Online Fire Reporting System add-team.php File SQL Injection Vulnerability

Online Fire Reporting System is an online fire reporting system. The Online Fire Reporting System suffers from an SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter teammember in file /admin/add-team.php. An attacker can...

Dairy Farm Shop Management System invoice.php File SQL Injection Vulnerability

Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . The Dairy Farm Shop Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter del in the file /invoice.php...

Dairy Farm Shop Management System edit-company.php File SQL Injection Vulnerability

Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . The Dairy Farm Shop Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the edit-company.php parameter companyname...

Zoo Management System /admin/index.php File SQL Injection Vulnerability

Zoo Management System is a zoo management system. Zoo Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter Username in file /admin/index.php. An attacker can exploit this vulnerability to...

Car Washing Management System SQL Injection Vulnerability

Car Washing Management System is a car wash management system. Car Washing Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter wpid in the file /admin/editcar-washpoint.php. An attacker can...

Unspecified Vulnerability in Oracle Java SE (CNVD-2025-24093)

Oracle Java SE is a U.S. Oracle Oracle company for the development and deployment of desktop, server and embedded devices and real-time environments in the Java application. A security vulnerability exists in Oracle Java SE for Oracle Java SE and Oracle GraalVM for JDK, which can be exploited by...

Unspecified Vulnerability in Oracle Fusion Middleware (CNVD-2025-24091)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle. The platform provides middleware, software collection, etc. WebLogic Server is one of the application server components for cloud and traditional...

Unspecified Vulnerability in Oracle Fusion Middleware (CNVD-2025-24089)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle. The platform provides middleware, software collection, etc. WebLogic Server is one of the application server components for cloud and traditional...

Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2025-24082)

Oracle E-Business Suite is a fully integrated set of global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle iStore for Oracle E-Business...

Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2025-24081)

Oracle E-Business Suite is a fully integrated set of global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Mobile Field Service for Oracle...

Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2025-24080)

Oracle E-Business Suite is a fully integrated set of global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle MES for Process Manufacturing f...

Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2025-24079)

Oracle E-Business Suite is a fully integrated set of global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle CRM Technical Foundation for...

Unspecified Vulnerability in Oracle Database Server (CNVD-2025-24076)

Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. A security vulnerability exists in Unified Audit of Oracle Database Server, which can b...

GPT-SoVITS-WebUI open_denoise function command injection vulnerability

GPT-SoVITS-WebUI is a TTS training model. A command injection vulnerability exists in the GPT-SoVITS-WebUI opendenoise function, which can be exploited by an attacker to execute arbitrary commands on the system...

GPT-SoVITS-WebUI open_slice function command injection vulnerability

GPT-SoVITS-WebUI is a TTS training model. A command injection vulnerability exists in the GPT-SoVITS-WebUI openslice function, which can be exploited by an attacker to execute arbitrary commands on the system...

GPT-SoVITS-WebUI code issue vulnerability (CNVD-2025-23576)

GPT-SoVITS-WebUI is a TTS training model. A code issue vulnerability exists in GPT-SoVITS-WebUI, which stems from insecure deserialization of bsroformer.py when receiving serialized data submitted by a user, and can be exploited by an attacker to execute arbitrary commands on the system...

IBM OpenPages with Watson Encryption Issue Vulnerability

IBM OpenPages with Watson is an AI-powered financial risk analytics solution from International Business Machines IBM. The platform is based on AI technology to predict risk factors and minimize risks in financial activities by integrating, automatically identifying, measuring, monitoring,...

Unspecified Vulnerability in Tenda CP3 Pro

Tenda CP3 Pro is a smart wireless PTZ camera that combines 360° panoramic surveillance, 3MP HD camera, and Wi-Fi 6 network technology, and supports human/pet detection, cry detection, and one-button calling. Tenda CP3 Pro suffers from a security vulnerability that originates from the presence of ...

Tenda AC500 Stack Buffer Overflow Vulnerability

Tenda AC500 is a wireless controller device from Tenda, designed for small and medium-sized businesses, supporting cross-VLAN management of wireless networks. Tenda AC500 has a stack buffer overflow vulnerability, which originates from the parameter radio2g1 in the file /goform/setWtpData fails t...

Fuji Electric V-SFT/TELLUS Buffer Overflow Vulnerability

Fuji Electric TELLUS and Fuji Electric V-SFT are both products of Fuji Electric, Japan.Fuji Electric TELLUS is a specialized software for advanced functionality, user-friendliness and remote control.Fuji Electric V-SFT is a screen configuration software. Fuji Electric V-SFT and Fuji Electric TELL...

Adobe Substance 3D Stager Out-of-Bounds Read Vulnerability (CNVD-2025-16544)

Adobe Substance 3D Stager is a virtual 3D studio from the American company Audobee Adobe. Adobe Substance 3D Stager suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to cause a sensitive memory leak...

Adobe Substance 3D Designer Out-of-Bounds Write Vulnerability (CNVD-2025-16543)

Adobe Substance 3D Designer is a 3D design software from the American company Audobee Adobe. Adobe Substance 3D Designer suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...

Adobe Substance3D Viewer Out-of-Bounds Read Vulnerability

Adobe Substance3D Viewer is a stand-alone desktop application for viewing and editing 3D files from Audobee Adobe USA. Adobe Substance3D Viewer suffers from an out-of-bounds read vulnerability, which can be exploited by attackers to cause a sensitive memory leak...

Adobe InDesign Desktop Heap Buffer Overflow Vulnerability (CNVD-2025-16552)

Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...

Adobe InCopy Buffer Overflow Vulnerability (CNVD-2025-16550)

Adobe InCopy is a text editing software for creative writing from the American company Audobee Adobe. Adobe InCopy suffers from a buffer overflow vulnerability that can be exploited by an attacker to cause the execution of arbitrary code...

Adobe Illustrator Input Validation Error Vulnerability (CNVD-2025-16548)

Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. An input validation error vulnerability exists in Adobe Illustrator that stems from an integer overflow or wrap-around error, which can be exploited by an attacker to cause arbitrary code t...

Adobe Illustrator Out-of-Bounds Read Vulnerability (CNVD-2025-16400)

Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. An out-of-bounds read vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to cause a sensitive memory leak...

Adobe Illustrator Null Pointer Dereference Vulnerability (CNVD-2025-16399)

Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. A null pointer dereference vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to cause a denial of service in the application...

Adobe Framemaker Numeric Error Vulnerability (CNVD-2025-16398)

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A numeric error vulnerability exists in Adobe Framemaker, which can be exploited by an attacker to execute arbitra...

Adobe Framemaker Heap Buffer Overflow Vulnerability (CNVD-2025-16396)

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. Adobe Framemaker suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute...

Adobe Framemaker Buffer Overflow Vulnerability (CNVD-2025-16395)

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A buffer overflow vulnerability exists in Adobe Framemaker, which can be exploited by an attacker to execute...

Adobe Framemaker Null Pointer Dereference Vulnerability (CNVD-2025-16389)

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A null pointer dereference vulnerability exists in Adobe Framemaker, which can be exploited by an attacker to caus...

Adobe ColdFusion Server-Side Request Forgery Vulnerability

Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. Adobe ColdFusion has a server-side request forgery vulnerability, the vulnerability stems from the serv...

Adobe ColdFusion Cross-Site Scripting Vulnerability (CNVD-2025-16381)

Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. A cross-site scripting vulnerability exists in Adobe ColdFusion, which is caused by improper validation...

Adobe ColdFusion Cross-Site Scripting Vulnerability (CNVD-2025-16380)

Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. A cross-site scripting vulnerability exists in Adobe ColdFusion, which is caused by improper validation...

Unspecified Vulnerability in Adobe Audition (CNVD-2025-16374)

Adobe Audition is a set of multi-track editing tools from the American company Audobee Adobe. The product is mainly used to include multi-track, waveforms and spectral display of the perfect toolset for audio content mixing, editing and creation. A security vulnerability exists in Adobe Audition...

Siemens TIA Administrator Data Forgery Issue Vulnerability

Siemens TIA Administrator is a management program for authorizing and licensing SIMATIC products from Siemens, Germany. A data forgery vulnerability exists in Siemens TIA Administrator, which arises from improper validation of code signing certificates and can be exploited by an attacker to bypas...

Siemens TIA Administrator Access Control Error Vulnerability

Siemens TIA Administrator is a management program for authorizing and licensing SIMATIC products from Siemens, Germany. An access control error vulnerability exists in Siemens TIA Administrator that can be exploited by an attacker to cause elevation of privilege and arbitrary code execution...

Siemens SICAM TOOLBOX II Trust Management Issue Vulnerability

Siemens SICAM TOOLBOX II is an engineering software from Siemens, Germany. A trust management issue vulnerability exists in Siemens SICAM TOOLBOX II that stems from a failure to check the extended key usage attribute of a device certificate, which could be exploited by an attacker to cause a...

Microsoft Word Code Execution Vulnerability (CNVD-2025-16695)

Microsoft Word is a word processing software in the Office suite of the American Microsoft Microsoft. A code execution vulnerability exists in Microsoft Word, which can be exploited by an attacker to execute arbitrary code on a system...

Microsoft Word Code Execution Vulnerability (CNVD-2025-16694)

Microsoft Word is a word processing software in the Office suite of the U.S. company Microsoft Microsoft. A code execution vulnerability exists in Microsoft Word, which can be exploited by an attacker to execute arbitrary code on a system...

Microsoft Windows Resource Management Error Vulnerability (CNVD-2025-16952)

Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. A security vulnerability exists in Microsoft Windows. An attacker could exploit the vulnerability to remotely execute code...

Microsoft Windows Resource Management Error Vulnerability (CNVD-2025-16949)

Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. Microsoft Windows has a security vulnerability. The vulnerability can be exploited by an attacker to gain elevated privileges...

Microsoft Windows Resource Management Error Vulnerability (CNVD-2025-16946)

Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. Microsoft Windows has a security vulnerability. The vulnerability can be exploited by an attacker to gain elevated privileges...

Microsoft Windows Resource Management Error Vulnerability (CNVD-2025-16945)

Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. A security vulnerability exists in Microsoft Windows. An attacker could exploit the vulnerability to remotely execute code...

Microsoft Windows Information Disclosure Vulnerability (CNVD-2025-16944)

Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. Microsoft Windows has a security vulnerability. An attacker could exploit this vulnerability to gain access to sensitive information...

Microsoft Windows Elevation of Privilege Vulnerability (CNVD-2025-16779)

Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. Microsoft Windows has a security vulnerability. An attacker can exploit the vulnerability to elevate privileges...

Unspecified Vulnerability in Microsoft Windows (CNVD-2025-16775)

Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. Microsoft Windows has a security vulnerability. An attacker exploiting the vulnerability could tamper with information...

Unspecified Vulnerability in Microsoft Windows (CNVD-2025-16774)

Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. A security vulnerability exists in Microsoft Windows. The vulnerability is exploited by attackers to perform spoofing attacks...

Unspecified Vulnerability in Microsoft SQL Server (CNVD-2025-16773)

Microsoft SQL Server is the United States Microsoft Microsoft company's set of applications in the Microsoft Windows system under the large commercial database system. A security vulnerability exists in Microsoft SQL Server. An attacker can exploit the vulnerability to gain access to sensitive...