195539 matches found
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of ANGLE components after their release, which could allow remote attackers to execute arbitrary code...
Vivotek VIVOTEK FD8136-VVTK 安全漏洞
Vivotek VIVOTEK FD8136-VVTK is a super-miniature fixed dome network camera firmware developed by Vivotek Corporation. The Vivotek VIVOTEK FD8136-VVTK 0300a version contains a security vulnerability. This vulnerability stems from path traversal within the /admin/downloadMedias.cgi endpoint, which...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. There is a security vulnerability in Google Chrome, which stems from improper implementation...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the use of reusing after releasing in WebRTC, which could allow remote attackers to execute arbitrary code throug...
Google Go 安全漏洞
Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from repeatedly calling strings.Split within loops, causing the validation cost to increa...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability. This vulnerability stemmed from the improper initialization of Dawn, which could allow remote attackers to obtain sensitive information from the process...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of Cast components after their release, which could allow local network attackers to execute arbitrary...
Dräger Atlan A350 安全漏洞
The Dräger Atlan A350 is a high-end anesthesia workstation developed by the German company Dräger. There were security vulnerabilities in the Dräger Atlan A350 between versions 1.00 and 1.01. These vulnerabilities stemmed from improper input processing, which could allow attackers to send special...
HCL iReflection 安全漏洞
HCL iReflection is a IBM i system access and terminal emulation software developed by the Indian company HCL. HCL iReflection has a security vulnerability, which stems from the presence of third-party vulnerable and outdated components within the web application...
WordPress plugin EventPrime 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
OpenTelemetry eBPF Instrumentation 安全漏洞
OpenTelemetry eBPF Instrumentation is an open-source eBPF-based lightweight telemetry data collection tool developed by OpenTelemetry. Versions of OpenTelemetry eBPF Instrumentation from 0.1.0 to 0.9.0 contained security vulnerabilities. These vulnerabilities stemmed from malformed MongoDB line...
Dräger多款产品 安全漏洞
Dräger Infinity Delta, among others, are products of the German company Dräger. The Dräger Infinity Delta is a multi-parameter clinical monitor. The Dräger Infinity Kappa is a multi-parameter patient monitor. The Dräger Infinity Delta XL is a high-performance multi-parameter patient monitor...
OpenTelemetry eBPF Instrumentation 安全漏洞
OpenTelemetry eBPF Instrumentation is an open-source eBPF-based lightweight telemetry data collection tool developed by OpenTelemetry. Versions of OpenTelemetry eBPF Instrumentation prior to 0.9.0 contained security vulnerabilities. These vulnerabilities stemmed from replacing the ELF parser’s...
WordPress plugin Constructor 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
LibreChat 安全漏洞
LibreChat is an open-source, free, and highly customizable unified AI dialogue platform. It allows for the aggregation and running of large models from any vendor within one interface. LibreChat versions 0.8.3 and earlier have a security vulnerability caused by a file deletion permission issue...
WordPress plugin Spin 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
react-router 代码问题漏洞
react-router is a declarative routing library for React, open-sourced by Remix. From version 7.0.0 to 7.14.1 of react-router, there are code-related vulnerabilities. These vulnerabilities stem from the possibility of unauthorized remote code execution through external requests under framework mod...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. Google Chrome has a security vulnerability, which stems from an integer overflow issue...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability, which was caused by incorrect security UI for Tab Hover Cards. This vulnerability could allow remote attackers to perform domain name spoofing using a...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability. This vulnerability stemmed from insufficient execution of the Autofill policy, which could allow remote attackers to bypass access control through specially...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a resource management vulnerability. This vulnerability stemmed from a problem with the reusing of resources after they were released in the ANGLE component. This could allow remote...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from Chromoting’s ability to reuse resources after they were released, which could allow remote attackers to execute...
Google Chrome 输入验证错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a vulnerability related to input validation. This vulnerability stemmed from insufficient validation of untrusted inputs in the media component, which could allow a remote attacker with...
itsourcecode Fees Management System SQL注入漏洞
itsourcecode Fees Management System is an open-source charging management system developed by itsourcecode. Version 1.0 of the itsourcecode Fees Management System has a SQL injection vulnerability. This vulnerability arises from manipulating the parameter ID in the file /managepayment.php, which...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability caused by Blink integer overflow. A remote attacker could execute arbitrary code in a sandbox through a specially crafted HTML page...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability caused by an integer overflow in the Dawn component. This vulnerability could allow remote attackers to achieve sandbox escape by using a specially crafted...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. There is a security vulnerability in Google Chrome, which stems from improper implementation...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of Media after its release, which could allow remote attackers to execute arbitrary code within a sandb...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of the WebAuthentication component after it was released, which could allow remote attackers to exploit...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of the FullScreen component after its release, which could allow remote attackers to exploit the...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. Google Chrome has a security vulnerability that arises from its uninitialized state...
AuthKit React Router Library 资源管理错误漏洞
AuthKit React Router Library is an open-source project by WorkOS, used in React Router 7. Versions 7.0.0 to 7.14.x of the library, along with @remix-run/server-runtime 2.10.0 to 2.17.4, have a resource management vulnerability. This vulnerability stems from unbounded path expansion at the manifes...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability, which was caused by improper implementations in the Keyboard component. Remote attackers could inject arbitrary scripts or HTML through specially crafted HT...
Nextcloud Calendar 信息泄露漏洞
NextCloud Calendar is an open-source calendar application developed by NextCloud. There were information leakage vulnerabilities in versions 5.5.13 to 5.5.17 and 6.2.0 to 6.2.3 of NextCloud Calendar. These vulnerabilities stemmed from the lack of shared restrictions applied to the meeting...
Google Android 安全漏洞
Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from insufficient permission checks, potentially leading to local privilege escalation...
IBM WebSphere Application Server(WAS) 安全漏洞
IBM WebSphere Application Server is a Java enterprise application server developed by IBM. It is primarily used for deploying and managing enterprise-level web applications. IBM WebSphere Application Server has a vulnerability known as “Identity Spoofing.” This vulnerability arises from the failu...
Nextcloud Server 安全漏洞
NextCloud Server is an open-source NextCloud server program. There were security vulnerabilities in versions 31.0.0 to 31.0.12, and in versions 32.0.0 to 32.0.3 of NextCloud Server. These vulnerabilities stemmed from a lack of relational checks, which could allow authenticated users to read all...
ArmCode Arm Whois 安全漏洞
ArmCode Arm Whois is a web information query tool developed by ArmCode Corporation. Version 3.11 of ArmCode Arm Whois contains a security vulnerability. This vulnerability stems from a stack buffer overflow, which could allow remote attackers to execute arbitrary code by providing excessive input...
OTRS 安全漏洞
OTRS is a service management solution developed by the German company OTRS. Vulnerabilities exist in versions 7.0.X, 8.0.X, 2023.X, 2024.X, 2025.X, and 2026.X up to version 2026.4.X. These vulnerabilities stem from improper handling of permissions for external interfaces and the configuration ite...
Dassault Systèmes Teamwork Cloud和Dassault Systèmes Magic Collaboration Studio 安全漏洞
Dassault Systèmes Teamwork Cloud and Dassault Systèmes Magic Collaboration Studio are both products of Dassault Systèmes, a French company. Dassault Systèmes Teamwork Cloud is a collaborative model version control and storage platform. Dassault Systèmes Magic Collaboration Studio is a cloud-based...
Dräger多款产品 安全漏洞
Dräger Infinity Delta, among others, are products of the German company Dräger. The Dräger Infinity Delta is a multi-parameter clinical monitor. The Dräger Infinity Kappa is a multi-parameter patient monitor. The Dräger Infinity Delta XL is a high-performance multi-parameter patient monitor...
Nextcloud SQL注入漏洞
Nextcloud is an open-source, self-hosted communication platform for file synchronization and sharing developed by the German company Nextcloud. Versions of Nextcloud from 0.9.0 to 0.9.7, as well as versions from 1.0.0 to 1.0.2, had a SQL injection vulnerability. This vulnerability stemmed from...
WordPress plugin Contest Gallery Pro 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
Qualcomm Chipsets 安全漏洞
Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. There are security vulnerabilities in Qualcomm Chipsets, and these vulnerabilities arise from the exposure of information when processing advertisement frames that contain format-errors MBSSID...
sendportal 代码注入漏洞
SendPortal is a self-hosted email marketing management tool developed by Mattel. Versions of SendPortal 3.0.1 and earlier had a code injection vulnerability. This vulnerability stemmed from incorrect handling of the content parameter by the Campaign Handler component in the /webview/ file, which...
nanobot 安全漏洞
Nanobot is a lightweight personal AI assistant open-source by Data Intelligence Lab@HKU. Versions of Nanobot prior to 0.2.1 contained a security vulnerability. This vulnerability stemmed from a denial-of-service issue in the media download processing routine of the Matrix channel. It could allow...
Orca Energija Orca heat pump 安全漏洞
Orca Energija Orca heat pump is a series of air-to-water heat pump systems developed by Orca Energija. There are security vulnerabilities in Orca Energija Orca heat pumps. These vulnerabilities stem from the lack of authentication and plaintext data transmission. Combined with the absence of...
Google Android 安全漏洞
Google Android is an open-source operating system based on Linux, developed by the American company Google. There are security vulnerabilities in Google Android, which stem from integer overflows and may lead to local privilege escalation...
Google Android 安全漏洞
Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from misleading user interfaces caused by confusion in multiple locations. These vulnerabilities may lead to an increase in local privileges...
IBM WebSphere Application Server(WAS) 代码问题漏洞
IBM WebSphere Application Server is an enterprise-level Java application server, primarily used for deploying and managing Java EE applications. There are security vulnerabilities in IBM WebSphere Application Server. These vulnerabilities stem from the SAML Web Single Sign-On component, which fai...