131102 matches found
Intel SGX SDK Input Validation Error Vulnerability
The Intel SGX SDK is a software development kit based on SGX Intel Software Security Extensions technology from Intel U.S.A. An input validation error vulnerability exists in the Intel SGX SDK, which was reported by Intel in the Intel Software Protection Extensions SGX Software Development Kit SD...
Microsoft SharePoint Server Spoofing Vulnerability (CNVD-2022-59598)
Microsoft SharePoint is a suite of enterprise business collaboration platforms from Microsoft Corporation USA. Microsoft SharePoint Server is vulnerable to spoofing and no details of the vulnerability are currently available...
Redmine Information Disclosure Vulnerability (CNVD-2022-10738)
Redmine is an open source web-based project management and defect tracking tool. The product provides project management, issue tracking, and role-based access control, among other features.A security vulnerability exists in Redmine, which stems from a configuration or other error in the operatio...
Microsoft SharePoint Server Information Disclosure Vulnerability (CNVD-2021-82955)
Microsoft Office and Microsoft SharePoint are both products of Microsoft Corporation USA. Microsoft SharePoint is an enterprise business collaboration platform. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and...
MediaWiki Denial of Service Vulnerability (CNVD-2022-05528)
MediaWiki is a free and free-to-use web-based wiki engine from the US-based Wikimedia MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems.MediaWiki has a denial of service vulnerability in versions prior to 1.36.2, which stems from...
Zammad Information Disclosure Vulnerability (CNVD-2021-81948)
Zammad is a ticket management software from Zammad, a German company. versions prior to Zammad 4.1.1 have security vulnerabilities that allow attackers to discover application secrets and obtain sensitive information through the API...
IBM Sterling File Gateway Information Disclosure Vulnerability (CNVD-2021-78437)
IBM Sterling File Gateway is an application for transferring files between internal and external partners, allowing you to more securely and reliably transfer files with trading partners.An information disclosure vulnerability exists in IBM Sterling File Gateway version 6.0.1.0-6.1.0.2. An attack...
FATEK Automation WinProladder Resource Management Error Vulnerability
FATEK Automation WinProladder is a PLC from FATEK Automation in China.FATEK Automation WinProladder is vulnerable to resource management errors, which can be exploited by attackers to execute arbitrary code via malformed project files...
FFmpeg integer overflow vulnerability (CNVD-2021-80286)
FFmpeg is the FFmpeg team's complete solution for recording, converting, and streaming audio and video. ffmpeg suffers from an integer overflow vulnerability that could be exploited by an attacker to cause a denial of service or other unspecified impact...
Google Chrome Tab Strip code execution vulnerability
Google Chrome is a web browser from Google, Inc. A code execution vulnerability exists in Google Chrome Tab Strip. A remote attacker could use this vulnerability to execute arbitrary code on the system or cause a denial of service condition...
Google Chrome Blink graphics security bypass vulnerability
Google Chrome is a web browser from Google, Inc. A security bypass vulnerability exists in Google Chrome Blink graphics. An attacker could exploit this vulnerability to bypass security restrictions...
Google Chrome file system API code execution vulnerability
Google Chrome is a web browser from Google, Inc. A code execution vulnerability exists in the File System API in versions of Google Chrome prior to 94.0.4606.54. A remote attacker could use this vulnerability to execute arbitrary code on the system or cause a denial of service condition...
Google Chrome Task Manager code execution vulnerability
Google Chrome is a web browser from Google, Inc. A code execution vulnerability exists in Google Chrome Task Manager. A remote attacker could use this vulnerability to execute arbitrary code on the system or cause a denial of service condition...
vim post-release reuse vulnerability (CNVD-2021-99302)
Vim is a powerful and highly customizable text editor, an improved version of vi that improves upon and adds many features to Vi. vim version 8.2.3425 is vulnerable to a post-release reuse vulnerability. An attacker could exploit this vulnerability to execute code...
Adobe Acrobat/Reader null pointer dereference vulnerability (CNVD-2021-87306)
Adobe Reader also known as Acrobat Reader is a PDF file reader developed by Adobe. Adobe Acrobat is a PDF editing software developed by Adobe. Adobe Acrobat/Reader is vulnerable to a null pointer dereference. An attacker can exploit this vulnerability to cause a denial of service...
Adobe Acrobat/Reader Stack Buffer Overflow Vulnerability (CNVD-2021-94916)
Adobe Reader also known as Acrobat Reader is a PDF document reader developed by Adobe. Adobe Acrobat is a PDF editor developed by Adobe. Adobe Acrobat/Reader is vulnerable to a stack buffer overflow. An attacker can exploit this vulnerability to execute arbitrary code...
Adobe Acrobat/Reader Out-of-Bounds Writing Vulnerability (CNVD-2021-94918)
Adobe Reader also known as Acrobat Reader is a PDF file reader developed by Adobe. Adobe Acrobat is a PDF editing software developed by Adobe. Adobe Acrobat/Reader suffers from an out-of-bounds write vulnerability. An attacker can exploit the vulnerability to cause a memory leak...
Google Chrome memory out-of-bounds access vulnerability
Chrome is a simple and efficient web browsing tool developed by Google. ANGLE in versions prior to Google Chrome 93.0.4577.82 suffers from a memory out-of-bounds access vulnerability. An attacker could exploit this vulnerability to potentially exploit heap corruption via a crafted HTML page...
Delta Electronics DOPSoft 2 Out-of-Bounds Write Vulnerability
Delta Electronics DOPSoft is a set of human-machine interface HMI software from Delta Electronics in Taiwan, China. An out-of-bounds write vulnerability exists in Delta Electronics DOPSoft 2, which can be exploited by an attacker to execute code in the context of the current process...
Tuxera NTFS-3G Buffer Overflow Vulnerability (CNVD-2021-72272)
Tuxera NTFS-3G is Finland's Tuxera company's set of open source , cross-platform for supporting NTFS partition read and write drivers . The Tuxera NTFS-3G buffer overflow vulnerability can be exploited by an attacker to potentially cause a heap buffer overflow, which could lead to a memory leak,...
libssh buffer overflow vulnerability (CNVD-2021-71262)
Libssh is a C development package from the Libssh organization for accessing SSH services, which can execute remote commands, file transfers, and provide a secure transport channel for remote programs. libssh is vulnerable to a buffer overflow vulnerability, which stems from the fact that libssh...
Google Chrome TabStrip buffer overflow vulnerability
Google Chrome is a web browser from Google, Inc. A buffer overflow vulnerability exists in Google Chrome TabStrip. The vulnerability is caused by incorrect bounds checking in TabStrip. A remote attacker could exploit the vulnerability to cause a buffer overflow and execute arbitrary code on the...
SIEMENS SINEMA Remote Connect Server Code Execution Vulnerability
Siemens SINEMA Remote Connect Server is a remote network management platform from Siemens, a German company. The platform is primarily used to remotely access, maintain, control, and diagnose the underlying network. SIEMENS SINEMA Remote Connect Server is vulnerable to a code execution...
GPAC Project on Advanced Content Integer Overflow Vulnerability (CNVD-2021-64078)
GPAC Project on Advanced Content is an open source cross-platform library that implements the MPEG-4 system standard and provides tools for media playback, vector graphics, and 3D rendering. an integer overflow vulnerability exists in the MPEG-4 decoding functionality in GPAC Project on Advanced...
Siemens Jt2go and Teamcenter Visualization null pointer dereference vulnerability
Siemens Jt2go is a JT file viewer. Siemens Teamcenter Visualization is a software that provides team collaboration capabilities for designing 2D and 3D scenes. a security vulnerability exists in Siemens Jt2go and Teamcenter Visualization, which stems from the fact that when parsing specially...
Linux kernel information disclosure vulnerability (CNVD-2021-68182)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that can be exploited by an attacker to read uninitialized memory...
Exiv2 out-of-bounds read vulnerability (CNVD-2021-61795)
Exiv2 is a cross-platform C++ library and command line utility for managing image metadata. An out-of-bounds read vulnerability exists in Exiv2 0.27.4 and earlier versions. An attacker could use this vulnerability to cause a denial of service via a specially crafted image file...
Cisco Small Business RV340 and Cisco Small Business Command Injection Vulnerabilities
The Cisco Small Business RV340 and the Cisco Small Business are both products of Cisco, Inc.The Cisco Small Business RV340 is a router. Cisco Small Business RV340 is a router, a hardware device that connects two or more networks and acts as a gateway between networks.Cisco Small Business is a...
Cisco Small Business RV160 and RV260 Series VPN Routers Remote Command Execution Vulnerability
The Cisco Small Business RV160 and RV260 are is a router. A remote command execution vulnerability exists in the Cisco Small Business RV160 and RV260 series VPN routers. An attacker could exploit the vulnerability to execute arbitrary commands on an affected device...
Liferay Portal and Liferay DXP Cross-Site Scripting Vulnerability (CNVD-2021-62969)
Liferay Portal and Liferay DXP are both products of Liferay, a J2EE-based portal solution that uses EJB and JMS technologies and serves as a web publishing and shared workspace, enterprise collaboration platform, social network, etc. Liferay DXP is a digital experience collaboration platform...
Nexus Control Panel Licensing Issue Vulnerability
Swisslog Healthcare Nexus Panel, a medical device from Swisslog Healthcare, has a security vulnerability in versions prior to Nexus Control Panel 7.2.5.7. The vulnerability stems from an improper method used to bind a local service to a port on the device interface. An attacker could use this...
Huawei HarmonyOS security bypass vulnerability
Huawei HarmonyOS is an operating system from Huawei, a Chinese company that provides a microkernel-based distributed operating system. Huawei HarmonyOS has a security vulnerability that can be exploited by local attackers to cause a memory overwrite...
MikroTik RouterOS Assertion Failure Vulnerability
MikroTik RouterOS is a Linux-based router operating system developed by MikroTik Latvia.An assertion failure vulnerability exists in MikroTik RouterOS, which stems from an authentication error in the product's /ram/pckg/security/nova/bin/ipsec process. An attacker could exploit this vulnerability...
TYPO3 Cross-Site Scripting Vulnerability (CNVD-2022-17986)
TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Typo3 association.TYPO3 suffers from a cross-site scripting vulnerability that stems from the fact that the QueryGenerator and QueryView components are vulnerable to reflected and persistent cross-sit...
Oracle Database Server has an unspecified vulnerability (CNVD-2022-09810)
Oracle Database Server is a relational database management system from Oracle Corporation USA. A security vulnerability exists in the Advanced Networking Option component of Oracle Database Server versions 12.1.0.2, 12.2.0.1, and 19c, which could be exploited to cause an attacker to take over...
Oracle MySQL Server Denial of Service Vulnerability (CNVD-2021-54025)
Oracle MySQL Server, a relational database from Oracle Corporation, has a security vulnerability in the Server: Memcached component of Oracle MySQL Server 8.0.25 and earlier. An attacker can exploit this vulnerability to cause a partial denial of service on MySQL Server...
Oracle MySQL Server has an unspecified vulnerability (CNVD-2021-54026)
Oracle MySQL Server is a relational database from Oracle Corporation USA. An unspecified vulnerability exists in the InnoDB component of Oracle MySQL Server 8.0.25 and earlier. An attacker could exploit this vulnerability to affect confidentiality...
Oracle MySQL Server Denial of Service Vulnerability
Oracle MySQL Server mysqld is the MySQL server, the main program that performs most of the work in a MySQL installation. A security vulnerability exists in the Server: Replication component in Oracle MySQL Server 5.7.34, 8.0.25 and earlier versions. An attacker can exploit this vulnerability to...
Google Chrome WebSerial use-after-release vulnerability
Google Chrome is a web browser from Google, Inc. A security vulnerability exists in Google Chrome WebSerial, which allows remote attackers to potentially attack via specially crafted HTML pages using heap corruption...
Google Chrome V8 Type Obfuscation Vulnerability (CNVD-2021-60535)
Google Chrome is a web browser from Google, Inc. Google Chrome V8 has a security vulnerability that could be exploited by remote attackers to conduct potential attacks via specially crafted HTML pages using heap corruption...
Microsoft Windows Print Spooler Remote Code Execution Vulnerability (CNVD-2022-10026)
Microsoft Windows Print Spooler is a print backend processor component of Microsoft Corporation USA.A remote code execution vulnerability exists in Microsoft Windows Print Spooler, which can be exploited by attackers to run arbitrary code with SYSTEM privileges...
Microsoft Windows/Windows Server Elevation of Privilege Vulnerability (CNVD-2021-66089)
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation USA.Microsoft Windows is a set of operating systems for personal devices.Microsoft Windows Server is a set of server operating systems. An elevation of privilege vulnerability exists in Win32k in Microsoft...
Adobe Acrobat/Reader Post-release Reuse Vulnerability (CNVD-2021-70145)
Adobe Acrobat is a PDF editing software developed by Adobe. Adobe Reader also known as Acrobat Reader is a PDF file reader developed by Adobe. Adobe Acrobat/Reader is vulnerable to a post-release reuse vulnerability. An attacker can exploit this vulnerability to execute arbitrary code...
Adobe Illustrator 2021 Post-release Reuse Vulnerability
Adobe Illustrator 2021 is a vector graphics software. Adobe Illustrator 2021 25.2.3 and earlier versions are vulnerable to a post-release reuse vulnerability. An attacker could exploit this vulnerability to read arbitrary file systems...
LJCMS SQL Injection Vulnerability
LJCMS is a free and open source content management system. SQL injection vulnerability exists in LJCMS, which can be exploited by attackers to obtain sensitive database information...
Envoy has an unspecified vulnerability (CNVD-2021-58572)
Envoy is an open source distributed proxy server. Envoy suffers from a security vulnerability that can be exploited by attackers to cause a denial of service due to null references...
SQL Injection Vulnerability in Hunan Qiangzhi Academic Affairs System
hereinafter referred to as the "Company" is a national high-tech enterprise and a service provider of informationization for domestic universities. A SQL injection vulnerability exists in the Hunan Qiangzhi Academic Affairs System, which can be exploited by attackers to obtain sensitive informati...
Google Golang has an unspecified vulnerability
Google Golang is a statically strongly typed, compiled language from Google, U.S. A security vulnerability exists in Google Golang that could be exploited by attackers to cause a panic or unrecoverable fatal error and lead to a denial of service condition...
Google Chrome suffers from an information disclosure vulnerability (CNVD-2021-47672)
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from an information disclosure vulnerability. A remote attacker can exploit the vulnerability to obtain potentially sensitive information from process memory via specially crafted PDF files...
Unauthorized Access Vulnerability in Yawcam
YawcamWin7 Camera Software official version is a camera capture, YawcamWin7 Camera Software easily help users to outdoor accurate live playback, and YawcamWin7 Camera Software official version can also be played on the screen for fast interception, and save it in a local file and other functions...