195539 matches found
SourceCodester Online Food Ordering System 安全漏洞
The SourceCodester Online Food Ordering System is an open-source online meal ordering system developed by SourceCodester. Version 2.0 of the SourceCodester Online Food Ordering System has a security vulnerability. This vulnerability stems from the handling of the page parameter in the include...
WordPress plugin EmergencyWP – Dead Man s switch & legacy deliverance 跨站请求伪造漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress plugin Passeum Ticketing 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
Desktop Commander MCP 安全漏洞
Desktop Commander MCP is an MCP server developed by Eduard Ruzga. Version 0.2.37 of Desktop Commander MCP contains a security vulnerability. This vulnerability stems from the handling of the url parameter in the readFileFromUrl function found in the src/tools/filesystem.ts file. This vulnerabilit...
Desktop Commander MCP 安全漏洞
Desktop Commander MCP is an MCP server developed by Eduard Ruzga. Versions of Desktop Commander MCP prior to 0.2.38 contained security vulnerabilities. These vulnerabilities stemmed from the operation of the startsearch component in the src/search-manager.ts file with respect to the SearchResult...
Dovestones ADPhonebook 安全漏洞
Dovestones ADPhonebook is a corporate address book and employee directory management system developed by the Canadian company Dovestones. Versions of Dovestones ADPhonebook prior to 4.0.1.1 contained security vulnerabilities. These vulnerabilities stemmed from insufficient input validation and...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the NFC HCI SHDLC timer not stopping before releasing context, potentially allowing reuse...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper dependency checks in the work queue WQMEMRECLAIM, potentially leading to warnings...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an incorrect recovery of the gp value when the LLVM compiler in the MIPS architecture is used as a glob...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the IRQ request in the rt9455 power supply driver. This request occurs before the...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the btrfs file system’s use of listaddtail to update the dirtylist for blockgrouptree when settin...
Mercusys AC12G 安全漏洞
The Mercusys AC12G is a Gigabit wireless router produced by the Chinese company Mercusys. The Mercusys AC12G has a security vulnerability, which stems from the inclusion of hardcoded WiFi driver credentials, potentially leading to credential exposure...
Synology Active Backup for Business Recovery Media Creator 安全漏洞
Synology Active Backup for Business Recovery Media Creator is a tool developed by the Chinese company Synology, designed to generate system recovery boot media and perform device disaster recovery operations. Versions of Synology Active Backup for Business Recovery Media Creator prior to 2.5.0-20...
wordpress plugin School Management 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
ERPNext 跨站脚本漏洞
ERPNext is a set of open-source enterprise resource planning solutions developed by the Indian company ERPNext. Version 16.16.0 of ERPNext contains a cross-site scripting vulnerability. This vulnerability arises from users with project record editing privileges being able to persist arbitrary...
WordPress plugin Prague 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the AppArmor module’s dfa tables not being aligned by 8 bytes. This vulnerability may lead to...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the pstore ram module not properly updating the oldlogsize when it calls the persistentramsaveold...
Koha 安全漏洞
Koha is a library automation management system developed by the Koha organization. Versions of Koha prior to 25.11 contained security vulnerabilities, which originated from the Z39.50 configuration module. These vulnerabilities could allow remote attackers to execute arbitrary code...
MaxSite CMS 安全漏洞
MaxSite CMS is an open-source website content management system developed by MaxSite in Russia. Version 109.2 of MaxSite CMS has a security vulnerability. This vulnerability stems from a cross-site scripting vulnerability in the backend page file upload endpoint, which could allow remote attacker...
ABB T-MAC Plus 安全漏洞
ABB T-MAC Plus is a shipboard equipment status monitoring and predictive maintenance management system developed by the Swiss company ABB. Version 4.0-24 of ABB T-MAC Plus contains a security vulnerability, which stems from the possibility for external parties to access files or directories...
Mercusys AC12G 安全漏洞
The Mercusys AC12G is a Gigabit wireless router produced by the Chinese company Mercusys. The Mercusys AC12G EU V1 AC12G EU V1 version has security vulnerabilities. These vulnerabilities stem from unvalidated UPnP IGD operations, which may allow unauthenticated LAN devices to create arbitrary por...
Django 安全漏洞
Django is a set of open-source web frameworks based on the Python language, developed by the Django Foundation. This framework includes an object-oriented mapper, view system, template system, etc. Versions of Django prior to 6.0.6 and 5.2.15 contained security vulnerabilities. These...
morgan 安全漏洞
Morgan is an open-source HTTP request logging middleware developed by ExpressJS. Versions 1.2.0 to 1.10.1 of Morgan contain security vulnerabilities. These vulnerabilities stem from the remoteuser token not being escaped with control characters, which may lead to log manipulation...
FOSSBilling 输入验证错误漏洞
FOSSBilling is an open-source billing and customer management platform for hosting service providers and digital service providers. Versions of FOSSBilling prior to 0.8.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from the redirection module not...
Code Index MCP 安全漏洞
Code Index MCP is a smart code indexing and analysis large model context server developed by johnhuang316 as an individual developer. Versions of Code Index MCP prior to 2.14.0 contain security vulnerabilities. These vulnerabilities stem from the operation of the issaferegexpattern function in th...
MLRun 安全漏洞
MLRun is an AI orchestration platform developed by MLRun OpenSource. Versions of MLRun 1.12.0-rc3 and earlier contain security vulnerabilities. These vulnerabilities stem from a function in the DataFrame Hash Handler component located in the file mlrun/utils/helpers.py, specifically the...
concretecms 安全漏洞
ConcreteCMS is an open-source content management system developed by Concrete. Versions of ConcreteCMS prior to 9.5.2 contained security vulnerabilities. These vulnerabilities stemmed from the unserialize method calls in Workflow, Form blocks, and File/Set components, which lacked a allowedclasse...
OpenStack Ironic 安全漏洞
OpenStack Ironic is an integrated OpenStack application developed under the OpenStack open source framework. It is used to configure bare machines rather than virtual machines. OpenStack Ironic versions 35.0.x and earlier contain security vulnerabilities, which stem from a vulnerability that allo...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the procfs module’s lack of RCU protection when reading task-realparent in the dotaskstat functio...
WordPress plugin Askka 代码问题漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...
WordPress plugin WP Nano AD 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
Transsion AI Assistant Lifestyle 安全漏洞
Transsion AI Assistant Lifestyle is a mobile AI assistant application developed by Transsion Corporation. It integrates intelligent question answering, content generation, lifestyle service recommendations, and personal assistant functions. There is a security vulnerability in Transsion AI...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability. This vulnerability stemmed from insufficient execution of DevTools policies, which could allow attackers to leak cross-source data through...
Orthanc DICOM Server 安全漏洞
Orthanc DICOM Server is a lightweight medical imaging storage and management server developed under the open-source Orthanc framework. Versions of Orthanc DICOM Server 1.12.11 and earlier contain security vulnerabilities. These vulnerabilities stem from issues with the DcmItem::read function in t...
Mint 安全漏洞
Mint is a functional underlying HTTP client library developed by Elixir Mint. Versions of Mint from 0.2.0 to 1.9.0 contained security vulnerabilities. These vulnerabilities stemmed from the HTTP/2 server’s ability to insert unlimited entries through the PUSHPROMISE frame, which could lead to memo...
WordPress plugin BookIt 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress plugin ARMember Premium 授权问题漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
BIRD 安全漏洞
BIRD is a full-featured dynamic IP routing daemon developed by BIRD OpenSource. Versions of BIRD prior to 2.19.0 contained security vulnerabilities; these vulnerabilities stemmed from stack buffer overflows in the BGP ASPATH mask matching implementation, which could potentially cause the daemon t...
NVIDIA NVTabular 代码问题漏洞
NVIDIA NVTabular is a component within the deep learning recommendation system framework developed by NVIDIA Corporation. NVIDIA NVTabular has code-related vulnerabilities, which stem from improper deserialization of untrusted data. These vulnerabilities may lead to code execution, data tampering...
Vivotek FD8136 安全漏洞
Vivotek FD8136 is a hemispherical network camera produced by the Chinese company Vivotek. The Vivotek FD8136 FD8136-VVTK-0300a version has a security vulnerability. This vulnerability stems from a remote buffer overflow in the /cgi-bin/dido/setdo.cgi endpoint, which could allow authenticated...
WordPress plugin ARMember Premium SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress plugin Simple Custom Login Page 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
Vivotek FD8136 安全漏洞
Vivotek FD8136 is a hemispherical network camera produced by the Chinese company Vivotek. The Vivotek FD8136 FD8136-VVTK-0300a version contains a security vulnerability. This vulnerability stems from a remote buffer overflow attack on the /cgi-bin/admin/eventtask.cgi endpoint. It could allow...
Microsoft Edge 安全漏洞
Microsoft Edge is a web browser included with Windows 10 and later versions from Microsoft. There is a security vulnerability in Microsoft Edge, which stems from a type confusion flaw in the program’s handling of certain types of media or signaling data...
WordPress plugin Accordion FAQ 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
WordPress plugin ARMember Premium SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. There is a security vulnerability in Google Chrome, which stems from improper implementation...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. There is a security vulnerability in Google Chrome, which stems from improper implementation...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of ANGLE components after their release, which could allow a remote attacker with access to the rendere...