195539 matches found
WordPress plugin AIWU 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
Google Android 安全漏洞
Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android. These vulnerabilities stem from the misleading or insufficient UI provided by the getApplicationLabel function in KeyChainActivity.java, which may lead...
Google Android 安全漏洞
Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from improper input validation in the setGlobalProxy function within DevicePolicyManagerService.java. This vulnerability may lead to persiste...
eLabFTW 信息泄露漏洞
eLabFTW is an open-source experimental data hosting platform developed by eLabFTW. This platform runs on the Linux system and supports the storage of various types of objects. Versions of eLabFTW prior to 5.4.2 contained a vulnerability related to information leakage. This vulnerability occurred...
Lightweight Music Server 跨站脚本漏洞
Lightweight Music Server is a self-hosted music streaming service developed by Emeric POUPON. Versions of Lightweight Music Server 3.76.0 and earlier contained a cross-site scripting vulnerability. This vulnerability stemmed from stored-xss attacks, allowing attackers to execute arbitrary...
itsourcecode Content Management System SQL注入漏洞
itsourcecode Content Management System is an open-source content management system developed by itsourcecode. Version 1.0 of the itsourcecode Content Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the topicid parameter in the file...
ThorVG 代码问题漏洞
ThorVG is a high-performance, lightweight vector graphics engine developed under open source. Versions of ThorVG prior to 1.0.5 contained code vulnerabilities. These vulnerabilities stemmed from null pointer dereferencing in the SvgLoader::run function, which could cause the process to crash for...
FlexRIC 安全漏洞
FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. The FlexRIC v2.0.0 version contains a security vulnerability. This vulnerability arises from the use of a uint16t counter for xappid assignment, but the counter is stored in a uint32t field. As a result of this counter...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a denial-of-service attack in the user space for the cifs.spnego process. This vulnerability could lead...
Fsas ServerView Agents 安全漏洞
Fsas ServerView Agents is a server monitoring and management software developed by the Japanese company Fsas. Versions of Fsas ServerView Agents prior to V11.60.04 contain security vulnerabilities. These vulnerabilities stem from permission chain issues, which may allow local authenticated...
SOPlanning 跨站脚本漏洞
SOPlanning is a set of online project management software developed by SOPlanning Company. Versions of SOPlanning 1.55 and earlier had a cross-site scripting vulnerability. This vulnerability stemmed from the /process/uploadbackup endpoint, which was vulnerable to storage-based cross-site scripti...
itsourcecode Online House Rental System SQL注入漏洞
itsourcecode Online House Rental System is an open-source online housing rental system developed by itsourcecode. Version 1.0 of the itsourcecode Online House Rental System has a SQL injection vulnerability. This vulnerability stems from improper handling of the Username parameter in the...
CloudPirates Open Source Helm Charts 代码注入漏洞
CloudPirates Open Source Helm Charts is a collection of Helm Charts for cloud-native applications, developed by CloudPirates.io. Previous versions of CloudPirates Open Source Helm Charts had a code injection vulnerability. This vulnerability stemmed from GitHub Actions workflows exposing sensitiv...
Apache ActiveMQ 安全漏洞
Apache ActiveMQ is an open-source messaging middleware developed by the Apache Foundation in the United States. It supports Java Message Service, clustering, Spring Framework, etc. There is a security vulnerability in Apache ActiveMQ. This vulnerability stems from the MessageServlet in the web...
Kiteworks 安全漏洞
Kiteworks is a secure private network data software developed by Kiteworks Corporation in the United States. Versions of Kiteworks prior to 9.3.0 contained security vulnerabilities. These vulnerabilities were caused by insecure direct object references, which could allow authentication attackers ...
VMware Spring Cloud Function 安全漏洞
VMware Spring Cloud Function is a Java functional application development framework provided by the American company VMware. There is a security vulnerability in VMware Spring Cloud Function, which stems from attempting to add an unlimited number of functions to the function registry, potentially...
Apache Airflow 安全漏洞
Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. However, Apache Airflow has security vulnerabilities. The...
SOPlanning SQL注入漏洞
SOPlanning is a set of online project management software developed by SOPlanning Company. Versions of SOPlanning 1.55 and earlier had a SQL injection vulnerability. This vulnerability stemmed from multiple endpoints and parameters that were vulnerable to SQL injection attacks. It was possible fo...
itsourcecode Content Management System SQL注入漏洞
itsourcecode Content Management System is an open-source content management system developed by itsourcecode. Version 1.0 of the itsourcecode Content Management System has a SQL injection vulnerability. This vulnerability arises from improper handling of the topicid parameter in the...
CodeAstro Ingredients Stock Management System SQL注入漏洞
The CodeAstro Ingredients Stock Management System is a inventory management system developed by CodeAstro Inc. Version 1.0 of the CodeAstro Ingredients Stock Management System has a SQL injection vulnerability. This vulnerability arises from incorrect operations with the parameter txtsearchcatego...
SourceCodester Pet Grooming Management Software 安全漏洞
SourceCodester Pet Grooming Management Software is an open-source pet grooming management system developed by SourceCodester. Version 1.0 of SourceCodester Pet Grooming Management Software contains a security vulnerability. This vulnerability arises from improper operations with files in the admi...
Code-Projects Online Hospital Management System SQL注入漏洞
Code-Projects Online Hospital Management System is an open-source online hospital management system developed by Code-Projects. The 1.php version of the Code-Projects Online Hospital Management System has a SQL injection vulnerability. This vulnerability stems from improper handling of the Userna...
Qualcomm Chipsets 缓冲区错误漏洞
Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. Qualcomm Chipsets have a buffer error vulnerability, which stems from memory corruption when processing device identifier strings that exceed the expected maximum length...
Code-Projects Online Hospital Management System SQL注入漏洞
Code-Projects Online Hospital Management System is an open-source online hospital management system developed by Code-Projects. Version 1.0 of the Code-Projects Online Hospital Management System has a SQL injection vulnerability. This vulnerability arises from improper handling of the editid...
CodexBar 安全漏洞
CodexBar is an AI programming service usage monitoring tool developed by Peter Steinberger. Versions of CodexBar prior to 0.32.0 contained security vulnerabilities. These vulnerabilities were caused by a session cookie leakage issue, which could allow network attackers to exploit the improper...
Dassault Systèmes DELMIA Service Process Engineer 安全漏洞
Dassault Systèmes DELMIA Service Process Engineer is a process planning software developed by Dassault Systèmes, a French company. There are security vulnerabilities in Dassault Systèmes DELMIA Service Process Engineer versions from 3DEXPERIENCE R2024x to 3DEXPERIENCE R2026x. These vulnerabilitie...
FlexRIC 安全漏洞
FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. The FlexRIC v2.0.0 version contains a security vulnerability. This vulnerability arises from trusting the xappid field in the trust E42 message without binding it to the sender’s SCTP association. As a result, remote...
Google Android 安全漏洞
Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from an integer overflow in the l2cfcrclonebuf function found in l2cfcr.cc. This vulnerability may lead to controlled heap corruption within...
Dräger Infinity Explorer C700 安全漏洞
The Dräger Infinity Explorer C700 is an integrated medical-grade monitoring workstation component developed by the German company Dräger. The Dräger Infinity Explorer C700 has a security vulnerability that stems from privilege escalation. This vulnerability could allow attackers to break through...
Capsule 安全漏洞
Capsule is an open-source Kubernetes framework developed by Project Capsule. Versions prior to Capsule 0.13.0 have security vulnerabilities. These vulnerabilities stem from the processing of TenantResource RawItems, which does not set namespaces for cluster-wide resources. This could allow tenant...
Nextcloud Server 访问控制错误漏洞
NextCloud Server is an open-source NextCloud server program. Versions of NextCloud Server from 32.0.0 to 32.0.9 and from 33.0.0 to 33.0.3 had a access control vulnerability due to improper sharing token access controls. This vulnerability could allow malicious users to access temporarily uploaded...
nanobot 代码问题漏洞
Nanobot is a lightweight personal AI assistant open-source by Data Intelligence Lab@HKU. Versions of Nanobot prior to 0.2.1 contained code vulnerabilities. These vulnerabilities stemmed from issues with server-side request forgeing in the webFetch tool. This could allow remote attackers to access...
FlexRIC 安全漏洞
FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. Version FlexRIC v2.0.0 contains a security vulnerability. This vulnerability arises from the use of the assert function to enforce mapping relationships before sending the E2SETUPREQUEST message. This could allow remote...
Nextcloud Server 授权问题漏洞
NextCloud Server is an open-source NextCloud server program. Versions of NextCloud Server from 32.0.0 to 32.0.9 and from 33.0.0 to 33.0.3 had authorization-related vulnerabilities. These vulnerabilities stemmed from authentication bypasses, allowing attackers who know the user’s password to...
OTRS 安全漏洞
OTRS is a service management solution developed by the German company OTRS. Vulnerabilities exist in versions 7.0.X, 8.0.X, 2023.X, 2024.X, 2025.X, and 2026.X of OTRS, as well as versions before 2026.4.X. These vulnerabilities stem from improper handling of permissions in the document search...
Qualcomm Chipsets 代码问题漏洞
Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. Qualcomm Chipsets have code-related vulnerabilities; these vulnerabilities arise from heap memory exhaustion during secure data initialization, leading to memory corruption when writing to invalid memory locations...
Imagination Graphics DDK 安全漏洞
Imagination Graphics DDK is a GPU driver toolkit developed by the British company Imagination. There is a security vulnerability in Imagination Graphics DDK, which stems from an address translation logic error. This vulnerability may allow the compromised host kernel to perform arbitrary writes t...
AMD Processors 安全漏洞
AMD Processors are a series of processors developed by American semiconductor company AMD. There are security vulnerabilities in AMD Processors, which stem from insufficient access control granularity. This vulnerability could allow attackers to exploit trusted user-space applications to map...
Qualcomm Chipsets 缓冲区错误漏洞
Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. Qualcomm Chipsets have a buffer error vulnerability, which stems from insufficient output buffer size during the execution of random number generator commands, leading to memory corruption...
Nextcloud Files approval 信息泄露漏洞
NextCloud Files Approval is an open-source file approval software developed by NextCloud. Versions of NextCloud Files Approval prior to version 2.7.2 had a vulnerability related to information leakage. This vulnerability stemmed from a lack of permission checks, allowing authenticated users to...
Assimp 缓冲区错误漏洞
Assimp is an open-source library developed by Assimp. It is used for importing and exporting various 3D model formats. Versions of Assimp 6.0.4 and earlier contained a buffer error vulnerability. This vulnerability stemmed from incorrect handling of the parameter aiString in the...
Nextcloud Forms 安全漏洞
NextCloud Forms is an open-source, hosted questionnaire and form creation tool developed by NextCloud. Versions of NextCloud Forms prior to 5.2.6 contained a security vulnerability due to a lack of permission checks. This vulnerability could allow users to request access to other users’ form...
Nextcloud Teams 安全漏洞
NextCloud Teams is an open-source team collaboration and group management tool developed by NextCloud. There were security vulnerabilities in versions of NextCloud Teams between 32.0.0 and 32.0.9, as well as between 33.0.0 and 33.0.3. These vulnerabilities stemmed from the system automatically...
Nextcloud Calendar 信息泄露漏洞
NextCloud Calendar is an open-source calendar application developed by NextCloud. There were information leakage vulnerabilities in versions 5.5.13 to 5.5.17 and 6.2.0 to 6.2.3 of NextCloud Calendar. These vulnerabilities stemmed from the lack of shared restrictions applied to the meeting...
Google Android 安全漏洞
Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from insufficient permission checks, potentially leading to local privilege escalation...
sendportal 代码注入漏洞
SendPortal is a self-hosted email marketing management tool developed by Mattel. Versions of SendPortal 3.0.1 and earlier had a code injection vulnerability. This vulnerability stemmed from incorrect handling of the content parameter by the Campaign Handler component in the /webview/ file, which...
IBM WebSphere Application Server(WAS) 安全漏洞
IBM WebSphere Application Server is a Java enterprise application server developed by IBM. It is primarily used for deploying and managing enterprise-level web applications. IBM WebSphere Application Server has a vulnerability known as “Identity Spoofing.” This vulnerability arises from the failu...
Nextcloud Server 安全漏洞
NextCloud Server is an open-source NextCloud server program. There were security vulnerabilities in versions 31.0.0 to 31.0.12, and in versions 32.0.0 to 32.0.3 of NextCloud Server. These vulnerabilities stemmed from a lack of relational checks, which could allow authenticated users to read all...
ArmCode Arm Whois 安全漏洞
ArmCode Arm Whois is a web information query tool developed by ArmCode Corporation. Version 3.11 of ArmCode Arm Whois contains a security vulnerability. This vulnerability stems from a stack buffer overflow, which could allow remote attackers to execute arbitrary code by providing excessive input...
OTRS 安全漏洞
OTRS is a service management solution developed by the German company OTRS. Vulnerabilities exist in versions 7.0.X, 8.0.X, 2023.X, 2024.X, 2025.X, and 2026.X up to version 2026.4.X. These vulnerabilities stem from improper handling of permissions for external interfaces and the configuration ite...