195539 matches found
WordPress plugin ProfileGrid 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
vm2 后置链接漏洞
vm2 is a high-level virtual machine/sandbox developed by Czech developer Patrik Simek. It runs untrusted code using Node’s built-in modules listed in the allowlist. In version 3.10.5 of vm2, there was a post-installation vulnerability that could lead to remote code execution. This vulnerability...
AMD多款产品 安全漏洞
AMD EPYC is a high-performance server processor developed by American semiconductor company AMD. Several AMD products have security vulnerabilities. These vulnerabilities could allow local administrator attackers to modify MMIO routing configurations, potentially leading to loss of SEV-SNP client...
CPython 代码问题漏洞
CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has code vulnerabilities, which originate from the ftpcp function in Lib/ftplib.py. These vulnerabilities could allow attackers to control IP addresses and ports...
MISP modules 信任管理问题漏洞
MISP modules are scalable threat intelligence platform modules developed under the open-source MISP Project. They support import, export, expansion, and automated workflows. Prior to version 3.0.7, there were vulnerabilities related to trust management in MISP modules. These vulnerabilities stemm...
Netty 资源管理错误漏洞
Netty is a non-blocking I/O client-server framework from the Netty community. It is primarily used for developing Java network applications, such as protocol servers and clients. Versions of Netty prior to 4.2.13.Final and 4.1.133.Final contained a resource management vulnerability. This...
Netty 资源管理错误漏洞
Netty is a non-blocking I/O client-server framework from the Netty community. It is primarily used for developing Java network applications, such as protocol servers and clients. Versions of Netty prior to 4.2.13.Final and 4.1.133.Final contained a resource management vulnerability. This...
Netty 环境问题漏洞
Netty is a non-blocking I/O client-server framework developed by the Netty community. It is primarily used for developing Java network applications, such as protocol servers and clients. Versions of Netty prior to 4.2.13.Final and 4.1.133.Final contained environmental issues. These issues stemmed...
Netty 环境问题漏洞
Netty is a non-blocking I/O client-server framework from the Netty community. It is primarily used for developing Java network applications, such as protocol servers and clients. Versions of Netty prior to 4.2.13.Final and 4.1.133.Final contained environmental issues. These issues were caused by...
Netty 安全漏洞
Netty is a non-blocking I/O client-server framework developed by the Netty community. It is primarily used for developing Java network applications, such as protocol servers and clients. Versions of Netty prior to 4.2.13.Final contained security vulnerabilities. These vulnerabilities stemmed from...
Netty 输入验证错误漏洞
Netty is a non-blocking I/O client-server framework developed by the Netty community. It is primarily used for developing Java network applications, such as protocol servers and clients. Versions of Netty prior to 4.2.13.Final and 4.1.133.Final contained a vulnerability related to input validatio...
Palo Alto Networks Broker VM 输入验证错误漏洞
Palo Alto Networks Broker VM is a cloud security broker virtual machine component developed by Palo Alto Networks. There is a vulnerability in the input validation of Palo Alto Networks Broker VM, which allows authenticated administrators to inject arbitrary content into certain fields of the...
vm2 安全漏洞
vm2 is a high-level virtual machine/sandbox developed by Czech developer Patrik Simek. It runs untrusted code using built-in Node.js modules listed in the allowlist. Versions of vm2 prior to 3.11.3 had security vulnerabilities; these vulnerabilities stemmed from the use of the yield expression to...
vm2 安全漏洞
vm2 is a high-level virtual machine/sandbox developed by Czech developer Patrik Simek. It runs untrusted code using Node’s built-in modules listed in the allowlist. Versions of vm2 prior to 3.11.0 have security vulnerabilities; these vulnerabilities stem from sandbox boundary violations. During...
JupyterLab 跨站脚本漏洞
JupyterLab is an open-source extension designed for interactive and reproducible computing environments, based on the Jupyter Notebook framework. Versions of JupyterLab prior to 4.5.7 contained a cross-site scripting vulnerability. This vulnerability stemmed from the HTML cleaner allowing...
PyQuorum 安全漏洞
PyQuorum is an encryption library for key management and secret sharing developed by svvqt individuals. Versions of PyQuorum prior to 0.2.1 contained security vulnerabilities. These vulnerabilities stemmed from the mulmod function, which implemented multiplication through binary expansion loops...
Twisted 资源管理错误漏洞
Twisted is an open-source network engine developed by Twisted Matrix Labs, written in Python. Versions of Twisted prior to 26.4.0rc2 contained a resource management vulnerability. This vulnerability stemmed from a resource exhaustion issue during the DNS name decompression process in the...
Netty 注入漏洞
Netty is a non-blocking I/O client-server framework developed by the Netty community. It is primarily used for developing Java network applications, such as protocol servers and clients. Versions of Netty prior to 4.2.13.Final and 4.1.133.Final contained an injection vulnerability. This...
Netty 资源管理错误漏洞
Netty is a non-blocking I/O client-server framework from the Netty community. It is primarily used for developing Java network applications, such as protocol servers and clients. Versions of Netty prior to 4.2.13.Final and 4.1.133.Final contained a resource management vulnerability. This...
Netty 环境问题漏洞
Netty is a non-blocking I/O client-server framework from the Netty community. It is primarily used for developing Java network applications, such as protocol servers and clients. Versions of Netty prior to 4.2.13.Final and 4.1.133.Final contained environmental issues. These issues stemmed from...
Netty 输入验证错误漏洞
Netty is a non-blocking I/O client-server framework from the Netty community. It is primarily used for developing Java network applications, such as protocol servers and clients. Versions of Netty prior to 4.2.13.Final and 4.1.133.Final contain a vulnerability related to input validation errors...
Netty 注入漏洞
Netty is a non-blocking I/O client-server framework developed by the Netty community. It is primarily used for developing Java network applications, such as protocol servers and clients. Versions of Netty prior to 4.2.13.Final and 4.1.133.Final contained an injection vulnerability. This...
CKAN SQL注入漏洞
CKAN is an open-source data management system developed by CKAN itself. It is used to power data centers and data portals. Versions of CKAN prior to 2.10.10 and 2.11.5 contained a SQL injection vulnerability. This vulnerability stemmed from a flaw in datastoresearchsql, allowing attackers to inje...
CKAN 跨站请求伪造漏洞
CKAN is an open-source data management system developed by CKAN contributors. It is used to power data centers and data portals. Versions of CKAN prior to 2.10.10 and 2.11.5 contained a cross-site request forgeing vulnerability. This vulnerability stemmed from allowing endpoints to be marked as n...
python-multipart 安全漏洞
python-multipart is a Python-based streaming multipart parser developed by Marcelo Trylesinski. Versions of python-multipart prior to 0.0.27 contained a security vulnerability; this vulnerability stemmed from the unlimited parsing of multipart headers, which could lead to denial-of-service attack...
vm2 安全漏洞
vm2 is a high-level virtual machine/sandbox for Node.js developed by Patrik Simek from Czech Republic. It allows for the execution of untrusted code using Node’s built-in modules listed in the allowlist. Versions of vm2 prior to 3.11.0 have security vulnerabilities; these vulnerabilities stem fro...
SAMSUNG SMR 安全漏洞
SAMSUNG SMR is a system patch package developed by Samsung Electronics of South Korea. It provides patches for Samsung mobile applications. Versions prior to SAMSUNG SMR May-2026 Release 1 contained security vulnerabilities. These vulnerabilities stemmed from improper export of Android applicatio...
cPanel 安全漏洞
cPanel is a web-based automated hosting platform developed by the cPanel company in the United States. This platform is primarily used for automating the management of websites and servers. cPanel has security vulnerabilities, which stem from improper permission authorization checks by team...
Palo Alto Networks Prisma SD-WAN ION 安全漏洞
Palo Alto Networks Prisma SD-WAN ION is a series of next-generation software-defined enterprise branch devices from the American company Palo Alto Networks. These devices integrate 4G or 5G cellular network access capabilities. There is a security vulnerability in Palo Alto Networks Prisma SD-WAN...
WordPress plugin WPC Badge Management for WooCommerce 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
Lenovo Personal Cloud Storage 路径遍历漏洞
Lenovo Personal Cloud Storage is a personal cloud storage service provided by Lenovo Corporation. Lenovo Personal Cloud Storage has a path traversal vulnerability, which stems from improper file path validation. This vulnerability could allow remote authenticated users to move or access files of...
Web::Passwd 操作系统命令注入漏洞
Web::Passwd is a Perl module developed by EVANK personal developers, used for managing password files and handling identity authentication in web applications. Versions of Web::Passwd prior to 0.03 contained a vulnerability related to operating system command injection. This vulnerability stemmed...
malcontent 安全漏洞
Malcontent is a supply chain attack detection tool developed by Chainguard. Malcontent has a security vulnerability, which stems from the RecordUsage D-Bus method allowing arbitrary users to slowly fill the disk space in the /var/lib/malcontent-timerd directory...
F5 BIG-IP 安全漏洞
F5 BIG-IP is an application delivery platform developed by F5 Technologies in the United States. It integrates functions such as network traffic management, application security management, and load balancing. There is a security vulnerability in F5 BIG-IP. This vulnerability arises from the...
Palo Alto Networks PAN-OS 代码问题漏洞
Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks for its firewall devices. There are code vulnerabilities in Palo Alto Networks PAN-OS, and these vulnerabilities can lead to multiple denial-of-service attacks. Unauthorized attackers may exploit these vulnerabilitie...
F5 NGINX Plus和F5 NGINX Open Source 安全漏洞
F5 NGINX Plus and F5 NGINX Open Source are both products of the American company F5. F5 NGINX Plus is a software-based application delivery platform. F5 NGINX Open Source is a high-performance web server, reverse proxy server, load balancer, and API gateway. Both F5 NGINX Plus and F5 NGINX Open...
Arqit Symmetric Key Agreement Platform 安全漏洞
The Arqit Symmetric Key Agreement Platform is a quantum-safe key negotiation platform developed by Arqit Corporation. Versions prior to 26.03 of the Arqit Symmetric Key Agreement Platform contained security vulnerabilities. These vulnerabilities stemmed from improper management of the idle timeou...
WordPress plugin Fluent Forms 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
WordPress plugin ProfileGrid 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
F5 BIG-IP 安全漏洞
F5 BIG-IP is an application delivery platform developed by F5 Corporation in the United States. It integrates functions such as network traffic management, application security management, and load balancing. There is a security vulnerability in F5 BIG-IP, which stems from virtual servers...
F5 BIG-IP 安全漏洞
F5 BIG-IP is an application delivery platform developed by F5 Technologies in the United States. It integrates functions such as network traffic management, application security management, and load balancing. There is a security vulnerability in F5 BIG-IP, which stems from virtual servers...
F5 NGINX Plus和F5 NGINX Open Source 资源管理错误漏洞
F5 NGINX Plus and F5 NGINX Open Source are both products of the American company F5. F5 NGINX Plus is a software-based application delivery platform. F5 NGINX Open Source is a high-performance web server, reverse proxy server, load balancer, and API gateway. Both F5 NGINX Plus and F5 NGINX Open...
F5 BIG-IP 安全漏洞
F5 BIG-IP is an application delivery platform developed by F5 Technologies in the United States. It integrates functions such as network traffic management, application security management, and load balancing. F5 BIG-IP has a security vulnerability that stems from allowing authenticated attackers...
Kuicms Php EE 跨站脚本漏洞
Kuicms Php EE is a PHP enterprise website content management system developed by Kuicms. Version 2.0 of Kuicms Php EE contains a cross-site scripting vulnerability. This vulnerability stems from a persistent cross-site scripting issue, which may allow unauthenticated attackers to submit malicious...
WordPress plugin Broadstreet 授权问题漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
Plasma Workspace 安全漏洞
Plasma Workspace is an open-source application developed by the KDE GitHub Mirror project. It serves to run various components required for a Plasma-based environment. Plasma Workspace has a security vulnerability that stems from multiple issues, which may allow an infected plasmalogin service...
Zoom Workplace 安全漏洞
Zoom Workplace is a desktop application developed by the American company Zoom. Versions of Zoom Workplace prior to 7.0.0 contained a security vulnerability. This vulnerability stemmed from a failure in the protection mechanisms, which could allow authenticated users to access sensitive informati...
F5 BIG-IP 安全漏洞
F5 BIG-IP is an application delivery platform developed by F5 Technologies in the United States. It integrates functions such as network traffic management, application security management, and load balancing. There is a security vulnerability in F5 BIG-IP. This vulnerability arises from the use ...
Easy2Pilot 跨站请求伪造漏洞
Easy2Pilot is a customer and property management platform developed by Easy2Pilot Inc., aimed at real estate agents and property sales professionals. Easy2Pilot has a cross-site request forgery vulnerability. This vulnerability stems from cross-site request forgery attacks, which may allow...
Hono 注入漏洞
Hono is a web framework written in TypeScript for the Hono community. Versions of Hono prior to 4.12.16 had an injection vulnerability. This vulnerability stemmed from improper handling of JSX element tag names in hono/jsx, allowing unvalidated tag names to be directly inserted into the generated...