195539 matches found
kimai 安全漏洞
Kimai is a web-based, multi-user time tracking application developed by Kimai’s individual developers. Versions of Kimai prior to 2.54.0 contained security vulnerabilities. These vulnerabilities were caused by incorrect annotations used for the Team API endpoints, which led to TeamVoter abstentio...
ELADMIN 安全漏洞
ELADMIN is a backend management system developed by elunez himself. Versions of ELADMIN 2.7 and earlier had security vulnerabilities. These vulnerabilities stemmed from an improper access control caused by the checkLevel operation in the Users API Endpoint component’s /file/rest/UserController.ja...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incomplete retention of Gunyah metadata in the device tree of Qualcomm Monaco platform devices. The...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the gethfree function in the USB gadget subset not decrementing the reference count. As a result,...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of mutual exclusion protection for class/subclass/protocol options in USB Gadget FRNDIS...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the COMEDI device does not reinitialize dev-spinlock when reattaching different underlyin...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper acquisition and release of the reserved lock on the GEM object before and after the amadvi...
Apache CloudStack 代码注入漏洞
Apache CloudStack is an IaaS cloud computing platform developed by the Apache Foundation in the United States. This platform is primarily used for deploying and managing large-scale virtual machine networks. Apache CloudStack has a code injection vulnerability, which stems from a lack of filename...
Apache CloudStack 安全漏洞
Apache CloudStack is an IaaS cloud computing platform developed by the Apache Foundation in the United States. This platform is primarily used for deploying and managing large-scale virtual machine networks. There is a security vulnerability in Apache CloudStack, which stems from the lack of MinI...
AstrBot 安全漏洞
AstrBot is an open-source multi-platform LLM chatbot and development framework created by AstrBot. Version 3.5.15 of AstrBot contains a security vulnerability, which stems from the use of hard-coded private keys for signing JWTs...
Yeti Platform 代码注入漏洞
Yeti Platform is an open-source daily threat intelligence platform developed by Yeti Platform. Versions of Yeti Platform prior to 2.1.12 contained a code injection vulnerability. This vulnerability stemmed from server-side template injection during the custom template export function, which could...
Open5GS 安全漏洞
Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities. These vulnerabilities stem from the function ogssbistreamfindbyid in the component NSSF...
novaGallery 路径遍历漏洞
novaGallery is an open-source PHP image gallery tool developed by novafacile OÜ, which does not require a database. Versions of novaGallery prior to 2.1.1 contained a path traversal vulnerability. This vulnerability stems from path traversal attacks, potentially allowing unverified users to acces...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the XDP multiple buffer fragment count in the net mlx5e RX component. This count does not correct...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the spirockchip-sfc component calling spiunregistercontroller in the remove callback, resulting in doub...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition in the nvmepollirqdisable function within nvme-pci. This vulnerability may lead ...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which arises from an error in setting servicewq to null when using net mana. This error may lead to double destruction a...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of checks for vma ownership in rustbinder, allowing pages to be installed into the wrong...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the USB Yurex driver’s detection process. During this process, the BBU members are not set to an...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the usb gadget fncm driver. When the connection is disconnected, the network device’s lifecycle...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the cephmdscbuildpath function not releasing the path pointer obtained through getname, resulting...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the stratix10-rsu driver’s ability to dereference null pointers when the RSU is not enabled,...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in the path handling after adding a bridge using the samsungdsimhostattach function. Thi...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from insufficient validation of the data length in the rtwgetieex function, potentially leading to...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an incorrect PTP IRQ setting that fails to release the IRQ mapping, potentially leading to resour...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the possibility of overflowing the length of shared memory lists, potentially leading to an unexpected...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from race conditions in the DMA ring dequeuing path. This could lead to interference between multiple...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of vgicallocateprivateirqslocked in the KVM ARM64 virtual GIC, causing it to exit...
Nhost 授权问题漏洞
Nhost is an open-source backend service platform developed by Nhost. Versions of Nhost prior to 0.49.1 contained an authorization vulnerability. This vulnerability stemmed from the automatic matching of email addresses during OAuth authentication. However, some provider adapters failed to properl...
ASUS System Control Interface 缓冲区错误漏洞
ASUS System Control Interface is a computer system control interface developed by ASUS, a Chinese company. There is a buffer overflow vulnerability in the ASUS System Control Interface. This vulnerability arises from reading sizes that exceed the size of the buffer within the IOCTL handler, which...
Code-Projects Simple Chat System 注入漏洞
Code-Projects Simple Chat System is an easy-to-use chat system developed by Code-Projects as open source. Version 1.0 of Code-Projects Simple Chat System has a SQL injection vulnerability, which arises from the validations of the parameters type/length/business in the sendMessage.php file,...
OpenStack Ironic 安全漏洞
OpenStack Ironic is an integrated OpenStack application developed under the OpenStack open source framework. It is used to configure bare machines rather than virtual machines. OpenStack Ironic versions 35.x and earlier contain security vulnerabilities, which stem from the instanceinfokstemplate...
WordPress plugin OttoKit: All-in-One Automation Platform SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
SEPPmail Secure Email Gateway 安全漏洞
SEPPmail Secure Email Gateway is an email security gateway developed by the German company SEPPmail. Versions of SEPPmail Secure Email Gateway prior to version 15.0.4 contained security vulnerabilities. These vulnerabilities stemmed from the lack of authorization checks for multiple endpoints in...
SourceCodester SUP Online Shopping 注入漏洞
SourceCodester SUP Online Shopping is an open-source online shopping system developed by SourceCodester. Version 1.0 of SourceCodester SUP Online Shopping has a SQL injection vulnerability, which arises from the parameter manipulation in the file wishlist.php, potentially leading to remote attack...
Roadiz Document base system 数据伪造问题漏洞
The Roadiz Document Base System is an open-source HTML template rendering system based on documents developed by Roadiz. Versions prior to 2.3.43, 2.5.45, 2.6.31, and 2.7.18 of the Roadiz Document Base System had data manipulation vulnerabilities. These vulnerabilities stemmed from the use of OID...
xiaozhi-mcphub 路径遍历漏洞
xiaozhi-mcphub is an MCP tool bridge and multi-endpoint management tool adapted to Xiaozhi AI platform by Junsen Huang's personal developer. A path traversal vulnerability exists in xiaozhi-mcphub 1.0.3 and earlier versions, which originates from the operation of the parameter manifest.name in th...
cPanel 安全漏洞
cPanel is a web-based automated hosting platform developed by the cPanel company in the United States. This platform is primarily used for automating the management of websites and servers. cPanel has security vulnerabilities; these vulnerabilities stem from the fact that the chmod calls in...
Open5GS 安全漏洞
Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities. These vulnerabilities stem from the function ogssbidiscoveryoptionaddservicenames in the compone...
Control Web Panel 操作系统命令注入漏洞
Control Web Panel is a Linux virtual host control panel. Versions of Control Web Panel prior to 0.9.8.1209 contained a vulnerability related to operating system command injection. This vulnerability stemmed from improper handling of the key parameter in /admin/index.php, allowing unauthenticated...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an issue with NCI packet parameter validation. This vulnerability may lead to communication failures...
Legion of the Bouncy Castle BC-FJA 安全漏洞
The Legion of the Bouncy Castle BC-FJA is a set of encryption library components provided by the Australian company Legion of the Bouncy Castle. These components offer high-intensity encryption algorithms and security certification capabilities. The Legion of the Bouncy Castle BC-FJA has a securi...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an insufficiently strict check on the number of hardware in the netfilter flowtable. This issue may...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, stemming from an initialization order issue with ext4percpuparaminit, which could lead to system crashes...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from insufficient bounds checking for the chipid in the solo6x10 driver. This vulnerability may lead t...
Vim 操作系统命令注入漏洞
Vim is an open-source, cross-platform text editor developed by Vim developers. Versions of Vim prior to 9.2.0383 contained a vulnerability related to operating system command injection. This vulnerability stemmed from the netrw standard plugin, which allowed for OS command injection. This could...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which triggers a WARN message when the nvmsetnestedstate function fails. This vulnerability can be easily exploite...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a project overflow when ioctl commands are received, leading to transaction termination and...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the USB Renesas USBH driver. When a device is removed, the interrupt handler remains registered,...
1C-Bitrix 安全漏洞
1C-Bitrix is a website platform system developed by the Russian company 1C-Bitrix. It integrates content management, e-commerce, and enterprise portal functions. Versions of 1C-Bitrix 25.100.500 and earlier contained security vulnerabilities. These vulnerabilities stemmed from users with the RIGH...