195539 matches found
Microsoft Office Word 资源管理错误漏洞
Microsoft Office Word is a word processing software developed by Microsoft. There is a resource management vulnerability in Microsoft Office Word, which stems from an untrusted pointer dereferencing. This vulnerability may allow unauthorized attackers to execute code locally...
AMD secure processor 安全漏洞
The AMD Secure Processor ASP is an independent ARM Coretex-A5 chip developed by American semiconductor company AMD. The AMD Secure Processor has a security vulnerability, which stems from improper access control of the input/output memory management unit’s register interfaces. This vulnerability...
Adobe Experience Manager 跨站脚本漏洞
Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...
GPAC MP4Box 资源管理错误漏洞
GPAC MP4Box is a open-source multimedia packager from GPAC. It is primarily used for processing ISOBMF files such as MP4 and 3GP, but it can also be used for importing/exporting media from container files like AVI, MPG, MKV, and MPEG-2 TS. Version 2.4 of GPAC MP4Box has a resource management...
TYPO3 CMS 安全漏洞
TYPO3 CMS is a content management system developed under the TYPO3 open source framework. Security vulnerabilities existed in versions prior to TYPO3 CMS 10.4.57, as well as in versions 11.0.0 to 11.5.51, 12.0.0 to 12.4.46, 13.0.0 to 13.4.31, and 14.0.0 to 14.3.3. These vulnerabilities stemmed fr...
Kangda Xin DR300 安全漏洞
Kangda Xin DR300 is a wireless router produced by Kangda Xin Corporation. The Kangda Xin DR300 version 2.1.2.121 has a security vulnerability. This vulnerability stems from the inclusion of hardcoded login credentials, with telnet being enabled by default. It may allow attackers to read memory,...
SAP NetWeaver ABAP Platform 安全漏洞
SAP NetWeaver ABAP Platform is an integrated technology platform developed by the German company SAP. There is a security vulnerability in SAP NetWeaver ABAP Platform, which stems from improper validation of RFC protocols. This vulnerability allows unauthorized attackers to send specially crafted...
Adobe Experience Manager 跨站脚本漏洞
Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...
OpenSSL 缓冲区错误漏洞
OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...
Huawei EMUI和Huawei HarmonyOS 安全漏洞
Huawei EMUI and Huawei HarmonyOS are both products of the Chinese company Huawei. Huawei EMUI is a mobile operating system developed based on Android. Huawei HarmonyOS is an operating system that provides a full-scenario distributed operating system based on a microkernel. Both Huawei EMUI and...
NETGEAR Routers 信息泄露漏洞
NETGEAR Routers are a series of routers produced by NETGEAR, a company in the United States. NETGEAR Routers have a vulnerability related to information leakage. This vulnerability can allow users connected to the network to gain administrative access to Orbi routers. The following products are...
Microsoft Remote Desktop Client for Windows Desktop 资源管理错误漏洞
Microsoft Remote Desktop Client is a remote desktop client developed by Microsoft Corporation. There is a resource management vulnerability in Microsoft Remote Desktop Client. Attackers can exploit this vulnerability to execute code. The following products and versions are affected: Windows Serve...
Microsoft Excel for Android 权限许可和访问控制问题漏洞
Microsoft Office is a suite of office software products developed by Microsoft Corporation in the United States. Common components of this product include Word, Excel, Access, PowerPoint, and FrontPage. There is an access control error vulnerability in Microsoft Office. Attackers utilize this...
Microsoft Windows Application Identity (AppID) Subsystem 缓冲区错误漏洞
Microsoft Windows is an operating system used by personal devices by the American company Microsoft. Microsoft Windows has a buffer error vulnerability. Attackers can exploit this vulnerability to obtain sensitive information. The following products and versions are affected: Windows 11 Version...
Adobe Acrobat Reader 安全漏洞
Adobe Acrobat Reader is a PDF viewer developed by Adobe Inc. in the United States. This software is used for printing, signing, and annotating PDF documents. Versions of Adobe Acrobat Reader such as 24.001.30365, 26.001.21651, and earlier versions have security vulnerabilities. These...
WordPress plugin TinyMCE shortcode Addon 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
Catalyst-Plugin-Authentication 授权问题漏洞
Catalyst-Plugin-Authentication is an open-source authentication plugin framework developed by Catalyst. Versions of Catalyst-Plugin-Authentication prior to 0.10027 contained vulnerabilities related to authorization. These vulnerabilities stemmed from the lack of automatic session ID changes after...
WordPress plugin RomanCart Ecommerce 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
Microsoft DWM Core Library 资源管理错误漏洞
The Microsoft DWM Core Library is a core library of Microsoft Windows from the company Microsoft. There is a resource management vulnerability in the Microsoft DWM Core Library. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are affected:...
Huawei HarmonyOS 路径遍历漏洞
Huawei HarmonyOS is an operating system developed by Chinese company Huawei. It is a full-scenario distributed operating system based on a microkernel architecture. The Huawei HarmonyOS SMS app contains a path traversal vulnerability, which can be exploited by attackers to compromise the system’s...
FreeSWITCH 资源管理错误漏洞
FreeSWITCH is a free and open-source communication software developed by Anthony Minessale, an individual developer from the United States. This software can be used to create audio, video, and short message-based products and applications. Prior to FreeSWITCH version 1.11.1, there was a resource...
Malwarebytes 安全漏洞
Malwarebytes is an application software developed by the American company Malwarebytes, which provides anti-malware capabilities for devices. This software is designed to protect against viruses, spyware, Trojan horses, worms, dialers, and other malicious software. Versions of Malwarebytes 4.x an...
TYPO3 CMS 安全漏洞
TYPO3 CMS is a content management system developed under the TYPO3 open source framework. There is a security vulnerability in TYPO3 CMS, which allows backend users with access to the Recycler module to restore unauthorized pages or soft-deleted records on tables. The following versions are...
Microsoft Exchange Server 跨站脚本漏洞
Microsoft Exchange Server is a email service program provided by the American company Microsoft. It offers features such as email access, storage, forwarding, voicemail handling, and email filtering. There are code vulnerabilities in Microsoft Exchange Server. Attackers can exploit these...
Siemens SINEC INS 操作系统命令注入漏洞
Siemens SINEC INS is a software developed by Siemens, a German company, that provides central services for network infrastructure. Versions of Siemens SINEC INS prior to SINEC INS V1.0 SP2 Update 6 contained a vulnerability related to operating system command injection. This vulnerability stemmed...
Microsoft Azure Stack Edge 跨站脚本漏洞
Microsoft Azure Stack Edge is a Azure-hosted device by Microsoft that integrates Azure computing, storage, and intelligent features at the edge. Microsoft Azure Stack Edge has a cross-site scripting vulnerability. Attackers can exploit this vulnerability to perform phishing attacks...
Tenda W3 Wireless Router 安全漏洞
The Tenda W3 is a wireless access point device produced by the Chinese company Tenda. Version 1.0.0.32204 of the Tenda W3 Wireless Router contains a security vulnerability. This vulnerability stems from multiple stack overflows in the username and password parameters within the...
Adobe Experience Manager 跨站脚本漏洞
Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...
Microsoft Office Sharepoint Server 跨站脚本漏洞
Microsoft Office SharePoint is an enterprise content collaboration and document management platform developed by the American company Microsoft. Microsoft Office SharePoint has a cross-site scripting vulnerability, which stems from improper input during the web page generation process. This...
Adobe Substance3D Sampler 缓冲区错误漏洞
Adobe Substance3D Sampler is a rendering software for 3D scenes developed by Adobe Inc. Adobe Substance3D Sampler has a out-of-bounds write vulnerability, allowing attackers to execute arbitrary code within the current user environment...
Microsoft Windows Secure Boot 处理逻辑错误漏洞
Microsoft Windows Secure Boot is a security boot mechanism provided by the American company Microsoft. There are security vulnerabilities associated with Microsoft Windows Secure Boot. Attackers can exploit these vulnerabilities to bypass certain features. The following products and versions are...
AnimatedGIF 安全漏洞
AnimatedGIF is a GIF animation processing library developed by Larry Bank. Version AnimatedGIF v2.2.0 contains a security vulnerability. This vulnerability stems from a buffer overflow in the DecodeLZW function, which could allow remote attackers to exploit the system by using specially crafted G...
MOSK CBS Platform SQL注入漏洞
MOSK CBS Platform is a core banking system developed by MOSK Corporation. Versions of MOSK CBS Platform from 09062026 onward contain SQL injection vulnerabilities. These vulnerabilities stem from improper handling of special elements within SQL commands, which can lead to SQL injections...
LimeSurvey 授权问题漏洞
LimeSurvey PHPSurveyor is a set of open-source online survey programs developed by the LimeSurvey team. It supports functions such as survey program development, survey questionnaire publishing, and data collection. LimeSurvey has an authorization issue vulnerability, which stems from the lack of...
NETGEAR多款产品 输入验证错误漏洞
NETGEAR RAX120 and other wireless routers are products of NETGEAR Corporation. Several NETGEAR products have a vulnerability related to input validation errors. This vulnerability stems from insufficient authentication and input validation, which may allow users with local network access to execu...
VMware Micrometer 资源管理错误漏洞
VMware Micrometer is an application monitoring metric collection framework developed by the American company VMware. Versions 1.16.0 to 1.16.5 and 1.15.0 to 1.15.11 of VMware Micrometer contain resource management vulnerabilities. These vulnerabilities stem from the ability for users to submit...
Adobe Experience Manager 跨站脚本漏洞
Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...
Tenda O3 安全漏洞
The Tenda O3 is an outdoor wireless bridge produced by the Chinese company Tenda. Version 1.0.0.54180 of the Tenda O3 has a security vulnerability. This vulnerability stems from a stack overflow issue with the username parameter in the R7WebsSecurityHandler function, which could allow attackers t...
Microsoft BitLocker 授权问题漏洞
Microsoft Windows BitLocker is a security feature provided by Microsoft that ensures the recovery key is backed up and secure before it is activated. There is an access control vulnerability in Microsoft Windows BitLocker. Attackers can exploit this vulnerability to bypass certain features. The...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of the dmblkreportzones function to test the suspended state of devices without holding a...
Microsoft Visual Studio Code 路径遍历漏洞
Microsoft GitHub Copilot and Visual Studio Code are a set of intelligent coding tools developed by the American company Microsoft. There is a path traversal vulnerability present in Microsoft GitHub Copilot and Visual Studio Code. Attackers can exploit this vulnerability to bypass certain feature...
Adobe Experience Manager 跨站脚本漏洞
Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among...
Adobe Experience Manager 输入验证错误漏洞
Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among...
Adobe Experience Manager 跨站脚本漏洞
Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...
WordPress plugin Product Catalog SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Version...
Microsoft Remote Desktop Client 资源管理错误漏洞
Microsoft Remote Desktop Client is a remote desktop client developed by Microsoft Corporation. There is a resource management vulnerability in Microsoft Remote Desktop Client. Attackers can exploit this vulnerability to execute code. The following products and versions are affected: Windows App...
SAP Business Objects Business Intelligence Platform 访问控制错误漏洞
SAP Business Objects Business Intelligence Platform is a set of business intelligence software and enterprise performance solutions provided by the German company SAP. This product includes features such as report generation, analysis, and data visualization. There is an access control...
Microsoft Winlogon 后置链接漏洞
Microsoft Winlogon is a component built into the Windows NT series operating system developed by Microsoft. There is a post-release vulnerability in Microsoft Winlogon. Attackers can exploit this vulnerability to gain elevated privileges. The following products and versions are affected: Windows ...
Fortinet FortiOS和Fortinet FortiProxy 安全漏洞
Fortinet FortiOS and Fortinet FortiProxy are products of the American company Fortinet. Fortinet FortiOS is a security operating system specifically designed for the FortiGate network security platform. This system provides users with various security features, including firewalls, antivirus...
Adobe Experience Manager 跨站脚本漏洞
Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...