195539 matches found
Mercusys AC12G 安全漏洞
The Mercusys AC12G is a Gigabit wireless router produced by the Chinese company Mercusys. The Mercusys AC12G EU V1 AC12G EU V1 version released in September 2009 contained security vulnerabilities. These vulnerabilities were caused by the UPnP GetStatusInfo operation, which disclosed the kernel...
Mercusys AC12G 安全漏洞
The Mercusys AC12G is a Gigabit wireless router produced by the Chinese company Mercusys. The Mercusys AC12G EU V1 AC12G EU V1 version has security vulnerabilities. These vulnerabilities stem from unvalidated HTTP header verification, which may allow external attackers to exploit the CORS wildcar...
Cisco Unified Communications Manager 代码问题漏洞
Cisco Unified Communications Manager is a call processing component within the unified communication system developed by Cisco, Inc. This component provides an scalable, distributed, and highly available solution for enterprise IP telephony call processing. There is a code vulnerability in Cisco...
Cisco Webex Meetings 跨站脚本漏洞
Cisco Webex Meetings is a web-based product that provides online meetings, video conferencing, and collaboration features. Cisco Webex Meetings has a cross-site scripting vulnerability. This vulnerability stems from insufficient validation of user input. An attacker can exploit this vulnerability...
Cisco Finesse 安全漏洞
Cisco Finesse is a call center management software developed by the American company Cisco. There is a security vulnerability in Cisco Finesse, which stems from insufficient validation of HTTP request inputs provided to users. This vulnerability could allow unauthorized remote attackers to load...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which arises from improper handling when the panthorgpuflushcaches function fails, potentially leading to blocking...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of null pointer checking in the allocworkqueue function. This vulnerability may lead to...
Dräger SC Monitoring devices 安全漏洞
The Dräger SC Monitoring devices are a series of clinical vital signs monitoring devices produced by the German company Dräger. There is a security vulnerability in the Dräger SC Monitoring devices; this vulnerability arises from the possibility of sending malformed network packets, which may cau...
Jupyter Server 安全漏洞
Jupyter Server is an application developed by the Jupyter organization that provides backend services for Jupyter web applications. There are security vulnerabilities in the version of Jupyter Server from 1.12.0 to 2.17.0. These vulnerabilities stem from the use of re.match in CORS source...
GLPI 安全漏洞
GLPI is an open-source IT and asset management software developed by GLPI. This software provides a comprehensive IT resource management interface, allowing you to create databases to manage various IT assets such as computers, monitors, servers, printers, network devices, telephones, and even...
GLPI 安全漏洞
GLPI is an open-source IT and asset management software developed by GLPI. This software provides a comprehensive IT resource management interface, allowing you to create databases to manage various IT assets such as computers, monitors, servers, printers, network devices, telephones, and even...
GLPI 安全漏洞
GLPI is an open-source IT and asset management software developed by GLPI. This software provides a comprehensive IT resource management interface, allowing you to create databases for managing various IT assets such as computers, monitors, servers, printers, network devices, telephones, and even...
GLPI 安全漏洞
GLPI is an open-source IT and asset management software developed by GLPI. This software provides a comprehensive IT resource management interface, allowing you to create databases to manage various IT assets such as computers, monitors, servers, printers, network devices, telephones, and even...
Spark Development Network Rock RMS 安全漏洞
Spark Development Network Rock RMS is a relationship management system developed by Spark Development Network, aimed at churches and non-profit organizations. There were security vulnerabilities in the Spark Development Network Rock RMS version 16.13 and versions prior to 17.7.0. These...
docker-wkhtmltopdf-aas 安全漏洞
Docker-WKHTMLTOPDF-AAS is an open-source tool developed by Openlabs that converts HTML into PDF via a web-based service. Previous versions of Docker-WKHTMLTOPDF-AAS, including version 9f50579, had security vulnerabilities. These vulnerabilities stemmed from the app.py component, which allowed for...
Django 安全漏洞
Django is a set of open-source web frameworks based on the Python language, developed by the Django Foundation. This framework includes an object-oriented mapper, view system, template system, etc. Versions of Django prior to 5.2.15 and 6.0.6 contained security vulnerabilities. These...
Django 安全漏洞
Django is a set of open-source web frameworks based on the Python language, developed by the Django Foundation. This framework includes an object-oriented mapper, view system, template system, etc. Versions of Django prior to 6.0.6 and 5.2.15 contained security vulnerabilities. These...
Django 安全漏洞
Django is a set of open-source web frameworks based on the Python language, developed by the Django Foundation. This framework includes an object-oriented mapper, view system, template system, etc. Versions of Django prior to 6.0.6 and 5.2.15 contained security vulnerabilities. These...
Django 安全漏洞
Django is a set of open-source web application frameworks based on the Python language, developed by the Django Foundation. This framework includes an object-oriented mapper, view system, template system, etc. Versions of Django prior to 5.2.15 and 6.0 prior to 6.0.6 contained security...
school-management-system 安全漏洞
School-Management-System is a PHP-based school management system developed by Shubham Kumar, an individual developer. The School-Management-System has a security vulnerability, which stems from the use of predictable password generation methods. This vulnerability may allow attackers to easily...
Django daphne 资源管理错误漏洞
Daphne is an open-source ASGI server developed by Django that supports HTTP, HTTP2, and WebSocket protocols. Versions of Daphne prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the lack of passing the maximum frame size or the payload size of messages, allowin...
Canarytokens 安全漏洞
Canarytokens is a network activity tracking system open-source by Thinkst Applied Research. There is a security vulnerability in Canarytokens, which stems from HTML injection in notification emails. This vulnerability may lead to interface manipulation and cross-site scripting attacks...
GPAC 安全漏洞
GPAC is an open-source multimedia framework developed by GPAC. Versions of GPAC prior to 26.02.0 contained security vulnerabilities. These vulnerabilities were caused by a null pointer dereferencing in the gffilterpidresolvefiletemplateex function, which could allow attackers to cause...
Synology Hyper Backup 路径遍历漏洞
Synology Hyper Backup is a backup management system provided by the Chinese company Synology. It offers capabilities for multi-version data backup, replication, and disaster recovery. Versions of Synology Hyper Backup prior to 4.1.2-4036 had a path traversal vulnerability. This vulnerability...
Synology Note Station Client 安全漏洞
Synology Note Station Client is a desktop note application developed by Synology, a Chinese company. It supports note synchronization, knowledge management, and offline editing. Versions of Synology Note Station Client prior to 2.2.4-703 contained security vulnerabilities. These vulnerabilities...
Synology Hyper Backup Explorer 安全漏洞
Synology Hyper Backup Explorer is a backup file viewing tool developed by Synology, a Chinese company, for browsing, retrieving, and restoring backup version data. Versions of Synology Hyper Backup Explorer prior to 3.0.1-0156 contained security vulnerabilities. These vulnerabilities stemmed from...
MBS多款产品 安全漏洞
MBS Single-A and other products are a series of industrial communication gateways developed by the German company MBS. Several MBS products have security vulnerabilities; these vulnerabilities stem from a stack buffer overflow in the gdv-serverconfig module, which could allow remote attackers to...
GLPI 安全漏洞
GLPI is an open-source IT and asset management software developed by GLPI. This software provides a comprehensive IT resource management interface, allowing you to create databases for managing various IT assets such as computers, monitors, servers, printers, network devices, telephones, and even...
CPython 安全漏洞
CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has a security vulnerability that arises from excessive CPU consumption when processing specially crafted Unicode inputs, which may lead to a denial-of-service attack...
GoBGP 安全漏洞
GoBGP is an open-source implementation of the Border Gateway Protocol BGP developed by osrg. Version 4.3.0 of GoBGP contains a security vulnerability. This vulnerability stems from an integer underflow in the BGPUpdate.DecodeFromBytes function, which could allow attackers to cause denial-of-servi...
Cactus Image Viewer 安全漏洞
Cactus Image Viewer is a Windows single-file image viewing tool developed by Wassim Alhajomar. Version 2.3.0 of Cactus Image Viewer has a security vulnerability caused by DLL hijacking, which may allow attackers to elevate privileges and execute arbitrary code through a specially crafted DLL...
Backpack CRUD 跨站脚本漏洞
Backpack CRUD is an open-source management panel for Eloquent models developed by Backpack for Laravel. Versions prior to 5.0.13, 4.1.69, and 4.0.63 had cross-site scripting vulnerabilities. These vulnerabilities were due to susceptibility to cross-site scripting attacks, potentially allowing...
Hugging Face Transformers 安全漏洞
Hugging Face Transformers is an open-source framework developed by Hugging Face for defining state-of-the-art machine learning models. It covers text, visual, audio, and multimodal models, and can be used for both inference and training. Version 5.2.0 of Hugging Face Transformers contains a...
school-management-system 跨站脚本漏洞
School-Management-System is a PHP-based school management system developed by Shubham Kumar, an individual developer. The school-management-system has a cross-site scripting vulnerability. This vulnerability stems from multiple attributes of student and teacher objects that contain stored...
Django daphne 输入验证错误漏洞
Daphne is an open-source ASGI protocol server developed by Django, which supports HTTP, HTTP2, and WebSocket. Versions of Daphne prior to 4.2.2 contained security vulnerabilities. These vulnerabilities were due to differences in the parser, which could allow attackers to inject additional headers...
FRRouting 安全漏洞
FRouting is an open-source network routing software suite that runs on Unix-like platforms. Versions of FRRouting from stable/10.0 to stable/10.6 have security vulnerabilities. These vulnerabilities stem from the lack of input validation in the rfapiRibBi2Ri function, which could allow attackers ...
Django 安全漏洞
Django is a set of open-source web frameworks based on the Python language, developed by the Django Foundation. This framework includes an object-oriented mapper, view system, template system, etc. Versions prior to Django 5.2.15 and 6.0.6 contained security vulnerabilities. These vulnerabilities...
lwext4 安全漏洞
lwext4 is an embedded library developed by Grzegorz Kostka for microcontrollers, which provides ext2/3/4 file systems. Version 1.0.0 of lwext4 contains a security vulnerability. This vulnerability arises from insufficient validation of the extent header fields in the ext4extbinsearchidx function,...
lwext4 安全漏洞
lwext4 is an embedded library developed by Grzegorz Kostka for microcontrollers, which provides ext2/3/4 file systems. Version 1.0.0 of lwext4 contains a security vulnerability. This vulnerability stems from the lack of validation for lbsize in the ext4blocksetlbsize function, resulting in a zero...
Synology Hyper Backup 路径遍历漏洞
Synology Hyper Backup is a backup management system provided by the Chinese company Synology. It offers capabilities for multi-version data backup, replication, and disaster recovery. Versions of Synology Hyper Backup prior to 4.1.2-4036 contained a path traversal vulnerability. This vulnerabilit...
Synology Active Backup for Business Recovery Media Creator 安全漏洞
Synology Active Backup for Business Recovery Media Creator is a tool developed by the Chinese company Synology, designed to generate system recovery boot media and perform device disaster recovery operations. Versions of Synology Active Backup for Business Recovery Media Creator prior to 2.5.0-20...
MBS多款产品 安全漏洞
MBS Single-A and other products are a series of industrial communication gateways developed by the German company MBS. Several MBS products have security vulnerabilities; these vulnerabilities stem from a stack buffer overflow in dali-devconfig, which could allow remote attackers to gain full...
MBS多款产品 安全漏洞
MBS Single-A and other products are a series of industrial communication gateways developed by the German company MBS. Several MBS products have security vulnerabilities; these vulnerabilities stem from stack buffer overflows, which may allow remote attackers to gain full system access as root...
MBS多款产品 路径遍历漏洞
MBS Single-A and other products are a series of industrial communication gateways developed by the German company MBS. Several MBS products have a path traversal vulnerability. This vulnerability stems from the insufficient input validation in the ugw-logread method, which may allow remote...
MBS多款产品 输入验证错误漏洞
MBS Single-A and other products are a series of industrial communication gateways developed by the German company MBS. Several MBS products have a vulnerability related to input validation errors. This vulnerability stems from the insufficient input validation provided by the ugw-logstop method,...
MBS多款产品 安全漏洞
MBS Single-A and other products are a series of industrial communication gateways developed by the German company MBS. Several MBS products have security vulnerabilities; these vulnerabilities stem from insufficient validation of user-controlled inputs through the ugw-restoreinfo method, which...
MBS多款产品 安全漏洞
MBS Single-A and other products are a series of industrial communication gateways developed by the German company MBS. Several MBS products have security vulnerabilities; these vulnerabilities stem from insufficient validation of user-controlled inputs using the ugw-restore method, which could...
MBS多款产品 安全漏洞
MBS Single-A and other products are a series of industrial communication gateways developed by the German company MBS. Several MBS products have security vulnerabilities. These vulnerabilities stem from insufficient validation of user-controlled inputs using the ugw-logstop method, which could...
MBS多款产品 安全漏洞
MBS Single-A and other products are a series of industrial communication gateways developed by the German company MBS. Several MBS products have security vulnerabilities; these vulnerabilities stem from the ugw-delete-file method, which insufficiently validates user-controlled inputs, potentially...
MBS多款产品 安全漏洞
MBS Single-A and other models are a series of industrial communication gateways developed by the German company MBS. The MBS Universal Gateways have a security vulnerability; this vulnerability stems from the insufficient validation of user-controlled inputs in the bac-scanresult method, which...