195539 matches found
Google Chrome 输入验证错误漏洞
Google Chrome is a web browser developed by the American company Google. Google Chrome has a vulnerability related to input validation, which stems from Skia’s insufficient validation of untrusted inputs...
Bludit 安全漏洞
Bludit is an open-source, lightweight blog content management system developed by Bludit. Versions of Bludit prior to 3.22.0 contained security vulnerabilities. These vulnerabilities stemmed from a flaw in the user management logic: when accounts were disabled, persistent authentication tokens we...
CodeAstro Leave Management System 注入漏洞
The CodeAstro Leave Management System is a leave management system developed by CodeAstro Inc. Version 1.0 of the CodeAstro Leave Management System has a SQL injection vulnerability, which stems from the handling of the typeofleave parameter in the file/admin/addleave.php. Attackers can launch...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reusing of resources after they are released...
Google Chrome 缓冲区错误漏洞
Google Chrome is a web browser developed by Google Inc. of the United States. Google Chrome has a buffer overflow vulnerability, which stems from excessive reading and writing operations related to Media...
Google Chrome 输入验证错误漏洞
Google Chrome is a web browser developed by the American company Google. Google Chrome has a vulnerability related to input validation, which stems from Dawn’s insufficient validation of unreliable inputs...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. Google Chrome has a security vulnerability, which stems from a liyuv integer overflow...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper handling of multiple synchronization extensions in DRM v3D, potentially leading to...
Flowise 安全漏洞
Flowise is an open-source tool developed by FlowiseAI, designed for easily building LLM applications. Versions of Flowise prior to 3.1.2 contained a security vulnerability. This vulnerability stemmed from a batch assignment issue during the creation and updating of assistants, which could lead to...
D-Link DCS-5615 安全漏洞
The D-Link DCS-5615 is a high-speed network dome camera produced by D-Link Corporation. Version 1.01.00 of the D-Link DCS-5615 contains a security vulnerability. This vulnerability stems from incorrect operations with the file /etc/conf.d/boa/boa.conf in the Boa Webserver component, which may lea...
Code-Projects Simple Flight Ticket Booking System 注入漏洞
Code-Projects Simple Flight Ticket Booking System is a simple airline ticket booking system developed by Code-Projects. Version 1.0 of the code-projects Simple Flight Ticket Booking System has a vulnerability due to incorrect handling of the Username parameter in the POST Parameter Handler...
Google Chrome 输入验证错误漏洞
Google Chrome is a web browser developed by Google Inc. of the United States. Google Chrome has a vulnerability related to input validation, which stems from insufficient validation of untrusted inputs...
Tenda多款产品 缓冲区错误漏洞
Tenda HG10, etc., are products of the Chinese company Tenda. The Tenda HG10 is a fiber-optic router. The Tenda HG9 is a WiFi router. The Tenda HG7 is a dual-band Wi-Fi fiber network terminal device. Several Tenda products have a buffer error vulnerability. This vulnerability stems from improper...
student_management_system 安全漏洞
studentmanagementsystem is a student information management tool personally developed by Vivek Singh. There is a security vulnerability in studentmanagementsystem, which stems from improper handling of functions in the /add.php file within the Student Record Handler component. This may lead to...
Devolutions Server 命令注入漏洞
Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server such as 2026.2.4.0, 2026.1.20.0, and earlier versions had a vulnerability related to...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the drm/vkms module’s conversion of the vblank timer into DRM. This conversion removes the...
Snipe-IT 安全漏洞
Snipe-IT is a set of open-source IT asset/license management systems developed by Grokability. Versions of Snipe-IT prior to 8.6.0 contained security vulnerabilities. These vulnerabilities stemmed from the ability for non-administrator users to have the "users.edit" permission, allowing them to...
Fides 跨站脚本漏洞
Fides is an open-source privacy engineering platform developed by Ethyca, used to manage the implementation of data privacy requests in the runtime environment and the enforcement of privacy regulations within code. Versions of Fides from 2.33.0 to 2.84.5 contained a cross-site scripting...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reuse of resources after a Proxy is released...
Google Chrome 代码注入漏洞
Google Chrome is a web browser developed by Google Inc. of the United States. Google Chrome has a code injection vulnerability, which stems from issues with the lifecycle of SVG objects...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reuse of resources after File Input is released...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reuse of resources after a guest view is released...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reusing of resources after they are released...
JeecgBoot 输入验证错误漏洞
JeecgBoot is a Java low-code platform developed by Jeecg Corporation, designed for enterprise web applications. JeecgBoot versions 3.9.2 and earlier contained a vulnerability related to input validation errors. This vulnerability originated from a function in the Third-Party Login component,...
Flowise 访问控制错误漏洞
Flowise is an open-source tool developed by FlowiseAI, designed for easily building LLM applications. Versions of Flowise prior to 3.1.2 contained a access control vulnerability. This vulnerability stemmed from insufficient server-side verification and authorization checks at the chat stream upda...
Google Chrome 输入验证错误漏洞
Google Chrome is a web browser developed by Google Inc. of the United States. Google Chrome has a vulnerability related to input validation, which stems from insufficient validation of untrusted inputs by the New Tab Page...
Tenda HG7 缓冲区错误漏洞
The Tenda HG7 is a dual-band Wi-Fi optical network terminal device from the Chinese company Tenda. The Tenda HG7 300001138enxpon version has a buffer error vulnerability. This vulnerability stems from an error in the function aspvoipOtherSet in the Web Management Interface component, where the...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reusing of resources after they are released...
Flowise 安全漏洞
Flowise is an open-source tool developed by FlowiseAI, designed for easily building LLM applications. Versions of Flowise prior to 3.1.2 contained security vulnerabilities. These vulnerabilities stemmed from issues with batch assignment during the creation and updating of CustomTemplates, which...
SourceCodester Inventory System 跨站脚本漏洞
The SourceCodester Inventory System is an open-source inventory system developed by SourceCodester. Version 1.0 of the SourceCodester Inventory System has a cross-site scripting vulnerability. This vulnerability stems from the handling of parameters fullname and username in the users.php componen...
CodeAstro Student Attendance Management System 注入漏洞
CodeAstro Student Attendance Management System is a student attendance management system developed by CodeAstro Inc. Version 1.0 of the CodeAstro Student Attendance Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter className in...
Apache HTTP Server 安全漏洞
Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. Apache HTTP Server versions 2.4.67 and earlier have security vulnerabilities, which stem from...
Flowise 访问控制错误漏洞
Flowise is an open-source tool developed by FlowiseAI, designed for easily building LLM applications. Versions of Flowise prior to 3.1.2 contained a access control vulnerability. This vulnerability stemmed from a lack of server-side verification and authorization checks at the variable update...
Apache HTTP Server 安全漏洞
Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. There were security vulnerabilities in Apache HTTP Server versions 2.4.0 to 2.4.67. These...
WordPress plugin Recipe Card Blocks Lite 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reuse of resources after Ozone is released...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. of the United States. Google Chrome has a resource management vulnerability that stems from the reuse of resources after they are released by ServiceWorker...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reusing of resources after they are released...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reusing of resources after they are released...
QloApps 跨站脚本漏洞
QloApps is an open-source hotel management and reservation system developed by QloApps. Versions of QloApps 1.7.0 and earlier contained a cross-site scripting vulnerability. This vulnerability stemmed from a storage-based cross-site scripting vulnerability in the administrator’s file manager. It...
CodeAstro Leave Management System 注入漏洞
The CodeAstro Leave Management System is a leave management system developed by CodeAstro Inc. Version 1.0 of the CodeAstro Leave Management System has a SQL injection vulnerability. This vulnerability stems from the handling of the parameter “Name” in the file/admin/searchstafffordeletion.php,...
tiny-regex-c 资源管理错误漏洞
tiny-regex-c is a lightweight regular expression parsing library developed by Kokke. There is a resource management vulnerability in tiny-regex-c, which stems from improper operation of the matchstar function in the pattern processing component of the file re.c. This vulnerability may lead to...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. There is a security vulnerability in Google Chrome, which stems from insufficient implementation of network policies...
Imagination Graphics DDK 安全漏洞
Imagination Graphics DDK is a GPU driver toolkit developed by the British company Imagination. There is a security vulnerability in Imagination Graphics DDK. This vulnerability arises from software installed and executed by non-privileged users, which may perform improper GPU system calls, thereb...
NLnet Labs Routinator 安全漏洞
NLnet Labs Routinator is an open-source RPKI routing origin verification service developed by NLnet Labs. There is a security vulnerability in NLnet Labs Routinator, which may lead to crashes when encountering files defined using a special document type via RRDP...
SourceCodester Class and Exam Timetabling System 注入漏洞
SourceCodester Class and Exam Timetabling System is an open-source classroom and exam scheduling system developed by SourceCodester. Version 1.0 of the SourceCodester Class and Exam Timetabling System has a SQL injection vulnerability, which arises from incorrect handling of the parameter "sy" in...
Gun 访问控制错误漏洞
Gun is an open-source Erlang HTTP client developed by Nine Nines that supports HTTP/1.1, HTTP/2, and WebSocket. In versions 2.0.0 to 2.4.0 of Gun, there was a access control vulnerability. This vulnerability stemmed from a source validation error in the gunhttp2 module, which could allow...
Apache Cordova Plugin InAppBrowser 输入验证错误漏洞
Apache Cordova Plugin InAppBrowser is an embedded browser plugin developed by the Apache Foundation. Versions 3.1.0 to 6.0.0 of Apache Cordova Plugin InAppBrowser contain a vulnerability related to input validation errors. This vulnerability stems from insufficient format validation of the id fie...
TOTOLINK CP450 安全漏洞
TOTOLINK CP450 is an outdoor wireless customer terminal device developed by TOTOLINK Corporation. It is primarily used to provide wireless broadband access services, especially suitable for wireless network coverage in rural or remote areas. The TOTOLINK CP450 version 4.1.0cu.747 contains a...
WordPress plugin Stripe Payments 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...