130931 matches found
Microsoft Excel Code Execution Vulnerability (CNVD-2025-10450)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...
Microsoft Excel Code Execution Vulnerability (CNVD-2025-10451)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which is caused due to a heap buffer overflow. An attacker can exploit this vulnerability to execute arbitrary code on the system...
Microsoft Excel Code Execution Vulnerability (CNVD-2025-10455)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...
Microsoft Excel Code Execution Vulnerability (CNVD-2025-10453)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...
Microsoft Excel Code Execution Vulnerability (CNVD-2025-10448)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...
Nipah virus Testing Management System /edit-phlebotomist.php File SQL Injection Vulnerability
Nipah Virus Testing Management System is an online virus diagnostic platform. Nipah Virus Testing Management System suffers from a SQL injection vulnerability that originates from improper manipulation of the parameter mobilenumber in the file /edit-phlebotomist.php, no details of the vulnerabili...
Microsoft Office Code Execution Vulnerability (CNVD-2025-10612)
Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to execute...
Microsoft Office Code Execution Vulnerability (CNVD-2025-10613)
Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to execute...
Information Disclosure Vulnerability in H3C NX15 of Xinhua San Technologies Co.
The H3C NX15 is a home wireless router. An information disclosure vulnerability exists in the H3C NX15 of Xinhua San Technologies Limited, which can be exploited by attackers to obtain sensitive information...
Shanghai Blade Technology Co., Ltd. BladeX suffers from a logic flaw vulnerability
BladeX is a well-designed microservices architecture that provides a full suite of SpringCloud solutions. Ltd. BladeX has a logic flaw vulnerability that can be exploited by an attacker to overstep his authority to obtain sensitive information and perform unauthorized operations...
Logic Flaw Vulnerability in Forms System of Hunan Zhongda Numerical Information Technology Co.
Hunan Zhongda Numerical Information Technology Co., Ltd. is a technology-based company mainly engaged in regional Internet e-commerce new retail and platform development services. A logic flaw vulnerability exists in the form system of Hunan Zhongda Digital Wei Information Technology Co., Ltd. th...
Adobe Photoshop Digital Error Vulnerability
Adobe Photoshop is a set of image processing software from the American company Audobee Adobe. The software is mainly used for processing pictures. Adobe Photoshop suffers from a numeric error vulnerability that originates from an integer underflow, which can be exploited by an attacker to execut...
Adobe Illustrator Buffer Overflow Vulnerability
Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. A buffer overflow vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to execute arbitrary code...
SonicWall SMA1000 Cross-Site Request Forgery Vulnerability
The SonicWALL SMA1000 is a series of secure mobile access solutions from SonicWALL, Inc. simplifies end-to-end secure remote access to enterprise resources hosted across local, cloud and hybrid data centers. The SonicWALL SMA1000 suffers from a cross-site request forgery vulnerability that stems...
TOTOLINK A3002R/A3002RU Buffer Overflow Vulnerability
TOTOLINK A3002R and A3002RU are wireless router products under the TOTOLINK brand that support a wide range of network features and services. The TOTOLINK A3002R and A3002RU are vulnerable to a buffer overflow vulnerability that originates in the /boafrm/formMapDel file in the HTTP POST request...
TOTOLINK A3002R formMapDelDevice interface macstr parameter buffer overflow vulnerability
TOTOLINK A3002R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3002R suffers from a buffer overflow vulnerability that arises from the macstr parameter in the formMapDelDevice interface failing to properly validate the length and size of the input data, which can be...
TOTOLINK A3002R formDhcpv6s interface dnsaddr parameter buffer overflow vulnerability
The TOTOLINK A3002R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3002R suffers from a buffer overflow vulnerability that originates from the failure of the dnsaddr parameter in the formDhcpv6s interface to correctly validate the length and size of the input data, whi...
TOTOLINK A3002R formDhcpv6s Interface addrPoolEnd Parameter Buffer Overflow Vulnerability
The TOTOLINK A3002R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3002R suffers from a buffer overflow vulnerability that originates from the failure of the addrPoolEnd parameter in the formDhcpv6s interface to correctly validate the length size of the input data, and...
Adobe Animate Out-of-Bounds Write Vulnerability (CNVD-2025-10667)
Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. Adobe Animate suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code...
TOTOLINK N150RT Virtual Server Page Component Cross-Site Scripting Vulnerability
The TOTOLINK N150RT is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK N150RT suffers from a cross-site scripting vulnerability that stems from the Virtual Server Page component's lack of effective filtering and escaping of user-supplied data, and no details of the...
TOTOLINK N150RT URL Filtering Page Component Cross-Site Scripting Vulnerability
The TOTOLINK N150RT is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK N150RT suffers from a cross-site scripting vulnerability that stems from the URL Filtering Page component's lack of effective filtering and escaping of user-supplied data, and no details of the...
TOTOLINK N150RT /boafrm/formWsc File Buffer Overflow Vulnerability
The TOTOLINK N150RT is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK N150RT suffers from a buffer overflow vulnerability, which originates from the parameter localPin in the file /boafrm/formWsc that fails to properly validate the length of the input data, which can be...
TOTOLINK A3100R setMacQos function buffer overflow vulnerability
TOTOLINK A3100R is a series of wireless routers from China's Gion Electronics TOTOLINK. The TOTOLINK A3100R suffers from a buffer overflow vulnerability that originates from the failure of the priority parameter of the setMacQos interface in /lib/cstemodules/firewall.so to correctly validate the...
D-Link DIR-619L formSetWAN_Wizard52 Function Buffer Overflow Vulnerability
The D-Link DIR-619L is a wireless router from China's AUO D-Link. The D-Link DIR-619L suffers from a buffer overflow vulnerability that originates from the formSetWANWizard52 function curTime parameter failing to correctly validate the length size of the input data, which can be exploited by an...
D-Link DIR-619L formEasySetupWizard function buffer overflow vulnerability
The D-Link DIR-619L is a wireless router from China's AUO D-Link. The D-Link DIR-619L suffers from a buffer overflow vulnerability that originates from the curTime parameter of the formEasySetupWizard function failing to properly validate the length of the input data, which can be exploited by an...
D-Link DIR-605L formSetWAN_Wizard55 Function Buffer Overflow Vulnerability
The D-Link DIR-605L is a wireless router from China's AUO D-Link. The D-Link DIR-605L suffers from a buffer overflow vulnerability that stems from the formSetWANWizard55 function parameter curTime failing to correctly validate the length and size of the input data, which can be exploited by an...
D-Link DIR-605L formSetWAN_Wizard534 Function Buffer Overflow Vulnerability
The D-Link DIR-605L is a wireless router from China's AUO D-Link. The D-Link DIR-605L suffers from a buffer overflow vulnerability that stems from the formSetWANWizard534 function parameter curTime failing to correctly validate the length size of the input data, which can be exploited by an...
TOTOLINK NR1800X setWiFiBasicCfg function ssid parameter buffer overflow vulnerability
TOTOLINK NR1800X is an outstanding 5G NR indoor Wi-Fi and SIP CPE from China's Gion Electronics TOTOLINK. The TOTOLINK NR1800X suffers from a buffer overflow vulnerability that stems from the ssid parameter in the setWiFiBasicCfg function failing to properly validate the length size of the input...
Adobe Lightroom Desktop Buffer Overflow Vulnerability
Adobe Lightroom Desktop is a professional photo management and editing software from the American company Audobee Adobe, designed to provide photographers and image editors with powerful workflow and editing tools. Adobe Lightroom Desktop suffers from a buffer overflow vulnerability that originat...
Adobe Dimension Buffer Overflow Vulnerability
Adobe Dimension is the United States of America Odo than Adobe company is a set of 2D and 3D composite design tools. Adobe Dimension suffers from a buffer overflow vulnerability that originates from an out-of-bounds write and can be exploited by an attacker to execute arbitrary code...
TOTOLINK A3002R and A3002RU Buffer Overflow Vulnerability (CNVD-2025-11996)
The TOTOLINK A3002R and A3002RU are routers from TOTOLINK that support a wide range of network features and services. The TOTOLINK A3002R and A3002RU suffer from a buffer overflow vulnerability that stems from improper handling of the file /boafrm/formIpQoS in the HTTP POST request handler. No...
TOTOLINK A3002R and A3002RU Buffer Overflow Vulnerability
The TOTOLINK A3002R and A3002RU are routers from TOTOLINK that support a wide range of network features and services. The TOTOLINK A3002R and A3002RU are vulnerable to a buffer overflow vulnerability that originates from incorrect manipulation of the /boafrm/formPortFw file of the component HTTP...
IBM Infosphere Information Server Information Disclosure Vulnerability (CNVD-2025-12591)
Infosphere Information Server is an enterprise-class software for data integration and data quality from IBM. A security vulnerability exists in Infosphere Information Server version 11.7. An attacker could exploit the vulnerability to obtain sensitive information...
IBM WebSphere Application Server Cross-Site Scripting Vulnerability
IBM WebSphere Application Server WAS is an application server product from International Business Machines IBM. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. A cross-site scripting vulnerability exists in IBM...
Dell PowerScale OneFS Denial of Service Vulnerability
Dell PowerScale OneFS is an operating system from Dell USA. PowerScale OneFS operating system that provides horizontal scaling of NAS. A denial of service vulnerability exists in Dell PowerScale OneFS, which arises from uncontrolled resource consumption and can be exploited by an attacker to caus...
IBM Security QRadar Encryption Issue Vulnerability
IBM Security QRadar is a modernized threat detection and response solution from International Business Machines IBM, Inc. designed to unify and integrate the security analyst experience and improve their response speed throughout the incident lifecycle. IBM Security QRadar version 3.12 EDR suffer...
GNU PSPP Buffer Overflow Vulnerability
GNU PSPP is an application for data sampling, statistics and analysis from the American GNU community. GNU PSPP suffers from a buffer overflow vulnerability that stems from inflateread failing to properly validate the length and size of input data, which can be exploited by an attacker to cause a...
Mattermost Permission Issues Vulnerability
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a privilege issue vulnerability that stems from insufficient privilege validation, which can be exploited by an attacker to add guest users via the API...
Mattermost has an unspecified vulnerability
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a security vulnerability that stems from a failure to lock out an LDAP user, which can be exploited by an attacker to lock out an external LDAP account through repeated failed...
Yonyou Changjietong UFIDA CRM SQL Injection Vulnerability
Yonyou Changjietong UFIDA CRM is a customer relationship management system for small and medium-sized enterprises SMEs from China's Yonyou, integrating sales automation and marketing analytics. Yonyou Changjietong UFIDA CRM suffers from a SQL injection vulnerability that originates from the lack ...
SQL Injection Vulnerability in UFIDA NC65 of UFIDA Network Technology Co.
UFIDA NC65 is a group-level ERP system for medium and large enterprises. A SQL injection vulnerability exists in UFIDA NC65, which can be exploited by attackers to obtain sensitive information from the database...
Tenda FH451 Code Execution Vulnerability
The Tenda FH451 is a router from the Chinese company Tenda. The Tenda FH451 suffers from a code execution vulnerability that stems from the formSafeEmailFilter function failing to properly filter special elements of the constructed snippet. No details of the vulnerability are available at this ti...
Tenda AC10 formSetPPTPUserList Buffer Overflow Vulnerability
Tenda AC10 is a dual-band Gigabit wireless router from Tenda China. The Tenda AC10 suffers from a buffer overflow vulnerability that originates from the formSetPPTPUserList handler failing to properly validate the length of input data, which can be exploited by an attacker to execute arbitrary co...
Command Execution Vulnerability in SuperMap iServer of Beijing SuperMap Software Co.
SuperMap iServer is a cloud GIS application server based on high-performance cross-platform GIS kernel, providing full-featured GIS service publishing, management and aggregation capabilities, and supporting multi-level extension development. A command execution vulnerability exists in SuperMap...
TOTOLINK NR1800X setSmsCfg Function Buffer Overflow Vulnerability
TOTOLINK NR1800X is an outstanding 5G NR indoor Wi-Fi and SIP CPE from China's Gion Electronics TOTOLINK. The TOTOLINK NR1800X suffers from a buffer overflow vulnerability that stems from the text parameter in the setSmsCfg function failing to correctly validate the length size of the input data,...
Mattermost Permission Issues Vulnerability
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a privilege issue vulnerability that stems from insufficient privilege validation, which can be exploited by an attacker to view group information via an API request...
TOTOLINK A3100R setParentalRules function buffer overflow vulnerability
TOTOLINK A3100R is a series of wireless routers from China's Gion Electronics TOTOLINK. TOTOLINK A3100R suffers from a buffer overflow vulnerability that stems from the urlKeyword parameter in setParentalRules failing to correctly validate the length size of the input data, no details of the...
TOTOLINK A950RG /lib/cste_modules/system.so file buffer overflow vulnerability
The TOTOLINK A950RG is an ultra-generation Giga wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A950RG suffers from a buffer overflow vulnerability that originates from the failure of the setNoticeCfg interface NoticeUrl parameter in /lib/cstemodules/system.so to correctly...
Mattermost has an unspecified vulnerability
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a security vulnerability that stems from not checking the RestrictSystemAdmin setting, which can be exploited by an attacker to cause a system administrator to access...
TOTOLINK A3100R setMacFilterRules function buffer overflow vulnerability
TOTOLINK A3100R is a series of wireless routers from China's Gion Electronics TOTOLINK. The TOTOLINK A3100R suffers from a buffer overflow vulnerability that stems from the comment parameter in setMacFilterRules failing to correctly validate the length size of the input data, no detailed...