Unauthorized Access Vulnerability in NPort 5410 of Mosaic Technology (Shanghai) Co.

The NPort 5410 is an industrial-grade serial communication processor, mainly used to connect traditional serial devices to the network for remote management and monitoring. The NPort 5410 has an unauthorized access vulnerability that can be exploited by attackers to obtain sensitive information...

Document Uploading Vulnerability in Online Entrustment System of Zhuhai Xinhua Tong Software Co.

Zhuhai Xinhua Tong Software Co., Ltd. is a professional software company focusing on the research and development of informatization products and services in the industries of smart city and smart housing construction. A file upload vulnerability exists in the online entrustment system of Zhuhai...

AUO DIR-605L and AUO DIR-816L Hardcoded Vulnerabilities

AUO DIR-605L is the first cloud router, mainly for home and small office network environments. AUO DIR-816L is a dual-band wireless router that supports 2.4GHz and 5GHz bands , and is compliant with network standards such as IEEE 802.11ac and IEEE 802.11n, with a maximum transmission rate of...

Command Execution Vulnerability in Hikvision Integrated Security Management Platform of Hangzhou Hikvision Digital Technology Co.

Hangzhou Hikvision Digital Technology Co., Ltd. is a technology company that focuses on technological innovation. Command execution vulnerability exists in the Hikvision Integrated Security Management Platform of Hangzhou Hikvision Digital Technology Co. Ltd, which can be exploited by an attacker...

Xiamen Very Good Software Information Technology Company Limited XSS Vulnerability in Very Good Enterprise Management System

Xiamen Very Good Software Information Technology Co., Ltd. specializes in software development, information system integration, data processing and digital content services. Xiamen Very Good Software Information Technology Co., Ltd. very good enterprise management system XSS vulnerability,...

Binary Vulnerability in AC6V2.0 of Shenzhen Jixiang Tengda Technology Co.

The AC6V2.0 is a wireless router model that is primarily used to provide network connectivity. Ltd. AC6V2.0 suffers from a binary vulnerability that can be exploited by an attacker to cause a stack overflow...

Unauthorized Access Vulnerability in Visitor System of Shandong Admiral Technology Group Co.

Shandong Admiralty Science and Technology Group Co., Ltd. is a state-owned joint-stock enterprise. There is an unauthorized access vulnerability in the visitor system of Shandong Admiral Technology Group Co. Ltd, which can be exploited by attackers to obtain sensitive information...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14389)

FreeFloat FTP Server is an FTP service from FreeFloat. FreeFloat FTP Server suffers from a buffer overflow vulnerability that is caused by incorrect boundary checking in the component LANG command handler. No detailed vulnerability details are provided at this time...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14388)

FreeFloat FTP Server is an FTP service from FreeFloat. FreeFloat FTP Server suffers from a buffer overflow vulnerability that is caused by incorrect boundary checking in the component BELL command handler. No detailed vulnerability details are provided at this time...

Command Execution Vulnerability in Tianrongxin Internet Behavior Management System of Beijing Tianrongxin Technology Co.

Tianrongxin Internet Behavior Management System is a network behavior management product designed to meet the needs of various industries for network behavior management and content auditing. Beijing Tianrongxin Technology Co., Ltd Tianrongxin Internet Behavior Management System has a command...

D-Link DI-8100 Buffer Overflow Vulnerability

The D-Link DI-8100 is a wireless broadband router designed for small to medium-sized network environments from China's D-Link. The D-Link DI-8100 suffers from a buffer overflow vulnerability that originates from the parameter notify in the file /login.cgi that fails to correctly validate the leng...

Google Pixel Information Disclosure Vulnerability (CNVD-2025-11247)

Google Pixel is a smartphone from the American company Google Google. Google Pixel has an information disclosure vulnerability that can be exploited by an attacker to cause Bluetooth adapter details to be disclosed...

Google Pixel elevation of privilege vulnerability

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from an elevation of privilege vulnerability that can be exploited by an attacker to cause a local elevation of privilege...

Google Chrome Resource Management Error Vulnerability

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a resource management error vulnerability, no details of the vulnerability are provided at this time...

GNU PSPP Heap Buffer Overflow Vulnerability

GNU PSPP is an application for data sampling, statistics and analysis from the American GNU community. GNU PSPP suffers from a heap buffer overflow vulnerability. The vulnerability stems from the failure of the inflateread function called indirectly by spvreadxmlmember in zip-reader.c to properly...

GNU PSPP spvxml_parse_attributes out-of-bounds read vulnerability

GNU PSPP is an application for data sampling, statistics and analysis from the American GNU community. GNU PSPP suffers from an out-of-bounds read vulnerability that stems from spvxmlparseattributes, no details of the vulnerability are provided at this time...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14494)

FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server that stems from the RMDIR Command Handler component failing to properly validate the length size of input data, no details of the vulnerability are provided at this time...

News Portal Project /add-category.php File SQL Injection Vulnerability

News Portal Project is a news portal project. News Portal Project suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements for the parameter Category in the file /admin/add-category.php. An attacker can exploit this vulnerability ...

News Portal Project /edit-subadmin.php File SQL Injection Vulnerability

News Portal Project is a news portal project. News Portal Project suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in the parameter emailid in the file /admin/edit-subadmin.php. An attacker can exploit this vulnerability t...

News Portal Project /edit-subcategory.php File SQL Injection Vulnerability

News Portal Project is a news portal project. News Portal Project suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements for the parameter Category in the file /admin/edit-subcategory.php. An attacker can exploit this...

Company Visitor Management System /forgot-password.php File SQL Injection Vulnerability

Company Visitor Management System is a visitor management system. Company Visitor Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter email in the file /forgot-password.php. An attacker can...

Student Record System /login.php File SQL Injection Vulnerability

Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter ID in the file /login.php. An attacker can exploit this vulnerability to execute...

Small CRM /admin/manage-tickets.php File SQL Injection Vulnerability

Small CRM is a customer relationship management system. Small CRM suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter aremark in the file /admin/manage-tickets.php. An attacker can exploit this vulnerability ...

Small CRM /admin/change-password.php File SQL Injection Vulnerability

Small CRM is a customer relationship management system. Small CRM suffers from a SQL injection vulnerability, which originates from the lack of validation of externally entered SQL statements in the parameter oldpass in the file /admin/change-password.php. An attacker can exploit this vulnerabili...

Employee Record Management System /myprofile.php File SQL Injection Vulnerability

Employee Record Management System is an employee record management system. Employee Record Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter EmpCode in the file /myprofile.php. An attacker...

FreeFloat FTP Server GET Command Handler Component Buffer Overflow Vulnerability

FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server version 1.0.0, which stems from the GET Command Handler component failing to properly validate the length size of the input data, no details of the vulnerability are provided at...

Employee Record Management System /admin/editempexp.php File SQL Injection Vulnerability

Employee Record Management System is an employee record management system. Employee Record Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in the parameter emp1name in the file /admin/editempexp.php. An...

Google Chrome Information Disclosure Vulnerability

Google Chrome is a web browser from Google, an American company. Google Chrome has an information disclosure vulnerability that can be exploited by attackers to obtain user information...

Employee Record Management System /loginerms.php File SQL Injection Vulnerability

Employee Record Management System is an employee record management system. Employee Record Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Email in the file /loginerms.php. An attacker c...

Company Visitor Management System /bwdates-reports-details.php File SQL Injection Vulnerability

Company Visitor Management System is a visitor management system. Company Visitor Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter fromdate/todate in the file /bwdates-reports-details.php...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14384)

FreeFloat FTP Server is an FTP service from FreeFloat. FreeFloat FTP Server suffers from a buffer overflow vulnerability that is caused by incorrect boundary checking in the component LS command handler. No detailed vulnerability details are provided at this time...

GNU Screen Information Disclosure Vulnerability

GNU Screen is an application from the American GNU community. It provides the effect of getting multiple virtual terminals on one physical terminal. GNU Screen suffers from an information disclosure vulnerability that can be exploited by attackers to infer path information...

Gnu Screen Competitive Conditions Loophole

Gnu Screen is a terminal multiplexing tool developed by the GNU project that allows users to create multiple virtual terminal sessions in the same physical terminal and supports session resumption, window switching and multi-user sharing. Gnu Screen suffers from a competitive condition...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14493)

FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server that stems from the failure of the QUOTE Command Handler component to properly validate the length size of input data, no details of the vulnerability are provided at this time...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14387)

FreeFloat FTP Server is an FTP service from FreeFloat. FreeFloat FTP Server suffers from a buffer overflow vulnerability that is caused by incorrect boundary checking in the component STATUS command handler. No detailed vulnerability details are provided at this time...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14386)

FreeFloat FTP Server is an FTP service from FreeFloat. FreeFloat FTP Server suffers from a buffer overflow vulnerability that is caused by incorrect boundary checking in the component VERBOSE command handler. No detailed vulnerability details are provided at this time...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14385)

FreeFloat FTP Server is an FTP service from FreeFloat. FreeFloat FTP Server suffers from a buffer overflow vulnerability that is caused by incorrect boundary checking in the component TYPE command handler. No detailed vulnerability details are provided at this time...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14383)

FreeFloat FTP Server is a FTP Server software developed by FreeFloat Inc. A buffer overflow vulnerability exists in FreeFloat FTP Server. The vulnerability stems from the failure of the SEND command handler to properly process user input, and no details of the vulnerability are provided at this...

IBM Tivoli Monitoring Remote Code Execution Vulnerability (CNVD-2025-12571)

IBM Tivoli Monitoring is a suite of enterprise-class monitoring solutions designed to help organizations manage complex IT environments and ensure system availability and performance. A remote code attack vulnerability exists in IBM Tivoli Monitoring. The vulnerability is due to improper validati...

News Portal Project /edit-category.php File SQL Injection Vulnerability

News Portal Project is a news portal project. News Portal Project suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements for the parameter Category in the file /admin/edit-category.php. An attacker can exploit this vulnerability...

GNU Binutils Buffer Overflow Vulnerability

GNU Binutils is a set of programming language utility programs developed by the American GNU community. A buffer overflow vulnerability exists in GNU Binutil, which stems from the failure of the function debugtypesamep in the file /binutils/debug.c to correctly validate the length of input data,...

GNU Binutils /bfd/elflink.c File Buffer Overflow Vulnerability

GNU Binutils GNU Binary Utilities is a set of programming language utility programs developed by the American GNU community. The programs are primarily designed to work with target files in a variety of formats, and provide connectors, assemblers, and other tools for target files and archives. A...

NVIDIA CUDA toolkit buffer overflow vulnerability (CNVD-2025-23259)

NVIDIA CUDA toolkit is a toolkit from NVIDIA, Inc. It provides a development environment for creating high-performance GPU-accelerated applications. The NVIDIA CUDA toolkit suffers from a buffer overflow vulnerability that stems from the cuobjdump binary not checking the buffer length, which can ...

Cisco IOS and Cisco IOS XE Input Validation Error Vulnerability

Cisco IOS and Cisco IOS XE are both products of Cisco Corporation.Cisco IOS is a suite of operating systems developed for its network devices.Cisco IOS XE is an operating system. A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14492)

FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server that stems from the failure of the LITERAL Command Handler component to properly validate the length size of input data, no details of the vulnerability are provided at this time...

SAP Service Parts Management Authorization Issues Vulnerability

SAP Service Parts Management is an intelligent spare parts supply chain solution for after-sales service from SAP. An authorization issue vulnerability exists in SAP Service Parts Management, which stems from a lack of authorization checking, no details of the vulnerability are available at this...

Google Chrome Buffer Overflow Vulnerability

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a buffer overflow vulnerability that can be exploited by an attacker to cause heap corruption...

Apache NuttX Buffer Overflow Vulnerability (CNVD-2025-12572)

Apache NuttX is a real-time embedded operating system from the Apache Foundation. A buffer overflow vulnerability exists in Apache NuttX versions prior to 12.9.0, which originates from an application boundary error when handling untrusted input, and can be exploited by an attacker to cause a syst...

Foxit PDF Reader Memory Corruption Vulnerability

Foxit PDF Reader is a software for reading and working with PDF documents. A memory corruption vulnerability exists in Foxit PDF Reader. The vulnerability stems from an out-of-bounds write to the native library when attempting PDF rendering, resulting in memory corruption. An attacker can exploit...

FreeFloat FTP Server ASCII Command Handler Component Buffer Overflow Vulnerability

FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server version 1.0.0, which stems from the failure of the ASCII Command Handler component to properly validate the length size of the input data, and for which no detailed vulnerability...