by Microsoft in the United States. There is a security vulnerability in Microsoft Office Excel, which stems from integer underflow. This vulnerability may allow unauthorized attackers to execute code locally...
Adobe InDesign Desktop 安全漏洞
Adobe InDesign Desktop is a professional desktop publishing application, primarily used for page layout design in print and digital media. Adobe InDesign Desktop has a buffer overflow vulnerability that stems from improper handling of malicious files during user interactions. Attackers can exploi...
Apache Answer 信息泄露漏洞
Apache Answer is a community platform of the Apache Foundation in the United States. Versions of Apache Answer 2.0.0 and earlier had an information leakage vulnerability. This vulnerability stemmed from the lack of access restrictions on direct API endpoints, which allowed authenticated users to...
Microsoft Kinect 权限许可和访问控制问题漏洞
The Microsoft Kinect is a motion input device developed by Microsoft Corporation. The Microsoft Kinect has an access control vulnerability. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are affected: Windows Server 2025, Windows 10 Version...
SAP ODP Data Replication APIs 安全漏洞
SAP ODP Data Replication APIs are a set of enterprise data replication interfaces provided by the German company SAP. There is a security vulnerability in SAP ODP Data Replication APIs, which stems from the lack of identification of callers for allowed internal SAP applications. If these APIs are...
Microsoft Office Sharepoint Server 反序列化注入漏洞
Microsoft Office SharePoint is an enterprise content collaboration and document management platform developed by Microsoft Corporation. There are code-related vulnerabilities in Microsoft Office SharePoint. Attackers can exploit these vulnerabilities to gain higher privileges. The following...
OSCAL-GUI 跨站脚本漏洞
OSCAL-GUI is a graphical interface tool developed by OSCAL Corporation for creating, editing, viewing, and managing OSCAL compliance data models. OSCAL-GUI has a cross-site scripting vulnerability, which stems from the failure to clean up malicious inputs injected through project request...
Hermes Web UI 安全漏洞
Hermes Web UI is a lightweight, dark-themed web interface developed by Nathan Esquenazi. Versions of Hermes Web UI prior to 0.51.269 contained security vulnerabilities. These vulnerabilities were caused by a configuration file isolation bypass issue, which could allow authenticated users to acces...
Microsoft Windows Ancillary Function Driver for WinSock 竞争条件问题漏洞
The Microsoft Windows Ancillary Function Driver for WinSock is a supplementary function driver for Winsock developed by Microsoft Corporation. There are vulnerabilities related to race conditions in the Microsoft Windows Ancillary Function Driver for WinSock. Attackers can exploit these...
Adobe Experience Manager 跨站脚本漏洞
Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among...
OpenSSL 异常处理不当漏洞
OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...
FreeSWITCH 安全漏洞
FreeSWITCH is a free and open-source communication software developed by Anthony Minessale, an individual developer from the United States. This software can be used to create audio, video, and short message-based products and applications. Prior to FreeSWITCH version 1.11.0, there were security...
Microsoft Office Excel 处理逻辑错误漏洞
Microsoft Office Excel is a spreadsheet software developed by Microsoft and open source. There are security vulnerabilities in Microsoft Office Excel. Attackers can exploit these vulnerabilities to bypass certain features. The following products and versions are affected: Microsoft 365 Apps for...
Adobe Acrobat Reader 缓冲区错误漏洞
Adobe Acrobat Reader is a PDF viewer developed by Adobe Inc. This software is used for printing, signing, and annotating PDF documents. Versions of Adobe Acrobat Reader such as 24.001.30365, 26.001.21651, and earlier versions have a buffer error vulnerability. This vulnerability stems from...
FreeSWITCH 输入验证错误漏洞
FreeSWITCH is a free and open-source communication software developed by Anthony Minessale, an individual developer from the United States. This software can be used to create audio, video, and short message-based products and applications. Prior to FreeSWITCH version 1.11.0, there was a...
Adobe ColdFusion 输入验证错误漏洞
Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.19, 2025.8, and earlier versions have a vulnerability related to input validation...
Windows Universal Disk Format File System Driver (UDFS) 数字错误漏洞
The Microsoft Windows Universal Disk Format File System Driver is an open-source Windows file system driver developed by Microsoft. There is a security vulnerability in the Microsoft Windows Universal Disk Format File System Driver, which may allow authorized attackers to gain local privileges...