195539 matches found
HashiCorp Nomad和HashiCorp Nomad Enterprise 后置链接漏洞
HashiCorp Nomad and HashiCorp Nomad Enterprise are both products from HashiCorp, a company based in the United States. HashiCorp Nomad is a simple and flexible scheduler and orchestrator. It’s used for managing containers and non-containerized applications on both local and cloud environments...
Machine Learning Engineering Open Book 安全漏洞
Machine Learning Engineering Open Book is a collection of methodologies for training and fine-tuning large language models developed by Stas Bekman. There is a security vulnerability in Machine Learning Engineering Open Book. This vulnerability arises from the use of the torch-checkpoint-shrink.p...
Pingvin Share 授权问题漏洞
Pingvin Share is a self-hosted file sharing platform developed by Elias Schneider as an individual project. Versions of Pingvin Share from 1.14.1 to 1.16.2 have vulnerabilities related to authorization. These vulnerabilities stem from critical authentication bypass exploits, which could allow...
Adobe Connect 安全漏洞
Adobe Connect is a software developed by Adobe in the United States, used to create meeting environments. There is a security vulnerability in Adobe Connect, which stems from incorrect authorization settings. This vulnerability may allow for the execution of arbitrary code within the current user...
Adobe CAI Content Credentials 资源管理错误漏洞
Adobe CAI Content Credentials is a content trust marking system provided by Adobe Inc., which offers capabilities for authenticating digital content sources and tracking its editing history. There is a resource management vulnerability in Adobe CAI Content Credentials; this vulnerability stems fr...
Intel QAT software drivers for Windows 安全漏洞
Intel QAT software drivers for Windows are a set of encryption and compression hardware acceleration drivers for the Windows platform developed by Intel Corporation. Versions prior to Intel QAT software drivers for Windows 1.13 contain security vulnerabilities. These vulnerabilities stem from...
Google Chrome 缓冲区错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a buffer overflow vulnerability, which was caused by an out-of-bounds write issue in the Codecs component. This vulnerability could allow remote attackers to execute a sandbox escap...
WordPress plugin Hustle 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
Dell PowerScale InsightIQ 安全漏洞
Dell PowerScale InsightIQ is a powerful performance monitoring and reporting tool developed by the American company Dell. Versions 5.0.0 to 6.2.0 of Dell PowerScale InsightIQ contain security vulnerabilities. These vulnerabilities stem from issues with unnecessary permission executions, which cou...
Microsoft Azure Machine Learning 注入漏洞
Microsoft Azure Machine Learning is a machine learning service provided by Microsoft Corporation in the United States. There is an injection vulnerability present in Microsoft Azure Machine Learning. Attackers utilize this vulnerability to carry out phishing attacks...
Subnet Solutions PowerSYSTEM Center 安全漏洞
Subnet Solutions PowerSYSTEM Center is a power solution offered by Subnet Solutions Corporation. There is a security vulnerability present in Subnet Solutions PowerSYSTEM Center, which stems from the fact that device endpoints allow low-privilege authenticated users to access information that is...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability. This vulnerability stemmed from insufficient execution of the Passwords component’s policies, which could allow a remote attacker with access to a broken...
Adobe Substance3D Designer 缓冲区错误漏洞
Adobe Substance3D Designer is a texture and material creation software developed by Adobe Inc. Versions of Adobe Substance3D Designer 15.1.0 and earlier contain a buffer error vulnerability, which stems from out-of-buffer writes, potentially allowing arbitrary code to execute in the current user...
OptiMate 安全漏洞
OptiMate is an AI model optimization tool library developed by Nebuly. There is a security vulnerability in OptiMate. This vulnerability stems from the loadmodel function in the neuralmagictraining.py script, which directly executes the content of the module.py file located in the user-provided...
WordPress plugin FastBots 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
ksmbd 缓冲区错误漏洞
ksmbd is an open-source CIFS/SMB3 server created by Namjae Jeon for the Linux kernel. It implements the SMB/CIFS protocol within the kernel space, used for sharing files and IPC services over a network. ksmbd has a buffer error vulnerability, which stems from remote memory corruption in the ACL...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability, which was caused by an integer overflow issue in the ANGLE component. This vulnerability could allow remote attackers to execute out-of-bound memory writes...
Google Chrome 竞争条件问题漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a race condition vulnerability, which originated from a race condition issue in the Payments component. This vulnerability could allow remote attackers to exploit the system by usin...
WordPress plugin Pricing Tables for WP 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
Microsoft SharePoint 代码问题漏洞
Microsoft SharePoint is a corporate business collaboration platform developed by Microsoft Corporation in the United States. This platform is used for integrating business information and enabling sharing of work, collaboration with others, organization of projects and teams, as well as searching...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability. This vulnerability stemmed from a reuse issue in the Aura component after release, which could allow remote attackers who have breached the...
Microsoft Word 资源管理错误漏洞
Microsoft Word is a word processing software within the Office suite developed by Microsoft Corporation. There is a resource management vulnerability in Microsoft Word. Attackers can exploit this vulnerability to execute code remotely. The following products and versions are affected: Microsoft...
SAP NetWeaver ABAP Platform和SAP NetWeaver Application Server for ABAP 代码注入漏洞
SAP NetWeaver ABAP Platform and SAP NetWeaver Application Server for ABAP are both products of SAP, a German company. SAP NetWeaver ABAP Platform is an integrated technology platform. SAP NetWeaver Application Server for ABAP is a core application server platform. Both SAP NetWeaver ABAP Platform...
Adobe CAI Content Credentials 输入验证错误漏洞
Adobe CAI Content Credentials is a content trust marking system provided by Adobe Inc., which offers capabilities for authenticating digital content sources and tracking its editing history. Versions of Adobe CAI Content Credentials such as 0.78.2, 0.7.0, and earlier versions contained...
SAP HANA Deployment Infrastructure deploy library SQL注入漏洞
SAP HANA Deployment Infrastructure deploy library is a deployment support library developed by SAP, a German company, for the deployment and lifecycle management of SAP HANA applications. The SAP HANA Deployment Infrastructure deploy library contains a SQL injection vulnerability. This...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability, which was caused by integer overflow in Skia. This vulnerability could allow remote attackers who have compromised rendering processes to execute...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability. This vulnerability stemmed from a problem with the reuse of resources after their release, which could allow remote attackers who have breached...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability. This vulnerability stemmed from a problem with the Tab Groups component regarding the reuse of resources after release. It could allow remote...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 148.0.7778.168 contained security vulnerabilities, which were caused by improper implementation of Views. These vulnerabilities could allow remote attackers to execute UI spoofing through...
Ivanti Endpoint Manager 安全漏洞
Ivanti Endpoint Manager EPM is a set of endpoint security managers developed by the American company Ivanti. Versions of Ivanti Endpoint Manager prior to EPM 2024 SU6 contained security vulnerabilities. These vulnerabilities were due to improper delegation of permissions by agents, which could...
OptiMate 安全漏洞
OptiMate is an AI model optimization tool library developed by Nebuly. There is a security vulnerability in OptiMate. This vulnerability stems from the loadmodel function in the neuralmagictraining.py script, which loads model files using torch.load, without enabling the weightsonly=True paramete...
Fortinet FortiDeceptor 参数注入漏洞
Fortinet FortiDeceptor is a network threat detection platform developed by the American company Fortinet. This platform primarily exploits deceptive techniques to uncover network threats. Versions of Fortinet FortiDeceptor, ranging from 6.0.0 to 6.0.2, 5.3.0 to 5.3.3, 5.2.0 to 5.2.1, all versions...
Intel Data Center Graphics Driver 缓冲区错误漏洞
The Intel Data Center Graphics Driver is a set of graphics drivers developed by Intel Corporation for data center GPUs and graphics acceleration devices. Versions of the Intel Data Center Graphics Driver prior to 2.0.2 contained a buffer error vulnerability. This vulnerability stemmed from...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability. This vulnerability stemmed from a problem with the reuse of resources after they were released in the Network component. It could allow remote...
Intel Slim Bootloader 输入验证错误漏洞
Intel Slim Bootloader is a lightweight security bootloader designed by Intel Corporation for the Intel platform. There is an input validation vulnerability in Intel Slim Bootloader, which stems from an integer overflow issue in the UEFI firmware. This vulnerability may lead to privilege escalatio...
Ivanti Xtraction 安全漏洞
Ivanti Xtraction is a data analysis and visualization reporting platform developed by the American company Ivanti, designed for IT operations and service management scenarios. Versions of Ivanti Xtraction prior to 2026.2 contained security vulnerabilities. These vulnerabilities stemmed from...
Microsoft Office 访问控制错误漏洞
Microsoft Office is a suite of office software products developed by Microsoft Corporation in the United States. Common components of this product include Word, Excel, Access, PowerPoint, and FrontPage. There is an access control error vulnerability in Microsoft Office. Attackers utilize this...
Google Chrome 输入验证错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a vulnerability related to input validation. This vulnerability stemmed from insufficient trustworthiness in Skia’s input validation mechanisms, which could allow remote attackers t...
Ivanti Secure Access Client 竞争条件问题漏洞
Ivanti Secure Access Client is a security software client developed by the American company Ivanti. Versions of Ivanti Secure Access Client prior to 22.8R6 contained a race condition vulnerability. This vulnerability was caused by race conditions, which could lead to local authenticated users...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability, which was caused by a heap buffer overflow issue in the ANGLE component. This vulnerability could allow remote attackers to exploit the system through...
OptiMate 安全漏洞
OptiMate is an AI model optimization tool library developed by Nebuly. There is a security vulnerability in OptiMate. This vulnerability stems from the loadmodel function in the neuralmagictraining.py script, which loads the statedict.pt file using torch.load, without enabling the weightsonly=Tru...
Intel QAT software drivers for Windows 代码问题漏洞
Intel QAT software drivers for Windows are a set of encryption and compression hardware acceleration drivers for the Windows platform developed by Intel Corporation. Versions of Intel QAT software drivers for Windows prior to version 1.13 contain a code vulnerability caused by a null pointer...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability, which was caused by a heap buffer overflow in the WebML component. This vulnerability could allow remote attackers to exploit the compromised heap through...
Intel Ethernet 800-Series 资源管理错误漏洞
Intel Ethernet 800-Series is a series of network adapters developed by the American company Intel. Versions prior to 2.3.14 of Intel Ethernet 800-Series contained a resource management vulnerability caused by reusing resources after they were released, which could lead to a denial-of-service atta...
Cribl 安全漏洞
Cribl is a log analysis tool. Versions of Cribl prior to 4.17.1 have security vulnerabilities. There is currently no information regarding these vulnerabilities. Please stay informed by following CNNVD or the vendor’s announcements...
Fortinet FortiTokenAndroid 安全漏洞
Fortinet FortiTokenAndroid is a mobile security authentication application developed by Fortinet, Inc. It provides two-factor authentication and dynamic password generation features. There are security vulnerabilities in all versions of Fortinet FortiTokenAndroid, including 6.2, 6.1, and 5.2. The...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability. This vulnerability stemmed from the reuse of the Google Lens component after its release, potentially allowing remote attackers with access to t...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability caused by a problem with the Dawn object lifecycle. This vulnerability could allow remote attackers to obtain sensitive information from the process memory...
Microsoft Win32k 安全漏洞
Microsoft Win32k is a system file used by Microsoft for multi-user management in Windows operating systems. There are security vulnerabilities in Microsoft Win32k. Attackers can exploit these vulnerabilities to execute code remotely. The following products and versions are affected: Windows 11...
WordPress plugin Coinbase Commerce for Contact Form 7 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...