Delta Electronics CNCSoft out-of-bounds write vulnerability (CNVD-2025-12363)

Delta Electronics CNCSoft is a CNC machine simulation system software from Delta Electronics China. Delta Electronics CNCSoft suffers from an out-of-bounds write vulnerability, which could be exploited by an attacker to cause arbitrary code to be executed in the current process environment...

Open5GS has an unspecified vulnerability (CNVD-2025-18576)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a denial of service vulnerability that can be exploited by attackers to cause availability to be compromised...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14369)

FreeFloat FTP Server is an FTP service from FreeFloat. FreeFloat FTP Server suffers from a buffer overflow vulnerability that stems from the PASV Command Handler component failing to properly validate the length size of input data, no details of the vulnerability are provided at this time...

Open5GS has an unspecified vulnerability (CNVD-2025-18577)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS has a security vulnerability that can be exploited by an attacker to cause reachable assertions...

TOTOLINK A3002RU NAT Mapping Page Component Cross-Site Scripting Vulnerability

TOTOLINK A3002RU is a wireless router product from China's Gion Electronics TOTOLINK. The TOTOLINK A3002RU suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the NAT Mapping Page component parameter Comment, for...

IBM Db2 Resource Management Error Vulnerability (CNVD-2025-12563)

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from a Resource Management Error vulnerability that stems from improper allocation of C...

IBM Db2 Denial of Service Vulnerability (CNVD-2025-12295)

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM Db2, which can be exploited by an attacker to cause a...

IBM Db2 Stack Buffer Overflow Vulnerability

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to caus...

Human Metapneumovirus Testing Management System /search-report-result.php File SQL Injection Vulnerability

Human Metapneumovirus Testing Management System is a human subpneumovirus testing management system. The Human Metapneumovirus Testing Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter...

Complaint Management System SQL Injection Vulnerability

Complaint Management System is a complaint management system. Complaint Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter fromdate/todate in the file /admin/between-date-complaintreport.php...

Traffic Offense Reporting System saveuser.php File Cross-Site Scripting Vulnerability

Traffic Offense Reporting System is a traffic violation reporting system. Traffic Offense Reporting System has a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the saveuser.php file parameters...

Complaint Management System /admin/edit-state.php File SQL Injection Vulnerability

Complaint Management System is a complaint management system. Complaint Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter description in the /admin/edit-state.php file. An attacker can explo...

Notice Board System admin-profile.php File SQL Injection Vulnerability

Notice Board System is a bulletin board system. A SQL injection vulnerability exists in the Notice Board System, which originates from a lack of validation of externally-entered SQL statements in the parameter mobilenumber in file /admin-profile.php. An attacker can exploit this vulnerability to...

Medical Card Generation System /admin/readenq.php File SQL Injection Vulnerability

Medical Card Generation System is a medical card generation system. The Medical Card Generation System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter ID of the /admin/readenq.php file. An attacker can...

Medical Card Generation System /admin/manage-card.php File SQL Injection Vulnerability

Medical Card Generation System is a medical card generation system. The Medical Card Generation System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter ID of the /admin/manage-card.php file. An attacker ca...

Complaint Management System /admin/edit-category.php File SQL Injection Vulnerability

Complaint Management System is a complaint management system. Complaint Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter description in the /admin/edit-category.php file. An attacker can...

Medical Card Generation System /admin/unreadenq.ph File SQL Injection Vulnerability

Medical Card Generation System is a medical card generation system. The Medical Card Generation System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter ID of the /admin/unreadenq.ph file. An attacker can...

Complaint Management System /admin/manage-users.php File SQL Injection Vulnerability

Complaint Management System is a complaint management system. Complaint Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter uid in the /admin/manage-users.php file. An attacker can exploit...

Complaint Management System /user/register-complaint.ph File SQL Injection Vulnerability

Complaint Management System is a complaint management system. The Complaint Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in parameter noc in the /user/register-complaint.ph file. An attacker can exploit...

Complaint Management System /admin/updatecomplaint.php File SQL Injection Vulnerability

Complaint Management System is a complaint management system. Complaint Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Status in the file /admin/updatecomplaint.php. An attacker can...

Complaint Management System /user/profile.php File SQL Injection Vulnerability

Complaint Management System is a complaint management system. Complaint Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the /user/profile.php file parameter pincode. An attacker can exploit this...

Human Metapneumovirus Testing Management System /bwdates-report-result.php File SQL Injection Vulnerability

Human Metapneumovirus Testing Management System is a human subpneumovirus testing management system. Human Metapneumovirus Testing Management System suffers from a SQL injection vulnerability that originates from the lack of validation of the fromdate/todate parameter in the file...

Patient Record Management System urinalysis_form.php File SQL Injection Vulnerability

Patient Record Management System is a medical record management system. Patient Record Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements in the urinalysisform.php file parameter urinalysisid. An attacker can...

WordPress Element Pack Pro plugin Improper Access Control Vulnerability

WordPress Element Pack Pro plugin is a WordPress editor plugin extension plugin that is mainly used to enhance and extend the functionality and design capabilities of WordPress websites. WordPress Element Pack Pro plugin suffers from an Improper Access Control vulnerability that stems from improp...

Complaint Management System /admin/edit-subcategory.php File SQL Injection Vulnerability

Complaint Management System is a complaint management system. Complaint Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter subcategory in the file /admin/edit-subcategory.php. An attacker can...

Tenda AC10 Buffer Overflow Vulnerability (CNVD-2025-12406)

The Tenda AC10 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda AC10 15.03.06.47 and earlier versions, which originates from the failure of the formSetPPTPServer parameters startIp and endIp to properly validate the length of the input data in t...

Patient Record Management System sputum_form.php File SQL Injection Vulnerability

Patient Record Management System is a medical record management system. Patient Record Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements in the parameter itrno in file /sputumform.php. An attacker can exploit thi...

D-Link DI-500WF-WT Command Injection Vulnerability

D-Link DI-500WF-WT is a device for wireless network coverage from China AUO D-Link. A command injection vulnerability exists in the D-Link DI-500WF-WT, which stems from the parameter cmd failing to properly filter constructed command special characters, commands, and so on. No detailed...

WordPress Newsletter plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress Newsletter plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data,...

DELL ThinOS Information Disclosure Vulnerability

DELL ThinOS is a thin client operating system from Dell designed for virtual workspaces, providing a highly secure and efficient virtual desktop experience. DELL ThinOS suffers from an information disclosure vulnerability that originates from storing sensitive information in clear text, which can...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14377)

FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server that stems from the XMKD Command Handler component failing to properly validate the length size of input data, no details of the vulnerability are provided at this time...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14376)

FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server, which stems from the XCWD Command Handler component failing to properly validate the length size of input data, no details of the vulnerability are provided at this time...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14374)

FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server, which stems from the component SET Command Handler failing to properly validate the length size of input data, no details of the vulnerability are provided at this time...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14373)

FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server that stems from the RESTART Command Handler component failing to properly validate the length size of input data, no details of the vulnerability are provided at this time...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14372)

FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server, which stems from the REIN Command Handle component failing to properly validate the length size of input data, no details of the vulnerability are provided at this time...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14371)

FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server, which stems from the component REGET Command Handler failing to properly validate the length size of input data, no details of the vulnerability are provided at this time...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14370)

FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server, which stems from the failure of the component PROGRESS Command Handler to properly validate the length and size of input data, no details of the vulnerability are provided at thi...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14368)

FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server, which stems from the failure of the component PASSIVE Command Handler to properly validate the length size of the input data, no details of the vulnerability are provided at this...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14367)

FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server that stems from the failure of the RETR Command Handler component to properly validate the length size of input data, no details of the vulnerability are provided at this time...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14366)

FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server, which stems from the failure of the component CDUP Command Handler to properly validate the length size of input data, no details of the vulnerability are provided at this time...

Delta Electronics CNCSoft out-of-bounds write vulnerability (CNVD-2025-22961)

Delta Electronics CNCSoft is a CNC machine simulation system software from Delta Electronics China. An out-of-bounds write vulnerability exists in Delta Electronics CNCSoft, which can be exploited by an attacker to execute arbitrary code on the system...

IBM Cloud Pak for Security and IBM QRadar Suite Session Fixation Vulnerability

IBM Cloud Pak for Security is a software application. An open security platform that connects to your existing data sources to generate deeper insights and enables you to take automated action faster.IBM QRadar Suite is an integrated security information and event management SIEM solution for...

WordPress Popup Maker plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. The WordPress Popup Maker plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied...

Delta Electronics CNCSoft Out-of-Bounds Write Vulnerability

Delta Electronics CNCSoft is a CNC machine simulation system software from Delta Electronics China. Delta Electronics CNCSoft suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute code in the context of the current process...

WordPress Profile Builder Plugin Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress Profile Builder Plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied...

MailEnable failure.aspx component cross-site scripting vulnerability

MailEnable is a commercial email server software designed for Windows operating systems that provides end-to-end email hosting and collaboration solutions. MailEnable suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied da...

IBM Cloud Pak for Security and IBM QRadar Suite Input Validation Error Vulnerability

IBM Cloud Pak for Security is a software application. An open security platform that connects to your existing data sources to generate deeper insights and enables you to take automated action faster.IBM QRadar Suite is an integrated security information and event management SIEM solution for...

WordPress Bit File Manager plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Bit File Manager plugin, which stems from insufficient input cleanup and escaping during SVG file uploads, and no...

Fortinet FortiOS Access Control Error Vulnerability (CNVD-2025-12791)

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. An access control error...

Dell Encryption Admin Utilities Incorrect Link Resolution Vulnerability

Dell Encryption Admin Utilities is a software for data encryption management and troubleshooting from Dell, USA. An incorrect link resolution vulnerability exists in Dell Encryption Admin Utilities versions prior to 11.10.2, which can be exploited by an attacker to elevate privileges...