130931 matches found
SAP Solution Manager Directory Traversal Vulnerability
SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as a system management platform. A directory traversal vulnerability exists in SAP Solution Manager, which stems from a lack of validity checkin...
SAP Solution Manager File Upload Vulnerability
SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as a system management platform. A file upload vulnerability exists in SAP Solution Manager that stems from the application's lack of effective...
SAP NetWeaver Server ABAP Authorization Issues Vulnerability
SAP NetWeaver Server ABAP is an application server from SAP, Germany. SAP NetWeaver Server ABAP suffers from an authorization issue vulnerability that stems from a lack of authorization checking in the virus scanning interface, which could be exploited by an attacker to access sensitive data...
SAP KMC WPC Information Disclosure Vulnerability
SAP KMC WPC is a combination of enterprise content management and web publishing components from SAP. An information disclosure vulnerability exists in SAP KMC WPC, which can be exploited by an attacker to retrieve a user name via a simple parameter query, resulting in the disclosure of sensitive...
Adobe ColdFusion Improper Access Control Vulnerability (CNVD-2025-07806)
Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. Adobe ColdFusion has a security vulnerability that can be exploited by attackers to cause a security...
Adobe Animate Out-of-Bounds Read Vulnerability (CNVD-2025-07804)
Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. Adobe Animate suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to cause a sensitive memory leak...
Ivanti Endpoint Manager Pointer Dereference Vulnerability
Ivanti Endpoint Manager is an enterprise-class endpoint management solution for centralized management of all types of devices including Windows, MacOS, Linux, iOS/Android mobile devices, etc. to achieve unified configuration, security control and remote operation and maintenance. A pointer...
Adobe ColdFusion OS Command Injection Vulnerability (CNVD-2025-07805)
Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. Adobe ColdFusion has an OS command injection vulnerability that arises from the application failing to...
IBM Security Verify Governance Cross-Site Scripting Vulnerability (CNVD-2025-09286)
IBM Security Verify Governance is an intelligent identity access platform from International Business Machines IBM, Inc. provides organizations with a platform to analyze, define and control user access and access risk. A cross-site scripting vulnerability exists in IBM Security Verify Governance...
PCMan FTP Server Buffer Overflow Vulnerability (CNVD-2025-10863)
PCMan FTP Server is an open source lightweight FTP server software developed by PCMan . A buffer overflow vulnerability exists in PCMan FTP Server. The vulnerability stems from the STATUS Command Handler not performing proper boundary checks on input data, and no details of the vulnerability are...
Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21437)
Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...
Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21436)
Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...
Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21434)
Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...
Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21433)
Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...
Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21432)
Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...
Adobe Commerce Unauthorized Access Vulnerability
Adobe Commerce is a leading global digital commerce solution for merchants and brands. An unauthorized access vulnerability exists in Adobe Commerce. The vulnerability stems from inadequate protection of access to sensitive credential information, which allows an attacker with elevated privileges...
Zoom Workplace Cross-Site Scripting Vulnerability
Zoom Workplace is an AI-first collaboration platform from Zoom that integrates core features such as team communication, meetings, document collaboration, and a built-in AI Companion smart assistant to boost productivity. A cross-site scripting vulnerability exists in Zoom Workplace. The...
Adobe Commerce Access Control Error Vulnerability (CNVD-2025-08783)
Adobe Commerce is a leading global digital commerce solution for merchants and brands. Adobe Commerce suffers from an Access Control Error vulnerability that stems from improper access control, and no detailed vulnerability details are available at this time...
Unspecified Vulnerability in Rockwell Automation Arena (CNVD-2025-21431)
Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...
Ivanti Endpoint Manager Cross-Site Scripting Vulnerability
Ivanti Endpoint Manager is an enterprise-grade endpoint management solution, mainly used for centralized management of various types of devices including Windows, MacOS, Linux, iOS/Android mobile devices, etc., to achieve unified configuration, security control and remote operation and maintenanc...
Fortinet FortiWeb Path Traversal Vulnerability
Fortinet FortiWeb is a Web application layer firewall from the U.S. company Fita Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks to ensure the security of Web applications and protect sensitive database content. A...
Fortinet FortiClient Cross-Site Scripting Vulnerability
Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. Fortinet FortiClient suffers from a cross-site scripting...
Adobe Bridge Buffer Overflow Vulnerability
Adobe Bridge is a file viewer from the American company Audobee Adobe. Adobe Bridge suffers from a buffer overflow vulnerability, which arises from a failure to properly handle memory allocation during file processing, resulting in a buffer overflow that can be exploited by an attacker to execute...
Adobe After Effects Out-of-Bounds Read Vulnerability (CNVD-2025-07803)
Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. An out-of-bounds read vulnerability exists in Adobe After Effects version...
Adobe XMP Toolkit Buffer Overflow Vulnerability
Adobe XMP Toolkit is a toolkit from the American company Audobee Adobe. Used to integrate Xmp functionality into a product or solution. Adobe XMP Toolkit suffers from a buffer overflow vulnerability that originates from an out-of-bounds read, which can be exploited by an attacker to cause a...
Rockwell Automation Arena Local Code Execution Vulnerability
Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...
Adobe After Effects Buffer Overflow Vulnerability (CNVD-2025-09274)
Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. A buffer overflow vulnerability exists in Adobe After Effects, which stems from a failure to properly handle read operations at memory boundaries and can be exploited by...
Adobe Premiere Pro Buffer Overflow Vulnerability
Adobe Premiere Pro is a set of non-linear editing video editing software from the American company Audobee Adobe. A buffer overflow vulnerability exists in Adobe Premiere Pro, which can be exploited by an attacker to execute arbitrary code...
Tenda FH1202 Access Control Error Vulnerability
The Tenda FH1202 is a wireless router from Tenda. An access control error vulnerability exists in the Tenda FH1202. The vulnerability stems from mishandling of access control in the web management interface code of the /goform/VirSerDMZ component. No detailed vulnerability details are provided at...
Dell PowerScale OneFS Information Disclosure Vulnerability
Dell PowerScale OneFS is an operating system for horizontally scalable NAS from Dell USA. An information disclosure vulnerability exists in PowerScale OneFS. The vulnerability stems from the disclosure of directory listing information. An attacker could exploit this vulnerability to obtain...
Ivanti Endpoint Manager Cross-Site Scripting Vulnerability (CNVD-2025-15470)
Ivanti Endpoint Manager is an enterprise-grade endpoint management solution, mainly used for centralized management of various types of devices including Windows, MacOS, Linux, iOS/Android mobile devices, etc., to achieve unified configuration, security control and remote operation and maintenanc...
Ivanti Endpoint Manager Code Issue Vulnerability
Ivanti Endpoint Manager is an enterprise-grade endpoint management solution, mainly used for centralized management of various types of devices including Windows, MacOS, Linux, iOS/Android mobile devices, etc., to achieve unified configuration, security control and remote operation and maintenanc...
Unspecified Vulnerability in Ivanti Endpoint Manager
Ivanti Endpoint Manager is an enterprise-grade endpoint management solution, mainly used for centralized management of various types of devices including Windows, MacOS, Linux, iOS/Android mobile devices, etc., to achieve unified configuration, security control and remote operation and maintenanc...
SAP Netweaver Unauthorized Access Vulnerability
SAP NetWeaver is SAP's integrated technology platform. An unauthorized access vulnerability exists in SAP Netweaver that stems from an authorization check bypass and can be exploited by an attacker to gain unauthorized access to ABAP code...
Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21429)
Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...
There are logic flaws and vulnerabilities in the Fast Shadow APP of Beijing Shutterstock Technology Co.
Fast Shadow App is a video shooting, video editing and video making tool. A logic flaw vulnerability exists in the Fast Shadow APP of Beijing Racer Technology Limited, which can be exploited by attackers to cause a denial of service...
Google Pixel Local Elevation of Privilege Vulnerability
Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a local elevation of privilege vulnerability, which stems from a logic error in the s2mpu.c file, which can be used to bypass mitigations and can be exploited by an attacker to perform a local elevatio...
Adobe ColdFusion Information Disclosure Vulnerability (CNVD-2025-07807)
Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. Adobe ColdFusion has an information disclosure vulnerability that can be exploited by attackers to caus...
Esri Portal for ArcGIS Hardcoded Credentials Vulnerability
Esri Portal for ArcGIS is a Web-based geographic information system GIS platform. A hard-coded credentials vulnerability exists in Esri Portal for ArcGIS, which can be exploited by an attacker to gain administrative access to the system...
Adobe Commerce Cross-Site Request Forgery Vulnerability (CNVD-2025-08777)
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A cross-site request forgery vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause a denial of service due to the web...
Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21435)
Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...
Adobe After Effects Out-of-Bounds Read Vulnerability (CNVD-2025-07801)
Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. An out-of-bounds read vulnerability exists in Adobe After Effects version...
Adobe XMP Toolkit Buffer Overflow Vulnerability (CNVD-2025-08785)
Adobe XMP Toolkit is a toolkit from the American company Audobee Adobe. Used to integrate Xmp functionality into a product or solution. Adobe XMP Toolkit has a buffer overflow vulnerability that originates from an out-of-bounds read, which can be exploited by an attacker to obtain sensitive...
SAP NetWeaver Buffer Overflow Vulnerability
SAP NetWeaver is the German SAP SAP company's set of service-oriented integrated application platform. SAP NetWeaver suffers from a buffer overflow vulnerability that stems from improper handling of memory addresses, which could allow an attacker to execute certain forms of SQL queries. An attack...
Adobe XMP Toolkit Buffer Overflow Vulnerability (CNVD-2025-08781)
Adobe XMP Toolkit is a toolkit from the American company Audobee Adobe. Used to integrate Xmp functionality into a product or solution. Adobe XMP Toolkit suffers from a buffer overflow vulnerability that originates from an out-of-bounds read, which can be exploited by an attacker to cause a...
Unspecified Vulnerability in Siemens SENTRON 7KT PAC1260 Data Manager
Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. A security vulnerability exists in the Siemens SENTRON 7KT PAC1260 Data Manager that stems from a web interface of the affected device that allows the login password to be changed...
Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21430)
Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...
Adobe After Effects Out-of-Bounds Write Vulnerability (CNVD-2025-07802)
Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. An out-of-bounds write vulnerability exists in Adobe After Effects version...
PCMan FTP Server SYST Command Handling Component Buffer Overflow Vulnerability
PCMan FTP Server is PCMan open source set of FTP software. PCMan FTP Server suffers from a buffer overflow vulnerability that originates from the SYST command processing component failing to properly validate the length and size of input data, which can be exploited by an attacker to cause a deni...
PCMan FTP Server DELETE Command Handler Buffer Overflow Vulnerability
PCMan FTP Server is PCMan open source FTP software package . PCMan FTP Server suffers from a buffer overflow vulnerability that originates from the DELETE Command Handler failing to properly validate the length and size of input data, which can be exploited by an attacker to cause a denial of...