130931 matches found
Google Android skia_alloc_func out-of-bounds write vulnerability
Google Android is a Linux-based open source operating system from Google. Google Android SkDeflate.cp contains an out-of-bounds write vulnerability in skiaallocfunc, which can be exploited by a local attacker to submit a special request that can elevate privileges...
Google Android setSkipPrompt method elevation of privilege vulnerability
Google Android is a Linux-based open source operating system from Google. Google Android has a security vulnerability that can be exploited by local attackers to submit special requests that can elevate privileges...
Foxit PDF Reader Buffer Overflow Vulnerability (CNVD-2025-00954)
Foxit PDF Reader is China Foxit Foxit company a PDF reader. Foxit PDF Reader suffers from a buffer overflow vulnerability that stems from a lack of proper validation of user-supplied data, resulting in a memory corruption condition that can be exploited by a remote attacker to execute code in the...
Logic Flaw Vulnerability in DS-A80624S at Hangzhou Hikvision Digital Technology Co.
The DS-A80624S is a 24-drive network storage device from Hikvision. A logic flaw vulnerability exists in the DS-A80624S of Hangzhou Hikvision Digital Technology Co. that can be exploited by an attacker to obtain sensitive information...
Linux kernel resource management error vulnerability (CNVD-2025-00975)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a resource management error vulnerability that stems from the fact that getmr will fail if a connection has not yet been established, triggering a...
Chat System deleteuser.php File SQL Injection Vulnerability
Chat System is a chat system. Chat System suffers from a SQL injection vulnerability that originates from a SQL injection in the parameter id of the /admin/deleteuser.php file. An attacker can exploit this vulnerability to obtain sensitive information...
Google Android isPackageDeviceAdmin Elevation of Privilege Vulnerability
Google Android is a Linux-based open source operating system from Google. An elevation of privilege vulnerability exists in Google Android isPackageDeviceAdmin, which can be exploited by an attacker to submit a special request for elevation of privilege...
Google Android resizeToAtLeast elevation of privilege vulnerability
Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android, which stems from an integer overflow in the resizeToAtLeast function of the SkRegion.cpp file, which may be subject to out-of-bounds writes. A local attacker can exploit th...
Mattermost Denial of Service Vulnerability (CNVD-2025-12636)
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a denial of service vulnerability that stems from a failure to limit the file size of slack import file uploads. An attacker could exploit this vulnerability to import data to...
Foxit PDF Reader elevation of privilege vulnerability (CNVD-2025-01708)
Foxit PDF Reader is a PDF document reader. A security vulnerability exists in the Foxit PDF Reader installer, which can be exploited by a local attacker to construct a special request that can execute arbitrary code with SYSTEM privileges...
Google Android onPrimaryClipChanged elevation of privilege vulnerability
Google Android is a Linux-based open source operating system from Google. An elevation of privilege vulnerability exists in Google Android onPrimaryClipChanged, which can be exploited by an attacker to submit a special request for elevation of privilege...
FFmpeg integer overflow vulnerability (CNVD-2025-01707)
FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. An integer overflow vulnerability exists in FFmpeg n6.1.1, which can be exploited by a remote attacker to submit a special file and trick the user into parsing it, which can crash the...
Google Android prepare_to_draw_into_mask arbitrary code execution vulnerability
Google Android is a Linux-based open source operating system from Google. Google Android SkBlurMaskFilterImpl.cpp contains a security vulnerability in preparetodrawintomask, which can be exploited by a remote attacker to submit a special request that can be used in the application context to...
D-Link DIR-816 A2 Improper Access Control Vulnerability
The D-Link DIR-816 A2 is a wireless router from AUO D-Link of Taiwan, China. An improper access control vulnerability exists in the D-Link DIR-816 A2. The vulnerability originates from /goform/DDNS in the DDNS Service component and can be exploited by an attacker to access and manipulate the DDNS...
Foxit PDF Reader Buffer Overflow Vulnerability (CNVD-2025-00955)
Foxit PDF Reader is China Foxit Foxit company a PDF reader. A buffer overflow vulnerability exists in Foxit PDF Reader version 2024.2.3.25184, which stems from a lack of proper validation of user-supplied data, resulting in the reading of data beyond the end of the allocated buffer, and can be...
Command Execution Vulnerability in Xunrui CMS of Sichuan Xunrui Cloud Software Development Co.
Xunrui CMS is a free and open source web content management system CMS based on PHP language. Sichuan Xunrui Cloud Software Development Co., Ltd. Xunrui CMS has a command execution vulnerability that can be exploited by attackers to gain server privileges...
Google Android elevation of privilege vulnerability (CNVD-2025-03655)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability caused by an out-of-bounds write in String16 of String16.cpp. An attacker can exploit the vulnerability to escalate privileges...
Google Pixel has an unspecified vulnerability (CNVD-2025-05538)
Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from an unspecified vulnerability that stems from a lack of bounds checking in handlenotificationresponse in btifrc.cc, which leads to out-of-bounds writes. No details of the vulnerability are provided at...
Google Pixel suffers from an unspecified vulnerability (CNVD-2025-05537)
Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from an unspecified vulnerability that stems from incorrect input validation and could lead to local elevation of privilege. No details of the vulnerability are provided at this time...
Harbin Weicheng Technology Co., Ltd. eDa CMS has information leakage vulnerability
Yida CMS YidaCMS is a free open source web site management system based on Microsoft Windows IIS platform , using ASP language and ACCESS and MSSQL dual database development is completed . Harbin Weicheng Technology Co., Ltd. YidaCMS information leakage vulnerability, attackers can use the...
SQL Injection Vulnerability in Shenzhen Yimasuno Technology Co.
Yilma Intelligent Energy Management Platform is a comprehensive platform that integrates a variety of advanced information technologies, aiming at realizing the comprehensive intelligent management of the energy system. Shenzhen Yimasuno Technology Co., Ltd Yimasuno Intelligent Energy Management...
SQL Injection Vulnerability in WOES Intelligent Optimization and Energy Saving System of Wanzhou Electric Co.
WOES Intelligent Optimization and Energy Saving System is a set of energy online monitoring and analysis management system with the core purpose of energy saving and consumption reduction. WOES Intelligent Optimization and Energy Saving System of Wanzhou Electric Co., Ltd. suffers from a SQL...
File Upload Vulnerability in CloudLink ERP Management System of Beijing Zhongke Shangsoft Software Co.
Ltd. is a high-tech software organization focusing on enterprise informatization construction. There is a file upload vulnerability in the CloudLink ERP management system of Beijing Zhongke Shangsoft Software Co., Ltd, which can be exploited by attackers to gain server privileges...
Google Android Speech Recognizer Information Disclosure Vulnerability
Google Android is a Linux-based open source operating system from Google. An information disclosure vulnerability exists in Google Android Speech Recognizer, which is caused by a flaw in the Speech Recognizer component. An attacker can exploit the vulnerability to obtain sensitive information...
SQL Injection Vulnerability in Hunan Zhonghe Baiyi Information Technology Co.
Hunan Zhonghe Baiyi Information Technology Co., Ltd referred to as: Baiyi Cloud was founded in 2017 is a national high-tech enterprise focusing on digital R&D and services in the field of real estate. Hunan Zhonghe Baiyi Information Technology Co. Ltd Capital Management Cloud has a SQL injection...
Huawei HarmonyOS AILife Solution Path Traversal Vulnerability
Huawei HarmonyOS AILife Solution is a linked operating system for smart devices from the Chinese company Huawei. A path traversal vulnerability exists in Huawei HarmonyOS AILife Solution version 8.0, which can be exploited by an attacker to cause unauthorized deletion of a music host file or a...
Google Android suffers from unspecified vulnerability (CNVD-2025-01682)
Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android that stems from a divide-by-zero error in the VideoFrameScheduler::PLL::fit method in the VideoFrameScheduler.cpp file, which could lead to a remote denial of service. No...
Unspecified vulnerability in Linux kernel (CNVD-2025-01676)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a null pointer dereference issue in the cpufreq subsystem caused by the cpufreqcpugetraw function potentiall...
Unspecified vulnerability in Linux kernel (CNVD-2025-01678)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an issue in the net/enetc driver that does not check for SI support when configuring preemptive TCs. No...
Google Pixel has an unspecified vulnerability (CNVD-2025-01683)
Google Pixel is a smartphone from the American company Google Google. Google Pixel has a security vulnerability that stems from multiple possible out-of-bounds writes in the /proc/driver/wmtdbg driver. No details of the vulnerability are provided at this time...
Google Pixel has an unspecified vulnerability (CNVD-2025-01684)
Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a security vulnerability that stems from a lack of boundary checking in mtkcfg80211vendorpacketkeepalive in drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/glvendor.c and...
IBM WebSphere Automation Command Injection Vulnerability
IBM WebSphere Automation is an automation management software from IBM for optimizing and managing data center resources. A security vulnerability exists in IBM WebSphere Automation version 1.7.5. A remote attacker could exploit the vulnerability to execute arbitrary code on the system...
Apple iPadOS and iPhone OS Information Disclosure Vulnerability
iPadOS is Apple's mobile operating system for iPad devices, which is based on iOS and optimized for iPad. iPhone OS is Apple's operating system for iPhone and iPod touch. Apple iPadOS and iPhone OS suffer from an information disclosure vulnerability that originates from the possibility that a...
Apple macOS Access Control Vulnerability
macOS is a set of operating systems developed by Apple to run on the Macintosh family of computers. Apple macOS suffers from an access control vulnerability that stems from the fact that applications may be able to access sensitive user data. An attacker could exploit the vulnerability to obtain...
Apple iPhone OS and iPadOS Privacy Breach Vulnerability
iPhone OS is the operating system developed by Apple for the iPhone and iPod touch. iPadOS is Apple's mobile operating system for iPad devices, which is based on iOS and optimized for iPad. A privacy disclosure vulnerability exists in Apple iPhone OS and iPadOS, which stems from the fact that use...
Google Android Information Disclosure Vulnerability (CNVD-2025-00875)
Google Android is a Linux-based open source operating system from Google. Google Android has an information disclosure vulnerability that can be exploited by attackers to obtain sensitive information...
Google Android Code Execution Vulnerability (CNVD-2025-03018)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from a code execution vulnerability caused by an out-of-bounds write in prop2cfg of btifstorage.cc. An attacker can exploit the vulnerability to run arbitrary code on the system...
SQL Injection Vulnerability in U8 Cloud of UFIDA Network Technology Co.
U8 Cloud is a new-generation cloud ERP Enterprise Resource Planning solution launched by UFIDA, mainly for growing and innovative enterprises, aiming to provide a comprehensive enterprise-level cloud ERP total solution. A SQL injection vulnerability exists in UFIDA U8 Cloud, which can be exploite...
Huawei Myna Input Validation Error Vulnerability
Huawei Myna is a smart speaker from Chinese company Huawei Huawei. Huawei Myna suffers from an Input Validation Error vulnerability that originates from a module that does not adequately integrity check inputs in certain scenarios. An attacker can exploit this vulnerability to affect the normal...
Logic flaws exist in the integrated collaborative office platform of Hunan Chuangxing Technology Co.
Hunan Chuangxing Technology Co., Ltd. is a national key high-tech enterprise focusing on providing overall solutions of informatization, digitization and intelligence in the field of medical and healthcare. A logic flaw exists in the integrated collaborative office platform of Hunan Chuangxing...
WordPress plugin wp-publications cross-site scripting vulnerability
WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin wp-publications has a cross-site scripting vulnerability, the vulnerability stems from...
Dcat Admin admin/articles/create interface cross-site scripting vulnerability
Dcat Admin is a second development based on laravel-admin to build the backend system tools . A cross-site scripting vulnerability exists in Dcat Admin v2.2.0-beta, which stems from the lack of effective filtering and escaping of user-supplied data in /admin/articles/create, and can be exploited ...
Smarts Smart Agent interface.php Page SQL Injection Vulnerability
Smarts Smart Agent is a powerful, flexible and scalable tool from Smarts for monitoring wireless network performance and services from the end user's perspective. An SQL injection vulnerability exists in Smarts Smart Agent v1.1.0, which stems from a lack of validation of externally entered SQL...
IBM AIX Competitive Conditions Issue Vulnerability
IBM AIX is an open standards-based UNIX operating system developed by International Business Machines IBM for the IBM Power architecture. IBM AIX has a security vulnerability that can be exploited by attackers to cause a denial of service...
Information Leakage Vulnerability in the Commercial Lease Management System of Joyous (Guangzhou) Information Technology Co.
Competitive Excellence Guangzhou Information Technology Ltd. is a company mainly engaged in the manufacturing of computer, communication and other electronic equipment. An information leakage vulnerability exists in the commercial leasing management system of Competitive Excellence Guangzhou...
Google Android Denial of Service Vulnerability (CNVD-2025-03020)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from a denial of service vulnerability that can be exploited by attackers to cause a denial of service...
Google Pixel suffers from an unspecified vulnerability (CNVD-2025-05536)
Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from an unspecified vulnerability that stems from improper input validation in l2clccprocpdu in l2cfcr.cc, which can lead to out-of-bounds writes. No details of the vulnerability are provided at this time...
Google Android Denial of Service Vulnerability (CNVD-2025-03654)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from a denial of service vulnerability caused by an out-of-bounds read in mverrcost in mcomp.c. The vulnerability is caused by an out-of-bounds read in mverrcost. An attacker can exploit this...
Cisco IOS Software and IOS XE Software Access Control Error Vulnerability
Cisco IOS and IOS XE are a set of operating systems developed by Cisco for its network devices. An access control error vulnerability exists in the Simple Network Management Protocol SNMP IPv4 access control list feature of Cisco IOS Software and IOS XE Software, which stems from the program not...
Google Android Denial of Service Vulnerability (CNVD-2025-00876)
Google Android is a Linux-based open source operating system from Google. A denial of service vulnerability exists in Google Android, which originates in the ihevcdapi.c file where the ihevcdallocatedynamicbufs function runs out of resources due to an integer overflow, which can be exploited by a...