Unspecified vulnerability in Huawei HarmonyOS and EMUI (CNVD-2025-16592)

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. A security vulnerability exists in Huawei HarmonyOS an...

Unspecified vulnerability in Huawei HarmonyOS (CNVD-2025-15520)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS version 5.1.0, which stems from a null pointer dereference in the Application Exit Reason module, and can...

HDF5 H5FS__sect_link_size function buffer overflow vulnerability

HDF5 is a library of HDF open source . HDF5 version 1.14.6 there is a buffer overflow vulnerability , the vulnerability stems from the file src/H5FSsection.c function H5FSsectlinksize failed to correctly validate the length of the input data size , a remote attacker can use this vulnerability on...

Unspecified Vulnerability in Huawei HarmonyOS (CNVD-2025-15505)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS versions 5.0.1 and 5.1.0, which stems from a null pointer dereference in the PDF Preview module, and can ...

Unspecified Vulnerability in Endress+Hauser MEAC300-FNADE4

The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4 that stems from a missing Secure attribute, which can be exploited by an attacker to cause session hijacking...

Google ChromeOS Access Control Error Vulnerability

Google ChromeOS is an operating system from the American company Google. Google ChromeOS suffers from an Access Control Error vulnerability that stems from improper access control of the Stylus Tools component, which can be exploited by an attacker to obtain information about a user's files...

UTT HiPER 840G Buffer Overflow Vulnerability (CNVD-2026-00817)

The UTT HiPER 840G is a full Gigabit Internet behavior management router from Atech UTT, which is aimed at small businesses, community networks, hotels, and other scenarios, providing high-speed network access and intelligent management features. The UTT HiPER 840G suffers from a buffer overflow...

UTT HiPER 840G Buffer Overflow Vulnerability (CNVD-2026-00816)

The UTT HiPER 840G is a full Gigabit Internet behavior management router from Atech UTT, which is aimed at small businesses, community networks, hotels, and other scenarios, providing high-speed network access and intelligent management features. The UTT HiPER 840G suffers from a buffer overflow...

WeGIA Cross-Site Scripting Vulnerability (CNVD-2025-17293)

WeGIA is a web manager for welfare organizations. WeGIA suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the iddependente parameter in the profilefamiliar.php endpoint, no details of the vulnerability are...

WeGIA SQL Injection Vulnerability (CNVD-2025-17291)

WeGIA is a web manager for welfare organizations. WeGIA suffers from a SQL injection vulnerability that stems from a lack of validation of the idfuncionario parameter against externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL commands to steal...

WeGIA fid parameter denial of service vulnerability

WeGIA is a web manager for welfare organizations. WeGIA suffers from a denial of service vulnerability that stems from the length of the fid parameter not being validated, which can be exploited by an attacker to cause a denial of service...

WeGIA Denial of Service Vulnerability

WeGIA is a web manager for welfare organizations. WeGIA suffers from a denial of service vulnerability that stems from the length of the errorstr parameter not being validated, which can be exploited by an attacker to cause a denial of service...

WeGIA Cross-Site Scripting Vulnerability (CNVD-2025-17288)

WeGIA is a web manager for welfare organizations. WeGIA suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the idfuncionario parameter in the cadastrodependentepessoanova.php endpoint, for which no detailed...

WeGIA SQL Injection Vulnerability (CNVD-2025-17287)

WeGIA is a web manager for welfare organizations. WeGIA suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements by the almox parameter. An attacker can exploit this vulnerability to execute illegal SQL commands to steal sensitive databa...

HDF5 Memory Leak Vulnerability

HDF5 is a library of HDF open source . HDF5 memory leakage vulnerability , the vulnerability stems from the file src/H5FL.c function H5FLmalloc did not release or can not release has been dynamically allocated heap memory , an attacker can use this vulnerability leads to denial-of-service attacks...

Marvell QConvergeConsole Path Traversal Vulnerability (CNVD-2025-20452)

Marvell QConvergeConsole is a unified adapter management software across data centers from Marvell USA. A path traversal vulnerability exists in Marvell QConvergeConsole due to an error in the saveNICParamsToFile method. An attacker could exploit the vulnerability to write a file in the SYSTEM...

Marvell QConvergeConsole Path Traversal Vulnerability (CNVD-2025-20451)

Marvell QConvergeConsole is a unified adapter management software across data centers from Marvell USA. A path traversal vulnerability exists in Marvell QConvergeConsole due to an error in the restoreESwitchConfig method. An attacker could exploit this vulnerability to disclose information in a...

Marvell QConvergeConsole path traversal vulnerability (CNVD-2025-20449)

Marvell QConvergeConsole is a unified adapter management software across data centers from Marvell USA. A path traversal vulnerability exists in Marvell QConvergeConsole due to an error in getFileUploadSize. An attacker could exploit the vulnerability to disclose information in the SYSTEM context...

Marvell QConvergeConsole Path Traversal Vulnerability (CNVD-2025-20448)

Marvell QConvergeConsole is a unified adapter management software across data centers from Marvell USA. A path traversal vulnerability exists in Marvell QConvergeConsole due to an error in the getFileUploadBytes method. An attacker could exploit the vulnerability to disclose information in the...

Marvell QConvergeConsole path traversal vulnerability (CNVD-2025-20447)

Marvell QConvergeConsole is a unified adapter management software across data centers from Marvell USA. A path traversal vulnerability exists in Marvell QConvergeConsole due to an error in the getFileUploadBytes method. An attacker could exploit the vulnerability to disclose information in the...

Marvell QConvergeConsole path traversal vulnerability (CNVD-2025-20446)

Marvell QConvergeConsole is a unified adapter management software across data centers from Marvell USA. Marvell QConvergeConsole has a path traversal vulnerability that is caused by an error in the getDriverTmpPath method. An attacker could exploit the vulnerability to disclose information in the...

Marvell QConvergeConsole path traversal vulnerability (CNVD-2025-20445)

Marvell QConvergeConsole is a unified adapter management software across data centers from Marvell USA. A path traversal vulnerability exists in Marvell QConvergeConsole due to an error in the getAppFileBytes method. An attacker could exploit the vulnerability to disclose information in the SYSTE...

Marvell QConvergeConsole Path Traversal Vulnerability (CNVD-2025-20443)

Marvell QConvergeConsole is a unified adapter management software across data centers from Marvell USA. A path traversal vulnerability exists in Marvell QConvergeConsole due to an error in the deleteAppFile method. An attacker could exploit the vulnerability to delete a file in the SYSTEM context...

Marvell QConvergeConsole Path Traversal Vulnerability (CNVD-2025-20442)

Marvell QConvergeConsole is a unified adapter management software across data centers from Marvell USA. A path traversal vulnerability exists in Marvell QConvergeConsole due to an error in the compressFirmwareDumpFiles method. An attacker could exploit this vulnerability to disclose information i...

Marvell QConvergeConsole Path Traversal Vulnerability (CNVD-2025-20441)

Marvell QConvergeConsole is a unified adapter management software across data centers from Marvell USA. A path traversal vulnerability exists in Marvell QConvergeConsole due to an error in the compressDriverFiles method. An attacker could exploit the vulnerability to disclose information in the...

Belkin F9K1122 Stack Buffer Overflow Vulnerability

The Belkin F9K1122 is a WiFi signal extender. The Belkin F9K1122 suffers from a stack buffer overflow vulnerability that stems from the parameter pptpUserName in the file /goform/formPPTPSetup failing to correctly validate the length size of the input data, no detailed vulnerability details are...

Belkin F9K1122 Command Injection Vulnerability (CNVD-2025-20839)

The Belkin F9K1122 is a WiFi signal extender from Belkin Canada. The Belkin F9K1122 suffers from a command injection vulnerability that stems from the parameter command in the file /goform/mp failing to properly filter constructed command special characters, commands, and so on. An attacker can...

Belkin F9K1122 Stack Buffer Overflow Vulnerability (CNVD-2025-20838)

The Belkin F9K1122 is a WiFi signal extender from Belkin Canada. The Belkin F9K1122 suffers from a stack buffer overflow vulnerability that originates from the incorrect operation of the parameter pinCode in the file /goform/formWpsStart, no details of the vulnerability are provided at this time...

Belkin F9K1122 Stack Buffer Overflow Vulnerability (CNVD-2025-20836)

The Belkin F9K1122 is a WiFi signal extender from Belkin Canada. The Belkin F9K1122 suffers from a stack buffer overflow vulnerability that results from the incorrect manipulation of multiple parameters in the file /goform/formWlanMP, no details of the vulnerability are provided at this time...

Belkin F9K1122 Stack Buffer Overflow Vulnerability (CNVD-2025-20835)

The Belkin F9K1122 is a WiFi signal extender from Belkin Canada. The Belkin F9K1122 version 1.00.33 suffers from a buffer overflow vulnerability that stems from the incorrect operation of the parameter pppUserName in the file /goform/formWanTcpipSetup, no details of the vulnerability are provided...

Belkin F9K1122 Stack Buffer Overflow Vulnerability (CNVD-2025-20833)

The Belkin F9K1122 is a WiFi signal extender. The Belkin F9K1122 suffers from a stack buffer overflow vulnerability that originates from the incorrect manipulation of the parameter webpage in the file /goform/formSetLanguage, no details of the vulnerability are provided at this time...

Belkin F9K1122 Stack Buffer Overflow Vulnerability (CNVD-2025-20832)

The Belkin F9K1122 is a WiFi signal extender. The Belkin F9K1122 suffers from a buffer overflow vulnerability that originates from the incorrect operation of the parameter pppUserName in the file /goform/formPPPoESetup, no details of the vulnerability are provided at this time...

Belkin F9K1122 Stack Buffer Overflow Vulnerability (CNVD-2025-20831)

The Belkin F9K1122 is a WiFi signal extender. The Belkin F9K1122 suffers from a stack buffer overflow vulnerability that originates from the incorrect manipulation of the parameter L2TPUserName in the file /goform/formL2TPSetup, for which no detailed vulnerability details are provided at this tim...

Belkin F9K1122 Stack Buffer Overflow Vulnerability (CNVD-2025-20830)

The Belkin F9K1122 is a WiFi signal extender. The Belkin F9K1122 suffers from a stack buffer overflow vulnerability that originates from the incorrect operation of the parameter submit-url-ok in the file /goform/formBSSetSitesurvey, for which no detailed vulnerability details are provided...

Belkin F9K1122 Stack Buffer Overflow Vulnerability (CNVD-2025-20829)

The Belkin F9K1122 is a WiFi signal extender. The Belkin F9K1122 suffers from a stack buffer overflow vulnerability that originates from the incorrect operation of the parameter submit-url-ok in the file /goform/formBSSetSitesurvey, for which no detailed vulnerability details are provided...

Unspecified vulnerability in Huawei HarmonyOS (CNVD-2025-15504)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS versions 5.0.1 and 5.1.0, which stems from bypassing the process startup SA and using distributed...

Huawei HarmonyOS PDF preview module null pointer dereference vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A null pointer dereference vulnerability exists in the Huawei HarmonyOS PDF preview module, which can be exploited by an attacker to cause a functional...

Belkin F9K1122 Command Injection Vulnerability

The Belkin F9K1122 is a WiFi signal extender. The Belkin F9K1122 suffers from a command injection vulnerability that originates from the incorrect operation of the parameters wanipaddr/wannetmask/wangateway/wlssid in the file /goform/formBSSetSitesurvey. An attacker can exploit this vulnerability...

WordPress Amazon Products to WooCommerce plugin code issue vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A code issue vulnerability exists in the WordPress Amazon Products to WooCommerce plugin that stems from insufficient validation of the function wcta2wgeturls, which can be...

Tenda AC6 fromSetRouteStatic function buffer overflow vulnerability

Tenda AC6 is a dual-band wireless router from Tenda. Tenda AC6 suffers from a buffer overflow vulnerability that stems from the list parameter in the fromSetRouteStatic function failing to properly validate the length size of the input data, no detailed vulnerability details are provided at this...

Huawei HarmonyOS and EMUI calendar storage module privilege bypass vulnerability

Huawei EMUI and Huawei HarmonyOS are both products of the Chinese company Huawei Huawei.Huawei EMUI is a mobile operating system based on Android development.Huawei HarmonyOS is an operating system. Provides a full-scenario distributed operating system based on a microkernel. A privilege bypass...

Apache Apisix elevation of privilege vulnerability (CNVD-2025-20873)

Apache Apisix is a cloud-native microservices API gateway service of the U.S. Apache Apache Foundation. The software is based on OpenResty and etcd to realize , with dynamic routing and plug-in hot loading , suitable for microservice system under the API management . An elevation of privilege...

Unspecified vulnerability in Huawei HarmonyOS and EMUI (CNVD-2025-16591)

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. A security vulnerability exists in Huawei HarmonyOS an...

Unspecified Vulnerability in Endress+Hauser MEAC300-FNADE4 (CNVD-2025-16349)

The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4 that stems from the reuse of the same credentials across multiple services and different scopes within the sam...

Belkin F9K1122 Stack Buffer Overflow Vulnerability (CNVD-2025-20827)

The Belkin F9K1122 is a WiFi signal extender. The Belkin F9K1122 suffers from a stack buffer overflow vulnerability that results from the incorrect operation of the parameter submit-url-ok in the file /goform/formBSSetSitesurvey. No detailed vulnerability details are provided at this time...

Unspecified vulnerability in Huawei HarmonyOS (CNVD-2025-15511)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS versions 5.0.1 and 5.1.0, which stems from a stack overflow risk when parsing vector images, and can be...

WordPress WP Compress Weak Authentication Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. A weak authentication vulnerability exists in WordPress WP Compress, which stems from a weak authentication mechanism, and no detailed vulnerability details are provided at...

WordPress Sharable Password Protected Posts Information Disclosure Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. An information disclosure vulnerability exists in WordPress Sharable Password Protected Posts, which stems from the REST API exposing a key that can be exploited by an...

Unspecified vulnerability in Huawei HarmonyOS (CNVD-2025-15514)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS versions 5.0.1 and 5.1.0, which stems from a stack overflow risk when parsing vector images, and can be...

Unspecified vulnerability in Huawei HarmonyOS (CNVD-2025-15521)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS versions 5.0.1 and 5.1.0, which stems from a stack overflow risk when parsing vector images, and can be...