131102 matches found
Microsoft 3D Viewer remote code execution vulnerability
A code injection vulnerability exists in Microsoft 3D Viewer, a simplified and fast graphics editing application from Microsoft Corporation USA. The vulnerability stems from the process of constructing code segments from external input data that is not properly filtered by the network system or...
Apache HTTP Server server-side request forgery vulnerability (CNVD-2025-16613)
Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. Apache HTTP Server suffers from a server-side request forgery vulnerability that stems from loading modproxy without implementing...
Product Show Room Site Cross-Site Scripting Vulnerability (CNVD-2022-48964)
Product Show Room Site is a product showroom site from Carlo Montero's personal developer. version 1.0 of Product Show Room Site is vulnerable to cross-site scripting, which stems from using a special string input text box that leads to cross-site scripting. No details of the vulnerability are...
Google Android Buffer Overflow Vulnerability (CNVD-2022-47671)
Google Android is a Linux-based open source operating system from Google, Inc. Google Android is vulnerable to a buffer overflow vulnerability that originates in l2cbleprocesssigcmd in l2cble.cc, which could result in an out-of-bounds read due to a boundary check error The vulnerability can be...
Google Android Elevation of Privilege Vulnerability (CNVD-2022-47670)
Google Android is a Linux-based open source operating system from Google, Inc. An elevation of privilege vulnerability exists in Google Android, which originates in checkSlicePermission in SliceManagerService.java, due to an input validation error, it is possible to access any slice URI, and an...
Out-of-bounds write vulnerability in multiple Adobe products (CNVD-2022-46974)
Adobe Acrobat is a set of tools for editing and converting PDF files.Adobe Acrobat Reader is a PDF viewer. The software is used to print, sign and annotate PDFs. An out-of-bounds write vulnerability exists in several Adobe products, which can be exploited by an attacker to execute arbitrary code ...
SPIP interfaces.php cross-site scripting vulnerability
SPIP is a web-based content publishing system. A cross-site scripting vulnerability exists in SPIP, which stems from a lack of proper validation of client-side data in the interfaces.php component of the WEB application. An attacker could exploit this vulnerability to execute client-side code...
Jenkins Selection Tasks Plugin跨站脚本漏洞
Jenkins and Jenkins Plugin are both open source products from Jenkins.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.A cross-site scripting vulnerability...
Adobe Premiere Elements null pointer dereference vulnerability
Adobe Premiere Elements is a video editing software application from Adobe. Adobe Premiere Elements 2021 build 19.0 and earlier versions are vulnerable to a null pointer dereference. An attacker could exploit this vulnerability to cause a memory leak...
ThinkPHP Command Execution Vulnerability (CNVD-2022-86535)
ThinkPHP is an open source lightweight PHP framework created to simplify enterprise-level application development and agile WEB application development. ThinkPHP there is a command execution vulnerability , the vulnerability is due to the opening of the multi-language function , the parameter lan...
GoCD Cross-Site Scripting Vulnerability
GoCD is a continuous delivery server. A cross-site scripting vulnerability exists in GoCD versions 19.11.0 through 21.4.0, which could be exploited by attackers to obtain a GoCD user's session cookie and execute malicious code...
Samsung Security Supporter Access Control Error Vulnerability
Samsung Security Supporter is a Samsung built-in security support from Samsung, Korea.An access control error vulnerability exists in versions prior to Samsung Security Supporter 1.2.40.0, which stems from the presence of faulty access authentication logic. An attacker could exploit this...
Adobe Prelude memory out-of-bounds access vulnerability
Adobe Prelude is a video recording and capture tool designed for media finishing and metadata entry to quickly tag and transcode video footage and quickly create rough cuts. Adobe Prelude 10.0 and earlier versions are vulnerable to a memory out-of-bounds access vulnerability. An attacker could...
Apache HTTP Server Input Validation Error Vulnerability (CNVD-2025-16612)
Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. An input validation error vulnerability exists in Apache HTTP Server, which can be exploited by an attacker to manipulate the...
Apache HTTP Server Response Splitting Vulnerability (CNVD-2024-36394)
Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. Apache HTTP Server suffers from a response splitting vulnerability that can be exploited by an attacker to inject arbitrary HTTP...
Mattermost Playbooks Plugin Elevation of Privilege Vulnerability
Mattermost Plugins is a plugin from Mattermost USA that provides powerful feature extensions and tight integration with both server and web/desktop applications.An elevation of privilege vulnerability exists in Mattermost Playbooks Plugin version 1.25 and earlier, which stems from incorrectly...
IBM Sterling Partner Engagement Manager访问控制错误漏洞
IBM Sterling Partner Engagement Manager is an automation management tool from IBM, U.S.A. An access control error vulnerability exists in IBM Sterling Partner Engagement Manager version 6.2.0, which stems from the lack of a revocation mechanism for JWT tokens. An attacker could exploit the...
Google Android Resource Management Error Vulnerability in Android (CNVD-2022-47681)
Google Android is a Linux-based open source operating system from Google, Inc. A resource management error vulnerability exists in Google Android, which stems from an out-of-bounds read in bpfskbchangehead in filter.c due to post-release reuse, which could be exploited by an attacker to The...
Adobe Prelude memory corruption vulnerability
Adobe Prelude is a set of video clip editing tools from Adobe. Adobe Prelude has a memory corruption vulnerability that could be exploited to execute arbitrary code in the context of the current user...
Apache HTTP Server Code Issue Vulnerability (CNVD-2022-13199)
Apache HTTP Server is an open source web server from the Apache Foundation. The server is fast, reliable, and extensible via a simple API.A code issue vulnerability exists in Apache HTTP Server, which stems from a NULL pointer dereference error in mod sessions. A remote attacker could use this...
Apache HTTP Server Denial of Service Vulnerability (CNVD-2025-16608)
Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. Apache HTTP Server has a denial of service vulnerability that can be exploited by an attacker to cause a denial of service...
Apache HTTP Server Server-Side Request Forgery Vulnerability
Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. Apache HTTP Server suffers from a server-side request forgery vulnerability that can be exploited by an attacker to disclose NTML...
Apache HTTP Server code issue vulnerability (CNVD-2024-36389)
Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. Apache HTTP Server has a code issue vulnerability that can be exploited by an attacker to crash the server via a malicious request...
Apache HTTP Server Input Validation Error Vulnerability (CNVD-2024-36390)
Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. An input validation error vulnerability exists in Apache HTTP Server, which can be exploited by an attacker to cause insecure...
Carrier LenelS2 HID Mercury access panels have an unspecified vulnerability
Carrier LenelS2 HID Mercury access panels is a controller panel from Carrier, Inc. A security vulnerability exists in Carrier LenelS2 HID Mercury access panels, which stems from a vulnerable application that does not adequately authorize all restricted URLs, scripts or files. A remote attacker...
Multiple Adobe Products Resource Management Error Vulnerability (CNVD-2022-46971)
Adobe Acrobat is a set of tools for editing and converting PDF files.Adobe Acrobat Reader is a PDF viewer. The software is used to print, sign and annotate PDFs. A resource management error vulnerability exists in several Adobe products, which can be exploited by an attacker to execute arbitrary...
Multiple Adobe Products Resource Management Error Vulnerability (CNVD-2022-46975)
Adobe Acrobat is a set of tools for editing and converting PDF files.Adobe Acrobat Reader is a PDF viewer. The software is used to print, sign and annotate PDFs. A resource management error vulnerability exists in several Adobe products, which can be exploited by an attacker to execute arbitrary...
IBM AIX Denial of Service Vulnerability (CNVD-2022-48942)
IBM AIX is an open standards-based UNIX operating system developed for the IBM Power architecture. IBM AIX denial-of-service vulnerability, which stems from the product AIX pmsvcs kernel extensions do not do the correct processing of incoming error messages, an attacker can use the vulnerability ...
vsftpd OS Command Injection Vulnerability
vsftpd is an FTP File Transfer Protocol server for Unix-like systems. An operating system command injection vulnerability exists in vsftpd version 2.3.4 downloaded between June 30, 2011 and July 3, 2011, which originates from a backdoor in the software that can be used to open a shell, which can ...
Cisco Firepower Management Center Cross-Site Scripting Vulnerability (CNVD-2023-28093)
Cisco Firepower Management Center FMC is a new generation of firewall management center software from the United States Cisco Cisco. A cross-site scripting vulnerability exists in Cisco Firepower Management Center, which can be exploited by remote authenticated attackers to conduct stored...
Foxit PDF Reader has an unspecified vulnerability (CNVD-2022-56256)
Foxit PDF Reader is a PDF reader from Foxit China. versions before Foxit PDF Reader 12.0.1 and PDF Editor 12.0.1 have a security vulnerability that stems from the presence of null pointer references in its exportXFAData. No detailed vulnerability details are available at this time...
Linux kernel has unspecified vulnerabilities (CNVD-2022-54887)
Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. Linux kernel version 5.18.14 and earlier versions have a security vulnerability that stems from xfrmexpandpolicies in net/xfrm/xfrmpolicy.c that causes refcount to be deleted twice. No detailed...
Apache HTTP Server HTTP请求走私漏洞
Apache HTTP Server is an open source web server from the American Apache Apache Foundation. The server is fast, reliable, and extensible via a simple API. HTTP request smuggling vulnerability exists in Apache HTTP Server modproxyajp. An attacker could exploit this vulnerability to smuggle request...
ZTE ZXCDN Cross-Site Scripting Vulnerability
A cross-site scripting vulnerability exists in ZTE ZXCDN, a unified network management platform from ZTE Corporation China. The vulnerability stems from the program's lack of data validation filtering of user-supplied data and output. An attacker can exploit the vulnerability to execute JavaScrip...
IBM AIX Denial of Service Vulnerability (CNVD-2022-48944)
IBM AIX is an open standards-based UNIX operating system developed by IBM for the IBM Power architecture. IBM AIX denial of service vulnerability, which stems from inadequate validation of user-supplied input in the product's nimsh daemon, can be exploited by remote attackers to cause a denial of...
Linux kernel information disclosure vulnerability (CNVD-2022-68595)
Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. Linux kernel has a security vulnerability that can be exploited by attackers to obtain internal kernel memory information...
Linux kernel resource management error vulnerability (CNVD-2022-68575)
Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. Linux kernel is vulnerable to resource management errors, which can be exploited by attackers to force the reuse of freed memory areas in the Linux kernel via nci request to trigger a denial of service a...
Linux kernel post-release reuse vulnerability (CNVD-2021-94903)
The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A post-release reuse vulnerability exists in selinuxptracetraceme in Linux kernel versions prior to 5.14.8. A local...
Adobe Prelude Memory Buffer Out-of-Bounds Access Vulnerability (CNVD-2021-92812)
Adobe Prelude is a video recording and capture tool designed for intuitive and efficient media organization and metadata entry to quickly tag and transcode video footage and quickly create rough cuts.Adobe Prelude 10.1 and earlier versions are vulnerable to an out-of-bounds memory buffer access...
Apache HTTP Server Buffer Overflow Vulnerability
Apache HTTP Server is the United States Apache Software Apache Software Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. A buffer overflow vulnerability exists in moduwsgi in Apache HTTP Server versions 2.4.32 through 2.4.44. An...
IBM AIX Denial of Service Vulnerability (CNVD-2023-00806)
IBM AIX is an open standards-based UNIX operating system developed by International Business Machines IBM for the IBM Power architecture. IBM AIX suffers from a denial-of-service vulnerability that can be exploited by unprivileged local attackers to cause a denial of service...
Apache HTTP Server Server-Side Request Forgery Vulnerability (CNVD-2025-16609)
Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. Apache HTTP Server suffers from a server-side request forgery vulnerability that can be exploited by an attacker to disclose NTLM...
IBM App Connect Enterprise Certified Container拒绝服务漏洞
IBM App Connect Enterprise is an operating system from IBM Corporation. IBM App Connect Enterprise combines the existing industry-trusted IBM Integration Bus technology with IBM App Connect Professional and new cloud-native technology to provide a platform that meets the full integration needs of...
Apache HTTP Server mod_sed denial of service vulnerability
Apache HTTP Server is an open source web server from the Apache Foundation. Apache HTTP Server modsed suffers from a denial-of-service vulnerability that stems from the fact that modsed may allocate too much memory and trigger an abort when modsed input is too large. An attacker could exploit thi...
Apache HTTP Server Denial of Service Vulnerability (CNVD-2022-03205)
Apache HTTP Server is an open source web server from the Apache Foundation. Apache HTTP Server versions 2.4.30 to 2.4.48 contain a denial-of-service vulnerability that stems from a network system or product that does not properly validate incoming data. An attacker could exploit this vulnerabilit...
Google Chrome Skia Denial of Service Vulnerability (CNVD-2016-07581)
Google Skia is the United States Google Google company's an open source and C + + based graphics library , it can be used in Mozilla Firefox, Google Chrome and other browsers , but also available in the Android open mobile platform . A denial of service vulnerability exists in the SkPath.cpp file...
phpMyAdmin SQL Injection Vulnerability (CNVD-2023-09611)
phpMyAdmin is a free, web-based MySQL database management tool from the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A security vulnerability exists in phpMyAdmin, which stems...
Microsoft Exchange Server Elevation of Privilege Vulnerability (CNVD-2022-89608)
Microsoft Exchange Server is a set of email service programs from Microsoft Corporation USA. It provides mail access, storage, forwarding, voice mail, mail filtering and other functions. An attacker could exploit this vulnerability to elevate privileges...
Secheron SEPCOS Control and Protection Relay Information Disclosure Vulnerability
Secheron SEPCOS Control and Protection Relay is a relay from Secheron. Control and protect your DC panels and contact lines from short circuits and other electrical faults, and benefit from enhanced communication capabilities.The Secheron SEPCOS Control and Protection Relay is vulnerable to an...
KDE KArchive Security Bypass Vulnerability
KDE is a free and open source X desktop management program for Linux and Unix workstations, KDE provides support for various network protocols through the KIO subsystem.KDE KArchive is one of the document managers. A security bypass vulnerability exists in KDE KArchive 5.23.0 and earlier versions...