130931 matches found
Huawei HarmonyOS media library module privilege checksum vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege checking vulnerability exists in the Huawei HarmonyOS media library module, which can be exploited by an attacker to compromise confidentiality...
Huawei HarmonyOS ParamWatcher Module Identity Verification Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An identity verification vulnerability exists in the Huawei HarmonyOS ParamWatcher module, which can be exploited by an attacker to compromise confidentialit...
JetBrains TeamCity Cross-Site Scripting Vulnerability
JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. JetBrains TeamCity suffers from a cross-site...
Google Pixel out-of-bounds write vulnerability (CNVD-2025-04495)
Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from an out-of-bounds write vulnerability that stems from a missing boundary check in gattServerSendResponseNative of comandroidbluetoothgatt.cpp, which can be exploited by an attacker to elevate local...
CMSimple has an unspecified vulnerability
CMSimple is a free content management system. An unspecified vulnerability exists in CMSimple, which can be exploited by an attacker to obtain sensitive information via a carefully crafted script that can be used to validate link functionality...
D-Link DIR-825 Command Injection Vulnerability
The D-Link DIR-825 is a router from China's AUO D-Link. A command injection vulnerability exists in the DLINK DIR-825 REVB version 2.03, which originates from a failure to properly filter construct command special characters, commands, etc. in the CGl interface apcclientpin.cgi. A remote attacker...
CMSimple Insecure Privilege Vulnerability
CMSimple is a PHP and HTML based content management system that helps users to quickly create simple and easy to use websites. CMSimple suffers from an insecure privilege vulnerability that can be exploited by an attacker to obtain sensitive information via a carefully crafted script to download...
Unspecified Vulnerability in CMSimple (CNVD-2026-00537)
CMSimple is a free content management system. An unspecified vulnerability exists in CMSimple, which can be exploited by an attacker to edit the log.php file via the print page...
Unspecified vulnerability in Tencent QQMail (CNVD-2025-06479)
Tencent QQMail is a mailbox software of China Tencent Tencent. An unspecified vulnerability exists in Tencent QQMail, which can be exploited by attackers to access sensitive user information...
Open5GS has an unspecified vulnerability (CNVD-2025-18579)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS has a security vulnerability that can be exploited by attackers to cause a denial of service...
Apache Hive Authorization Issues Vulnerability
Apache Hive is a set of data warehouse software based on Hadoop Distributed Systems Infrastructure from the Apache Apache Foundation in the United States. The software provides a data integration approach and a high-level query language to support large-scale data analysis on Hadoop. An...
F5 BIG-IP Next Central Manager Log Message Disclosure Vulnerability
F5 BIG-IP Next Central Manager is a centralized console from F5 USA. A log information disclosure vulnerability exists in F5 BIG-IP Next Central Manager, which originates from the possibility of recording sensitive information in log files when a user logs in using local authentication via the...
F5 BIG-IP Denial of Service Vulnerability (CNVD-2025-07325)
F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A security vulnerability exists in the F5 BIG-IP that originates when SNMP v1 or v2c is disabled and can be exploited by an...
Huawei HarmonyOS Gallery Module Arbitrary Write Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An arbitrary write vulnerability exists in the Huawei HarmonyOS Gallery module, which can be exploited by an attacker to compromise confidentiality...
Unspecified Vulnerability in LunaSVG
LunaSVG is a standalone C SVG rendering library. A security vulnerability exists in LunaSVG that stems from a segmentation violation via the component grayfindcell inclusion. No detailed vulnerability details are provided at this time...
Zoom Jenkins Marketplace plugin information disclosure vulnerability
Zoom Jenkins Marketplace plugin is a plugin from Zoom USA. The Zoom Jenkins Marketplace plugin suffers from an information disclosure vulnerability that stems from a missing password field mask. An attacker can exploit this vulnerability to disclose sensitive information...
Open5GS Denial of Service Vulnerability (CNVD-2025-18578)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a denial-of-service vulnerability that stems from the gmmstateexception function mishandling a specific response error, which can be exploited by an...
Siemens SiPass Integrated Third-Party Component DotNetZip Directory Traversal Vulnerability
Siemens SiPass integrated is a powerful and flexible access control system for organizations of all sizes, from simple offices to large complex facilities containing thousands of doors, gates, barriers and elevators. A directory traversal vulnerability exists in DotNetZip, a third-party component...
Huawei HarmonyOS and EMUI emcom module out-of-bounds write vulnerability
Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. An out-of-bounds write vulnerability exists in the...
Unspecified Vulnerability in Open5GS (CNVD-2025-18580)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS has a security vulnerability that can be exploited by attackers to cause a denial of service...
Apache Cassandra Authorization Issues Vulnerability
Apache Cassandra is a distributed Nosql database from the American Apache Apache Foundation. Apache Cassandra suffers from an authorization issue vulnerability that stems from the inclusion of an incorrect authorization, which can be exploited by an attacker to access a datacenter or IP/CIDR grou...
Google Android onCreate function authorization issue vulnerability
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an authorization issue vulnerability that stems from a lack of permission checking in the onCreate function of ChooserActivity.java, which can be exploited by an attacker to cause a bypass of...
GNU Binutils xmalloc.c file memory leak vulnerability
GNU Binutils GNU Binary Utilities is a set of programming language utility programs developed by the American GNU community. The programs are primarily designed to work with target files in a variety of formats, and provide connectors, assemblers, and other tools for target files and archives. A...
Adobe Commerce Information Disclosure Vulnerability (CNVD-2025-04204)
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. An information disclosure vulnerability exists in Adobe Commerce, which can be exploited by attackers to obtain sensitive information...
Tenda W18E SetQuickcfgWifianDlogin Function Access Control Error Vulnerability
The Tenda W18E is a wireless router from the Chinese company Tenda. An access control error vulnerability exists in the Tenda W18E version 16.01.0.81625, which stems from a faulty access control in the SetQuickcfgWifianDlogin function, and can be exploited by an attacker to make unauthorized...
Tenda W18E SetLoginPassword Function Access Control Error Vulnerability
The Tenda W18E is a wireless router from the Chinese company Tenda. An access control error vulnerability exists in the Tenda W18E version 16.01.0.81625, which originates from an incorrect access control in the SetLoginPassword function, and can be exploited by an attacker to bypass the...
Adobe Commerce elevation of privilege vulnerability (CNVD-2025-05715)
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. An elevation of privilege vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause an escalation of privilege...
WAVLINK WL-WN575A3 Buffer Overflow Vulnerability
WAVLINK WL-WN575A3 is a wireless network signal extender from China RuiYin WAVLINK. The WAVLINK WL-WN575A3 suffers from a buffer overflow vulnerability that stems from a lack of length validation, and no details of the vulnerability are provided at this time...
Samsung Blockchain Keystore Out-of-Bounds Write Vulnerability
Samsung Blockchain Keystore is a secure storage solution introduced by South Korea's Samsung SAMSUNG on its mobile devices to protect users' blockchain keys and digital assets. Samsung Blockchain Keystore suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to...
TOTOLINK X6000R Buffer Overflow Vulnerability
TOTOLINK X6000R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK X6000R suffers from a buffer overflow vulnerability that originates from a boundary error when the application processes untrusted input. No detailed vulnerability details are available at this time...
GNU Binutils Memory Corruption Vulnerability
GNU Binutils is a set of programming language utility programs developed by the American GNU community. The programs are primarily used to work with target files in a variety of formats, and are provided with connectors, assemblers, and other tools for target files and archives. A memory corrupti...
Google Chrome Code Execution Vulnerability (CNVD-2025-03651)
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a code execution vulnerability that is caused by out-of-bounds memory access in V8. An attacker can exploit the vulnerability to execute arbitrary code on the system...
Google Chrome Code Execution Vulnerability (CNVD-2025-03650)
Google Chrome is a web browser from Google, an American company. A code execution vulnerability exists in Google Chrome, which can be exploited by an attacker to execute arbitrary code on a system...
Fortinet FortiWeb OS Command Injection Vulnerability (CNVD-2025-03519)
Fortinet FortiWeb is a Web application layer firewall from the U.S. company Fita Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks to ensure the security of Web applications and protect sensitive database content...
Adobe InDesign Out-of-Bounds Read Vulnerability (CNVD-2025-03640)
Adobe InDesign is a set of layout and editing applications from the American company Audobee Adobe. Adobe InDesign suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to cause a sensitive memory leak...
Adobe InDesign Out-of-Bounds Write Vulnerability (CNVD-2025-03633)
Adobe InDesign is a set of layout and editing applications from the American company Audobee Adobe. Adobe InDesign suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code in the current user's environment...
Adobe InDesign Out-of-Bounds Write Vulnerability (CNVD-2025-03639)
Adobe InDesign is a set of layout and editing applications from the American company Audobee Adobe. Adobe InDesign suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code in the current user's environment...
Adobe Commerce elevation of privilege vulnerability (CNVD-2025-03637)
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. An elevation of privilege vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause an escalation of privilege...
Adobe Commerce Security Bypass Vulnerability (CNVD-2025-03635)
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause a security feature bypass...
Adobe Commerce Security Bypass Vulnerability (CNVD-2025-03632)
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause a security feature bypass...
Adobe Commerce elevation of privilege vulnerability (CNVD-2025-03629)
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. An elevation of privilege vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause an escalation of privilege...
Adobe Commerce Security Bypass Vulnerability (CNVD-2025-03627)
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to potentially cause a security feature bypass...
Adobe Commerce Security Bypass Vulnerability (CNVD-2025-03624)
Adobe Commerce is the United States of America Odobie Adobe company's a kind of merchants and brands for the world's leading digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to perform operations with ungranted privileges...
Adobe Experience Manager cross-scripting vulnerability (CNVD-2025-03621)
Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...
Adobe Commerce Improper Access Control Vulnerability (CNVD-2025-04199)
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. An improper access control vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause a security feature bypass...
Adobe Experience Manager cross-site scripting vulnerability (CNVD-2025-04683)
Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...
Tenda W18E Information Disclosure Vulnerability
The Tenda W18E is a wireless router from the Chinese company Tenda. An information disclosure vulnerability exists in Tenda W18E version 16.01.0.81625, which stems from the application's lack of protection of sensitive information and can be exploited by an attacker to retrieve sensitive...
Tenda W18E Trust Management Issues Vulnerability (CNVD-2025-09403)
The Tenda W18E is a wireless router from the Chinese company Tenda. The Tenda W18E is vulnerable to a trust management issue that can be exploited by an attacker to access the web management portal...
Tenda W18E Trust Management Issues Vulnerability (CNVD-2025-09402)
The Tenda W18E is a wireless router from the Chinese company Tenda. The Tenda W18E suffers from a trust management issue vulnerability that stems from the presence of a default credentials vulnerability that can be exploited by an attacker to access the web management portal...
IBM Security Verify Access Cross-Site Scripting Vulnerability (CNVD-2025-06213)
IBM Security Verify Access ISAM is a service from International Business Machines IBM that improves user access security. The service enables secure and simple access to platforms such as web, mobile, IoT and cloud technologies through the use of risk-based access, single sign-on, integrated acce...