195539 matches found
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability caused by a type confusion in the V8 component. This vulnerability could allow remote attackers to execute arbitrary code within a sandbox through a speciall...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of the FileSystem component after its release, which could allow a remote attacker to exploit the...
Google Chrome 缓冲区错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a buffer overflow vulnerability, which was caused by out-of-bounds writes in the Skia component. This vulnerability could allow remote attackers to exploit the vulnerability through...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability caused by an integer overflow in the Dawn component. This vulnerability could allow remote attackers to achieve sandbox escape by using a specially crafted...
Google Chrome 输入验证错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a vulnerability related to input validation. This vulnerability stemmed from insufficient input validation in the WebShare component, which could allow a remote attacker to escape the...
Google Chrome 输入验证错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a vulnerability related to input validation. This vulnerability stemmed from insufficient trust-based input validation in the Media component, which could allow remote attackers to exploit...
Google Chrome 输入验证错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a vulnerability related to input validation. This vulnerability stemmed from insufficient input validation in the DevTools component, which could allow remote attackers to inject arbitrary...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of Core components after their release, which could allow remote attackers to exploit the vulnerability...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability caused by a type confusion in the V8 component. This vulnerability could allow remote attackers to execute arbitrary code within a sandbox through a speciall...
Google Chrome 输入验证错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a vulnerability related to input validation. This vulnerability stemmed from insufficient validation for untrusted inputs provided by the Extensions component. It could allow remote...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of Dawn components after their release, which could allow remote attackers to exploit the vulnerability...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of the WebAuthentication component after it was released, which could allow remote attackers to exploit...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the Passwords component reusing resources after release, which could allow remote attackers to execute arbitrary...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of components after their release, which could allow remote attackers to execute arbitrary code through...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of the Passwords component after it was released, which could allow remote attackers to exploit heap...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of Ozone components after their release, which could allow remote attackers to execute arbitrary code...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of Chromoting components after their release, which could allow remote attackers to execute arbitrary...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the Cast Streaming component’s ability to reuse resources after they were released, potentially allowing attacker...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the use of components that were reused after being released, potentially allowing remote attackers to execute...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the Chromecast component’s ability to reuse resources after release, which could allow remote attackers who have...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. in the United States. Network is a network component open source by Cloudburst. Versions of Google Chrome prior to 149.0.7827.53 had a resource management vulnerability. This vulnerability stemmed from the Network component’s ability to reus...
Google Go 安全漏洞
Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from decoding maliciously constructed MIME headers containing numerous invalid encoding...
Alf.io 安全漏洞
Alf.io is a free and open-source event attendance management system developed by Alf.io. Versions of Alf.io prior to 2.0-M5-2606 contained security vulnerabilities. These vulnerabilities stemmed from the HTTP Client’s postFileAndSaveResponse method, which allowed arbitrary file system paths witho...
Alf.io 安全漏洞
Alf.io is a free and open-source attendance management system developed by Alf.io. Versions of Alf.io prior to 2.0-M5-2606 contained security vulnerabilities. These vulnerabilities stemmed from sandbox escape in the extended script engine. Combined with unprotected injection of Java object...
GLPI 跨站脚本漏洞
GLPI is an open-source IT and asset management software developed by GLPI. This software provides a comprehensive IT resource management interface, allowing you to create databases for managing various IT assets such as computers, monitors, servers, printers, network devices, telephones, and even...
Seagate openSeaChest 安全漏洞
Seagate openSeaChest is a set of cross-platform storage device management tools developed by Seagate Corporation. The version of Seagate openSeaChest v25.05.3 contains a security vulnerability. This vulnerability stems from out-of-bounds writing and reading operations during the --showSCSIDefects...
Seagate openSeaChest 安全漏洞
Seagate openSeaChest is a set of cross-platform storage device management tools developed by Seagate Corporation. The version v26.03.0 of Seagate openSeaChest contains a security vulnerability. This vulnerability stems from out-of-bound writing during the Trim/Unmap operations, which may lead to...
BlenderMCP 代码问题漏洞
BlenderMCP is a 3D modeling control tool created by ahujasid, which connects Blender with AI. BlenderMCP has code vulnerabilities; these vulnerabilities stem from the requests.get function in the src/blendermcp/server.py file of the ZIP File Handler component. The function’s handling of the...
Docker Desktop 安全漏洞
Docker Desktop is a desktop software from the American company Docker, based on container technology, designed for lightweight application deployment. This product provides a desktop environment that allows creating containers lightweight virtual machines on Linux/Windows/Mac OS systems, as well ...
OpenCTI 跨站脚本漏洞
OpenCTI is an open-source network threat intelligence platform developed by OpenCTI. Versions of OpenCTI prior to 7.260227.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper cleaning of the email-message observable body data during its rendering, which coul...
BlenderMCP 安全漏洞
BlenderMCP is a 3D modeling control tool developed by ahujasid that connects Blender with AI. BlenderMCP has a security vulnerability, which stems from the operation of the Open function in the file src/blendermcp/server.py regarding the parameter inputimageurl, potentially leading to exploitatio...
Dräger Protector Software 安全漏洞
Dräger Protector Software is a gas detection and safety monitoring management platform developed by the German company Dräger. Versions of Dräger Protector Software prior to version 6.4.2 contained security vulnerabilities. These vulnerabilities were due to insecure file system permissions, which...
authentik 输入验证错误漏洞
Authentik is an open-source identity provisioning application developed by Authentik. Versions prior to 2025.12.5, 2026.2.3, and 2026.5.1 contained a vulnerability related to input validation errors. This vulnerability stemmed from an XML signature packaging flaw in the SAML Source ACS endpoint’s...
Protocol 授权问题漏洞
Protocol is a multi-version Minecraft support protocol library developed by Cloudburst. Versions of Protocol prior to 3.0.0.Beta12-20260420.182526-15 contained vulnerabilities related to authorization issues. These vulnerabilities stemmed from a lack of verification for FULL type authentication...
authentik 跨站脚本漏洞
Authentik is an open-source identity provisioning application. Versions of Authentik before 2025.12.5 and 2026.2.3 had a cross-site scripting vulnerability. This vulnerability stemmed from issues in the SFE implementation phase, which could lead to the exploitation of XSS vulnerabilities during t...
Student-Management-System 授权问题漏洞
Student-Management-System is an open-source student information management system developed by Cyber-III. There is a vulnerability in the student-management-system’s authorization mechanism; this vulnerability stems from improper authentication of unknown functions, which may lead to remote attac...
authentik 输入验证错误漏洞
Authentik is an open-source identity provisioning application. Versions of Authentik prior to 2026.2.3 had a vulnerability related to input validation errors. This vulnerability stemmed from the WS-Federation provider’s use of raw string prefixes for validation instead of proper URL parsing, whic...
FastNetMon 安全漏洞
FastNetMon is a high-performance DDoS detector/sensor developed by Pavel Odintsov. It is built using multiple packet capture engines. Versions of FastNetMon Community Edition 1.2.9 and earlier contained security vulnerabilities. These vulnerabilities stemmed from out-of-bounds read operations in...
Tesla 安全漏洞
Tesla is an HTTP client software open source by Elixir Tesla. Versions of Tesla from 0.8.0 to 1.18.3 contained security vulnerabilities. These vulnerabilities stemmed from the lack of escaping of the Content-Disposition parameter value, which could lead to multipart header injection attacks...
Tesla 安全漏洞
Tesla is an electric vehicle produced by the American company Tesla. Versions of Tesla from 1.3.0 to 1.18.3 contained security vulnerabilities. These vulnerabilities stemmed from the lack of resource allocation control in Tesla.Adapter.Mint, which could lead to denial-of-service attacks due to...
Tesla 安全漏洞
Tesla is an HTTP client software open-sourced by Elixir Tesla. Versions of Tesla from 0.6.0 to 1.18.3 contained security vulnerabilities. These vulnerabilities stemmed from the lack of restrictions on the size of decompressed data when processing highly compressed data, which could lead to...
aiohttp 访问控制错误漏洞
aiohttp is an open-source framework developed by aio-libs, used for asynchronous HTTP client/server interactions with asyncio and Python. Versions of aiohttp prior to 3.14.0 contained a access control vulnerability; this vulnerability stemmed from the use of cookies set using the “cookies”...
aiohttp 代码问题漏洞
Aiohttp is an open-source framework developed by aio-libs, used for asynchronous HTTP client/server interactions with asyncio and Python. Versions of AIOHTTP prior to 3.14.0 contained code vulnerabilities that could lead to arbitrary code execution when using CookieJar.load to handle untrusted...
SolarWinds Web Help Desk 安全漏洞
SolarWinds Web Help Desk is a service desk and asset management software provided by the American company SolarWinds. This software supports centralized knowledge bases, IT asset management, project and task management functions. There is a security vulnerability in SolarWinds Web Help Desk, whic...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open-source web browser developed by the Mozilla Foundation in the United States. Versions of Mozilla Firefox prior to 151.0.3 contained a security vulnerability, which was caused by incorrect boundary conditions in the Graphics: Text component...
DesDev DedeCMS SQL注入漏洞
DesDev DedeCMS is an open-source content management system CMS developed by DesDev Corporation, based on PHP. This system offers functions such as content publishing, content management, content editing, and content retrieval. Version 5.7.88 of DesDev DedeCMS contains a SQL injection vulnerabilit...
Sony PlayStation 4 安全漏洞
The Sony PlayStation 4 is a home video game console developed by the Japanese company Sony. There were security vulnerabilities in the versions 13.00 to 13.02 of the Sony PlayStation 4. These vulnerabilities stemmed from the BD-J sandbox feature, which could allow an abnormal JAR file to escape,...
Dräger SC Monitoring devices 信任管理问题漏洞
The Dräger SC Monitoring devices are a series of clinical vital signs monitoring devices produced by the German company Dräger. The Dräger SC Monitoring devices have a vulnerability related to trust management. This vulnerability stems from hard-coded plaintext credentials in the source code, alo...
Dräger Infinity M300 资源管理错误漏洞
The Dräger Infinity M300 is a wearable telemetry patient monitoring device developed by the German company Dräger. Versions of the Dräger Infinity M300 prior to version 2.3.1 contained a resource management vulnerability. This vulnerability stemmed from a network-based denial-of-service issue,...
Dell ThinOS 10 访问控制错误漏洞
Dell ThinOS 10 is an operating system developed by the American company Dell. Versions prior to Dell ThinOS 10 260210.0765 contained a vulnerability related to access control. This vulnerability stemmed from improper access control mechanisms, which could allow low-privilege attackers with local...