195539 matches found
Adobe Dreamweaver Desktop 缓冲区错误漏洞
Adobe Dreamweaver Desktop is a web design and development software provided by Adobe, a company based in America. Versions of Adobe Dreamweaver Desktop starting from 21.7 and earlier contain a buffer error vulnerability. This vulnerability stems from accessing uninitialized pointers, which may...
md-fileserver 安全漏洞
md-fileserver is a local Markdown file browser and rendering server developed by Commenthol as an individual project. Versions of md-fileserver prior to 1.10.3 contained security vulnerabilities. These vulnerabilities stemmed from the Markdown rendering logic’s failure to clean up the embedded...
Microsoft Live Share Canvas SDK 跨站脚本漏洞
The Microsoft Live Share Canvas SDK is an optional extension from the American company Microsoft. It is designed specifically to help developers easily add real-time, multi-person collaborative digital whiteboards or drawing boards into Microsoft Teams meeting applications. The Microsoft Live Sha...
Adobe Experience Manager 跨站脚本漏洞
Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among...
Microsoft Office Excel 缓冲区错误漏洞
Microsoft Excel is a spreadsheet software within the Office suite developed by the American company Microsoft. There is a code execution vulnerability in Microsoft Excel, and attackers can exploit this vulnerability to execute arbitrary code on the system...
Adobe InDesign Desktop 安全漏洞
Adobe InDesign Desktop is a professional desktop publishing and page layout design software. Adobe InDesign Desktop has a heap buffer overflow vulnerability. This vulnerability arises because the program fails to properly handle data in malicious files. Attackers can exploit this vulnerability by...
Microsoft Windows TCP/IP 缓冲区错误漏洞
Microsoft Windows TCP/IP is a component provided by Microsoft Corporation that offers TCP/IP configuration functions for Windows. There are security vulnerabilities present in Microsoft Windows TCP/IP. The following products and versions are affected: Windows Server 2022, Windows Server 2022 Serv...
Microsoft Office 缓冲区错误漏洞
Microsoft Office is a suite of office software products developed by Microsoft Corporation in the United States. Common components of this product include Word, Excel, Access, PowerPoint, and FrontPage. There is a security vulnerability in Microsoft Office, which stems from excessive reading of...
Microsoft Windows Secure Boot 权限许可和访问控制问题漏洞
Microsoft Windows Secure Boot is a security boot feature provided by the American company Microsoft. There is an access control error vulnerability in Microsoft Windows Secure Boot. Attackers can exploit this vulnerability to bypass certain features. The following products and versions are...
Microsoft Office Excel 缓冲区错误漏洞
Microsoft Excel is a spreadsheet software within the Office suite developed by the American company Microsoft. There is an information leakage vulnerability in Microsoft Excel, and attackers can exploit this vulnerability to obtain sensitive information...
DesDev DedeCMS 安全漏洞
DesDev DedeCMS is an open-source content management system CMS developed by DesDev Corporation in China. It is built using PHP. This system offers functions such as content publishing, content management, content editing, and content retrieval. Version 5.7.118 of DesDev DedeCMS contains a securit...
Adobe Acrobat Reader 代码问题漏洞
Adobe Acrobat Reader is a PDF viewer developed by Adobe Inc. in the United States. This software is used for printing, signing, and annotating PDF documents. Versions of Adobe Acrobat Reader such as 24.001.30365, 26.001.21651, and earlier versions have code vulnerabilities. These vulnerabilities...
Microsoft Windows Bluetooth Service 资源管理错误漏洞
The Microsoft Windows Bluetooth Service is a Bluetooth driver provided by the American company Microsoft. The Microsoft Windows Bluetooth Service has a resource management vulnerability. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are...
Microsoft Remote Desktop Client 资源管理错误漏洞
Microsoft Remote Desktop Client is a remote desktop client developed by Microsoft Corporation. There is a resource management vulnerability in Microsoft Remote Desktop Client. Attackers can exploit this vulnerability to execute code remotely. The following products and versions are affected:...
Adobe Experience Manager 跨站脚本漏洞
Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...
Microsoft Hyper-V 缓冲区错误漏洞
Microsoft Hyper-V is an application developed by Microsoft Corporation in the United States. It is a system management program that enables desktop virtualization. There are security vulnerabilities in Microsoft Hyper-V. Attackers can exploit these vulnerabilities to execute code. The following...
OpenSSL 缓冲区错误漏洞
OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...
MongoDB Server 日志信息泄露漏洞
MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a vulnerability in MongoDB Server where log information may be leaked...
Adobe Experience Manager 跨站脚本漏洞
Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...
Adobe Experience Manager 跨站脚本漏洞
Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...
Microsoft PC Manager 权限许可和访问控制问题漏洞
Microsoft PC Manager is a computer management software developed by Microsoft Corporation. It offers features such as one-click acceleration, system space management, pop-up management, and comprehensive health checks. However, Microsoft PC Manager has an access control vulnerability. Attackers c...
Adobe Experience Manager 跨站脚本漏洞
Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...
TYPO3 CMS 路径遍历漏洞
TYPO3 CMS is a content management system developed under the TYPO3 open source framework. Versions 11.0.0 to 11.5.50, 12.0.0 to 12.4.45, 13.0.0 to 13.4.30, and 14.0.0 to 14.3.2 of TYPO3 CMS contain a path traversal vulnerability. This vulnerability arises from backend users with file download...
AgentChat 安全漏洞
AgentChat is a multi-agent collaborative dialogue system based on large language models, developed by Shy25936636669. Version 2.3.0 of AgentChat contains a security vulnerability. This vulnerability stems from the/api/v1/user/info endpoint, which exposes information leakage vulnerabilities...
SAP S/4HANA SQL注入漏洞
SAP S/4HANA is a enterprise resource management software developed by SAP, a German company, based on the SAP HANA memory database system. SAP S/4HANA has a SQL injection vulnerability, which stems from SQL injections in remote enabled module components, potentially allowing unauthorized database...
SAP NetWeaver ABAP Platform 安全漏洞
SAP NetWeaver ABAP Platform is an integrated technology platform developed by the German company SAP. There is a security vulnerability in SAP NetWeaver ABAP Platform, which stems from the lack of necessary authorization checks for authenticated users. This vulnerability could allow attackers to...
Adobe Experience Manager 跨站脚本漏洞
Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among...
Tenda G0 安全漏洞
Tenda G0 is a router produced by the Chinese company Tenda. The version 15.11.0.5 of Tenda G0 contains a security vulnerability. This vulnerability stems from a buffer overflow in the portalAuth parameter of the formPortalAuth function, which could allow attackers to cause denial-of-service attac...
Microsoft Windows BitLocker 处理逻辑错误漏洞
Microsoft Windows BitLocker is a security feature provided by Microsoft that ensures the recovery key is backed up and secure before it is activated. However, Microsoft Windows BitLocker has security vulnerabilities. Attackers can exploit these vulnerabilities to bypass certain features. The...
WordPress plugin Enable Media Replace 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
microsoft windows common log file system driver 资源管理错误漏洞
The Microsoft Windows Common Log File System Driver provides a high-performance, general-purpose log file subsystem. Dedicated client applications can utilize this subsystem, and multiple clients can share it to optimize log access. The Microsoft Windows Common Log File System Driver has a resour...
Adobe Substance3D Sampler 缓冲区错误漏洞
Adobe Substance3D Sampler is a rendering software for 3D scenes developed by Adobe Inc. Versions of Adobe Substance3D Sampler 6.0.0 and earlier contain a buffer error vulnerability. This vulnerability stems from an out-of-bounds write vulnerability, which could allow arbitrary code to be executed...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the tunxdpone function not releasing the page allocated by vhostnetbuildxdp when short frames are...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the tunxdpone function failing when buildskb does not release the pages allocated by...
Microsoft Windows Shell 信息泄露漏洞
Microsoft Windows Shell is the graphical user interface of the Windows operating system developed by Microsoft Corporation. Key elements of the Windows Shell include the desktop, taskbar, start menu, task switcher, and autoplay features. There is an information leakage vulnerability present in...
Microsoft Windows DHCP Server 缓冲区错误漏洞
Microsoft Windows DHCP Server is a core service of the American company Microsoft, used for automatically retrieving network configuration information. There are security vulnerabilities in Microsoft Windows DHCP Server. Attackers can exploit these vulnerabilities to execute code. The following...
awxkit 路径遍历漏洞
awxkit is an open-source command-line tool developed by Ansible. Awxkit has a path traversal vulnerability, which stems from the YAML !include directive not clearing file paths properly. This vulnerability could allow attackers to read any YAML format file from the local file system through a...
Tenda W3 Wireless Router 安全漏洞
The Tenda W3 is a wireless access point device from the Chinese company Tenda. Version 1.0.0.32204 of the Tenda W3 Wireless Router contains a security vulnerability. This vulnerability stems from an stack overflow in the wlradio parameter within the formwrlSSIDset function, which could allow...
Svelte 跨站脚本漏洞
Svelte is an open-source approach to building web applications. Versions of Svelte prior to 5.55.7 contained a cross-site scripting vulnerability. This vulnerability stemmed from the use of extended syntax for rendering untrusted data, causing event handling properties to be included in the HTML...
microsoft windows kerberos 缓冲区错误漏洞
Microsoft Windows Kerberos is a software developed by Microsoft for authentication in network clusters. As a network authentication protocol, its primary goal is to provide robust authentication services for client/server applications through a key system. There is a buffer error vulnerability...
Adobe Campaign Classic 代码问题漏洞
Adobe Campaign Classic is a enterprise-level marketing automation and campaign management platform developed by Adobe Inc. Versions of Adobe Campaign Classic 7.4.3 build 9394 and earlier have code vulnerabilities that stem from server-side request forgery, which may lead to privilege escalation...
Tenda W15E 安全漏洞
The Tenda W15E is a wireless router produced by the Chinese company Tenda. The version 15.11.0.10 of the Tenda W15E contains a security vulnerability. This vulnerability stems from a buffer overflow in the picCropName parameter of the formCropAndSetWewifiPic function, which could allow attackers ...
Adobe ColdFusion 输入验证错误漏洞
Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.19, 2025.8, and earlier have code vulnerabilities. These vulnerabilities stem from...
Tenda W3 安全漏洞
The Tenda W3 is a wireless access point device produced by the Chinese company Tenda. Version 1.0.0.32204 of the Tenda W3 Wireless Router contains a security vulnerability. This vulnerability stems from a stack overflow in the param1 parameter within the formSetCfm function, which could allow...
Adobe InDesign Desktop 缓冲区错误漏洞
Adobe InDesign Desktop is a professional desktop publishing and typesetting design software, primarily used for creating print and digital publications. There is a security vulnerability in Adobe InDesign Desktop, which stems from improper handling of data writing boundaries. Attackers can exploi...
Microsoft Windows Kerberos 数字错误漏洞
Microsoft Windows Kerberos is a software developed by Microsoft for authentication in network clusters. As a network authentication protocol, Kerberos aims to provide robust authentication services for client/server applications through a key system. There is an input validation vulnerability in...
Adobe Experience Manager 跨站脚本漏洞
Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...
OpenSSL 缓冲区错误漏洞
OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...
Huawei EMUI和Huawei HarmonyOS 输入验证错误漏洞
Huawei HarmonyOS EMUI is a microkernel-based distributed operating system developed by Huawei, offering seamless collaboration across devices. There are input validation vulnerabilities in Huawei EMUI and Huawei HarmonyOS. These vulnerabilities stem from the log service’s failure to properly hand...
Siemens SIMATIC WinCC Unified PC Runtime 安全漏洞
Siemens SIMATIC WinCC Unified PC Runtime is an industrial automation and SCADA system interface and monitoring platform developed by Siemens, a German company. Versions of Siemens SIMATIC WinCC Unified PC Runtime such as V16, V17, V18, V19, V20, and V21 Update 2 contain security vulnerabilities...