Apache HTTP Server Data Forgery Issue Vulnerability (CNVD-2022-73123)

Apache HTTP Server is an open source web server from the Apache Foundation. Apache HTTP Server is vulnerable to a data forgery issue that stems from modproxy's X-Forwarded-For hop-by-hop mechanism discard. An attacker could use this vulnerability to bypass IP-based authentication on the source...

Apache HTTP Server Buffer Overflow Vulnerability (CNVD-2021-102386)

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. A buffer overflow vulnerability exists in Apache HTTP Server that stems from the product's r:parsebody failing to properly determi...

Apache HTTP Server ap_escape_quotes buffer overflow vulnerability

Apache HTTP Server is an open source web server from the Apache Foundation. The server is fast, reliable, and extensible via a simple API. buffer overflow vulnerability exists in Apache HTTP Server versions 2.4.48 and earlier, which stems from the possibility that apescapequotes may write content...

Apache HTTP Server mod_isapi Module Buffer Overflow Vulnerability

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. A buffer overflow vulnerability exists in Apache HTTP Server 2.4.53 and earlier versions, which stems from a boundary error in the...

Adobe Photoshop Buffer Overflow Vulnerability (CNVD-2021-79743)

Adobe Photoshop, or "PS" for short, is an image processing software developed and distributed by Adobe. Adobe Photoshop suffers from a buffer overflow vulnerability. An attacker can exploit this vulnerability to execute arbitrary code...

Apache HTTP Server Input Validation Error Vulnerability

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. An input validation error vulnerability exists in Apache HTTP Server version 2.4.53 and earlier, which stems from a failure to...

OpenSSH Information Disclosure Vulnerability

OpenSSH OpenBSD Secure Shell is a set of connection tools for secure access to remote computers from the Openbsd Project Group. The tools are an open source implementation of the SSH protocol and support encryption of all transmissions, effectively blocking eavesdropping, connection hijacking, an...

Apache HTTP Server mod_proxy server-side request forgery vulnerability

Apache HTTP Server is an open source web server from the Apache Foundation. Apache HTTP Server in version 2.4.48 and earlier is vulnerable to server-side request forgery, which stems from a failure of the modproxy module to properly validate user input and can be exploited to forward requests to ...

Mozilla Firefox Buffer Overflow Vulnerability (CNVD-2021-90100)

Mozilla Firefox is an open source web browser from the Mozilla Foundation. Mozilla Firefox is vulnerable to a buffer overflow vulnerability that could be exploited by attackers to run arbitrary code...

Apache HTTP Server Information Disclosure Vulnerability (CNVD-2022-73122)

Apache HTTP Server is an open source web server from the Apache Foundation. Apache HTTP Server is vulnerable to an information disclosure vulnerability that could be exploited by attackers to obtain sensitive information...

Apache HTTP Server Code Issue Vulnerability

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. A security vulnerability exists in Apache HTTP Server version 2.4.48 and earlier, which stems from a malformed request that could...

Adobe Photoshop Resource Management Error Vulnerability

Adobe Photoshop is a set of image processing software from the American company Audobee Adobe. The software is mainly used for processing pictures. Adobe Photoshop suffers from a resource management error vulnerability that can be exploited by an attacker to trigger arbitrary code execution...

Mozilla Firefox Buffer Overflow Vulnerability (CNVD-2021-90096)

Mozilla Firefox is an open source Web browser from the Mozilla Foundation, U.S. A buffer overflow vulnerability exists in Mozilla Firefox, which stems from a boundary error in the product's handling of HTML content. A remote attacker could exploit the vulnerability to create a specially crafted W...

Adobe Lightroom Privilege Escalation Vulnerability

Adobe Lightroom Classic is a suite of graphics processing software from the American company Audobee Adobe. Adobe Lightroom has a security vulnerability that can be exploited by an attacker to gain elevated privileges on the system...

Apache HTTP Server Buffer Overflow Vulnerability (CNVD-2023-93320)

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. A buffer overflow vulnerability exists in Apache HTTP Server 2.4.57 and earlier versions, which stems from an out-of-bounds read...

Unspecified Vulnerability in Apple GarageBand (CNVD-2025-06484)

Apple GarageBand is an application from Apple USA. An unspecified vulnerability exists in Apple GarageBand, which can be exploited by an attacker to execute arbitrary code...

IBM Robotic Process Automation跨站脚本漏洞

IBM Robotic Process Automation is a robotic process automation product from IBM, Inc. It helps you automate more business and IT processes at scale with the ease and speed of traditional RPA. IBM Robotic Process Automation versions 21.0.1 and 21.0.2 contain a cross-site scripting vulnerability th...

Apache HTTP Server Buffer Overflow Vulnerability (CNVD-2023-80558)

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. A buffer overflow vulnerability exists in Apache HTTP Server version 2.4.54 and earlier. An attacker can exploit this vulnerabilit...

Adobe Photoshop Buffer Overflow Vulnerability (CNVD-2023-76927)

Adobe Photoshop is a set of image processing software from the American company Audobee Adobe. The software is mainly used for processing pictures. Adobe Photoshop suffers from a buffer overflow vulnerability that originates from a boundary error when the application processes untrusted input. A...

Apache HTTP Server Environment Issue Vulnerability (CNVD-2022-51061)

Apache HTTP Server is an open source web server from the Apache Foundation. Apache HTTP Server is vulnerable to an environmental issue that results from Apache HTTP Server's inability to close inbound connections when dropping the body of a request, leading to request smuggling. The vulnerability...

Adobe Illustrator Buffer Overflow Vulnerability (CNVD-2022-22098)

Adobe Illustrator is a vector-based image creation software from Adobe. Adobe Illustrator is vulnerable to a buffer overflow vulnerability that could be exploited by attackers to execute arbitrary code on the target system...

Apache HTTP Server Information Disclosure Vulnerability (CNVD-2024-36391)

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. An information disclosure vulnerability exists in Apache HTTP Server, which can be exploited by an attacker to obtain sensitive...

Cisco Jabber Input Validation Error Vulnerability

Cisco Jabber is a unified communications client solution from Cisco. An input validation error vulnerability exists in Cisco Jabber Client Software versions prior to 14.1.3, which stems from improper handling of nested XMPP messages in requests sent to Cisco Jabber Client Software, and could be...

WordPress JupiterX Theme和Jupiter Theme路径遍历漏洞

WordPress and others are products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plug-in. WordPress JupiterX Theme and Jupiter Theme suffer from a path traversal vulnerability that can be exploited by...

Cisco Smart Software Manager On-Prem and Cisco Smart Software Manager Resource Management Error Vulnerabilities

Cisco Smart Software Manager On-Prem SSM On-Prem and Cisco Smart Software Manager are both products of Cisco Corporation.Cisco Smart Software Manager On-Prem is a component of Cisco product license management. Cisco Smart Software Manager On-Prem is a component for license management of Cisco...

OpenSSL RSA Component Remote Code Execution Vulnerability

OpenSSL is an open source Openssl team's general-purpose cryptographic library capable of implementing Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. The product supports multiple encryption algorithms, including symmetric ciphers, hashing algorithms, secure hashing...

SPIP cross-site scripting vulnerability

SPIP is a web-based content publishing system. A cross-site scripting vulnerability exists in SPIP version 3.1.13 and prior versions, which originates in /spip.php. The vulnerability stems from the program's lack of data validation filtering of user-supplied data and output. An attacker could use...

Adobe Dimension out-of-bounds read vulnerability (CNVD-2022-78868)

Adobe Dimension is a set of 2D and 3D composite design tools from Adobe, Inc. An out-of-bounds read vulnerability exists in Adobe Dimension 3.4.5 and prior versions. An attacker can exploit this vulnerability to execute arbitrary code...

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability (CNVD-2022-50628)

Cisco Unified Communications Manager CUCM, Unified CM, CallManager is a call-processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. A cross-site scripting...

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability (CNVD-2022-50630)

Cisco Unified Communications Manager CUCM, Unified CM, CallManager is a call-processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. A cross-site scripting...

Adobe Illustrator Out-of-Bounds Write Vulnerability (CNVD-2023-50822)

Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. Adobe Illustrator suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to cause arbitrary code execution...

Apache Commons remote code execution vulnerability

Apache Commons is a project of the Apache Software Foundation. Apache Commons is vulnerable to a remote code execution vulnerability that could be exploited by attackers to execute malicious code via injection attacks, write webshells to websites, and take control of entire websites or even serve...

Adobe Photoshop Memory Misreference Vulnerability

Adobe Photoshop is a set of image processing software from the American company Audobee Adobe. The software is mainly used for processing pictures. A memory misreference vulnerability exists in Adobe Photoshop. The vulnerability stems from a mix-up in the program's instructions responsible for...

Apache HTTP Server Resource Management Error Vulnerability

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. A resource management error vulnerability exists in Apache HTTP Server, which can be exploited by an attacker to cause memory...

Cisco Unified Communications Manager and Cisco Unity Connection Information Disclosure Vulnerability

Cisco Unity Connection UC and Cisco Unified Communications Manager CUCM, Unified CM, CallManager are both products of Cisco Corporation.Cisco Unity Connection is a voice Cisco Unity Connection is a voice messaging platform. The platform can use voice commands to make calls or listen to messages i...

Cisco Unified Communications Manager Access Control Error Vulnerability

Cisco Unified Communications Manager CUCM, Unified CM, CallManager is a call-processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. An Access Control Error...

Google Chrome WebRTC remote code execution vulnerability

Google Chrome is a web browser from Google, Inc. A remote code execution vulnerability exists in Google Chrome WebRTC, which stems from a heap buffer overflow in WebRTC and can be exploited to construct malicious data to execute arbitrary code on the target system...

Cisco Unified Communications Manager Arbitrary File Read Vulnerability

Cisco Unified Communications Manager CUCM, Unified CM, CallManager is a call-processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. An arbitrary file read...

sqlpad has an unspecified vulnerability

sqlpad is a web-based SQL editor. sqlpad suffers from a security vulnerability, for which no detailed vulnerability details are currently available...

Tp-link TL-WR840N Code Injection Vulnerability

Tp-link TL-WR840N is a wireless router from Tp-link China. tp-link TL-WR840N EU v5 router TL-WR840NEU v5 171211 firmware previous version has a security vulnerability where the PING function in the device lacks filtering and escaping for data submitted by IP address and is vulnerable to to remote...

Microsoft Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability

Microsoft Internet Control Message Protocol ICMP is a remote code execution vulnerability in Microsoft Internet Control Message Protocol ICMP, an ICMP protocol used in Windows. A remote code execution vulnerability exists in Microsoft Internet Control Message Protocol ICMP, which could be exploit...

Adobe Animate Out-of-Bounds Write Vulnerability (CNVD-2022-50234)

Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. Adobe Animate suffers from an out-of-bounds write vulnerability. An attacker could use this vulnerability to execute arbitrary code in the context of the current user...

Adobe Dimension out-of-bounds read vulnerability (CNVD-2022-02635)

Adobe Dimension is a set of 2D and 3D composite design tools from Adobe, Inc. An out-of-bounds read vulnerability exists in Adobe Dimension, which can be exploited by attackers to cause sensitive memory leaks...

Apache HTTP Server Input Validation Error Vulnerability (CNVD-2022-51059)

Apache HTTP Server is an open source web server from the Apache Foundation. The server is fast, reliable, and extensible via a simple API. Apache HTTP Server 2.4.53 and earlier versions are vulnerable to an input validation error. An attacker could exploit this vulnerability to read unexpected...

Jenkins Storable Configs Plugin跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.Jenkins Storable Configs Plugin 1.0 and...

Adobe Photoshop Buffer Overflow Vulnerability (CNVD-2022-15927)

Adobe Photoshop is a set of image processing software from the American company Odobi Adobe. Adobe Photoshop suffers from a buffer overflow vulnerability, which stems from the product's failure to properly determine memory boundaries. An attacker could use this vulnerability to execute arbitrary...

Tongda2000 SQL Injection Vulnerability

Tongda2000 is a web-based intelligent office system from China Tongda Tongda.A security vulnerability exists in Tongda2000 v11.10, which allows attackers to attack via the DEVICELIST parameter in /mobileseal/getseal.php. No detailed vulnerability details are available at this time...

Linux kernel has unspecified vulnerabilities (CNVD-2022-20176)

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. Linux kernel versions prior to 5.16.10 have a security vulnerability that stems from the lack of RNDIS USB validation of the size of the RNDIS MSG SET command. An attacker could exploit this vulnerabilit...

Apache HTTP Server Information Disclosure Vulnerability (CNVD-2022-51060)

Apache HTTP Server is an open source web server from the Apache Foundation. Apache HTTP Server 2.4.53 and earlier versions are vulnerable to an information disclosure vulnerability caused by an out-of-bounds read in apstrcmpmatch. An attacker could exploit this vulnerability to cause a crash or...

Apache HTTP Server Input Validation Error Vulnerability (CNVD-2024-36395)

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. An input validation error vulnerability exists in Apache HTTP Server version 2.4.58 and earlier versions, which can be exploited t...