195539 matches found
Check Point Quantum Security Gateway 安全漏洞
Check Point Quantum Security Gateway is a series of enterprise-level security gateway devices developed by the Israeli company Check Point. There is a security vulnerability in Check Point Quantum Security Gateway. This vulnerability stems from the improper handling of unexpected IKE fragment...
Lumiverse 参数注入漏洞
Lumiverse is a full-featured AI chat application suite developed by Prolix OCs’ individual developers. Versions of Lumiverse prior to 0.9.7 contained a parameter injection vulnerability. This vulnerability occurred when the toSmbPath call failed, resulting in a fallback to dirname/basename...
Blitz 代码注入漏洞
Blitz is an open-source full-stack Next.js development toolkit developed by Blitz. Versions of Blitz 3.0.2 and earlier contained a code injection vulnerability. This vulnerability stemmed from an unknown function in the packages/generator/templates/app/src/app/auth/components/LoginForm.tsx file,...
algernon 安全漏洞
Algernon is a web server developed by Alexander F. Rødseth. Versions of Algernon prior to 1.17.7 contained a security vulnerability. This vulnerability stemmed from the process of traversing parent directories upwards during directory requests to find the handler.lua file. This could allow...
IBM Web Server Plug-ins for IBM WebSphere Application Server and IBM WebSphere Liberty 环境问题漏洞
IBM Web Server Plug-ins for IBM WebSphere Application Server and IBM WebSphere Liberty are web server integration plugins developed by IBM. Versions 8.5 and 9.0 of these plugins contain environmental issues, which stem from vulnerabilities that can be exploited by HTTP request payload attacks...
Joomla! CMS 跨站请求伪造漏洞
Joomla! CMS is a content management system developed under the open source Joomla! framework. Joomla! CMS has a cross-site request forgeing vulnerability, which stems from the lack of CSRF token validation. This vulnerability may lead to cross-site request forgeing attacks at the comusers...
Joomla! CMS 路径遍历漏洞
Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has a path traversal vulnerability, which stems from improper validation of search parameters in the commedia file API endpoints, potentially leading to path traversal attacks...
Joomla! CMS 跨站脚本漏洞
Joomla! CMS is a content management system developed under the open source Joomla! framework. Joomla! CMS has a cross-site scripting vulnerability, which stems from the lack of output escaping. This vulnerability may lead to cross-site scripting attacks through the "readmore" link in the comconte...
Joomla! CMS 跨站脚本漏洞
Joomla! CMS is a content management system developed under the open source Joomla! framework. Joomla! CMS has a cross-site scripting vulnerability, which stems from the lack of output escaping. This vulnerability may lead to cross-site scripting attacks within the content history component of the...
Check Point Security Gateway 安全漏洞
Check Point Security Gateway is a series of network security gateway devices developed by Check Point Corporation in Israel. There is a security vulnerability in Check Point Security Gateway, which stems from incorrect validation of length values in specific IKE packets during NAT-T operations...
IBM Cloud Pak for Data System 安全漏洞
IBM Cloud Pak for Data System is an enterprise data and AI integration platform provided by IBM. The version 11.3.0.2 of IBM Cloud Pak for Data System, as well as the Interim Fix 002, contain security vulnerabilities. These vulnerabilities stem from the use of default passwords during the...
Apple macOS 安全漏洞
Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS Tahoe 26 and earlier contained security vulnerabilities; these vulnerabilities stemmed from out-of-bound read operations, which could potentially cause applications to...
Autodesk 3ds Max 安全漏洞
Autodesk 3ds Max is a full-featured 3D computer graphics software developed by Autodesk, Inc. There is a security vulnerability in Autodesk 3ds Max, which may lead to a denial-of-service attack due to a stack overflow issue occurring during the parsing of specially crafted WRL files...
Autodesk 3ds Max 安全漏洞
Autodesk 3ds Max is a full-featured 3D computer graphics software developed by Autodesk, Inc. There is a security vulnerability in Autodesk 3ds Max. This vulnerability arises from the possibility of memory corruption during the parsing of specially crafted WRL files. Malicious actors may exploit...
itsourcecode Electronic Judging System 代码注入漏洞
itsourcecode Electronic Judging System is an open-source electronic judging system developed by itsourcecode. Version 1.0 of the itsourcecode Electronic Judging System contains a code injection vulnerability. This vulnerability arises from improper handling of the fname parameter in the...
TOTOLINK CA750-PoE 操作系统命令注入漏洞
TOTOLINK CA750-PoE is a wireless network access device produced by TOTOLINK Corporation. Version 6.2c.510 of TOTOLINK CA750-PoE contains a vulnerability related to operating system command injection. This vulnerability arises from improper handling of the PIN parameter in the setWiFiWpsConfig...
TOTOLINK CA750-PoE 操作系统命令注入漏洞
TOTOLINK CA750-PoE is a wireless network access device produced by TOTOLINK Corporation. Version 6.2c.510 of TOTOLINK CA750-PoE contains a vulnerability related to operating system command injection. This vulnerability arises from improper handling of theFileName parameter in the setUpgradeUboot...
WordPress plugin WpBookingly 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
IBM Engineering Lifecycle Management 安全漏洞
IBM Engineering Lifecycle Management is an engineering lifecycle management platform provided by American multinational company International Business Machines IBM. Versions 7.0.3, 7.1.0, and 7.2.0 of IBM Engineering Lifecycle Management contain security vulnerabilities. These vulnerabilities ste...
IBM HTTP Server 代码问题漏洞
IBM HTTP Server is an enterprise-level web server software developed by International Business Machines IBM. Versions 8.5 and 9.0 of IBM HTTP Server contain code vulnerabilities that could lead to denial-of-service attacks due to the optional module modibmUpload...
IBM HTTP Server 安全漏洞
IBM HTTP Server is an enterprise-level web server software developed by International Business Machines IBM. Versions 8.5 and 9.0 of IBM HTTP Server contain security vulnerabilities. These vulnerabilities stem from invalid pointer dereferencing, which could allow privileged users to disclose...
WordPress plugin SW Core 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
NVIDIA GPU Display Driver 信息泄露漏洞
NVIDIA GPU Display Driver is a display driver developed by NVIDIA Corporation. The NVIDIA GPU Display Driver for Linux has a vulnerability known as information leakage. This vulnerability stems from the possibility of advanced attackers exploiting race conditions to leak sensitive memory. As a...
NVIDIA vGPU Software 资源管理错误漏洞
NVIDIA vGPU Software is a management software developed by NVIDIA Corporation in the United States, designed to provide GPU capabilities for virtual machines. This software enables multiple virtual machines to access the host’s GPU, thereby providing graphics performance and application...
Joomla! 跨站脚本漏洞
Joomla! is an open-source, free-content management system developed by Joomla! Foundation. The Joomla! Framework has a cross-site scripting vulnerability, which stems from insufficient content filtering in the checkAttribute method. This vulnerability exposes various components to cross-site...
Joomla! CMS 访问控制错误漏洞
Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has a vulnerability related to access control, which stems from improper access checks. This vulnerability allows for privilege escalation through the comusers batch task...
SourceCodester Hospitals Patient Records Management System 代码注入漏洞
SourceCodester Hospitals Patient Records Management System is an open-source hospital medical record management system developed by SourceCodester. Version 1.0 of the SourceCodester Hospitals Patient Records Management System contains a code injection vulnerability. This vulnerability arises from...
Autodesk 3ds Max 代码问题漏洞
Autodesk 3ds Max is a full-featured 3D computer graphics software developed by Autodesk, Inc. There are code vulnerabilities in Autodesk 3ds Max. These vulnerabilities stem from parsing specially crafted PAR files, which may lead to null pointer dereferencing. Successful exploitation of these...
Check Point Multi-Domain Management 安全漏洞
Check Point Multi-Domain Management is a centralized security management platform provided by Check Point Israel. Check Point Multi-Domain Management has a security vulnerability. This vulnerability arises from the fact that when compliance is enabled in the multi-domain management system, verifi...
Lumiverse 竞争条件问题漏洞
Lumiverse is a full-featured AI chat application suite developed by Prolix OCs’ individual developers. Versions of Lumiverse prior to 0.9.7 contained a race condition vulnerability. This vulnerability stemmed from the fact that the consumeNonce function only checked whether module-level variables...
Joomla! CMS SQL注入漏洞
Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has a SQL injection vulnerability, which stems from improper validation of sorting clauses. This vulnerability may lead to SQL injections within com tags...
WordPress plugin Zohocorp Zoho Mail 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
NVIDIA Display Driver 竞争条件问题漏洞
NVIDIA Display Driver is a graphics driver developed by NVIDIA Corporation. NVIDIA Display Driver has a race condition vulnerability, which arises from user-side reorders in the kernel module that may lead to race conditions through compiler or processor memory instructions, potentially causing...
NVIDIA Display Driver 缓冲区错误漏洞
NVIDIA Display Driver is a graphics driver developed by NVIDIA Corporation. NVIDIA Display Driver has a buffer error vulnerability, which can lead to out-of-bounds write attacks, potentially causing denial of service, privilege escalation, information leakage, data corruption, and code execution...
itsourcecode Electronic Judging System SQL注入漏洞
itsourcecode Electronic Judging System is an open-source electronic referee system developed by itsourcecode. Version 1.0 of the itsourcecode Electronic Judging System has a SQL injection vulnerability. This vulnerability arises from improper handling of the numid parameter in the unknown code...
CODESYS Development System 安全漏洞
CODESYS Development System is a set of programming tools developed by the German company CODESYS, used in the fields of industrial controllers and automation technology. There is a security vulnerability in the CODESYS Development System. This vulnerability stems from the incorrect default...
Joomla! 跨站脚本漏洞
Joomla! is an open-source, free-content management system developed by Joomla! Foundation. The Joomla! Framework has a cross-site scripting vulnerability, which stems from the lack of input filtering. This leads to the presence of cross-site scripting vectors in the HTML filtering code...
Vanetza 安全漏洞
Vanetza is an open-source implementation of a vehicle communication protocol suite developed by Raphael Riebl. Versions of Vanetza prior to 26.02 contained security vulnerabilities. These vulnerabilities stemmed from the ASN.1 decoder accepting V2X messages that are syntactically valid but...
WordPress plugin Taxi Booking Manager for WooCommerce 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...
Silicon Simplicity SDK 安全漏洞
The Silicon Simplicity SDK is an embedded software development platform provided by Silicon Corporation. It is used to build IoT products based on our 2-series and upcoming 3-series wireless and MCU devices. The Silicon Simplicity SDK has a security vulnerability. Attackers can compromise the...
Eppendorf BioFlo 320 安全漏洞
The Eppendorf BioFlo 320 is a laboratory bioreactor control system developed by the German company Eppendorf. The Eppendorf BioFlo 320 has a security vulnerability, which stems from the VNC server using hard-coded passwords. This vulnerability could allow remote attackers to gain complete control...
IBM HTTP Server 资源管理错误漏洞
IBM HTTP Server is an enterprise-level web server software developed by International Business Machines IBM. Versions 8.5 and 9.0 of IBM HTTP Server contain resource management vulnerabilities that can lead to denial-of-service attacks when attackers have permission to write to certain server...
IBM HTTP Server 安全漏洞
IBM HTTP Server is an enterprise-level web server software developed by International Business Machines IBM. Versions 8.5 and 9.0 of IBM HTTP Server contain security vulnerabilities; these vulnerabilities stem from the optional module modmemcache, which may lead to denial-of-service attacks...
Joomla! CMS 访问控制错误漏洞
Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has a vulnerability related to access control. This vulnerability arises from improper access checks, allowing unauthorized users to elevate their privileges by editing Web service...
MediaInfoLib 安全漏洞
MediaInfoLib is a tool developed by MediaArea for displaying technical information and tag data related to audio and video files. MediaInfoLib has a security vulnerability, which stems from a heap buffer overflow issue during LXF parsing...
Joomla! CMS 授权问题漏洞
Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has authorization-related vulnerabilities, which stem from insufficient state checks, allowing bypasses of 2FA authentication...
GnuTLS 安全漏洞
GnuTLS is an open-source, free security communication library developed by GnuTLS that enables the implementation of SSL, TLS, and DTLS protocols. GnuTLS has a security vulnerability, which stems from a single-bit error in the bounds checking of PKCS12 package elements. This vulnerability could...
GnuTLS 信任管理问题漏洞
GnuTLS is an open-source, free security communication library developed by GnuTLS. GnuTLS has a trust management vulnerability, which stems from the certificate verification process. Customized certificates may cause incorrect backtracking during the verification of the common name field,...
Starlette 环境问题漏洞
Starlette is a lightweight ASGI framework/toolkit developed by Encode. It’s ideal for building asynchronous web services using Python. Versions of Starlette prior to 1.0.1 contained an environmental issue vulnerability. This vulnerability stemmed from the lack of validation of the HTTP Host reque...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a lack of null pointer checking in the l2capsockstatechangecb function within the Bluetooth L2CAP...