Adobe Commerce Cross-Site Scripting Vulnerability (CNVD-2025-05694)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A cross-site scripting vulnerability exists in Adobe Commerce, which can be exploited by an attacker to inject malicious script into vulnerable form...

Adobe InCopy Integer Overflow Vulnerability

Adobe InCopy is a text editing software for creative writing from the American company Audobee Adobe. Adobe InCopy suffers from an integer underflow vulnerability that can be exploited by an attacker to execute arbitrary code...

Samsung Email Access Control Error Vulnerability

Samsung Email is an email application developed by the Korean company Samsung SAMSUNG, designed to provide users with a convenient interface to manage and process email. Samsung Email suffers from an Access Control Error vulnerability that stems from an improper access control issue included in...

IBM Security Verify Access Cross-Site Request Forgery Vulnerability

IBM Security Verify Access ISAM is a service from International Business Machines IBM that improves user access security. The service enables secure and simple access to platforms such as web, mobile, IoT and cloud technologies through the use of risk-based access, single sign-on, integrated acce...

Adobe Commerce Cross-Site Scripting Vulnerability (CNVD-2025-05707)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A cross-site scripting vulnerability exists in Adobe Commerce, which can be exploited by an attacker to inject malicious script into vulnerable form...

Fortinet FortiSIEM Cross-Site Scripting Vulnerability (CNVD-2025-27465)

Fortinet FortiSIEM is a suite of security information and event management systems from the American company Fiat Fortinet. The system includes features such as asset discovery, workflow automation and unified management. Fortinet FortiSIEM suffers from a cross-site scripting vulnerability that...

Adobe Commerce Cross-Site Scripting Vulnerability (CNVD-2025-05697)

Adobe Commerce is the United States of America Odobie Adobe company of a kind for merchants and brands of the world's leading digital commerce solutions. A cross-site scripting vulnerability exists in Adobe Commerce, which can be exploited by an attacker to inject malicious script into vulnerable...

Adobe Commerce Cross-Site Scripting Vulnerability (CNVD-2025-05696)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A cross-site scripting vulnerability exists in Adobe Commerce, which can be exploited by an attacker to inject malicious script into vulnerable form...

Adobe Commerce Cross-Site Scripting Vulnerability (CNVD-2025-05701)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A cross-site scripting vulnerability exists in Adobe Commerce, which can be exploited by an attacker to inject malicious script into vulnerable form...

IBM Security Verify Access Authorization Issues Vulnerability

IBM Security Verify Access ISAM is a service from International Business Machines IBM that improves user access security. The service enables secure and simple access to platforms such as web, mobile, IoT and cloud technologies through the use of risk-based access, single sign-on, integrated acce...

D-Link DIR-853 SetIPv6PppoeSettings Module Buffer Overflow Vulnerability

The D-Link DIR-853 is a router from China-based AUO D-Link. The D-Link DIR-853 suffers from a buffer overflow vulnerability that stems from the IPv6PppoePassword parameter in the SetIPv6PppoeSettings module not properly handling user input. No detailed vulnerability details are provided at this...

Wazifa System profile.php file cross-site scripting vulnerability

Wazifa System is a content management system. Wazifa System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter postcontent in the /profile.php file, which can be exploited to execute arbitrary Web...

Wazifa System search_resualts.php file cross-site scripting vulnerability

Wazifa System is a content management system. Wazifa System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the firstname/lastname parameter of the searchresualts.php file, which can be exploited to execute...

Wazifa System control.php File SQL Injection Vulnerability

Wazifa System is a content management system. Wazifa System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the /controllers /control.php file. An attacker can exploit this vulnerability to execute illegal SQL commands t...

Adobe Commerce elevation of privilege vulnerability (CNVD-2025-04200)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. An elevation of privilege vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause an escalation of privilege...

D-Link DIR-853 SetWanSettings Module Buffer Overflow Vulnerability

The D-Link DIR-853 is a router from China-based AUO D-Link. The D-Link DIR-853 suffers from a buffer overflow vulnerability that stems from the Password parameter in the SetWanSettings module not properly handling user input. No details of the vulnerability are provided at this time...

Adobe Commerce Security Bypass Vulnerability (CNVD-2025-03625)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to perform operations with ungranted privileges...

Adobe Commerce Security Bypass Vulnerability (CNVD-2025-03631)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause a security feature bypass...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2025-04682)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

Linux kernel mlx5e_xfrm_del_state function denial of service vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A denial of service vulnerability exists in the Linux kernel that stems from improper use of the Soft Interrupt SOFTIRQ security lock in the mlx5exfrmaddstate and...

Linux kernel bnxt driver code issue vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a code issue vulnerability that stems from the bnxt driver not properly recalculating network device characteristics after XDP is disabled, which...

IBM Sterling B2B Integrator Information Disclosure Vulnerability (CNVD-2025-04972)

IBM Sterling B2B Integrator is a suite of software from International Business Machines IBM that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. An information disclosure...

Linux kernel folio_seek_hole_data function integer overflow vulnerability (CNVD-2025-03427)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from an integer overflow vulnerability, which stems from the folioseekholedata function incorrectly truncating 64-bit offsets to 32-bit in the 32-bit kerne...

Linux kernel iomap_write_delalloc_scan function integer overflow vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from an integer overflow vulnerability that stems from the iomapwritedelallocscan function incorrectly truncating 64-bit offsets to 32-bit in the 32-bi...

Linux kernel code issue vulnerability (CNVD-2025-03431)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a code issue vulnerability that stems from the vsockhasdata|hasspace function being called when a socket is not allocated a transport layer, which can...

Linux kernel zram_meta_alloc function resource management error vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A resource management error vulnerability exists in the Linux kernel that stems from the zrammetaalloc function not setting zram-table to NULL on allocation failure, which can ...

Linux kernel afs_proc_addr_prefs_write function denial of service vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a denial of service vulnerability, the vulnerability stems from the afsprocaddrprefswrite function in the parameter argc is less than 0 directly return without...

Linux kernel cifs_put_tcp_session function resource management error vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a resource management error vulnerability that stems from the fact that the cifsputtcpsession function may still be attempting to reconnect to a D...

Linux kernel buffer overflow vulnerability (CNVD-2025-03434)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a buffer overflow vulnerability that originates from a boundary checking error in the imixentries array in the getimixentries function of pktgen, whic...

IBM Sterling B2B Integrator Cross-Site Request Forgery Vulnerability (CNVD-2025-04174)

IBM Sterling B2B Integrator is a suite of software from International Business Machines IBM that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. IBM Sterling B2B Integrator suffe...

IBM Sterling B2B Integrator Cross-Site Scripting Vulnerability (CNVD-2025-04978)

IBM Sterling B2B Integrator is a suite of software from International Business Machines IBM that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. A cross-site scripting...

IBM Sterling B2B Integrator Cross-Site Scripting Vulnerability (CNVD-2025-04976)

IBM Sterling B2B Integrator is a suite of software from International Business Machines IBM that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. A cross-site scripting...

IBM Sterling B2B Integrator Cross-Site Scripting Vulnerability (CNVD-2025-04975)

IBM Sterling B2B Integrator is a suite of software from International Business Machines IBM that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. IBM Sterling B2B Integrator suffe...

Tenda W18E Buffer Overflow Vulnerability (CNVD-2025-09400)

The Tenda W18E is a wireless router from the Chinese company Tenda. The Tenda W18E suffers from a buffer overflow vulnerability that originates from the delWewifiPic function failing to properly validate the length of input data, which can be exploited by an attacker to execute arbitrary code on...

Adobe Commerce Security Bypass Vulnerability (CNVD-2025-05714)

Adobe Commerce is the United States of America Odobie Adobe company's a kind of merchants and brands for the world's leading digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause a security feature bypass...

Daily Expense Tracker System SQL Injection Vulnerability (CNVD-2025-31003)

Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. Daily Expense Tracker System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements for the costitem parameter in /dets/add-expense.php. No details ...

Daily Expense Tracker System SQL Injection Vulnerability (CNVD-2025-31004)

Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. Daily Expense Tracker System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the dateexpense parameter in /dets/add-expense.php. No details ...

Tenda W18E Trust Management Issue Vulnerability

The Tenda W18E is a wireless router from the Chinese company Tenda. The Tenda W18E suffers from a trust management issue vulnerability that stems from the presence of hard-coded credentials, no details of the vulnerability are provided at this time...

Google Chrome Code Execution Vulnerability (CNVD-2025-03646)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a code execution vulnerability that is due to free usage in navigation. An attacker can exploit this vulnerability to execute arbitrary code on a system...

Adobe Commerce Security Bypass Vulnerability (CNVD-2025-03628)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause a security feature bypass...

Adobe InDesign Improper Input Validation Vulnerability

Adobe InDesign is a set of layout and editing applications from the American company Audobee Adobe. Adobe InDesign suffers from an improper input validation vulnerability that can be exploited by an attacker to cause a denial of service in the application...

Ivanti Secure Access Client Privilege Issue Vulnerability

Ivanti Secure Access Client is a security software client developed by Ivanti, Inc. to enable remote secure access, supporting enterprise-class VPN connections and encrypted access to resources. Ivanti Secure Access Client suffers from a privilege issue vulnerability that can be exploited by an...

Small CRM profile.php file cross-site scripting vulnerability

Small CRM is a customer relationship management system. Small CRM suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to inject a payload into the name in...

GNU Binutils libbfd.c file memory leak vulnerability

GNU Binutils GNU Binary Utilities is a set of programming language utility programs developed by the American GNU community. The programs are primarily designed to work with target files in a variety of formats, and provide connectors, assemblers, and other tools for target files and archives. A...

Adobe Commerce Security Bypass Vulnerability (CNVD-2025-03626)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to potentially perform operations with ungranted...

IBM Security Verify Access Information Disclosure Vulnerability (CNVD-2025-06210)

IBM Security Verify Access ISAM is a service from International Business Machines IBM that improves user access security. The service enables secure and simple access to platforms such as web, mobile, IoT and cloud technologies through the use of risk-based access, single sign-on, integrated acce...

Linux kernel vsock_bpf_recvmsg function denial of service vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A denial of service vulnerability exists in the Linux kernel that stems from the vsockbpfrecvmsg function not properly checking vsk-transport when the transport layer is not...

D-Link DIR-853 SetVirtualServerSettings Module Command Injection Vulnerability

The D-Link DIR-853 is a router from China's AUO D-Link. The D-Link DIR-853 suffers from a command injection vulnerability that stems from the SetVirtualServerSettings module not properly handling user input. No details of the vulnerability are provided at this time...

Adobe Substance 3D Stager Null Pointer Dereference Vulnerability

Adobe Substance 3D Stager is a virtual 3D studio from the American company Audobee Adobe. Adobe Substance 3D Stager suffers from a null pointer dereference vulnerability that can be exploited by an attacker to cause a denial of service in the application...

Fortinet FortiClientMac Authorization Issues Vulnerability (CNVD-2025-03517)

Fortinet FortiClientMac is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. Fortinet FortiClientMac suffers from an authorization...