FreeRDP Heap Buffer Overflow Vulnerability (CNVD-2026-16033)

FreeRDP is an open source Remote Desktop Protocol RDP implementation library and client . FreeRDP suffers from a heap buffer overflow vulnerability. The vulnerability arises due to an out-of-bounds heap memory write due to a bmpSize synchronization error in the persistent cache. An attacker can...

FreeRDP Out-of-Bounds Read Vulnerability (CNVD-2026-16034)

FreeRDP is an open source Remote Desktop Protocol RDP implementation library and client . FreeRDP suffers from an out-of-bounds read vulnerability. The vulnerability arises due to a mismatch in the persistent cache allocator, which results in an out-of-bounds read of heap memory when processing...

Linux kernel double release vulnerability (CNVD-2026-16036)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a double-release vulnerability, which stems from the bsgdone function resulting in a double-release that can be exploited by an attacker to cause the...

OpenBao Authorization Issues Vulnerability

OpenBao is OpenBao open source a sensitive data management software . OpenBao there is an authorization problem vulnerability , the vulnerability stems from JWT/OIDC login and role callbackmode is set to direct when the user is not prompted to confirm , an attacker can use this vulnerability lead...

Unspecified Vulnerability in Apple macOS (CNVD-2026-19037)

Apple macOS Tahoe is an operating system from the American company Apple. A security vulnerability exists in Apple macOS Tahoe, which can be exploited by attackers to cause memory corruption and unexpected application termination...

Unspecified Vulnerability in Multiple Apple Products (CNVD-2026-17912)

Apple Safari is a web browser that is the default browser that comes with the Mac OS X and iOS operating systems.Apple iOS is a suite of operating systems developed for mobile devices.Apple iPadOS is a suite of operating systems for the iPad tablet computer. A security vulnerability exists in...

Mozilla Firefox and Mozilla Thunderbird Code Execution Vulnerability (CNVD-2026-16372)

Mozilla Firefox is an open source web browser.Mozilla Thunderbird is a set of e-mail client software separate from the Mozilla Application Suite. The software supports IMAP, POP mail protocols and HTML mail format. A code execution vulnerability exists in Mozilla Firefox and Mozilla Thunderbird d...

IBM Concert Encryption Problem Vulnerability (CNVD-2026-16135)

IBM Concert is IBM's collaborative application lifecycle management platform. IBM Concert has a security vulnerability that stems from the use of a weaker-than-expected encryption algorithm. An attacker could exploit the vulnerability to decrypt highly sensitive information...

IBM InfoSphere Information Server Information Disclosure Vulnerability (CNVD-2026-16132)

IBM InfoSphere Information Server is IBM's enterprise-class data integration platform for data quality management and information integration. An information disclosure vulnerability exists in IBM InfoSphere Information Server that stems from the system's failure to adequately protect sensitive...

IBM InfoSphere Information Server Information Disclosure Vulnerability (CNVD-2026-16131)

IBM InfoSphere Information Server is IBM's data integration platform for integrating, cleansing, transforming and managing enterprise data. An information disclosure vulnerability exists in IBM InfoSphere Information Server that stems from the system returning overly detailed error messages. An...

WordPress Plugin Addon Jobsearch Chat Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in Addon Jobsearch Chat, a WordPress plugin, for...

IBM InfoSphere Information Server Information Disclosure Vulnerability (CNVD-2026-16130)

IBM InfoSphere Information Server is IBM's enterprise-class data integration platform for integrating, cleansing and transforming data from disparate sources. An information disclosure vulnerability exists in IBM InfoSphere Information Server that stems from insufficient credential protection and...

OpenClaw Path Traversal Vulnerability (CNVD-2026-16040)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a path traversal vulnerability that can be exploited by an attacker to read arbitrary files and disclose sensitive information...

WordPress Plugin Abandoned Cart Recovery for WooCommerce Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin Abandoned Cart Recovery for WooCommerce has a cross-site scripting vulnerabili...

IBM InfoSphere Information Server Information Disclosure Vulnerability (CNVD-2026-16129)

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. An information disclosure vulnerability exists in IBM InfoSphere Information Server. The...

WordPress Plugin SMTP Mailer Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin SMTP Mailer, which...

Unspecified Vulnerability in HCL Traveler

HCL Traveler is a software from HCL India. It is used to provide automatic, bi-directional, wireless synchronization between HCL Domino servers and wireless handheld devices. HCL Traveler has a security vulnerability that stems from weak HTTP header validation, which can be exploited by an attack...

HCL Aftermarket DPC Hardcoding Vulnerability

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from a hard-coded vulnerability that originates from hard-coded sensitive data, which can be exploited by an attacker to gain access to source code or retrieve these...

HCL Aftermarket DPC File Upload Vulnerability

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from a file upload vulnerability, which stems from the application not strictly verifying or filtering user uploaded files, and can be exploited by an attacker to upload and...

Unspecified Vulnerability in HCL Aftermarket DPC (CNVD-2026-15833)

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC has a security vulnerability that can be exploited by attackers to compromise the application using vulnerabilities available on the Internet...

Unspecified Vulnerability in HCL Aftermarket DPC (CNVD-2026-15834)

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from a security vulnerability that can be exploited by attackers to cause a denial of service by consuming server bandwidth and processing resources through mass spamming...

Unspecified Vulnerability in HCL Aftermarket DPC (CNVD-2026-15835)

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from a security vulnerability that can be exploited by an attacker to maintain control of an account after accessing a session, despite a password change, leading to an...

HCL Aftermarket DPC Input Validation Error Vulnerability

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from an input validation error vulnerability that can be exploited by an attacker to inject executable code and perform cross-site scripting, SQL injection, command injectio...

Unspecified Vulnerability in HCL Aftermarket DPC (CNVD-2026-15837)

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. A security vulnerability exists in HCL Aftermarket DPC, which can be exploited by an attacker to execute arbitrary commands or inject harmful content based on the way the web application handles split...

Unspecified Vulnerability in HCL Aftermarket DPC (CNVD-2026-15832)

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC has a security vulnerability that can be exploited by attackers to hijack or impersonate administrator users...

HCL Aftermarket DPC Session Fixation Vulnerability

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from a session fixation vulnerability that can be exploited by an attacker to take over a user's session and conduct unauthorized transactions...

Unspecified Vulnerability in HCL Aftermarket DPC (CNVD-2026-15830)

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from a security vulnerability that can be exploited by an attacker to obtain system software and version details to carry out software-specific attacks...

Unspecified Vulnerability in HCL Aftermarket DPC

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC has a security vulnerability that can be exploited by an attacker to read sensitive files on the system and use them for further attacks...

HCL Aftermarket DPC Cross-Origin Resource Sharing Vulnerability

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from a cross-origin resource sharing vulnerability that can be exploited by an attacker to steal sensitive data or perform actions as a legitimate user...

Unspecified Vulnerability in HCL Aftermarket DPC (CNVD-2026-15828)

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC has a security vulnerability that can be exploited by an attacker to get a clearer picture of the organization's network layout...

HCL Aftermarket DPC SQL Injection Vulnerability

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements, which can be exploited by an attacker to execut...

Unspecified vulnerability in HCL Aftermarket DPC (CNVD-2026-15829)

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from a security vulnerability that can be exploited by attackers to more easily guess weak passwords or gain unauthorized access to user accounts using brute force technique...

HCL Aftermarket DPC Access Control Error Vulnerability

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from an Access Control Error vulnerability that can be exploited by an attacker to elevate their privileges and compromise the application...

Unspecified Vulnerability in Apple macOS (CNVD-2026-19670)

Apple macOS is a specialized operating system developed by Apple for Mac computers. Apple macOS has a security vulnerability that can be exploited by an attacker to cause an application to connect to a network share without the user's consent...

Denial of Service Vulnerability in Multiple Mozilla Products (CNVD-2026-19973)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A denial of service vulnerability exists in multiple Mozilla products du...

Code execution vulnerability in multiple Mozilla products (CNVD-2026-19983)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in multiple Mozilla products due to...

Code Execution Vulnerability in Multiple Mozilla Products (CNVD-2026-19989)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in multiple Mozilla products, whic...

Unspecified Vulnerability in Multiple Mozilla Products (CNVD-2026-17914)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A security vulnerability exists in several Mozilla products, which can be...

Memory Misreference Vulnerability in Multiple Mozilla Products (CNVD-2026-17913)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A memory misreference vulnerability exists in multiple Mozilla products, whi...

Multiple Mozilla Products Code Issue Vulnerabilities (CNVD-2026-16997)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code issue vulnerability exists in multiple Mozilla products that stem...

Mozilla Firefox and Mozilla Thunderbird Denial of Service Vulnerability

Mozilla Firefox is an open source web browser.Mozilla Thunderbird is a set of e-mail client software separate from the Mozilla Application Suite. The software supports IMAP, POP mail protocols and HTML mail format. A denial of service vulnerability exists in Mozilla Firefox and Mozilla Thunderbir...

Code Issue Vulnerability in Multiple Mozilla Products (CNVD-2026-19982)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code issue vulnerability exists in multiple Mozilla products due to an...

Multiple Mozilla Products Code Issues Vulnerabilities

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code issue vulnerability exists in multiple Mozilla products that stem...

Integer Overflow Vulnerability in Multiple Mozilla Products (CNVD-2026-19991)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An integer overflow vulnerability exists in multiple Mozilla products,...

Multiple Mozilla Products Code Issues Vulnerabilities

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code issue vulnerability exists in several Mozilla products that can b...

Code execution vulnerability in multiple Mozilla products (CNVD-2026-16995)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in multiple Mozilla products that...

Memory Misreference Vulnerability in Multiple Mozilla Products (CNVD-2026-16999)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A memory misreference vulnerability exists in multiple Mozilla products,...

Mozilla Firefox and Mozilla Thunderbird Resource Management Error Vulnerability

Mozilla Firefox is an open source web browser.Mozilla Thunderbird is a set of e-mail client software separate from the Mozilla Application Suite. The software supports IMAP, POP mail protocols and HTML mail format. A resource management error vulnerability exists in Mozilla Firefox and Mozilla...

Mozilla Firefox and Mozilla Thunderbird Spoofing Vulnerability (CNVD-2026-16379)

Mozilla Firefox is an open source web browser.Mozilla Thunderbird is a set of e-mail client software separate from the Mozilla Application Suite. The software supports IMAP, POP mail protocols and HTML mail format. Mozilla Firefox and Mozilla Thunderbird have a spoofing vulnerability that can be...

Integer Overflow Vulnerability in Multiple Mozilla Products (CNVD-2026-19981)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An integer overflow vulnerability exists in several Mozilla products,...