130931 matches found
WordPress Show Analytics widget plugin cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Plugin eDoc Easy Tables SQL Injection Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exists in WordPress plugin eDoc Easy Tables version 1.29 and earlier...
WordPress Plugin Elementor Addons AI Addons Information Disclosure Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure vulnerability exists in WordPress plugin Elementor Addons AI Addons version...
WordPress plugin Email Reminders cross-site scripting vulnerability
WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Email Reminders version 2.0.5 and previous versions of cross-site scripting vulnerabili...
WordPress Plugin EMC2 Alert Boxes Cross-Site Scripting Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin EMC2 Alert Boxes version 1.3 and previous versions exist cross-site scripting...
WordPress plugin EO4WP cross-site scripting vulnerability
WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin EO4WP version 1.0.7 and previous versions of cross-site scripting vulnerability , the...
WordPress Plugin Enable Accessibility Cross-Site Scripting Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Enable Accessibility version 1.4.1 and previous versions of the existence of cross-site...
WordPress Plugin Estatik Mortgage Calculator Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Plugin FlickRocket Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin FlickRocke...
WordPress plugin formafzar cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin formafzar...
WordPress Plugin Geo Content Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Geo Conten...
WordPress Plugin GDY Modular Content Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin GDY Modula...
WordPress Plugin Google Adwords Information Disclosure Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Google...
WordPress plugin Gutentor cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Gutentor...
WordPress Plugin WPMU Prefill Post SQL Injection Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exists in WordPress plugin WPMU Prefill Post version 1.02 and earlier...
Unspecified Vulnerability in SonicWall SonicOS (CNVD-2025-01663)
SonicWALL SonicOS is a set of operating systems designed for SonicWall firewall appliances from SonicWALL, Inc. A security vulnerability exists in SonicWALL SonicOS, which stems from a post-authentication absolute path traversal vulnerability that can be exploited by an authenticated remote...
Google Android has an unspecified vulnerability (CNVD-2025-01664)
Google Android is a Linux-based open source operating system from Google. Google Android has a security vulnerability that stems from a possible biometric bypass. No details of the vulnerability are provided at this time...
Google Android lwis_ioctl.c Heap Buffer Overflow Vulnerability
Google Android is a Linux-based open source operating system developed by Google Inc. in the United States. Google Android suffers from a security vulnerability that originates from a heap buffer overflow in the constructtransactionfromcmd function of the lwisioctl.c file, which may have...
Google Android elevation of privilege vulnerability (CNVD-2025-01825)
Google Android is a Linux-based open source operating system developed by Google Inc. in the United States. Google Android suffers from a security vulnerability, no details of the vulnerability are provided at this time...
IBM Engineering Lifecycle Optimization Publishing SQL Injection Vulnerability
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 is IBM's software for engineering lifecycle management optimization. A SQL injection vulnerability exists in IBM Engineering Lifecycle Optimization - Publishing. A remote attacker could exploit this vulnerability by sending...
Unspecified Vulnerability in SonicWall SonicOS (CNVD-2025-01661)
SonicWALL SonicOS is a set of operating systems designed for SonicWall firewall appliances from SonicWALL, Inc. A security vulnerability exists in SonicWALL SonicOS, which stems from a format string issue that can be exploited by an authenticated, remote attacker to crash the firewall and...
Logic flaw vulnerability in SAG security gateway of Beijing Shenzhou Green Alliance Technology Co.
SAG Security Gateway is an intelligent access gateway service. A logic flaw vulnerability exists in the SAG Security Gateway of Beijing Shenzhou Green Alliance Technology Co. Ltd, which can be exploited by attackers to obtain sensitive information...
Online Shoe Store details.php File SQL Injection Vulnerability
Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that originates from the id parameter in the /details.php page that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal S...
Online Shoe Store details2.php file SQL Injection Vulnerability
Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that originates from the id parameter in the /details2.php page that lacks validation of externally-entered SQL statements. An attacker can exploit this vulnerability to execute illegal...
Online Shoe Store /login.php File SQL Injection Vulnerability
Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that originates from the lack of validation of the password parameter in the /function/login.php page against externally entered SQL statements. An attacker can exploit this vulnerabilit...
Online Shoe Store summary.php File SQL Injection Vulnerability
Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that originates from the lack of validation of the tid parameter in the /summary.php page against externally entered SQL statements. The vulnerability can be exploited by an attacker to...
Google Android lwis_periodic_io.c out-of-bounds write vulnerability
Google Android is an open source cell phone operating system developed by Google. Google Android suffers from an out-of-bounds write vulnerability that originates from an integer overflow in the prepareresponse function of the lwisperiodicio.c file, which can be exploited by an attacker to achiev...
Google Android sms_Utilities.c Out-of-Bounds Read Vulnerability
Google Android is an open source cell phone operating system developed by Google. Google Android suffers from an out-of-bounds read vulnerability that stems from incorrect boundary checking of the smsDisplayHexDumpOfPrivacyBuffer function in the smsUtilities.c file. An attacker can exploit the...
Google Android app bypasses VPN elevation of privilege vulnerability
Google Android is an open source cell phone operating system developed by Google. Google Android suffers from an elevation of privilege vulnerability that stems from an undeclared permission to add an application to bypass a VPN.An attacker can exploit this vulnerability to achieve a local...
WordPress plugin Hash Elements cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Hash...
WordPress Plugin Form Maker by 10Web Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Form Maker...
Unspecified Vulnerability in SonicWall SonicOS (CNVD-2025-01662)
SonicWALL SonicOS is a set of operating systems designed for SonicWall firewall appliances from SonicWALL, Inc. A security vulnerability exists in SonicWALL SonicOS that stems from an integer buffer overflow vulnerability via IPSec, which can be exploited by remote attackers to cause a denial of...
Emlog Pro Cross-Site Scripting Vulnerability (CNVD-2025-01706)
Emlog Pro is a lightweight blogging system that provides easy-to-use blog management features. A cross-site scripting vulnerability exists in Emlog Pro 2.4.3. The vulnerability originates from unknown functionality in the file /admin/twitter.php of the Subpage Handler component. An attacker can...
Responsive Hotel Site print.php Page SQL Injection Vulnerability
Responsive Hotel Site is a responsive hotel website. Responsive Hotel Site suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the pid parameter of the /admin/print.php page. The vulnerability can be exploited by an attacker...
Unspecified vulnerability in Linux kernel (CNVD-2025-01666)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel. The vulnerability originates from the fact that when the "kernel IBT no ENDBR" self-test is triggered in the x86/fred modul...
Apache OpenMeetings Code Issue Vulnerability
Apache OpenMeetings is an open source audio and video conferencing software widely used for enterprise-class online collaboration and meeting management. A security vulnerability exists in Apache OpenMeetings. An attacker could exploit the vulnerability to cause untrusted data to be deserialized...
SonicWall SonicOS Stack Overflow Vulnerability
SonicWALL SonicOS is a set of operating systems designed for SonicWall firewall appliances from SonicWALL, Inc. A security vulnerability exists in SonicWALL SonicOS that stems from the presence of a stack-based buffer overflow, which can be exploited by an authenticated, remote attacker to crash...
Unspecified vulnerability in Linux kernel (CNVD-2025-01665)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a special USB interrupt interface for MediaTek in the btusb driver for Bluetooth modules that needs to be...
Unspecified Vulnerability in Ffmpeg (CNVD-2025-01669)
FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in FFmpeg. An attacker can exploit this vulnerability to commit a denial of service by triggering a null pointer dereference during initialization of a...
Ffmpeg Information Disclosure Vulnerability
FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. An information disclosure vulnerability exists in FFmpeg, which stems from incorrect parsing of non-TTY-compliant input files in HLS playlists, and can be exploited by an attacker to cause ...
WordPress Plugin Education LMS Cross-Site Scripting Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Education LMS version 0.0.7 and previous versions exist cross-site scripting...
WordPress Plugin DynamicTags SQL Injection Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exists in WordPress plugin DynamicTags version 1.4.0 and earlier versions,...
WordPress Plugin ElementsCSS Addons for Elementor Cross-Site Scripting Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. Cross-site scripting vulnerability exists in WordPress plugin ElementsCSS Addons for Elementor version...
Online Shoe Store Improper Access Control Vulnerability
Online Shoe Store is an online shoe store system. Online Shoe Store has an Improper Access Control vulnerability that stems from multiple parameters in the /admin/index.php page containing an improper access control vulnerability. No details of the vulnerability are available at this time...
WordPress Plugin Groundhogg Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
Information Leakage Vulnerability in Education Cloud Application Center of Beijing Software Branch of KDDI (Beijing) Co.
Ltd. has been engaged in the research of core artificial intelligence technologies such as intelligent speech, computer vision, natural language processing, cognitive intelligence and other core technologies and maintains the international cutting-edge level. There is an information leakage...
Command Execution Vulnerability in Operation and Maintenance Management Audit System of Shanghai Shangxun Information Technology Co.
hereinafter referred to as "SinoCom-ArtM" is one of the leading providers of data, intelligent security operation and maintenance, mobile security, security services and other fields in China. A command execution vulnerability exists in the Operations and Maintenance Management and Audit System o...
Linux Kernel Memory Misreference Vulnerability (CNVD-2025-02555)
Linux Kernel is an open source operating system kernel, which is one of the core components of the operating system. A memory misreference vulnerability exists in the Linux Kernel. The vulnerability arises because the VAS window saves VMA addresses in the VAS window structure when mapping paste...
Linux kernel use-after-release vulnerability
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A use-after-release vulnerability exists in the Linux kernel. An attacker could exploit this vulnerability to cause a use-after-release issue on the system, which could result ...
Binary Vulnerability in Longxin Browser of Longxin Zhongke Technology Co.
Longxin Browser is a browser developed by Longxin Zhongke Longxin Zhongke Technology Co., Ltd.. A binary vulnerability exists in Longxin Browser, which can be exploited by attackers to cause a denial of service...