130931 matches found
NocoDB Access Control Error Vulnerability
NocoDB is nocodb open source an Airtable alternative . Convert any MySql, PostgreSql, Sql Server, Sqlite and MariaDb to a smart spreadsheet . An access control error vulnerability exists in versions prior to NocoDB 0.301.3. The vulnerability stems from the password reset process not undoing an...
D-Link DIR-513 goform/formAdvFirewall File Buffer Overflow Vulnerability
D-Link DIR-513 is a wireless router product from China's AUO D-Link. A buffer overflow vulnerability exists in the D-Link DIR-513 v1.10 version. The vulnerability stems from the goform/formAdvFirewall component failing to properly validate the length and size of input data, which can be exploited...
Siemens Mendix Application Authorization Misconfiguration Vulnerability
Siemens Mendix is a low-code application development platform from Siemens. An authorization misconfiguration vulnerability exists in the Siemens Mendix application, which can be exploited by an attacker to obtain sensitive information...
Siemens SIMATIC S7-1500 Device Stored Cross-Site Scripting Vulnerability
SIMATIC S7-1500 is an industrial controller from Siemens. A stored cross-site scripting vulnerability exists in the Siemens SIMATIC S7-1500, which can be exploited by an attacker to inject code by tricking a legitimate user into importing a specially crafted trace file in a web interface...
Siemens SIDIS Prime has multiple vulnerabilities
SIDIS is a commissioning and testing system for vehicle production that meets the needs of digital assembly and testing of vehicle ECUs. Multiple vulnerabilities exist in Siemens SIDIS Prime versions prior to V4.0.800, which can be exploited by attackers to compromise the confidentiality, integri...
Multiple Vulnerabilities in Siemens RUGGEDCOM APE1808 Device Fortigate NGFW
The RUGGEDCOM APE1808 is a powerful utility-grade application hosting platform that allows you to deploy a wide range of commercial applications for edge computing and cybersecurity in demanding industrial environments. Siemens RUGGEDCOM APE1808 appliance Fortigate NGFW has multiple vulnerabiliti...
Siemens COMOS has multiple vulnerabilities
COMOS is a unified data platform for collaborative plant design, operations and management that supports the collection, processing, retention and distribution of information throughout the plant lifecycle. Siemens COMOS has multiple vulnerabilities that can be exploited by attackers to execute...
Multiple Vulnerabilities in Siemens RUGGEDCOM APE1808 Device Fortigate NGFW V7.4.7 Prior Versions
The RUGGEDCOM APE1808 is a powerful industrial-grade application hosting platform that allows you to deploy a wide range of commercial edge computing and cybersecurity applications in harsh industrial environments. Siemens RUGGEDCOM APE1808 appliance Fortigate NGFW V7.4.7 prior version has multip...
Multiple vulnerabilities exist in the Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP add-on GNU/Linux subsystem.
The SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP is the central processing unit CPU of the Siemens S7-1500 series for high-performance, communication-demanding and complex automation tasks. Multiple vulnerabilities exist in the Siemens SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP add-on GNU/Linux subsystem,...
Apache Superset Security Bypass Vulnerability
Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. A security bypass vulnerability exists in Apache Superset, which can be exploited by an attacker to execute sensitive SQL functions...
Google Android elevation of privilege vulnerability (CNVD-2026-16155)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which stems from a lack of privilege checking in the relayoutWindow function of WindowManagerService.java, which can be exploited by an attacker to gain...
Chamilo check_parse_lang.php file OS command injection vulnerability
Chamilo is a learning management system open source by Chamilo. Chamilo checkparselang.php file has an operating system command injection vulnerability that can be exploited by an attacker to cause arbitrary command execution...
Unspecified Vulnerability in Google Android (CNVD-2026-14652)
Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android, which originates from a logic error in the onStart function of CompanionDeviceManagerService.java, which can be exploited by an attacker to cause a local elevation of...
Google Android suffers from unspecified vulnerability (CNVD-2026-14651)
Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android, which stems from a logic error in the loadDataAndPostValue function for multiple files, which may mask the use of permissions and can be exploited by an attacker to cause a...
Google Android elevation of privilege vulnerability (CNVD-2026-14650)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to gain higher privileges on the system...
Google Android elevation of privilege vulnerability (CNVD-2026-14649)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that could be initiated anywhere due to proxy obfuscation in executeRequest of ActivityStarter.java. An attacker can exploit the vulnerability to gain...
Google Android Denial of Service Vulnerability (CNVD-2026-14647)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from a denial of service vulnerability that stems from improper input validation in multiple locations, which can be exploited by an attacker to cause a denial of service...
Google Android suffers from unspecified vulnerability (CNVD-2026-14646)
Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android, which originates from a logic error in the jumptopayload function of payload.rs, which can be exploited by an attacker to cause a local information disclosure...
Google Android Access Control Error Vulnerability (CNVD-2026-14643)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an Access Control Error vulnerability that originates from a logic error in multiple functions of ContentProvider.java, which can be exploited by an attacker to cause an application with read-onl...
Chamilo import.php file OS command injection vulnerability
Chamilo is a learning management system open source by Chamilo. Chamilo import.php file exists operating system command injection vulnerability , the vulnerability stems from /plugin/vchamilo/views/import.php POST tomaindatabase parameter fails to correctly filter constructive commands special...
Google Android elevation of privilege vulnerability (CNVD-2026-14644)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that originates from a logic error in multiple functions of TaskFragmentOrganizerController.java, which can be exploited by an attacker to elevate privileg...
Chamilo CSV File Name Cross-Site Scripting Vulnerability
Chamilo is a learning management system open source by Chamilo. A cross-site scripting vulnerability exists in Chamilo CSV filenames, which stems from insufficient cleanup of CSV filenames, and no detailed vulnerability details are provided at this time...
Google Android suffers from unspecified vulnerability (CNVD-2026-14645)
Google Android is a Linux-based open source operating system from Google. Google Android has a security vulnerability that can be exploited by attackers to cause local elevation of privilege...
Google Chrome Skia integer overflow vulnerability (CNVD-2026-13797)
Google Chrome is a free web browser developed by Google Inc. Google Chrome Skia suffers from an integer overflow vulnerability that stems from improper handling of integer values and can be exploited by remote attackers to execute arbitrary code...
Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability
Microsoft ACI Confidential Containers is a Microsoft credentials container. A security vulnerability exists in Microsoft ACI Confidential Containers that stems from a poor design and can be exploited by a local attacker to elevate privileges...
Google Chrome WebCodecs Heap Overflow Vulnerability
Google Chrome is a free web browser developed by Google Inc. Google Chrome WebCodecs suffers from a heap overflow vulnerability that originates from a partial overwrite of heap memory and can be exploited by remote attackers to execute arbitrary code...
Gradio Trust Management Issue Vulnerability
Gradio is an open source Python library from Gradio Open Source, a way to demonstrate machine learning models through a friendly web interface. A trust management issue vulnerability exists in Gradio versions prior to 4.16.0 through 6.6.0. The vulnerability stems from the automatic enablement of...
Google Android elevation of privilege vulnerability (CNVD-2026-13149)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that originates from a logic error in multiple functions of KeyguardViewMediator.java, which can be exploited by an attacker to gain elevated privileges on...
Google Android elevation of privilege vulnerability (CNVD-2026-13148)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that originates from a logic error in exitKeyguardAndFinishSurfaceBehindRemoteAnimation of KeyguardViewMediator.java, which can be exploited by an attacker...
Google Android elevation of privilege vulnerability (CNVD-2026-13144)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that is caused by a lock screen bypass due to competing conditions in multiple functions of KeyguardViewMediator.java. An attacker can exploit the...
Google Android suffers from unspecified vulnerability (CNVD-2026-13143)
Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android, which stems from a lack of permission checking in validateAddingWindowLw of DisplayPolicy.java, and can be exploited by an attacker to cause an application to intercept...
IBM InfoSphere Information Server Log Information Disclosure Vulnerability
IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A log information disclosure vulnerability exists in IBM InfoSphere Information Server that...
Chamilo index.php file SQL injection vulnerability
Chamilo is a learning management system open source by Chamilo. Chamilo index.php file contains a SQL injection vulnerability , an attacker can use the vulnerability to execute illegal SQL commands to steal sensitive database data...
Chamilo hotpotatoes.php File SQL Injection Vulnerability
Chamilo is a learning management system open source by Chamilo. Chamilo hotpotatoes.php file contains a SQL injection vulnerability that can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...
Chamilo add_users_to_session.php file cross-site scripting vulnerability
Chamilo is a learning management system open source by Chamilo. A cross-site scripting vulnerability exists in the Chamilo adduserstosession.php file, which can be exploited by an attacker to execute arbitrary Web script or HTML by injecting a crafted payload...
Microsoft Devices Pricing Program Code Issue Vulnerability
The Microsoft Devices Pricing Program is Microsoft's exclusive device purchasing and pricing mechanism for enterprise customers, partners, or select channels to enjoy customized pricing, terms of business, and support for volume purchases of Surface Series devices such as Surface Laptop, Surface...
Google Android elevation of privilege vulnerability (CNVD-2026-13145)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is caused by a possible way to bypass the WRITEEXTERNALSTORAGE privilege due to a lack of privilege checking in multiple functions of...
Chamilo editinstance.php file OS command injection vulnerability
Chamilo is a learning management system open source by Chamilo. Chamilo editinstance.php file has an operating system command injection vulnerability , the vulnerability stems from the file /plugin/vchamilo/views/editinstance.php on the POST parameter maindatabase improperly handled , an attacker...
D-Link DIR-513 goform/formSetDomainFilter File Buffer Overflow Vulnerability
D-Link DIR-513 is a wireless router product from China's AUO D-Link. A buffer overflow vulnerability exists in the D-Link DIR-513 goform/formSetDomainFilter file, which originates from the parameter curTime in the goform/formSetDomainFilter file that fails to correctly validate the length of the...
Google Android suffers from unspecified vulnerability (CNVD-2026-13151)
Google Android is a Linux-based open source operating system from Google. Google Android has a security vulnerability that can be exploited by attackers to cause local elevation of privilege...
Google Chrome WebAssembly Memory Out-of-Bounds Access Vulnerability
Google Chrome is a free web browser developed by Google Inc. A memory out-of-bounds access vulnerability exists in Google Chrome WebAssembly, which stems from improper memory buffer access control and can be exploited by remote attackers to execute arbitrary code...
Discourse Access Control Error Vulnerability (CNVD-2026-17485)
Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from an Access Control Error vulnerability that stems from an open Access Control Failure in the Data Explorer plugin,...
Google Android Information Disclosure Vulnerability (CNVD-2026-16154)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability. The vulnerability is caused by a possible way to access the GPU cache due to side channel information leakage in drawLayersInternal of SkiaRenderEngine.cp...
Google Chrome WebAudio Memory Out-of-Bounds Access Vulnerability
Google Chrome is a free web browser developed by Google Inc. Google Chrome WebAudio suffers from a memory out-of-bounds access vulnerability that stems from an improper implementation and can be exploited by remote attackers to execute arbitrary code...
D-Link DIR-513 Stack Buffer Overflow Vulnerability (CNVD-2026-19424)
D-Link DIR-513 is a wireless router product from China's AUO D-Link. The D-Link DIR-513 suffers from a stack buffer overflow vulnerability that originates from the parameter curTime in the file goform/formSetWANTypeWizard5 that fails to correctly validate the length size of the input data, which...
Google Chrome CSS Memory Out-of-Bounds Read Vulnerability
Google Chrome is a free web browser developed by Google Inc. Google Chrome CSS suffers from a memory out-of-bounds read vulnerability that originates from out-of-bounds reads of memory buffer data, which can be exploited by remote attackers to execute arbitrary code...
Microsoft Payment Orchestrator Service Access Control Error Vulnerability
Microsoft Payment Orchestrator Service is a Microsoft feature that provides cloud-native payment process automation and orchestration for the financial services industry. An Access Control Error vulnerability exists in Microsoft Payment Orchestrator Service, which stems from improper authenticati...
Apache Airflow Log Message Disclosure Vulnerability
Apache Airflow is the United States Apache Apache Foundation's set of open source platform with the creation, management and monitoring of workflow functions. The platform is scalable and dynamic monitoring and other features. Apache Airflow has a log information disclosure vulnerability. An...
Google Android Denial of Service Vulnerability (CNVD-2026-13150)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from a denial of service vulnerability that is caused due to a path traversal error in multiple functions of MmsProvider.java resulting in a possible way of arbitrarily deleting files affecting phone...
D-Link DIR-513 Stack Buffer Overflow Vulnerability (CNVD-2026-16146)
D-Link DIR-513 is a wireless router product from China's AUO D-Link. The D-Link DIR-513 suffers from a stack buffer overflow vulnerability that originates from the failure of the parameter curTime in the file goform/formSetQoS to properly validate the length size of the input data, which can be...