130931 matches found
Adobe Substance 3D Designer Out-of-Bounds Read Vulnerability (CNVD-2025-16541)
Adobe Substance 3D Designer is a 3D design software from the American company Audobee Adobe. Adobe Substance 3D Designer suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to cause a sensitive memory leak...
D-Link DSP-W110A1 Command Injection Vulnerability
The D-Link DSP-W110A1 is a Wi-Fi smart routing device. The D-Link DSP-W110A1 suffers from a command injection vulnerability that stems from incorrectly filtering input parameters, which can be exploited by an attacker to submit a special request and execute arbitrary commands...
TOTOLINK T6 CloudSrvVersionCheck Function Command Injection Vulnerability
TOTOLINK T6 is a wireless dual-band router from China's TOTOLINK Electronics TOTOLINK that supports MQTT protocol and Telnet service. The TOTOLINK T6 suffers from a command injection vulnerability that originates from the failure of the parameter ip of the function CloudSrvVersionCheck in the fil...
Cyber Cafe Management System /index.php File SQL Injection Vulnerability
Cyber Cafe Management System is an internet cafe management system. Cyber Cafe Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter Username in file /index.php. An attacker can exploit this...
Voting System positions_edit.php file SQL Injection Vulnerability
Voting System is an election system. Voting System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in parameter ID in file /admin/positionsedit.php. An attacker can exploit this vulnerability to execute illegal SQL commands to...
Voting System positions_row.php file SQL Injection Vulnerability
Voting System is an election system. Voting System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter ID in the file /admin/positionsrow.php. An attacker can exploit this vulnerability to execute illegal SQL...
Voting System voters_add.php file SQL Injection Vulnerability
Voting System is an election system. Voting System suffers from a SQL injection vulnerability that originates from the lack of validation of the parameter firstname/lastname in the file /admin/votersadd.php for externally entered SQL statements. An attacker can exploit this vulnerability to execu...
Voting System voters_edit.php file SQL Injection Vulnerability
Voting System is an election system. Voting System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements for parameter ID in file /admin/votersedit.php. An attacker can exploit this vulnerability to execute illegal SQL commands...
Library System add-teacher.php File SQL Injection Vulnerability
Library System is a library system. The Library System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter Username in the file /add-teacher.php. An attacker can exploit this vulnerability to execute illega...
Library System notapprove.php File SQL Injection Vulnerability
Library System is a library system. The Library System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter ID of the file /notapprove.php. An attacker can exploit this vulnerability to execute illegal SQL commands t...
Chat System addmember.php File SQL Injection Vulnerability
Chat System is a chat system. Chat System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter ID of the file /user/addmember.php. An attacker can exploit this vulnerability to execute illegal SQL commands to...
jonnys Liquor admin-area.php file SQL injection vulnerability
jonnys Liquor is a content and management system. jonnys Liquor suffers from an SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter drink in file /admin/admin-area.php. An attacker can exploit this vulnerability to execute...
jonnys Liquor browse.php file SQL injection vulnerability
jonnys Liquor is a content and management system. jonnys Liquor suffers from an SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Search in the file /browse.php. An attacker can exploit this vulnerability to execute illeg...
Online Appointment Booking System cover.php file SQL Injection Vulnerability
Online Appointment Booking System is an online appointment booking system. The Online Appointment Booking System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter uname/psw in the file /cover.php. The...
UTT HiPER 840G aspApBasicConfigUrcp File Buffer Overflow Vulnerability
The UTT HiPER 840G is a full Gigabit Internet behavior management router from Atech UTT, which is aimed at small businesses, community networks, hotels, and other scenarios, providing high-speed network access and intelligent management features. The UTT HiPER 840G suffers from a buffer overflow...
UTT HiPER 840G aspRemoteApConfTempSend File Buffer Overflow Vulnerability
The UTT HiPER 840G is a full Gigabit Internet behavior management router from Atech UTT, which is aimed at small businesses, community networks, hotels, and other scenarios, providing high-speed network access and intelligent management features. The UTT HiPER 840G suffers from a buffer overflow...
Hospital Management System user-login.php File SQL Injection Vulnerability
Hospital Management System is a PHP and MySQL based hospital management system. Hospital Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter Username in the file /user-login.php. An attack...
Microsoft Graphics Component elevation of privilege vulnerability (CNVD-2025-17137)
Microsoft Graphics Component is a graphics driver component of Microsoft Corporation USA. A security vulnerability exists in Microsoft Graphics Component. An attacker could exploit the vulnerability to elevate privileges...
Microsoft Windows Resource Management Error Vulnerability (CNVD-2025-16950)
Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. Microsoft Windows has a security vulnerability. The vulnerability can be exploited by an attacker to gain elevated privileges...
Adobe Illustrator Out-of-Bounds Write Vulnerability (CNVD-2025-16403)
Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. An out-of-bounds write vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to execute arbitrary code in the context of the current user...
Unspecified Vulnerability in Oracle Database Server (CNVD-2025-24078)
Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. Oracle Database Server has a security vulnerability in Oracle Database Server JDBC that...
Adobe After Effects Null Pointer Dereference Vulnerability (CNVD-2025-16372)
Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. A null pointer dereference vulnerability exists in Adobe After Effects...
Microsoft Word Code Execution Vulnerability (CNVD-2025-17471)
Microsoft Word is a word processing software in the Office suite of the U.S. company Microsoft Microsoft. A code execution vulnerability exists in Microsoft Word, which can be exploited by an attacker to execute arbitrary code on a system...
Simple Shopping Cart save_order.php File SQL Injection Vulnerability
Simple Shopping Cart is a simple shopping cart system. Simple Shopping Cart suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter orderprice in the file /Customers/saveorder.php. An attacker can exploit this...
Crime Reporting System userlogin.php File SQL Injection Vulnerability
Crime Reporting System is a crime reporting system. Crime Reporting System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter email in the file /userlogin.php. An attacker can exploit this vulnerability to...
Microsoft Office Resource Management Error Vulnerability (CNVD-2025-16943)
Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A security vulnerability exists in Microsoft Office. An attacker can exploit this vulnerability to remotely...
Adobe Dimension Out-of-Bounds Read Vulnerability (CNVD-2025-16385)
Adobe Dimension is the United States of America Odo than Adobe company is a set of 2D and 3D composite design tools. Adobe Dimension suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to obtain sensitive information...
Microsoft Office Remote Code Execution Vulnerability
Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A security vulnerability exists in Microsoft Office. An attacker can exploit the vulnerability to remotely...
Microsoft SharePoint Remote Code Execution Vulnerability (CNVD-2025-17497)
Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A remote code executi...
Zoo Management System /admin/add-foreigners-ticket.php File SQL Injection Vulnerability
Zoo Management System is a zoo management system. Zoo Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter cprice in the file /admin/add-foreigners-ticket.php. An attacker can exploit this...
Microsoft Windows Resource Management Error Vulnerability (CNVD-2025-16948)
Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. Microsoft Windows has a security vulnerability. The vulnerability can be exploited by an attacker to gain elevated privileges...
Zoo Management System /admin/add-normal-ticket.php File SQL Injection Vulnerability
Zoo Management System is a zoo management system. Zoo Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter cprice in the file /admin/add-normal-ticket.php. An attacker can exploit this...
D-Link DIR-645 Command Injection Vulnerability
D-Link DIR-645 is a Gigabit wireless router for home and SMB users launched by D-Link in 2012. The D-Link DIR-645 suffers from a command injection vulnerability that stems from the failure of the file /htdocs/cgibin function ssdpcgimain in the component ssdpcgi to correctly filter constructed...
Microsoft Windows Numeric Error Vulnerability
Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. Microsoft Windows has a security vulnerability. The vulnerability can be exploited by an attacker to gain elevated privileges...
Crime Reporting System /headlogin.php File SQL Injection Vulnerability
Crime Reporting System is a crime reporting system. Crime Reporting System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter email in the file /headlogin.php. An attacker can exploit this vulnerability to...
Dairy Farm Shop Management System invoices.php file SQL injection vulnerability
Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . The Dairy Farm Shop Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter del in the file invoices.php...
Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2025-24085)
Oracle E-Business Suite is a fully integrated set of global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Universal Work Queue of Oracle...
Unspecified Vulnerability in Oracle Database Server (CNVD-2025-24087)
Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. Oracle Database Server's Oracle Database has a security vulnerability that can be...
Adobe Illustrator Out-of-Bounds Write Vulnerability (CNVD-2025-16401)
Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. An out-of-bounds write vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to execute arbitrary code in the context of the current user...
Dell Client Platform BIOS Access Control Error Vulnerability
Dell Client Platform BIOS is a client platform BIOS from Dell USA. The Dell Client Platform BIOS suffers from an Access Control Error vulnerability that stems from improper access control of mirrored or aliased memory regions in an externally developed component, which can be exploited by an...
Oracle MySQL Server Resource Management Error Vulnerability (CNVD-2025-17180)
Oracle MySQL Server is a relational database from Oracle Corporation. A resource management error vulnerability exists in Oracle MySQL Server, which stems from improper access control in the Stored Procedure component and can be exploited by an attacker to cause a denial of service...
Microsoft Input Method Editor Resource Management Error Vulnerability
Microsoft Input Method Editor IME is a software component from Microsoft Corporation that enables users to enter text in languages that cannot be easily represented on a standard QWERTY keyboard. A security vulnerability exists in Microsoft Input Method Editor IME. An attacker could exploit the...
Google Chrome V8 Integer Overflow Vulnerability
Google Chrome is a web browser developed by Google. Google Chrome V8 suffers from an integer overflow vulnerability that originates from accessing a resource using an incompatible type, which can be exploited by a remote attacker to submit a special WEB request that induces the user to parse it,...
Online Library Management System Cross-Site Scripting Vulnerability
Online Library Management System is an online library management system. Online Library Management System has a cross-site scripting vulnerability, the vulnerability stems from the lack of effective filtering and escaping of user-supplied data in the parameter stdid in the file...
Online Fire Reporting System workin-progress-requests.php File SQL Injection Vulnerability
Online Fire Reporting System is an online fire reporting system. Online Fire Reporting System has a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter teamid in the file /admin/workin-progress-requests.php. An attacker can...
Online Fire Reporting System team-ontheway-requests.php File SQL Injection Vulnerability
Online Fire Reporting System is an online fire reporting system. The Online Fire Reporting System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter teamid in file /admin/team-ontheway-requests.php. An...
Online Fire Reporting System new-requests.php File SQL Injection Vulnerability
Online Fire Reporting System is an online fire reporting system. The Online Fire Reporting System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter teamid in the file /admin/new-requests.php. An attacker ca...
Online Fire Reporting System completed-requests.php file SQL Injection Vulnerability
Online Fire Reporting System is an online fire reporting system. Online Fire Reporting System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter teamid in the file /admin/completed-requests.php. An attacker...
Online Fire Reporting System bwdates-report-result.php File SQL Injection Vulnerability
Online Fire Reporting System is an online fire reporting system. Online Fire Reporting System suffers from a SQL injection vulnerability that originates from the lack of validation of the fromdate/todate parameter in the file /admin/bwdates-report-result.php for externally entered SQL statements...
Online Fire Reporting System all-requests.php File SQL Injection Vulnerability
Online Fire Reporting System is an online fire reporting system. The Online Fire Reporting System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter teamid in the file /admin/all-requests.php. An attacker ca...