Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-17172)

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server that originates from improper access control of the Optimizer component and can be exploited by an attacker to cause a denial of service...

Oracle MySQL Server Resource Management Error Vulnerability (CNVD-2025-17162)

Oracle MySQL Server is a relational database from Oracle Corporation. A resource management error vulnerability exists in Oracle MySQL Server that stems from improper access control of the InnoDB component and can be exploited by an attacker to cause a denial of service...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-17174)

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server, which originates from improper access control of the Optimizer component and can be exploited by an attacker to cause unauthorized modification of critical data...

Oracle MySQL Server Resource Management Error Vulnerability (CNVD-2025-17176)

Oracle MySQL Server is a relational database from Oracle Corporation. A resource management error vulnerability exists in Oracle MySQL Server that stems from improper access control of the Optimizer component and can be exploited by an attacker to cause a denial of service...

Unspecified Vulnerability in Oracle Java SE (CNVD-2025-24095)

Oracle Java SE is a U.S. Oracle Oracle company for the development and deployment of desktop, server and embedded devices and real-time environments in the Java application. A security vulnerability exists in Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition, which can...

Unspecified Vulnerability in Oracle Java SE (CNVD-2025-24099)

Oracle Java SE is a U.S. Oracle Oracle company for the development and deployment of desktop, server and embedded devices and real-time environments in the Java application. A security vulnerability exists in Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition, which can...

Voting System positions_add.php file SQL Injection Vulnerability

Voting System is an election system. Voting System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter description in file /admin/positionsadd.php. An attacker can exploit this vulnerability to execute illega...

Adobe Framemaker Out-of-Bounds Write Vulnerability (CNVD-2025-16390)

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. An out-of-bounds write vulnerability exists in Adobe Framemaker, which could be exploited by an attacker to execut...

Microsoft Windows Input Validation Error Vulnerability (CNVD-2025-16780)

Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. Microsoft Windows has a security vulnerability. An attacker can exploit the vulnerability to elevate privileges...

GPT-SoVITS-WebUI Code Issue Vulnerability (CNVD-2025-23582)

GPT-SoVITS-WebUI is a TTS training model. A code issue vulnerability exists in GPT-SoVITS-WebUI that stems from unsafe deserialization processing of processckpt.py when receiving serialized data submitted by a user, which can be exploited by an attacker to execute arbitrary commands on the system...

GPT-SoVITS-WebUI Code Issue Vulnerability (CNVD-2025-23575)

GPT-SoVITS-WebUI is a TTS training model. A code issue vulnerability exists in GPT-SoVITS-WebUI, which stems from unsafe deserialization handling of the AudioPre class when receiving user-submitted serialized data, and can be exploited by an attacker to execute arbitrary commands on the system...

GPT-SoVITS-WebUI change_label function command injection vulnerability

GPT-SoVITS-WebUI is a TTS training model. A command injection vulnerability exists in the GPT-SoVITS-WebUI changelabel function that can be exploited by an attacker to execute arbitrary commands on the system...

GPT-SoVITS-WebUI code issue vulnerability (CNVD-2025-23578)

GPT-SoVITS-WebUI is a TTS training model. A code issue vulnerability exists in GPT-SoVITS-WebUI that stems from insecure deserialization of referencewebui.py when receiving serialized data submitted by a user, which can be exploited by an attacker to execute arbitrary commands on the system...

GPT-SoVITS-WebUI Code Issue Vulnerability

GPT-SoVITS-WebUI is a TTS training model. A code issue vulnerability exists in GPT-SoVITS-WebUI that stems from unsafe deserialization handling of the AudioPreDeEcho class when receiving serialized data submitted by the user, which can be exploited by an attacker to execute arbitrary commands on...

Dairy Farm Shop Management System edit-category.php File SQL Injection Vulnerability

Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . The Dairy Farm Shop Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter categorycode in the file...

Siemens SINEC NMS Path Traversal Vulnerability (CNVD-2025-16627)

Siemens SINEC NMS is a network management system NMS from Siemens, Germany, that can be used 24/7 to centrally monitor, manage and configure industrial networks with tens of thousands of devices, including safety-related areas. A path traversal vulnerability exists in Siemens SINEC NMS that stems...

Adobe ColdFusion Operating System Command Injection Vulnerability

Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. Adobe ColdFusion operating system command injection vulnerability, the vulnerability stems from the...

Unspecified Vulnerability in Oracle Fusion Middleware (CNVD-2025-24088)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle. The platform provides middleware, software collection, etc. WebLogic Server is one of the application server components for cloud and traditional...

Microsoft Windows Elevation of Privilege Vulnerability (CNVD-2025-16776)

Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. Microsoft Windows has a security vulnerability. An attacker can exploit the vulnerability to elevate privileges...

Adobe Illustrator Out-of-Bounds Read Vulnerability (CNVD-2025-16404)

Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. An out-of-bounds read vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to cause a sensitive memory leak...

Microsoft Office Elevation of Privilege Vulnerability (CNVD-2025-16690)

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, and so on. An elevation of privilege vulnerability exists in Microsoft Office, which is due to untrusted data...

Adobe Framemaker heap buffer overflow vulnerability (CNVD-2025-16397)

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. Adobe Framemaker suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute...

Zoo Management System /admin/manage-normal-ticket.php File SQL Injection Vulnerability

Zoo Management System is a zoo management system. Zoo Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in parameter ID in file /admin/manage-normal-ticket.php. An attacker can exploit this vulnerability t...

jonnys Liquor delete-row.php file SQL injection vulnerability

jonnys Liquor is a content and management system. jonnys Liquor suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in parameter ID in file /admin/delete-row.php. An attacker can exploit this vulnerability to execute illegal...

Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2025-24084)

Oracle E-Business Suite is a fully integrated set of global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Universal Work Queue for Oracle...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-17160)

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server that originates from improper access control of the Components Services component and can be exploited by an attacker to cause a denial of service...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-17177)

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server that originates from improper access control of the InnoDB component and can be exploited by an attacker to cause a denial of service...

Adobe Illustrator Stack Buffer Overflow Vulnerability

Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. A stack buffer overflow vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to execute arbitrary code in the context of the current user...

Crime Reporting System policelogin.php File SQL Injection Vulnerability

Crime Reporting System is a crime reporting system. Crime Reporting System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter email in the file /policelogin.php. An attacker can exploit this vulnerability to...

Microsoft Office Code Execution Vulnerability (CNVD-2025-16691)

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to execute...

Siemens SICAM TOOLBOX II Trust Management Issue Vulnerability (CNVD-2025-16621)

Siemens SICAM TOOLBOX II is an engineering software from Siemens, Germany. A trust management issue vulnerability exists in Siemens SICAM TOOLBOX II that stems from a common name not being checked for device certificates, which could be exploited by an attacker to cause a man-in-the-middle attack...

Siemens SIMATIC CN 4100 Input Validation Error Vulnerability (CNVD-2025-16622)

The Siemens SIMATIC CN 4100 is a communication node from Siemens, Germany. An input validation error vulnerability exists in the Siemens SIMATIC CN 4100, which can be exploited by an attacker to cause a denial of service...

Microsoft Azure Monitor Code Injection Vulnerability

Microsoft Azure Monitor is a new observability tool from Microsoft that enables end-to-end monitoring capabilities for applications, infrastructure and networks. A security vulnerability exists in Microsoft Azure Monitor. An attacker exploiting this vulnerability could remotely execute code...

Oracle MySQL Server Resource Management Error Vulnerability (CNVD-2025-17361)

Oracle MySQL Server is a relational database from Oracle Corporation. A resource management error vulnerability exists in Oracle MySQL Server that stems from improper access control of the Optimizer component and can be exploited by an attacker to cause a denial of service...

Ivanti Endpoint Manager Encryption Misuse Vulnerability (CNVD-2025-18155)

Ivanti Endpoint Manager is a comprehensive endpoint management solution developed by Ivanti to manage all endpoint devices in an enterprise network. An encryption misuse vulnerability exists in Ivanti Endpoint Manager, which can be exploited by an attacker to decrypt other users' passwords...

Dairy Farm Shop Management System edit-product.php File SQL Injection Vulnerability

Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . The Dairy Farm Shop Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter productname in the file...

Unspecified Vulnerability in Oracle Database Server (CNVD-2025-24075)

Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. A security vulnerability exists in Oracle Database Materialized View for Oracle Databas...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-17184)

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server that originates from a flaw in the LDAP authentication component, which can be exploited by an attacker to cause a denial of service...

Unspecified Vulnerability in Oracle Java SE (CNVD-2025-24097)

Oracle Java SE is a U.S. Oracle Oracle company for the development and deployment of desktop, server and embedded devices and real-time environments in the Java application. A security vulnerability exists in Oracle Java SE for Oracle Java SE and Oracle GraalVM Enterprise Edition, which can be...

Adobe InCopy Number Error Vulnerability

Adobe InCopy is a text editing software for creative writing from the American company Audobee Adobe. A numeric error vulnerability exists in Adobe InCopy, which can be exploited by an attacker to cause arbitrary code to be executed...

Adobe ColdFusion XML External Entity Injection Vulnerability (CNVD-2025-16375)

Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. Adobe ColdFusion has an XML external entity injection vulnerability that originates from improperly...

Unspecified Vulnerability in Oracle Java SE (CNVD-2025-24096)

Oracle Java SE is a U.S. Oracle Oracle company for the development and deployment of desktop, server and embedded devices and real-time environments in the Java application. A security vulnerability exists in Oracle Java SE, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition, which can ...

Oracle MySQL Server Resource Management Error Vulnerability (CNVD-2025-17165)

Oracle MySQL Server is a relational database from Oracle Corporation. A resource management error vulnerability exists in Oracle MySQL Server, which stems from improper access control in the Security: Encryption component and can be exploited by an attacker to cause a denial of service...

Oracle MySQL Server Resource Management Error Vulnerability (CNVD-2025-17107)

Oracle MySQL Server is a relational database from Oracle Corporation. A resource management error vulnerability exists in Oracle MySQL Server, which stems from a flaw in the replication component that can be exploited by an attacker to cause a denial of service...

Unspecified Vulnerability in Oracle MySQL (CNVD-2025-17167)

Oracle MySQL is an open source relational database management system.MySQL Client is a MySQL client, a program used to communicate with a server to process information in a database managed by the server. A security vulnerability in MySQL Cluster versions 8.0.0 through 8.0.42, 8.4.0 through 8.4.5...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-17169)

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server that originates from improper access control of the Optimizer component and can be exploited by an attacker to cause a denial of service...

Oracle MySQL Server Resource Management Error Vulnerability (CNVD-2025-17178)

Oracle MySQL Server is a relational database from Oracle Corporation. A resource management error vulnerability exists in Oracle MySQL Server that stems from improper access control of the Optimizer component and can be exploited by an attacker to cause a denial of service...

Oracle MySQL Server Resource Management Error Vulnerability (CNVD-2025-17179)

Oracle MySQL Server is a relational database from Oracle Corporation. A resource management error vulnerability exists in Oracle MySQL Server that stems from improper access control of the InnoDB component and can be exploited by an attacker to cause a denial of service...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-17181)

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server, which originates from a flaw in the optimizer component and can be exploited by an attacker to cause a denial of service...

Unspecified Vulnerability in Oracle Java SE (CNVD-2025-24098)

Oracle Java SE is a U.S. Oracle Oracle company for the development and deployment of desktop, server and embedded devices and real-time environments in the Java application. A security vulnerability exists in Oracle Java SE for Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise...