Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability (CNVD-2025-23059)

Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. A remote code execution vulnerability exists in Microsoft Edge Chromium-based, which can be exploited by an attacker to execute arbitrary code on a system...

e-Diary Management System view-note.php File SQL Injection Vulnerability

The e-Diary Management System is an electronic diary management system. The e-Diary Management System suffers from a SQL injection vulnerability that originates from a missing validation of externally entered SQL statements in the parameter mark of the view-note.php file. An attacker can exploit...

e-Diary Management System add-notes.php File SQL Injection Vulnerability

The e-Diary Management System is an electronic diary management system. The e-Diary Management System suffers from a SQL injection vulnerability that originates from a missing validation of an externally entered SQL statement in the Category parameter of the add-notes.php file. An attacker can...

Patient Record Management System birthing_record.php File SQL Injection Vulnerability

Patient Record Management System is a medical record management system. Patient Record Management System suffers from a SQL injection vulnerability that originates from the validation of externally entered SQL statements that are missing from parameter itrno in the birthingrecord.php file. An...

Patient Record Management System dental_not.php File SQL Injection Vulnerability

Patient Record Management System is a medical record management system. Patient Record Management System suffers from a SQL injection vulnerability that originates from the validation of externally entered SQL statements that are missing from parameter itrno in the dentalnot.php file. An attacker...

PyTorch torch.jit.script function buffer overflow vulnerability

PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a buffer error vulnerability that stems from the failure of the function torch.jit.script to properly validate the length size of input data, which can be exploited by an attacker to execute arbitrary code on the system or...

PyTorch torch.lstm_cell function buffer overflow vulnerability

PyTorch is a Python package open-sourced by PyTorch. PyTorch has a buffer overflow vulnerability that stems from the failure of the function torch.lstmcell to properly validate the length size of the input data, which can be exploited by an attacker to execute arbitrary code on the system or caus...

PyTorch torch.nn.utils.rnn.pad_packed_sequence function buffer overflow vulnerability

PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a buffer overflow vulnerability that stems from the failure of the function torch.nn.utils.rnn.padpackedsequence to properly validate the length size of input data, which can be exploited by an attacker to execute arbitrary...

PyTorch torch.nn.utils.rnn.unpack_sequence function buffer overflow vulnerability

PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a buffer overflow vulnerability that stems from the failure of the function torch.nn.utils.rnn.unpacksequence to properly validate the length size of input data, which can be exploited by an attacker to execute arbitrary co...

Apple Xcode Out-of-Bounds Write Vulnerability

Apple Xcode is an integrated development environment developed by Apple Inc. Apple Xcode suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to cause an application to overwrite arbitrary files...

Tenda RX3 Stack Overflow Vulnerability

The Tenda RX3 is a home wireless router from Tenda, a Chinese company. A stack overflow vulnerability exists in the Tenda RX3. An attacker could exploit this vulnerability to cause a denial of service or execute arbitrary code...

Apache Seata Code Issue Vulnerability

Apache Seata is the United States Apache Apache Foundation of a microservices architecture in the United States to provide high-performance and easy to use distributed transaction services in the open source project . Apache Seata suffers from a code issue vulnerability that stems from...

Google Chrome Input Validation Error Vulnerability (CNVD-2025-07516)

Google Chrome is a web browser from Google Inc. in the United States. Google Chrome suffers from an input validation error vulnerability that stems from insufficient validation of untrustworthy input in Extensions. An attacker can exploit this vulnerability to obtain sensitive information...

Google Chrome Incorrectly Implemented Vulnerability

Google Chrome is a WEB browser developed by Google Inc. Google Chrome suffers from an incorrect implementation vulnerability, no details of the vulnerability are provided at this time...

Google Chrome Elevation of Privilege Vulnerability

Google Chrome is a WEB browser developed by Google Inc. Google Chrome suffers from an elevation of privilege vulnerability that originates from an improper implementation in Extensions, which can be exploited by an attacker to submit a special web request that induces the user to parse and elevat...

Tenda AC15 webCgiGetUploadFile has a buffer overflow vulnerability

The Tenda AC15 is a wireless router from China's Tenda. A buffer overflow vulnerability exists in the Tenda AC15 webCgiGetUploadFile, which can be exploited by an attacker to execute arbitrary code...

Unspecified vulnerability in PyTorch torch.jit.jit_module_from_flatbuffer function

PyTorch is a Python package open-sourced by PyTorch. A security vulnerability exists in the PyTorch torch.jit.jitmodulefromflatbuffer function, which can be exploited by attackers to cause memory corruption...

Apache Kylin code issue vulnerability (CNVD-2025-10036)

Apache Kylin is the United States Apache Apache Foundation of an open source distributed analytical data warehouse . The product mainly provides Hadoop/Spark on top of the SQL query interface and multidimensional analysis OLAP and other functions. Apache Kylin suffers from a code issue...

Google Chrome Input Validation Error Vulnerability

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from an input validation error vulnerability, which stems from an improper implementation in Intents, that can be exploited by an attacker to submit a special Web request that can be elevated in privilege by...

Google Android Cache Overflow Vulnerability (CNVD-2025-07531)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a buffer overflow vulnerability that stems from the program not properly checking boundaries, which can be exploited by an attacker to elevate privileges...

Google Android Cache Overflow Vulnerability (CNVD-2025-07596)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a buffer overflow vulnerability that stems from the program not properly checking boundaries, no details of the vulnerability are provided at this time...

Google Android elevation of privilege vulnerability (CNVD-2025-07522)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which stems from the program's failure to perform privilege checks, and can be exploited by an attacker to gain privileges and elevate privileges without...

Google Android elevation of privilege vulnerability (CNVD-2025-11432)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which arises from the program incorrectly retaining setup privileges, and can be exploited by an attacker to elevate privileges without requiring addition...

Google Android Code Execution Vulnerability (CNVD-2025-10930)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a code execution vulnerability that is caused due to a flaw in a system component. An attacker can exploit the vulnerability to execute arbitrary code on the system...

Google Android Buffer Overflow Vulnerability (CNVD-2025-07523)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a buffer overflow vulnerability that stems from the program not properly checking boundaries, which can be exploited by an attacker to execute remote code...

Google Android Denial of Service Vulnerability (CNVD-2025-12377)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a denial-of-service vulnerability, which stems from a code logic error that can be exploited by an attacker to trigger a factory reset without the user's consent, resulting in a denial of service...

Google Android elevation of privilege vulnerability (CNVD-2025-11433)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that originates from multiple locations containing an eavesdropping hijacking/overwriting attack that can be exploited by an attacker to gain access to a...

Google Android Information Disclosure Vulnerability (CNVD-2025-07521)

Google Android is a Linux-based open source operating system from Google. Google Android has an information disclosure vulnerability that can be exploited by attackers to obtain sensitive information...

Google Android elevation of privilege vulnerability (CNVD-2025-12378)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to a competitive condition flaw in multiple functions in AccountManagerService.java, which can be exploited by an attacker to gain elevated privileges ...

Google Android Information Disclosure Vulnerability (CNVD-2025-07530)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that stems from a code logic error that can be exploited by an attacker to obtain sensitive information...

Google Android Denial of Service Vulnerability

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a denial of service vulnerability that originates in the buildreadmultirsp function of the gattsr.cc file, which contains a logic error that can be exploited by an attacker to cause a denial of...

Google Android elevation of privilege vulnerability (CNVD-2025-11431)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that originates in the WindowOrganizerController.java file's applyTaskFragmentOperation function, which contains a logic error that can be exploited by an...

Google Android Cache Overflow Vulnerability (CNVD-2025-07529)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a buffer overflow vulnerability that stems from a code logic error that can be exploited by an attacker to remotely execute code...

Tenda FH1202 Improper Access Control Vulnerability (CNVD-2025-07532)

The Tenda FH1202 is a wireless router manufactured by Tenda. An improper access control vulnerability exists in the Tenda FH1202. The vulnerability stems from improper access control due to manipulation of the parameter 'these' in the file /default.cfg. An attacker could exploit this vulnerabilit...

Tenda FH1202 Improper Access Control Vulnerability (CNVD-2025-07533)

The Tenda FH1202 is a wireless router from China's Tenda. An improper access control vulnerability exists in the Tenda FH1202. No detailed vulnerability details are available at this time...

Google Android elevation of privilege vulnerability (CNVD-2025-10929)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which originates from the program not properly checking privileges, and can be exploited by an attacker to elevate privileges...

Google Android elevation of privilege vulnerability (CNVD-2025-07520)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that stems from insecure deserialization, which can be exploited by an attacker to bypass the parcel mismatch mitigation and elevate privileges...

SQL Injection Vulnerability in Founder Unlimited Media News Editorial System of Beijing Beifang Founder Electronics Co.

Beijing Beifang Founder Electronics Co., Ltd. is a leading technology and service provider in the fields of printing, media, publishing, and character libraries. A SQL injection vulnerability exists in Beijing Founder Electronics Co., Ltd.'s Founder Unlimited All-Media News Gathering and Editing...

Denial of Service Vulnerability in D-Link DIR-823x

The D-Link DIR-823X is a wireless router from China's AUO D-Link. A denial of service vulnerability exists in the D-Link DIR-823x, which can be exploited by attackers to cause a denial of service...

SQL Injection Vulnerability in U8Cloud of UFIDA Network Technology Co.

U8cloud is a new-generation cloud ERP launched by UFIDA, which mainly focuses on growing and innovative enterprises and provides enterprise-level cloud ERP total solutions. A SQL injection vulnerability exists in UFIDA U8Cloud, which can be exploited by attackers to obtain sensitive database...

SQL Injection Vulnerability in Salary Inquiry System of Wuhan Evonik Software Co.

Wuhan Evonik Software Co., Ltd. specializes in AutoCAD secondary development, Office secondary development, information management systems, etc., is committed to creating efficient CAD graphics and Office productivity tools. Wuhan Evonik Software Co., Ltd. salary inquiry system SQL injection...

TOTOLINK A3000RU Access Control Error Vulnerability

The TOTOLINK A3000RU is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3000RU is vulnerable to an access control error vulnerability that stems from an improper access control issue in the IBMS profile handling component. No detailed vulnerability details are available at...

Dell Unity OS Command Injection Vulnerability (CNVD-2025-06615)

Dell Unity is a set of virtual Unity storage environments from Dell USA. An OS command injection vulnerability exists in Dell Unity 5.4 and earlier versions, which can be exploited by an attacker to execute arbitrary operating system commands on the system...

HDF5 Double Release Vulnerability

HDF5 is a library of HDF open source . HDF5 has a double release vulnerability, which originates from the double release of the parameter mem of the function H5MMrealloc in the file src/H5MM.c. There are no detailed vulnerability details provided...

TOTOLINK A3002R Command Injection Vulnerability

TOTOLINK A3002R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3002R suffers from a command injection vulnerability that stems from bandstr failing to correctly filter construct command special characters, commands, etc. An attacker can exploit this vulnerability to...

Dell Unity OS Command Injection Vulnerability (CNVD-2025-06612)

Dell Unity is a set of virtual Unity storage environments from Dell USA. An OS command injection vulnerability exists in Dell Unity 5.4 and earlier versions, which can be exploited by an attacker to execute arbitrary operating system commands on the system...

TOTOLINK A3100R Code Execution Vulnerability

TOTOLINK A3100R is a series of wireless routers from China's Gion Electronics TOTOLINK. The TOTOLINK A3100R suffers from a code execution vulnerability that stems from setWebWlanIdx failing to properly filter construct command special characters, commands, and so on. An attacker can exploit this...

Tenda W6-S setcfm function buffer overflow vulnerability

Tenda W6-S is a 300Mbps wireless panel AP designed for large households such as homes, hotels and villas to provide stable wireless network coverage and low latency network experience. The Tenda W6-S suffers from a buffer overflow vulnerability that originates from the setcfm function failing to...

Dell Unity OS Command Injection Vulnerability (CNVD-2025-06618)

Dell Unity is a set of virtual Unity storage environments from Dell USA. Dell Unity suffers from an OS command injection vulnerability that can be exploited by an attacker to execute arbitrary operating system commands on the system...

Dell Unity OS Command Injection Vulnerability (CNVD-2025-06613)

Dell Unity is a set of virtual Unity storage environments from Dell USA. An OS command injection vulnerability exists in Dell Unity 5.4 and earlier versions, which can be exploited by an attacker to execute arbitrary operating system commands on the system...