130931 matches found
IBM Control Center Cross-Site Scripting Vulnerability
IBM Control Center is a centralized monitoring and management system from International Business Machines IBM. A cross-site scripting vulnerability exists in IBM Control Center versions 6.2.1 through 6.3.1, which stems from improper validation of the HOST header input, and can be exploited by an...
IBM Control Center Input Validation Error Vulnerability (CNVD-2025-06654)
IBM Control Center is a centralized monitoring and management system from International Business Machines IBM. An input validation error vulnerability exists in IBM Control Center versions 6.2.1 through 6.3.1, which stems from improper user input validation, and can be exploited by an attacker to...
Microsoft Edge (Chromium-based) Spoofing Vulnerability (CNVD-2025-09951)
Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. Microsoft Edge Chromium-based suffers from a spoofing vulnerability that can be exploited by attackers to conduct spoofing attacks...
Microsoft Word Code Execution Vulnerability (CNVD-2025-09958)
Microsoft Word is a word processing software in the Office suite of the U.S. company Microsoft Microsoft. A code execution vulnerability exists in Microsoft Word, which can be exploited by an attacker to execute arbitrary code on a system...
Microsoft Office Code Execution Vulnerability (CNVD-2025-10663)
Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, and so on. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to...
TOTOLINK EX1800T Buffer Overflow Vulnerability
The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. The TOTOLINK EX1800T suffers from a buffer overflow vulnerability that originates from the parameter loginpass failing to properly validate the length size of the input data, which can be exploited by an attack...
Dell ThinOS Command Injection Vulnerability
Dell ThinOS is a client operating system from the American company Dell. Dell ThinOS suffers from a command injection vulnerability that arises from an application's failure to properly filter constructed command special characters, commands, etc. The vulnerability can be exploited to execute...
Apple macOS Resource Management Error Vulnerability
Apple macOS is a specialized operating system developed by Apple for Mac computers. A security vulnerability exists in Apple macOS Sequoia, which stems from memory handling improvements, and can be exploited by an attacker to cause an unexpected system termination or kernel memory corruption...
IBM Aspera Shares XML External Entity Injection Vulnerability (CNVD-2025-06646)
IBM Aspera Shares is a Web application from International Business Machines IBM. An XML external entity injection vulnerability exists in IBM Aspera Shares versions 1.9.9 through 1.10.0 PL7, which arises from a web system or product that does not have the correct filters set to allow references t...
Google Chrome Code Execution Vulnerability (CNVD-2025-05085)
Google Chrome is a web browser from Google, an American company. A code execution vulnerability exists in Google Chrome prior to version 134.0.6998.88, which stems from type obfuscation in V8 and can be exploited by an attacker to execute arbitrary code on a system...
Apartment Visitors Management System searchdata Parameter SQL Injection Vulnerability
Apartment Visitors Management System is an apartment visitor management system. Apartment Visitors Management System suffers from a SQL injection vulnerability that stems from a lack of validation of the searchdata parameter against externally entered SQL statements. An attacker can exploit this...
IBM Sterling File Gateway Information Leakage Vulnerability (CNVD-2025-06655)
IBM Sterling File Gateway is a suite of file transfer software from International Business Machines IBM. The software integrates different centers of file transfer activity and facilitates the secure exchange of file-based data over the Internet. An information leakage vulnerability exists in IBM...
Apartment Visitors Management System contactno Parameter SQL Injection Vulnerability
Apartment Visitors Management System is an apartment visitor management system. The Apartment Visitors Management System suffers from a SQL injection vulnerability that stems from a lack of validation of the contactno parameter against externally entered SQL statements. An attacker can use this...
Google Chrome Information Disclosure Vulnerability (CNVD-2025-05086)
Google Chrome is a web browser from Google, an American company. An information disclosure vulnerability exists in Google Chrome versions prior to 134.0.6998.88, which stems from an out-of-bounds read in V8 that can be exploited by an attacker to obtain sensitive information...
Mozilla Thunderbird Code Issue Vulnerability
Mozilla Thunderbird is the United States Mozilla Foundation's set of independent from the Mozilla Application Suite e-mail client software. The program supports IMAP, POP mail protocols and HTML mail format. A code issue vulnerability exists in Mozilla Thunderbird versions prior to 136 and prior ...
Apache Tomcat Remote Code Execution Vulnerability
Apache Tomcat is an open source lightweight Java Web server and Servlet container , designed to run Java Servlet and JSP core tools designed to support dynamic content processing and hosting of static resources , is the cornerstone of small and medium-sized Java Web application development and...
Unspecified Vulnerability in Online Library Management System (CNVD-2025-21692)
Online Library Management System is an online library management system. A security vulnerability exists in the Online Library Management System, which originates from improper manipulation of the email/phone number parameter in the /change-password.php file, and can be exploited by an attacker t...
Apartment Visitors Management System editid Parameter SQL Injection Vulnerability
Apartment Visitors Management System is an apartment visitor management system. Apartment Visitors Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the editid parameter of file /visitor-detail.php. An...
Emergency Ambulance Hiring Portal pagedes parameter SQL Injection Vulnerability
Emergency Ambulance Hiring Portal is an emergency ambulance hiring portal. Emergency Ambulance Hiring Portal suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the pagedes parameter of the /admin/about-us.php file. An attacker c...
Emergency Ambulance Hiring Portal contactnumber Parameter SQL Injection Vulnerability
Emergency Ambulance Hiring Portal is an emergency ambulance hiring portal. Emergency Ambulance Hiring Portal suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the contactnumber parameter of the /admin/admin-profile.php file. An...
Emergency Ambulance Hiring Portal ambulanceregnum Parameter SQL Injection Vulnerability
Emergency Ambulance Hiring Portal is an emergency ambulance hiring portal. Emergency Ambulance Hiring Portal suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the ambulanceregnum parameter of the file /admin/booking-details.php...
Microsoft Word Code Execution Vulnerability (CNVD-2025-09956)
Microsoft Word is a word processing software in the Office suite of the American Microsoft Microsoft. A code execution vulnerability exists in Microsoft Word, which can be exploited by an attacker to execute arbitrary code on a system...
Unspecified Vulnerability in Apache OFBiz
Apache OFBiz is the United States Apache Apache Foundation of a set of enterprise resource planning ERP system. The system provides a set of Java-based Web application components and tools. A security vulnerability exists in Apache OFBiz versions prior to 18.12.17 through 18.12.18 that stems from...
Google Android Buffer Overflow Vulnerability
Google Android is a free and open source mobile operating system developed by Google Inc. based on the Linux kernel. Google Android suffers from a buffer overflow vulnerability that originates from incorrect boundary checking in static long devsend of tipcdevql, which can be exploited by an...
Microsoft Word Code Execution Vulnerability (CNVD-2025-09957)
Microsoft Word is a word processing software in the Office suite of the American Microsoft Microsoft. A code execution vulnerability exists in Microsoft Word, which can be exploited by an attacker to execute arbitrary code on a system...
Google Pixel Logic Error Vulnerability (CNVD-2025-05455)
Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a logic error vulnerability that originates from a code logic error in ppcfw.c's ppcfwdenysecdramaccess, which can be exploited by an attacker to cause an arbitrary read from the TEE memory without...
Google Chrome Code Execution Vulnerability (CNVD-2025-05084)
Google Chrome is a web browser from Google, an American company. A code execution vulnerability exists in Google Chrome prior to version 134.0.6998.88, which stems from type obfuscation in V8 and can be exploited by an attacker to cause heap corruption...
Microsoft Office Code Execution Vulnerability (CNVD-2025-05243)
Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, and so on. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to...
Microsoft Office Code Execution Vulnerability (CNVD-2025-09955)
Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. Common components of this product include Word, Excel, Access, Powerpoint, FrontPage, and so on. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to...
Microsoft Office Code Execution Vulnerability (CNVD-2025-09952)
Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, and so on. A code execution vulnerability exists in Microsoft Office due to an untrusted pointer dereference...
QNAP Systems HBS 3 Hybrid Backup Sync Buffer Overflow Vulnerability
QNAP Systems HBS 3 Hybrid Backup Sync is a data management tool that integrates backup, restore and synchronization functions on Weilian's NAS devices, supporting local, remote and cloud storage backups and providing an efficient data protection solution. A buffer overflow vulnerability exists in...
Microsoft Azure Agent Installer for Backup and Site Recovery Elevation of Privilege Vulnerability
Microsoft Azure Agent Installer for Backup and Site Recovery provides disaster recovery solutions for local computers and Azure VMs. An elevation of privilege vulnerability exists in Microsoft Azure Agent Installer for Backup and Site Recovery, which can be exploited by an attacker to elevate...
Apple macOS Sequoia Information Disclosure Vulnerability
Apple macOS is a specialized operating system developed by Apple for Mac computers. A security vulnerability exists in Apple macOS Sequoia, which stems from an improvement in the editing of sensitive information, and can be exploited by an attacker to access sensitive user data...
Emergency Ambulance Hiring Portal searchdata Parameter SQL Injection Vulnerability
Emergency Ambulance Hiring Portal is an emergency ambulance hiring portal. Emergency Ambulance Hiring Portal suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the searchdata parameter of the /admin/search.php file. An attacke...
Google Chromium Misimplementation Vulnerability
Microsoft Edge Chromium-based is a web browser developed by Microsoft based on the Chromium open source project and other open source software. A mal-implementation vulnerability exists in the Permission Prompts component of Microsoft Edge Chromium-based, no details of the vulnerability are...
Huawei HarmonyOS lock screen module privilege management vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege management vulnerability exists in the Huawei HarmonyOS lock screen module, which can be exploited by an attacker to compromise confidentiality...
Huawei HarmonyOS media library module privilege checksum vulnerability (CNVD-2025-07255)
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege checking vulnerability exists in the Huawei HarmonyOS media library module, which can be exploited by an attacker to compromise confidentiality...
Huawei HarmonyOS Competitive Conditions Issue Vulnerability (CNVD-2025-07613)
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a Competitive Condition Issue vulnerability that stems from a multiple concurrency issue that affects availability. An attacker...
Huawei HarmonyOS Competitive Conditions Issue Vulnerability (CNVD-2025-07621)
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a Competitive Condition Issue vulnerability that stems from a multi-threading issue that affects usability. An attacker could...
Huawei HarmonyOS media library module privilege checksum vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege checking vulnerability exists in the Huawei HarmonyOS media library module, which can be exploited by an attacker to compromise confidentiality...
Open5GS Denial of Service Vulnerability (CNVD-2025-08797)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a denial-of-service vulnerability that originates from a denial of service that results in a network outage. An attacker can exploit the vulnerability...
Restaurant Table Booking System /admin/check_availability.php File SQL Injection Vulnerability
Restaurant Table Booking System is a restaurant table reservation system. Restaurant Table Booking System suffers from a SQL injection vulnerability that originates from an incorrect operation of the parameter username in the /admin/checkavailability.php file, which can lead to SQL injection. An...
Restaurant Table Booking System /search-result.php File SQL Injection Vulnerability
Restaurant Table Booking System is a restaurant table reservation system. Restaurant Table Booking System suffers from a SQL injection vulnerability that stems from incorrect manipulation of the searchdata parameter in the /search-result.php file that can lead to SQL injection. No details of the...
Restaurant Table Booking System /add-table.php File SQL Injection Vulnerability
Restaurant Table Booking System is a restaurant table reservation system. Restaurant Table Booking System suffers from a SQL injection vulnerability that stems from the incorrect manipulation of the parameter tableno in the /add-table.php file can lead to sql injection. No details of the...
Huawei EMUI and HarmonyOS Bypass Privilege Inspection Vulnerability
Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. Huawei EMUI and HarmonyOS have a bypass privilege checking vulnerability that can be exploited by an attacker to...
Huawei EMUI and HarmonyOS Privilege Bypass Vulnerability
Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. A privilege bypass vulnerability exists in Huawei EMUI and HarmonyOS, which can be exploited by an attacker to...
Huawei HarmonyOS process management module improper access rights vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An improper access rights vulnerability exists in the Huawei HarmonyOS process management module, which can be exploited by an attacker to compromise...
Huawei HarmonyOS HDC Module Improper Access Privileges Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An improper access rights vulnerability exists in the Huawei HarmonyOS HDC module, which can be exploited by an attacker to compromise service confidentialit...
Restaurant Table Booking System /admin/profile.php File SQL Injection Vulnerability
Restaurant Table Booking System is a restaurant table reservation system. Restaurant Table Booking System suffers from a SQL injection vulnerability that stems from an incorrect operation of the parameter mobilenumber in the /admin/profile.php file that can lead to SQL injection. No details of th...
SQL Injection Vulnerability in Human Resource Information Management System of Beijing Hongjing Century Software Co.
Beijing Hongjing Century Software Co., Ltd "Hongjing Software" has always been focusing on the field of human resources and talent management informatization, and has become a professional e-HR professional vendor in China. A SQL injection vulnerability exists in the human resources information...