130931 matches found
WordPress GrandPrix plugin path traversal vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A path traversal vulnerability exists in the WordPress GrandPrix plugin that stems from not doing effective filtering of local file resource calls, which can be exploited by an...
WordPress GiftXtore plugin file inclusion vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A file inclusion vulnerability exists in the WordPress GiftXtore plugin that stems from not doing effective filtering of local file resource calls, which can be exploited by an...
WordPress Formulario de contacto SalesUp! plugin cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. The WordPress Formulario de contacto SalesUp! plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping...
WordPress Elementor Website Builder Pro plugin cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Elementor Website Builder Pro plugin that stems from insufficient input cleanup and output escaping of the buttontex...
WordPress CryptoCloud - Crypto Payment Gateway plugin elevation of privilege vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. An elevation of privilege vulnerability exists in the WordPress CryptoCloud - Crypto Payment Gateway plugin, which stems from improperly configured access control, for which no...
WordPress CraftXtore plugin file inclusion vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A file inclusion vulnerability exists in the WordPress CraftXtore plugin that stems from not doing effective filtering of local file resource calls, which can be exploited by an...
WordPress CozyStay plugin deserialization vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A deserialization vulnerability exists in the WordPress CozyStay plugin that stems from deserializing untrustworthy data, which can be exploited by an attacker to cause code...
WordPress CLEVER plugin path traversal vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. The WordPress CLEVER plugin suffers from a path traversal vulnerability that stems from the program failing to properly filter special elements in the path of a resource or file...
WordPress Civi Framework plugin cross-site request forgery vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in the WordPress Civi Framework plugin that stems from the WEB application not adequately verifying that a request is from a...
WordPress Broadstreet plugin cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Broadstreet plugin that stems from uncleaned and escaped parameters, which can be exploited by an attacker to execut...
WordPress Blogvy plugin file inclusion vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A file inclusion vulnerability exists in the WordPress Blogvy plugin that stems from not doing effective filtering of local file resource calls, which can be exploited by an...
WordPress Blogty plugin file inclusion vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A file inclusion vulnerability exists in the WordPress Blogty plugin that stems from not doing effective filtering of local file resource calls, which can be exploited by an...
WordPress Blogprise plugin file inclusion vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A file inclusion vulnerability exists in the WordPress Blogprise plugin that stems from improper file name control and can be exploited by an attacker to cause PHP native file...
WordPress Blogmine plugin file inclusion vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A file inclusion vulnerability exists in the WordPress Blogmine plugin that stems from improper filename control and can be exploited by an attacker to cause PHP native file...
WordPress Blogbyte plugi file inclusion vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A file inclusion vulnerability exists in WordPress Blogbyte plugi, which stems from improper filename control and can be exploited by an attacker to cause PHP native file...
Weak Password Storage Vulnerability in Various ABB Products
ABB ASPECT is a scalable building energy management and control solution.ABB MATRIX is an embedded building automation network controller.ABB NEXUS is a wireless and wired solution. A weak password storage vulnerability exists in several ABB products, which can be exploited by an attacker to caus...
WordPress Axle Demo Importer plugin file upload vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A file upload vulnerability exists in the WordPress Axle Demo Importer plugin that stems from an unverified uploaded file, which can be exploited by an attacker to cause arbitra...
WordPress Avaz plugin file inclusion vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A file inclusion vulnerability exists in the WordPress Avaz plugin that stems from not doing effective filtering of local file resource calls, which can be exploited by an...
Denial of Service Vulnerability in Various ABB Products
ABB ASPECT and others are products of ABB Switzerland.ABB ASPECT is a scalable building energy management and control solution.ABB MATRIX is an embedded building automation network controller.ABB NEXUS is a wireless and wired solution. A denial-of-service vulnerability exists in various ABB...
WordPress Arlo plugin path traversal vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress Arlo plugin has a path traversal vulnerability that stems from not doing effective filtering of resource calls, which can be exploited by an attacker to cause PHP loca...
WordPress Apptha Slider Gallery plugin path traversal vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A path traversal vulnerability exists in the WordPress Apptha Slider Gallery plugin, which stems from improper path restriction. An attacker can exploit the vulnerability to cau...
WordPress Abandoned Cart Pro for WooCommerce plugin file upload vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A file upload vulnerability exists in the WordPress Abandoned Cart Pro for WooCommerce plugin, which stems from the lack of file type validation in the...
TOTOLINK EX1200T /boafrm/formWsc File Buffer Overflow Vulnerability
The TOTOLINK EX1200T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. The TOTOLINK EX1200T suffers from a buffer overflow vulnerability that originates from the failure of the file /boafrm/formWsc in the HTTP POST Request Handler component to properly validate the length and size...
Elevation of Privilege Vulnerability in Various ABB Products
ABB ASPECT-Enterprise is a scalable building energy management and control solution.ABB NEXUS Series is a monitoring and control management system.ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications. ...
TOTOLINK EX1200T /boafrm/formIpQoS file buffer overflow vulnerability
The TOTOLINK EX1200T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. The TOTOLINK EX1200T suffers from a buffer overflow vulnerability that originates from the failure of the file /boafrm/formIpQoS in the HTTP POST Request Handler component to properly validate the length and si...
ABB Multiple Catalog Traversal Vulnerability
ABB ASPECT-Enterprise is a scalable building energy management and control solution.ABB NEXUS Series is a monitoring and control management system.ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications. ...
TOTOLINK EX1200T /boafrm/formDMZ File Buffer Overflow Vulnerability
The TOTOLINK EX1200T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. The TOTOLINK EX1200T suffers from a buffer overflow vulnerability that originates from the failure of the file /boafrm/formDMZ in the HTTP POST Request Handler component to properly validate the length and size...
Servlet Injection Vulnerabilities in Various ABB Products
ABB ASPECT-Enterprise is a scalable building energy management and control solution.ABB NEXUS Series is a monitoring and control management system.ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications. ...
Unspecified Vulnerability in Tenda TDSEE App
Tenda TDSEE App is an application from Tenda China for managing Tenda brand camera products. A security vulnerability exists in the Tenda TDSEE App that can be exploited by attackers to cause excessive authentication attempts...
SQL Injection Vulnerabilities in Various ABB Products (CNVD-2025-13770)
ABB ASPECT-Enterprise is a scalable building energy management and control solution.ABB NEXUS Series is a monitoring and control management system.ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications. ...
Unspecified Vulnerabilities in Various ABB Products
ABB ASPECT-Enterprise is a scalable building energy management and control solution.ABB NEXUS Series is a monitoring and control management system.ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications. ...
AC6 /goform/setPptpUserList File Buffer Overflow Vulnerability in Shenzhen Jixiang Tengda Technology Co.
AC6 is a wireless router from Tenda, a Chinese company. Ltd. AC6 15.03.05.16 version of the buffer overflow vulnerability, the vulnerability stems from the file / goform / setPptpUserList parameter list fails to correctly validate the length of the input data size, a remote attacker can be used t...
Wyse Management Suite WMS Information Disclosure Vulnerability
Wyse Management Suite WMS is a cloud and local management platform from Dell, Inc. It is used to centrally manage Wyse lightweight endpoint devices and supports remote configuration, firmware updates, security policy management and other features. An information disclosure vulnerability exists in...
Wyse Management Suite WMS Path Traversal Vulnerability
Wyse Management Suite WMS is a cloud and local management platform from Dell, Inc. It is used to centrally manage Wyse lightweight endpoint devices and supports remote configuration, firmware updates, security policy management and other features. A path traversal vulnerability exists in Wyse...
Vulnerabilities in Code Issues in Various ABB Products (CNVD-2025-13598)
ABB ASPECT-Enterprise is a scalable building energy management and control solution.ABB NEXUS Series is a monitoring and control management system.ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications. ...
Code Injection Vulnerabilities in Various ABB Products (CNVD-2025-13765)
ABB ASPECT-Enterprise is a scalable building energy management and control solution.ABB NEXUS Series is a monitoring and control management system.ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications. ...
Various ABB products code issues vulnerabilities
ABB ASPECT-Enterprise is a scalable building energy management and control solution.ABB NEXUS Series is a monitoring and control management system.ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications. ...
Information Disclosure Vulnerability in Various ABB Products (CNVD-2025-13423)
ABB ASPECT-Enterprise is a scalable building energy management and control solution.ABB NEXUS Series is a monitoring and control management system.ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications. ...
Security Bypass Vulnerabilities in Various ABB Products
ABB ASPECT-Enterprise is a scalable building energy management and control solution.ABB NEXUS Series is a monitoring and control management system.ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications. ...
Information Disclosure Vulnerability in Various ABB Products (CNVD-2025-13421)
ABB ASPECT-Enterprise is a scalable building energy management and control solution.ABB NEXUS Series is a monitoring and control management system.ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications. ...
Trust Management Issues Vulnerabilities in Various ABB Products
ABB ASPECT-Enterprise is a scalable building energy management and control solution.ABB NEXUS Series is a monitoring and control management system.ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications. ...
Adobe InCopy Input Validation Error Vulnerability (CNVD-2025-13325)
Adobe InCopy is a text editing software for creative writing from the American company Audobee Adobe. Adobe InCopy suffers from an input validation error vulnerability that is caused by an integer overflow error. An attacker could exploit this vulnerability to execute code on the system or cause...
Adobe InCopy Heap Buffer Overflow Vulnerability (CNVD-2025-13324)
Adobe InCopy is a text editing software for creative writing from the American company Audobee Adobe. Adobe InCopy suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause the application to crash...
Adobe Substance3D Sampler Out-of-Bounds Write Vulnerability (CNVD-2025-13323)
Adobe Substance 3D Sampler is a professional software from Adobe designed to help users easily create and iterate on realistic material maps. Adobe Substance3D Sampler suffers from an out-of-bounds write vulnerability that can be exploited by attackers to execute code on the system or cause the...
Adobe Substance3D Sampler Out-of-Bounds Write Vulnerability (CNVD-2025-13322)
Adobe Substance 3D Sampler is a professional software from Adobe designed to help users easily create and iterate on realistic material maps. Adobe Substance3D Sampler suffers from an out-of-bounds write vulnerability that can be exploited by attackers to execute code on the system or cause the...
Adobe InDesign Out-of-Bounds Write Vulnerability (CNVD-2025-13328)
Adobe InDesign is a set of layout and editing applications from the American company Audobee Adobe. Adobe InDesign suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause the application to crash...
Adobe InDesign Heap Buffer Overflow Vulnerability (CNVD-2025-13327)
Adobe InDesign is a set of layout and editing applications from the American company Audobee Adobe. Adobe InDesign suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause the application to crash...
Adobe InDesign Memory Misreference Vulnerability
Adobe InDesign is a set of layout and editing applications from the American company Audobee Adobe. A memory misreference vulnerability exists in Adobe InDesign, which can be exploited by an attacker to execute arbitrary code on the system or cause the application to crash...
Adobe Acrobat Reader Memory Misreference Vulnerability (CNVD-2025-13318)
Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. A memory misreference vulnerability exists in Adobe Acrobat Reader, which can be exploited by an attacker to execute code on the system or cause the application to...
Adobe Acrobat Reader Memory Misreference Vulnerability
Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. A memory misreference vulnerability exists in Adobe Acrobat Reader, which can be exploited by an attacker to execute code on the system or cause the application to...