Wyse Management Suite WMS Cross-Site Request Forgery Vulnerability

Wyse Management Suite WMS is a cloud and local management platform from Dell, Inc. It is used to centrally manage Wyse lightweight endpoint devices and supports remote configuration, firmware updates, security policy management and other features. A cross-site request forgery vulnerability exists...

Dell Wyse Management Suite WMS Cross-Site Scripting Vulnerability (CNVD-2025-15006)

Wyse Management Suite WMS is a cloud and local management platform from Dell, Inc. It is used to centrally manage Wyse lightweight endpoint devices and supports remote configuration, firmware updates, security policy management and other features. A cross-site scripting vulnerability exists in Wy...

Adobe Substance3D Painter Buffer Overflow Vulnerability

Adobe Substance 3D Painter is a professional 3D texture design tool under the Adobe Creative Cloud ecosystem. Adobe Substance3D Painter suffers from a buffer overflow vulnerability that originates from out-of-bounds writes, which can be exploited by attackers to cause arbitrary code execution...

Adobe InDesign Desktop Buffer Overflow Vulnerability (CNVD-2025-14825)

Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from a buffer overflow vulnerability that originates from an out-of-bounds read, which can be exploited by an attacker to cause a sensitive memory leak...

Adobe InDesign Desktop Code Issue Vulnerability

Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from a code issue vulnerability that originates from a null pointer dereference, which can be exploited by an attacker to cause a denial of service...

WordPress Backup and Staging by WP Time Capsule plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Backup and Staging by WP Time Capsule plugin that stems from improper input neutralization and can be exploited by a...

Adobe Commerce Access Control Error Vulnerability

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce has a security vulnerability that can be exploited by an attacker to cause a security feature bypass...

Tenda AC7 /goform/AdvSetLanip File Buffer Overflow Vulnerability

Tenda AC7 is a wireless router from Tenda, a Chinese company. Tenda AC7 suffers from a buffer overflow vulnerability, which originates from the parameter lanMask in the file /goform/AdvSetLanip that fails to correctly validate the length and size of the input data, which can be exploited by an...

Cisco Webex Cross-Site Scripting Vulnerability (CNVD-2025-15713)

Cisco Webex is a suite of video conferencing and collaboration products from Cisco. A cross-site scripting vulnerability exists in Cisco Webex that stems from improper user input filtering and can be exploited by an attacker to cause a cross-site scripting attack...

SQL Injection Vulnerabilities in Various ABB Products

ABB ASPECT-Enterprise is a scalable building energy management and control solution.ABB NEXUS Series is a monitoring and control management system.ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications. ...

Unspecified vulnerability in WordPress Password Policy Manager plugin

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress Password Policy Manager plugin that stems from vulnerability to authentication bypass attacks, no detailed vulnerability details...

Adobe Acrobat Reader Null Pointer Dereference Vulnerability

Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. Adobe Acrobat Reader has a null pointer dereference vulnerability that can be exploited by an attacker to cause a denial of service...

Adobe Acrobat Reader Out-of-Bounds Write Vulnerability (CNVD-2025-13314)

Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. Adobe Acrobat Reader has an out-of-bounds write vulnerability that can be exploited by an attacker to execute code on the system or cause the application to crash...

Adobe Acrobat Reader Memory Misreference Vulnerability (CNVD-2025-13319)

Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. A memory misreference vulnerability exists in Adobe Acrobat Reader, which can be exploited by an attacker to execute code on the system or cause the application to...

Adobe Acrobat Reader Memory Misreference Vulnerability (CNVD-2025-13320)

Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. A memory misreference vulnerability exists in Adobe Acrobat Reader, which can be exploited by an attacker to execute code on the system or cause the application to...

Adobe InDesign Desktop Buffer Overflow Vulnerability (CNVD-2025-14824)

Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from a buffer overflow vulnerability that stems from an out-of-bounds write problem that can be exploited by an attacker to cause arbitrary code execution...

Tenda AC6 /goform/SetRemoteWebCfg File Buffer Overflow Vulnerability

The Tenda AC6 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda AC6 version 15.03.05.16, which originates from the parameter remoteIp in the file /goform/SetRemoteWebCfg that fails to correctly validate the length of the input data, and can be...

Adobe Acrobat Reader Memory Misreference Vulnerability (CNVD-2025-13321)

Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. A memory misreference vulnerability exists in Adobe Acrobat Reader, which can be exploited by an attacker to execute code on the system or cause the application to...

WordPress Bunnys Print CSS plugin cross-site request forgery vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in the WordPress Bunnys Print CSS plugin that stems from missing or incorrect nonce validation of the pcssoptionssubpanel...

Adobe InDesign Desktop Buffer Overflow Vulnerability (CNVD-2025-14823)

Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from a buffer overflow vulnerability that stems from an out-of-bounds write problem that can be exploited by an attacker to cause arbitrary code execution...

Adobe Commerce License Issue Vulnerability (CNVD-2025-14274)

Adobe Commerce is the United States of America Odobie Adobe company's a kind of merchants and brands for the world's leading digital commerce solutions. Adobe Commerce suffers from an authorization issue vulnerability that stems from an improper authorization issue that could be exploited by an...

Adobe Commerce Cross-Site Scripting Vulnerability

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of...

WordPress Glossary by WPPedia Code Issue Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A code issue vulnerability exists in WordPress Glossary by WPPedia that stems from improper deserialization of the posttypes parameter, which can be exploited by an attacker to...

Adobe Experience Manager Cross-Site Scripting Vulnerability (CNVD-2025-15631)

Adobe Experience Manager is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Audobee Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

Microsoft Excel Code Execution Vulnerability (CNVD-2025-13265)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code...

Logic Flaw Vulnerability in Apartment Management System of Lianyi Technology Co.

Upper TechSoft is committed to creating an integrated environment of digital teaching, research, management and life for Chinese universities and colleges, and ultimately realizing a comprehensive service-oriented smart campus with informatization of education, scientific decision-making and...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2025-15564)

Adobe Experience Manager is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Audobee Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2025-14994)

Adobe Experience Manager is a comprehensive content management solution from Adobe. A cross-site scripting vulnerability exists in Adobe Experience Manager, which stems from the vulnerability of form fields to stored cross-site scripting attacks. An attacker can exploit the vulnerability to cause...

WordPress MapSVG Elevation of Privilege Vulnerability

WordPress MapSVG is a WordPress plugin for creating interactive maps. WordPress MapSVG suffers from an elevation of privilege vulnerability. The vulnerability stems from improper privilege assignment. An attacker can exploit the vulnerability to elevate privileges to elevate a low-privileged...

WordPress History Log by click5 Cross-Site Scripting Vulnerability

WordPress History Log by click5 is a plugin for tracking user activity and logging changes to your website. A cross-site scripting vulnerability exists in WordPress History Log by click5. The vulnerability stems from improper input neutralization and can be exploited by an attacker to execute...

WordPress Recover Abandoned Cart for WooCommerce SQL Injection Vulnerability

WordPress Recover Abandoned Cart for WooCommerce is a plugin designed to recover unfinished orders in WooCommerce. A SQL injection vulnerability exists in WordPress Recover Abandoned Cart for WooCommerce. The vulnerability stems from improper neutralization of special elements. An attacker can...

WordPress WP Event Manager Improper Filename Control Vulnerability

WordPress WP Event Manager is an event management plugin designed specifically for WordPress that allows users to create, manage and promote various types of events including conferences, seminars, exhibitions, parties and more. A filename miscontrol vulnerability exists in WordPress WP Event...

WordPress Infility Global SQL Injection Vulnerability

WordPress Infility Global is a plugin for managing the global settings of your WordPress website. WordPress Infility Global suffers from a SQL injection vulnerability. The vulnerability stems from improper neutralization of special elements and can be exploited by an attacker to read or modify...

WordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce - Light SQL Injection Vulnerability

WordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce - Light is a plugin for WordPress that makes it easy to change prices for WooCommerce and WP e-commerce products. WordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce - Light is vulnerable to SQL injection. The...

Tenda FH1202 Buffer Overflow Vulnerability

The Tenda FH1202 is a wireless router manufactured by Tenda. A buffer overflow vulnerability exists in the Tenda FH1202. The vulnerability stems from improper handling of the fromVirtualSer function in the /goform/VirtualSer file. An attacker can exploit this vulnerability to remotely execute...

WordPress Essential Real Estate Improper Filename Control Vulnerability

WordPress Essential Real Estate is a WordPress plugin for creating and managing real estate websites. WordPress Essential Real Estate suffers from a filename miscontrol vulnerability. An attacker can exploit this vulnerability to construct malicious requests that result in PHP native file inclusi...

Adobe Experience Manager Cross-Site Scripting Vulnerability (CNVD-2025-12789)

Adobe Experience Manager is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Audobee Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A securit...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2025-12788)

Adobe Experience Manager is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Audobee Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A securit...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2025-12786)

Adobe Experience Manager is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Audobee Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A securit...

WordPress Network Posts Extended Cross-Site Scripting Vulnerability

WordPress Network Posts Extended is a WordPress plugin that enhances post publishing and management on WordPress websites. A cross-site scripting vulnerability exists in WordPress Network Posts Extended. The vulnerability stems from insufficient input cleanup and escaping of the postheight...

WordPress WP YouTube Video Optimizer Plugin Cross-Site Scripting Vulnerability

WordPress WP YouTube Video Optimizer is a plugin for optimizing YouTube videos on WordPress websites. A cross-site scripting vulnerability exists in WordPress WP YouTube Video Optimizer. The vulnerability stems from insufficient cleanup and escaping of attribute input provided to the user by the...

D-Link DIR-632 Stack Buffer Overflow Vulnerability

D-Link DIR-632 is a wireless router for small business and SOHO users, supporting IEEE 802.11n and IEEE 802.11g wireless standards, with a maximum theoretical transfer rate of 300Mbps and equipped with eight 10/100Mbps LAN ports. A stack buffer overflow vulnerability exists in the D-Link DIR-632...

Tenda AC7 Buffer Overflow Vulnerability

Tenda AC7 is a high-performance dual-band wireless router designed for large homes with strong signal coverage and stable network performance. A buffer overflow vulnerability exists in Tenda AC7. The vulnerability originates from the formSetPPTPUserList function in the file /goform/setPptpUserLis...

TOTOLINK EX1200T Buffer Overflow Vulnerability (CNVD-2025-12751)

The TOTOLINK EX1200T is a wireless router from TOTOLINK. A buffer overflow vulnerability exists in the TOTOLINK EX1200T version 4.1.2cu.5232B20210713, which affects the HTTP POST request processing component of file/boafrm/formFilter with unknown code. A remote attacker could exploit this...

TOTOLINK T10 Buffer Overflow Vulnerability

The TOTOLINK T10 is a wireless router from TOTOLINK. A buffer overflow vulnerability exists in TOTOLINK T10 version 4.1.8cu.5207, which affects the function setWiFiRepeaterCfg in the /cgi-bin/cstecgi.cgi file of the component's POST request handler.An attacker can exploit the vulnerability by...

TOTOLINK T10 Buffer Overflow Vulnerability (CNVD-2025-12749)

The TOTOLINK T10 is a wireless router manufactured by TOTOLINK. A buffer overflow vulnerability exists in TOTOLINK T10 version 4.1.8cu.5207, which affects the function setWiFiMeshName in the /cgi-bin/cstecgi.cgi file of the component's POST request handler.An attacker can exploit the vulnerabilit...

Microsoft Excel Code Execution Vulnerability (CNVD-2025-13266)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2025-14290)

Adobe Experience Manager is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Audobee Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A securit...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2025-14289)

Adobe Experience Manager is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Audobee Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A securit...

Adobe Experience Manager License Issue Vulnerability

Adobe Experience Manager is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Audobee Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. Adobe...