130931 matches found
Unspecified Vulnerability in Huawei HarmonyOS (CNVD-2025-15518)
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS versions 5.0.1 and 5.1.0, which stems from a stack overflow risk when parsing vector images, and can be...
Unspecified vulnerability in Huawei HarmonyOS (CNVD-2025-15513)
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS versions 5.0.1 and 5.1.0, which stems from a null pointer dereference in the PDF Preview module, and can ...
Unspecified vulnerability in Huawei HarmonyOS (CNVD-2025-15510)
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS versions 5.0.1 and 5.1.0, which stems from a stack overflow risk when parsing vector images, and can be...
Unspecified Vulnerability in Huawei HarmonyOS (CNVD-2025-15509)
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS versions 5.0.1 and 5.1.0, which stems from a null pointer dereference in the PDF Preview module, and can ...
Mattermost Permission Issues Vulnerability
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a privilege issue vulnerability that stems from not properly enforcing channel member management privileges, which can be exploited by an attacker to enable unauthorized users t...
WordPress PrivateContent-Mail Actions File Inclusion Vulnerability
WordPress PrivateContent-Mail Actions is the name of the plugin or feature module for mail actions and member management. WordPress PrivateContent-Mail Actions suffers from a file inclusion vulnerability that stems from improper file inclusion control, which can be exploited by an attacker to cau...
WordPress Elessi plugin file inclusion vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A file inclusion vulnerability exists in the WordPress Elessi plugin that stems from not doing effective filtering of local file resource calls, which can be exploited by an...
WordPress CMSMasters Content Composer plugin file inclusion vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A file inclusion vulnerability exists in the WordPress CMSMasters Content Composer plugin that stems from not doing effective filtering of local file resource calls, which can b...
HDF5 H5FS__sinfo_serialize_node_cb function buffer overflow vulnerability
HDF5 is a library of HDF open source . HDF5 1.14.6 version of the existence of a buffer overflow vulnerability , the vulnerability stems from the file src/H5FScache.c function H5FSsinfoserializenodecb fails to correctly validate the length of the input data size , a remote attacker can be used to...
Tenda AC6 SetSysTimeCfg function buffer overflow vulnerability
Tenda AC6 is a dual-band wireless router from Tenda. Tenda AC6 suffers from a buffer overflow vulnerability, which originates from the failure of the time parameter in the SetSysTimeCfg function to correctly validate the length and size of the input data, which can be exploited by an attacker to...
Tenda AC6 formSetQosBand function buffer overflow vulnerability
Tenda AC6 is a dual-band wireless router from Tenda. Tenda AC6 suffers from a buffer overflow vulnerability, which originates from the list parameter in the formSetQosBand function failing to correctly validate the length and size of the input data, which can be exploited by an attacker to cause ...
Tenda AC6 Buffer Overflow Vulnerability
Tenda AC6 is a dual-band wireless router from Tenda. Tenda AC6 has a buffer overflow vulnerability, the vulnerability stems from the formSetFirewallCfg function firewallEn parameter fails to correctly validate the length and size of the input data, an attacker can use this vulnerability to cause ...
Unspecified Vulnerability in Endress+Hauser MEAC300-FNADE4 (CNVD-2025-16359)
The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4 that stems from an error message discrepancy that can be exploited by an attacker to cause username enumeratio...
Endress+Hauser MEAC300-FNADE4 Cross-Site Request Forgery Vulnerability
The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. The Endress+Hauser MEAC300-FNADE4 suffers from a cross-site request forgery vulnerability that arises from a WEB application that does not adequately validate that a request is...
Endress+Hauser MEAC300-FNADE4 Cross-Site Scripting Vulnerability (CNVD-2025-16357)
The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. The Endress+Hauser MEAC300-FNADE4 suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied dat...
Unspecified Vulnerability in Endress+Hauser MEAC300-FNADE4 (CNVD-2025-16356)
The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4 that stems from the hard disk not using full volume encryption, which can be exploited by an attacker to bypas...
Unspecified Vulnerability in Endress+Hauser MEAC300-FNADE4 (CNVD-2025-16354)
The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4, which can be exploited by attackers to conduct clickjacking attacks...
Endress+Hauser MEAC300-FNADE4 Information Disclosure Vulnerability (CNVD-2025-16353)
The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4, which stems from the fact that all communications are not encrypted, and can be exploited by an attacker to...
Endress+Hauser MEAC300-FNADE4 Cross-Site Scripting Vulnerability
The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. The Endress+Hauser MEAC300-FNADE4 is vulnerable to a cross-site scripting vulnerability due to improper validation of user input via dashboard name. An attacker could exploit the...
Unspecified Vulnerability in Endress+Hauser MEAC300-FNADE4 (CNVD-2025-16351)
The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4 that stems from an insufficient authentication attempt limit and can be exploited by an attacker to cause a...
Unspecified Vulnerability in Endress+Hauser MEAC300-FNADE4 (CNVD-2025-16350)
The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4 that stems from the HttpOnly flag not being set, which can be exploited by an attacker to cause session...
Unspecified Vulnerability in Endress+Hauser MEAC300-FNADE4 (CNVD-2025-16348)
The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4 that stems from the use of DES encryption to store passwords, which can be exploited by an attacker to cause...
Unspecified Vulnerability in Endress+Hauser MEAC300-FNADE4 (CNVD-2025-16347)
The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4, which stems from an Apache misconfiguration, and can be exploited by an attacker to cause a directory to be...
Endress+Hauser MEAC300-FNADE4 Information Disclosure Vulnerability (CNVD-2025-16346)
The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. An information disclosure vulnerability exists in the Endress+Hauser MEAC300-FNADE4 that stems from the authentication mechanism based on the challenge response system using the...
Unspecified Vulnerability in Endress+Hauser MEAC300-FNADE4 (CNVD-2025-16345)
The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4, which can be exploited by attackers to cause a brute force attack...
Endress+Hauser MEAC300-FNADE4 Information Disclosure Vulnerability
The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. The Endress+Hauser MEAC300-FNADE4 suffers from an information disclosure vulnerability that originates from local PostgreSQL database credentials stored in plaintext. An attacker...
Unspecified Vulnerability in Endress+Hauser MEAC300-FNADE4 (CNVD-2025-16343)
The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4 that originates from automatically logging in an EPC2 Windows user at startup without entering a password. An...
Endress+Hauser MEAC300-FNADE4 SQL Injection Vulnerability
The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. The Endress+Hauser MEAC300-FNADE4 suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. An attacker...
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability (CNVD-2025-23050)
Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. A remote code execution vulnerability exists in Microsoft Edge Chromium-based, which can be exploited by an attacker to execute arbitrary code on a system...
Unspecified Vulnerability in Huawei HarmonyOS (CNVD-2025-15507)
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS versions 5.0.1 and 5.1.0, which stems from a stack overflow risk when parsing vector images, and can be...
Unspecified Vulnerability in Redis (CNVD-2025-16526)
Redis is the United States Redis company's set of open-source use of ANSI C written to support the network , can be based on memory can also be a persistent log-type , key-value Key-Value storage database , and provides a variety of languages API. Redis has a security vulnerability that could be...
Unspecified Vulnerability in Huawei HarmonyOS (CNVD-2025-15506)
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS versions 5.0.1 and 5.1.0, which stems from a null pointer dereference in the PDF Preview module, and can ...
Unspecified Vulnerability in Automated Voting System
Automated Voting System is an automated voting system. Automated Voting System suffers from an unspecified vulnerability that stems from susceptibility to direct request attacks. No details of the vulnerability are available at this time...
WeGIA Cross-Site Scripting Vulnerability (CNVD-2025-17292)
WeGIA is a web manager for welfare organizations. WeGIA suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in novomemorando.php, which can be exploited by an attacker to execute injected scripts in a browser...
Unspecified Vulnerability in Endress+Hauser MEAC300-FNADE4 (CNVD-2025-16355)
The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4 that stems from an insufficient authentication attempt limit and can be exploited by an attacker to cause a...
Unspecified Vulnerability in Huawei HarmonyOS (CNVD-2025-15512)
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS versions 5.0.1 and 5.1.0, which stems from a stack overflow risk when parsing vector images, and can be...
Belkin F9K1122 Command Injection Vulnerability (CNVD-2025-20834)
The Belkin F9K1122 is a WiFi signal extender from Belkin Canada. The Belkin F9K1122 suffers from a command injection vulnerability that originates from a misbehavior of the parameters mwanipaddr/mwannetmask/mwangateway/mwanstaticdns1/mwanstaticdns2 in the file /goform/formSetWanStatic. can be...
Huawei HarmonyOS and EMUI calendar storage module privilege bypass vulnerability (CNVD-2025-16594)
Huawei EMUI and Huawei HarmonyOS are both products of the Chinese company Huawei Huawei.Huawei EMUI is a mobile operating system based on Android development.Huawei HarmonyOS is an operating system. Provides a full-scenario distributed operating system based on a microkernel. A privilege bypass...
Belkin F9K1122 Stack Buffer Overflow Vulnerability (CNVD-2025-20837)
The Belkin F9K1122 is a WiFi signal extender from Belkin Canada. The Belkin F9K1122 suffers from a stack buffer overflow vulnerability that originates from the incorrect operation of the parameter wpsenroleepin/webpage in the file /goform/formWlanSetupWPS, no details of the vulnerability are...
Unspecified vulnerability in Huawei HarmonyOS (CNVD-2025-15519)
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS versions 5.0.1 and 5.1.0, which stems from a null pointer dereference in the PDF Preview module, and can ...
Unspecified vulnerability in Huawei HarmonyOS (CNVD-2025-15508)
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS versions 5.0.1 and 5.1.0, which stems from an authentication vulnerability in the Distributed Collaborati...
Unspecified Vulnerability in Redis (CNVD-2025-16525)
Redis is the United States Redis company's set of open-source use of ANSI C written to support the network , can be based on memory can also be a persistent log-type , key-value Key-Value storage database , and provides a variety of languages API. Redis has a security vulnerability that can be...
Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability
Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. An elevation of privilege vulnerability exists in Microsoft Edge Chromium-based Update, which can be exploited by an attacker to gain SYSTEM privileges...
WordPress Radio Station Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in WordPress Radio Station, which stems from the application not properly handling user-submitted form data, and no detail...
WordPress VG WORT METIS Authorization Issue Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. An authorization issue vulnerability exists in WordPress VG WORT METIS, which can be exploited by attackers to take over the accounts of other web application users...
WordPress Easy restaurant menu manager cross-site scripting vulnerability
WordPress Easy restaurant menu manager is a WordPress plugin for managing restaurant menus , the main features include uploading and editing restaurant menus online and embedding them into the website through short codes or links. A cross-site scripting vulnerability exists in WordPress Easy...
WordPress Red Art Code Injection Vulnerability
WordPress Red Art is a theme designed for the art field, mainly used to create artist portfolios, galleries, photography exhibitions, tattoo studios and other art websites. WordPress Red Art suffers from a code injection vulnerability that stems from deserializing untrustworthy data, which can be...
WordPress Alone Code Injection Vulnerability
WordPress Alone is a theme designed for nonprofit organizations, primarily for the WordPress platform. WordPress Alone suffers from a code injection vulnerability that stems from improper code generation controls, no details of the vulnerability are provided at this time...
WordPress DocCheck Login Access Control Error Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. An Access Control Error vulnerability exists in WordPress DocCheck Login, which originates from a page load that redirects a user to login, and can be exploited by an...
WordPress Uncode Core Cross-Site Scripting Vulnerability
WordPress Uncode Core is a creative multipurpose theme for the WordPress platform. WordPress Uncode Core suffers from a cross-site scripting vulnerability that stems from insufficient input cleanup and output escaping, which can be exploited by an attacker to steal user session information by...