131179 matches found
Endian Firewall new_cert_name Parameter Cross-Site Scripting Vulnerability
Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall newcertname parameter, which stems from improper handling of the newcertname parameter in /manage/ca/certificate/, and can be exploited by an attacker to inject...
IBM DataPower Gateway Cross-Site Request Forgery Vulnerability (CNVD-2026-19180)
IBM DataPower Gateway is an enterprise-grade application security gateway that provides API management and traffic control capabilities. A cross-site request forgery vulnerability exists in IBM DataPower Gateway. The vulnerability arises because the system fails to effectively validate the source...
IBM Verify Identity Access Authentication Bypass Vulnerability (CNVD-2026-16876)
IBM Verify Identity Access and Security Verify Access are a family of identity and access management solutions that provide user authentication and access control capabilities. An authentication bypass vulnerability exists in IBM Verify Identity Access. The vulnerability arises due to a flaw in t...
Endian Firewall name parameter cross-site scripting vulnerability
Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall name parameter, which stems from improper cleanup of the name parameter input in /manage/qos/classes/, and can be exploited by an attacker to inject malicious...
Endian Firewall remark parameter cross-site scripting vulnerability
Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall remark parameter, which stems from improper handling of the remark parameter in /manage/password/web/, and can be exploited by an attacker to inject malicious scri...
Endian Firewall NAME Parameter Cross-Site Scripting Vulnerability
Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall NAME parameter, which originates from improperly cleaning up the input of the NAME parameter in /cgi-bin/uplinkeditor.cgi, and can be exploited by an attacker to...
Endian Firewall ADDRESS BCC Parameter Cross-Site Scripting Vulnerability
Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall ADDRESS BCC parameter, which originates from improper handling of the ADDRESS BCC parameter in /cgi-bin/smtprouting.cgi, and can be exploited by an attacker to...
Endian Firewall DATE Parameter OS Command Injection Vulnerability
Endian Firewall is a network security firewall system from Endian. An operating system command injection vulnerability exists in the Endian Firewall DATE parameter, which stems from incomplete regular expression validation of the DATE parameter in /cgi-bin/logsids.cgi, and can be exploited by an...
Endian Firewall remark parameter cross-site scripting vulnerability (CNVD-2026-18373)
Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall remark parameter, which stems from improper handling of the remark parameter in /manage/vpnauthentication/user/, and can be exploited by an attacker to inject...
Endian Firewall DATE Parameter OS Command Injection Vulnerability
Endian Firewall is a network security firewall system from Endian. An operating system command injection vulnerability exists in the Endian Firewall DATE parameter, which stems from incomplete regular expression validation of the DATE parameter in /cgi-bin/logssmtp.cgi, and can be exploited by an...
Endian Firewall group parameter cross-site scripting vulnerability
Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall group parameter, which stems from improper handling of the group parameter in /cgi-bin/proxygroup.cgi, and can be exploited by an attacker to inject malicious...
Endian Firewall DOMAIN Parameter Cross-Site Scripting Vulnerability
Endian Firewall is a network security firewall system from Endian. Endian Firewall DOMAIN Parameter Cross-Site Scripting VulnerabilityThe vulnerability stems from improper handling of the DOMAIN parameter in /cgi-bin/smtpdomains.cgi, which can be exploited by an attacker to inject malicious...
Endian Firewall remark parameter cross-site scripting vulnerability (CNVD-2026-18401)
Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall remark parameter, which stems from improper handling of the remark parameter in /cgi-bin/vpnfw.cgi, and can be exploited by an attacker to inject malicious...
Endian Firewall domain parameter cross-site scripting vulnerability
Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall domain parameter, which originates from improper handling of the domain parameter in /manage/smtpscan/domainrouting/, and can be exploited by an attacker to inject...
Endian Firewall mimetypes parameter cross-site scripting vulnerability
Endian Firewall is a network security firewall system from Endian. Endian Firewall mimetypes parameter cross-site scripting vulnerability, which stems from improper handling of the mimetypes parameter in /cgi-bin/proxypolicy.cgi, can be exploited by an attacker to inject malicious JavaScript code...
Endian Firewall DATE Parameter OS Command Injection Vulnerability (CNVD-2026-18423)
Endian Firewall is a network security firewall system from Endian. An operating system command injection vulnerability exists in the Endian Firewall DATE parameter, which stems from incomplete regular expression validation of the DATE parameter in /cgi-bin/logslog.cgi, and can be exploited by an...
IBM Content Navigator Cross-Site Scripting Vulnerability (CNVD-2026-16875)
IBM Content Navigator is an enterprise content management and collaboration platform for document management, workflow and content retrieval. A cross-site scripting vulnerability exists in IBM Content Navigator. The vulnerability stems from a failure to properly process user input and can be...
Endian Firewall REMARK Parameter Cross-Site Scripting Vulnerability
Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall REMARK parameter, which stems from improper handling of the REMARK parameter in /cgi-bin/openvpnclient.cgi, and can be exploited by an attacker to inject malicious...
Endian Firewall remark parameter cross-site scripting vulnerability
Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall remark parameter, which stems from improperly cleaning up the input of the remark parameter in /manage/dnsmasq/hosts/, and can be exploited by an attacker to injec...
Endian Firewall remark parameter cross-site scripting vulnerability (CNVD-2026-18410)
Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall remark parameter, which stems from improper handling of the remark parameter in /cgi-bin/snat.cgi, and can be exploited by an attacker to inject malicious JavaScri...
Endian Firewall remark parameter cross-site scripting vulnerability (CNVD-2026-18377)
Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall remark parameter, which stems from improper handling of the remark parameter in /manage/dnsmasq/localdomains/, and can be exploited by an attacker to inject...
Endian Firewall DATE Parameter OS Command Injection Vulnerability (CNVD-2026-18422)
Endian Firewall is a network security firewall system from Endian. An operating system command injection vulnerability exists in the Endian Firewall DATE parameter, which stems from incomplete regular expression validation of the DATE parameter in /cgi-bin/logsopenvpn.cgi, and can be exploited by...
Endian Firewall remark parameter cross-site scripting vulnerability (CNVD-2026-18400)
Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall remark parameter, which stems from improper handling of the remark parameter in /cgi-bin/xtaccess.cgi, and can be exploited by an attacker to inject malicious...
Endian Firewall remark parameter cross-site scripting vulnerability (CNVD-2026-18409)
Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall remark parameter, which stems from improper handling of the remark parameter in /cgi-bin/incoming.cgi, and can be exploited by an attacker to inject malicious...
Endian Firewall user parameter cross-site scripting vulnerability
Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall user parameter, which stems from improper handling of the user parameter in /cgi-bin/proxyuser.cgi, and can be exploited by an attacker to inject malicious...
Endian Firewall remark parameter cross-site scripting vulnerability (CNVD-2026-18375)
Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall remark parameter, which stems from improper handling of the remark parameter in /manage/ipsec/, and can be exploited by an attacker to inject malicious script and...
Endian Firewall remark parameter cross-site scripting vulnerability (CNVD-2026-18403)
Endian Firewall is a network security firewall system from Endian. Cross-site scripting vulnerability in Endian Firewall remark parameterThe vulnerability stems from improper handling of the remark parameter in /cgi-bin/outgoingfw.cgi, which can be exploited by an attacker to inject malicious...
Endian Firewall dscp Parameter Cross-Site Scripting Vulnerability
Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall dscp parameter, which stems from improper handling of the dscp parameter in /manage/qos/rules/, and can be exploited by an attacker to inject malicious JavaScript...
Endian Firewall remark parameter cross-site scripting vulnerability (CNVD-2026-18402)
Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall remark parameter, which stems from improper handling of the remark parameter in /cgi-bin/zonefw.cgi, and can be exploited by an attacker to inject malicious...
FreeRDP Denial of Service Vulnerability (CNVD-2026-16035)
FreeRDP is an open source Remote Desktop Protocol RDP implementation library and client . A denial of service vulnerability exists in FreeRDP. The vulnerability arises because the IMA ADPCM audio decoding process does not validate the step index parameter, resulting in out-of-bounds access to the...
FreeRDP Heap Buffer Overflow Vulnerability (CNVD-2026-16033)
FreeRDP is an open source Remote Desktop Protocol RDP implementation library and client . FreeRDP suffers from a heap buffer overflow vulnerability. The vulnerability arises due to an out-of-bounds heap memory write due to a bmpSize synchronization error in the persistent cache. An attacker can...
FreeRDP Out-of-Bounds Read Vulnerability (CNVD-2026-16034)
FreeRDP is an open source Remote Desktop Protocol RDP implementation library and client . FreeRDP suffers from an out-of-bounds read vulnerability. The vulnerability arises due to a mismatch in the persistent cache allocator, which results in an out-of-bounds read of heap memory when processing...
Linux kernel double release vulnerability (CNVD-2026-16036)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a double-release vulnerability, which stems from the bsgdone function resulting in a double-release that can be exploited by an attacker to cause the...
FreeRDP Double Release Vulnerability (CNVD-2026-16032)
FreeRDP is an open source Remote Desktop Protocol RDP implementation library and client . FreeRDP suffers from a double release vulnerability. The vulnerability is caused by a double release problem in the memory release process of the kerberosAcceptSecurityContext and...
OpenBao Authorization Issues Vulnerability
OpenBao is OpenBao open source a sensitive data management software . OpenBao there is an authorization problem vulnerability , the vulnerability stems from JWT/OIDC login and role callbackmode is set to direct when the user is not prompted to confirm , an attacker can use this vulnerability lead...
Unspecified Vulnerability in HCL Traveler
HCL Traveler is a software from HCL India. It is used to provide automatic, bi-directional, wireless synchronization between HCL Domino servers and wireless handheld devices. HCL Traveler has a security vulnerability that stems from weak HTTP header validation, which can be exploited by an attack...
IBM Concert Encryption Problem Vulnerability (CNVD-2026-16880)
IBM Concert is an enterprise-class collaboration and project management software from IBM. A security vulnerability exists in IBM Concert versions 1.0.0 through 2.2.0 that stems from fixed authentication information embedded in the software. An attacker could exploit the vulnerability to obtain...
Unspecified Vulnerability in HCL Aftermarket DPC (CNVD-2026-15828)
HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC has a security vulnerability that can be exploited by an attacker to get a clearer picture of the organization's network layout...
Unspecified Vulnerability in HCL Aftermarket DPC (CNVD-2026-15834)
HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from a security vulnerability that can be exploited by attackers to cause a denial of service by consuming server bandwidth and processing resources through mass spamming...
OpenClaw Path Traversal Vulnerability (CNVD-2026-16040)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a path traversal vulnerability that can be exploited by an attacker to read arbitrary files and disclose sensitive information...
Apple macOS Integer Overflow Vulnerability
Apple macOS is a specialized operating system developed by Apple for Mac computers. An integer overflow vulnerability exists in Apple macOS, which can be exploited by an attacker to cause heap corruption when processing malicious strings...
Unspecified Vulnerability in HCL Aftermarket DPC (CNVD-2026-15833)
HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC has a security vulnerability that can be exploited by attackers to compromise the application using vulnerabilities available on the Internet...
HCL Aftermarket DPC Session Fixation Vulnerability
HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from a session fixation vulnerability that can be exploited by an attacker to take over a user's session and conduct unauthorized transactions...
Unspecified Vulnerability in Apple macOS (CNVD-2026-19670)
Apple macOS is a specialized operating system developed by Apple for Mac computers. Apple macOS has a security vulnerability that can be exploited by an attacker to cause an application to connect to a network share without the user's consent...
Integer Overflow Vulnerability in Multiple Mozilla Products (CNVD-2026-19991)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An integer overflow vulnerability exists in multiple Mozilla products,...
Memory Misreference Vulnerability in Multiple Mozilla Products (CNVD-2026-17913)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A memory misreference vulnerability exists in multiple Mozilla products, whi...
Code execution vulnerability in multiple Mozilla products (CNVD-2026-16995)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in multiple Mozilla products that...
Multiple Mozilla Products Resource Management Error Vulnerability (CNVD-2026-16998)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A resource management error vulnerability exists in multiple Mozilla...
Code execution vulnerability in multiple Mozilla products (CNVD-2026-17000)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in multiple Mozilla products. The...
Elevation of Privilege Vulnerability in Multiple Mozilla Products (CNVD-2026-17001)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An elevation of privilege vulnerability exists in several Mozilla...