130931 matches found
IBM Sterling B2B Integrator Cross-Site Scripting Vulnerability (CNVD-2025-04977)
IBM Sterling B2B Integrator is a suite of software from International Business Machines IBM that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. A cross-site scripting...
Linux kernel mlx5_lag_port_sel_create function resource management error vulnerability
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a resource management error vulnerability that stems from the mlx5lagportselcreate function failing to properly clean up allocated resources when ...
Linux kernel fec_enet_update_cbd function code issue vulnerability
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A denial of service vulnerability exists in the Linux kernel that stems from the fecenetupdatecbd function not properly handling the return of NULL when calling...
Google Android elevation of privilege vulnerability (CNVD-2025-05219)
Google Android is a Linux-based open source operating system from Google. Google Android has a security vulnerability that can be exploited by attackers to elevate privileges...
GNU Binutils Buffer Overflow Vulnerability (CNVD-2025-03953)
GNU Binutils GNU Binary Utilities is a set of programming language utility programs developed by the American GNU community. The programs are primarily designed to work with target files in a variety of formats, and provide connectors, assemblers, and other tools for target files and archives. A...
Tenda A18 Buffer Overflow Vulnerability
Tenda A18 is an AC1200 dual-band Wi-Fi repeater from China's Tenda. A buffer overflow vulnerability exists in Tenda A18 15.13.07.09 and earlier versions, which stems from the parameter wpapskcrypto5g failing to correctly validate the length and size of the input data, and can be exploited by an...
FreeBSD ktrace Information Disclosure Vulnerability
FreeBSD ktrace is a tool from the FreeBSD Foundation for tracing system calls. An information disclosure vulnerability exists in FreeBSD ktrace due to a flaw in the ktrace facility. An attacker can exploit the vulnerability to obtain the contents of kernel structure information...
SonicWall NetExtender Windows client elevation of privilege vulnerability (CNVD-2025-12370)
SonicWall NetExtender Windows client is a software application from SonicWALL USA that allows remote users to connect to remote networks in a secure manner. Provides simple and secure access for Windows and Linux users. An elevation of privilege vulnerability exists in the SonicWall NetExtender...
Dell NetWorker Code Execution Vulnerability
Dell NetWorker is an enterprise-class data protection solution offered by Dell as part of the Dell Data Protection Suite that supports the protection of critical workloads across heterogeneous environments. A code execution vulnerability exists in Dell NetWorker. An attacker could exploit the...
GNU Binutils Memory Corruption Vulnerability (CNVD-2025-09685)
GNU Binutils is a set of programming language utility programs developed by the American GNU community. A memory corruption vulnerability exists in GNU Binutils, which originates from the function bfdelfrelocsymboldeletedp in bfd/elflink.c. No details of the vulnerability are provided at this tim...
GNU Binutils Buffer Overflow Vulnerability
GNU Binutils is a set of programming language utility programs developed by the American GNU community. A buffer overflow vulnerability exists in GNU Binutils. No details of the vulnerability are available at this time...
GNU Binutils Memory Corruption Vulnerability (CNVD-2025-09688)
GNU Binutils GNU Binary Utilities is a set of programming language utilities developed by the American GNU community. A memory corruption vulnerability exists in GNU Binutils. The vulnerability originates from the function bfdelfgcmarkrsec in bfd/elflink.c. No details of the vulnerability are...
GNU Binutils Memory Corruption Vulnerability (CNVD-2025-09689)
GNU Binutils is a set of programming language utility programs developed by the American GNU community. A memory corruption vulnerability exists in GNU Binutils. The vulnerability originates from the bfdputl64 function in the bfd/libbfd.c file, and no details of the vulnerability are provided at...
GNU Binutils Memory Corruption Vulnerability (CNVD-2025-09687)
GNU Binutils is a set of programming language utility programs developed by the American GNU community. A memory corruption vulnerability exists in GNU Binutils. No details of the vulnerability are available at this time...
JetBrains TeamCity Cross-Site Scripting Vulnerability (CNVD-2025-13413)
JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A cross-site scripting vulnerability exists in...
FreeBSD Buffer Overflow Vulnerability (CNVD-2025-09231)
FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. FreeBSD suffers from a buffer overflow vulnerability that stems from the implementation of VOPVPTOFH in the cd9660, tarfs, and ext2fs filesystems that causes the target FID buffer to overflow by 4 bytes, which can be...
Ivanti CSA Path Traversal Vulnerability
Ivanti CSA is a locally deployed virtual appliance designed to simplify and enhance the integration of Ivanti products with cloud services. The Ivanti CSA suffers from a path traversal vulnerability that arises when the program fails to properly filter special elements in the path of a resource o...
FreeBSD Information Disclosure Vulnerability (CNVD-2025-09230)
FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. FreeBSD suffers from an information disclosure vulnerability that is caused by a failure to properly assign privileges flaw. An attacker could exploit this vulnerability to access system files...
GNU Binutils ldelfgen.c file memory leak vulnerability
GNU Binutils GNU Binary Utilities is a set of programming language utility programs developed by the American GNU community. The programs are primarily designed to work with target files in a variety of formats, and provide connectors, assemblers, and other tools for target files and archives. A...
Unspecified Vulnerability in Google Chrome (CNVD-2025-03649)
Google Chrome is a web browser from Google, an American company. Google Chrome has a security vulnerability that can be exploited by attackers to cause phishing attacks that spoof users...
GNU Binutils xstrdup.c file memory leak vulnerability
GNU Binutils GNU Binary Utilities is a set of programming language utility programs developed by the American GNU community. The programs are primarily designed to work with target files in a variety of formats, and provide connectors, assemblers, and other tools for target files and archives. A...
GNU Binutils format.c File Buffer Overflow Vulnerability
GNU Binutils GNU Binary Utilities is a set of programming language utility programs developed by the American GNU community. The programs are primarily designed to work with target files in a variety of formats, and provide connectors, assemblers, and other tools for target files and archives. A...
GNU Binutils nm.c File Buffer Overflow Vulnerability
GNU Binutils GNU Binary Utilities is a set of programming language utility programs developed by the American GNU community. The programs are primarily designed to work with target files in a variety of formats, and provide connectors, assemblers, and other tools for target files and archives. A...
Linux kernel cifs_put_tcp_session function resource management error vulnerability
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a resource management error vulnerability that stems from the fact that the cifsputtcpsession function may still be attempting to reconnect to a D...
Microsoft Excel Resource Management Error Vulnerability (CNVD-2025-02966)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A resource management error vulnerability exists in Microsoft Excel. An attacker exploiting this vulnerability could remotely execute code...
Microsoft Office Resource Management Error Vulnerability (CNVD-2025-02963)
Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A resource management error vulnerability exists in Microsoft Office. No detailed vulnerability details are...
Microsoft Access Code Execution Vulnerability
Microsoft Access is a relational database management system in the Office suite of the U.S. Microsoft Microsoft Corporation. A code execution vulnerability exists in Microsoft Access, which can be exploited by an attacker to execute arbitrary code on the system...
Microsoft Office Security Feature Bypass Vulnerability (CNVD-2025-04196)
Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A security feature bypass vulnerability exists in Microsoft Office, which can be exploited by attackers to...
Microsoft Office Code Problem Vulnerability (CNVD-2025-02965)
Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. Common components of this product include Word, Excel, Access, Powerpoint, FrontPage, and so on. A code issue vulnerability exists in Microsoft Office. An attacker exploiting this vulnerability cou...
Microsoft SharePoint Input Validation Error Vulnerability (CNVD-2025-02964)
Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. An input validation...
Microsoft SharePoint Authorization Issues Vulnerability (CNVD-2025-02968)
Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. Microsoft SharePoint ...
Adobe Commerce Cross-Site Scripting Vulnerability
Adobe Commerce is an enterprise-grade e-commerce solution designed to deliver a superior online shopping experience for B2B and B2C businesses worldwide. A cross-site scripting vulnerability exists in Adobe Commerces. The vulnerability stems from a failure to properly process user input and can b...
Microsoft Word Code Execution Vulnerability (CNVD-2025-17477)
Microsoft Word is a word processing software in the Office suite of the U.S. company Microsoft Microsoft. A code execution vulnerability exists in Microsoft Word, which can be exploited by an attacker to execute arbitrary code on a system...
Microsoft Outlook Code Execution Vulnerability (CNVD-2026-00043)
Microsoft Outlook is a suite of e-mail applications from the American company Microsoft. A code execution vulnerability exists in Microsoft Outlook, which can be exploited by an attacker to execute arbitrary code on a system...
Microsoft SharePoint Cross-Site Scripting Vulnerability (CNVD-2025-02967)
Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A cross-site scriptin...
Unspecified vulnerability in Linux kernel (CNVD-2025-03201)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the SCSI ufs module not properly freeing HBAs upon removal, which could lead to a memory leak. No details of...
Microsoft Excel Code Execution Vulnerability (CNVD-2025-04189)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...
Fortinet FortiOS Elevation of Privilege Vulnerability
FortiOS is a core network security operating system developed by Fortinet, widely used in FortiGate next-generation firewall, providing users with firewall, VPN, intrusion prevention, application control and other security functions. An elevation of privilege vulnerability exists in Fortinet...
Adobe Illustrators stack buffer overflow vulnerability (CNVD-2025-06309)
Adobe Illustrator is a professional vector graphic design software developed by Adobe, widely used in graphic design, illustration creation, web design and other fields. A stack buffer overflow vulnerability exists in Adobe Illustrators in versions 29.1, 28.7.3 and earlier. The vulnerability is...
Microsoft Outlook Code Execution Vulnerability (CNVD-2026-00044)
Microsoft Outlook is a suite of e-mail applications from the American company Microsoft. A code execution vulnerability exists in Microsoft Outlook, which can be exploited by an attacker to execute arbitrary code on a system...
Google Pixel Stack Buffer Overflow Vulnerability
Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a stack buffer overflow vulnerability that stems from a missing boundary check in the MTKFLPMSGHALDIAGREPORTDATANTF handler of flp2halinterface.c, which can be exploited by an attacker to cause a local...
Google Pixel out-of-bounds write vulnerability (CNVD-2025-03265)
Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from an out-of-bounds write vulnerability that stems from a missing MTKWMT device driver boundary check in WMTunlockedioctl, which can be exploited by an attacker to cause a local privilege escalation...
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel is a spreadsheet software written by Microsoft for computers using Windows and macOS operating systems. A remote code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute code on the target host...
Microsoft Excel Code Execution Vulnerability (CNVD-2025-04193)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...
Microsoft Excel Information Disclosure Vulnerability (CNVD-2025-04190)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. An information disclosure vulnerability exists in Microsoft Excel, which can be exploited by attackers to obtain sensitive information...
Microsoft Excel Code Execution Vulnerability (CNVD-2025-04194)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...
Microsoft Excel Code Execution Vulnerability (CNVD-2025-04191)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...
Microsoft Excel Code Execution Vulnerability (CNVD-2025-04192)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...
Microsoft SharePoint Server Remote Code Execution Vulnerability (CNVD-2025-24455)
Microsoft SharePoint Server is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A remote code...
Google Chrome Resource Management Error Vulnerability (CNVD-2025-17128)
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a resource management error vulnerability, which stems from post-release reuse in Skia, that can be exploited by an attacker to cause heap corruption via a crafted HTML page...