131179 matches found
Adobe Commerce Security Bypass Vulnerability (CNVD-2026-16580)
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause a security feature bypass...
Adobe Commerce Cross-Site Scripting Vulnerability (CNVD-2026-16583)
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input. An attacker could exploit...
Adobe Commerce Cross-Site Scripting Vulnerability (CNVD-2026-16587)
Adobe Commerce is the United States of America Odobie Adobe company's a kind of merchants and brands for the world's leading digital commerce solutions. Adobe Commerce suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input. An attacker could...
Adobe Commerce Input Validation Error Vulnerability (CNVD-2026-16595)
Adobe Commerce is the United States of America Odobie Adobe company's a kind of merchants and brands for the world's leading digital commerce solutions. An input validation error vulnerability exists in Adobe Commerce, which can be exploited by an attacker to bypass security features...
OpenClaw Directory Traversal Vulnerability
OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a directory traversal vulnerability that can be exploited by an attacker to cause data to be written to an arbitrary location on the host file system...
OpenClaw Directory Traversal Vulnerability (CNVD-2026-14394)
OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a path traversal vulnerability that stems from the sandbox skill image failing to properly filter special elements in the path of a resource or file, which can be exploited by an attacker to cause a file t...
Siemens SICAM SIAPP SDK Buffer Overflow Vulnerability
Siemens SICAM SIAPP SDK is a software development kit from Siemens, Germany. A buffer overflow vulnerability exists in Siemens SICAM SIAPP SDK versions prior to V2.1.7. The vulnerability stems from a client-side component that does not perform a maximum length check on certain variables before us...
SAP Business One Job Service Cross-Site Scripting Vulnerability
SAP Business One Job Service is a service component of SAP's Enterprise Resource Planning ERP system for scheduling and executing tasks in the background. A cross-site scripting vulnerability exists in SAP Business One Job Service. The vulnerability stems from the lack of effective filtering and...
WordPress plugin Greenshift - animation and page builder blocks information disclosure vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Greenshift - animation a...
WordPress Plugin WP Booking System Information Disclosure Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin WP Booking System, which...
Adobe Commerce Cross-Site Scripting Vulnerability (CNVD-2026-16582)
Adobe Commerce is the United States of America Odobie Adobe company's a kind of merchants and brands for the world's leading digital commerce solutions. Adobe Commerce suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input. An attacker could...
OpenClaw Remote Code Execution Vulnerability (CNVD-2026-14393)
OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a remote code execution vulnerability that can be exploited by an attacker to execute arbitrary code...
Schneider Electric EcoStruxure Automation Expert Code Injection Vulnerability
Schneider Electric EcoStruxure Automation Expert is a software platform for industrial automation systems from the French company Schneider Electric Schneider Electric. A code injection vulnerability exists in Schneider Electric EcoStruxure Automation Expert, which can be exploited by an attacker...
Schneider Electric EcoStruxure Foxboro DCS Code Issue Vulnerability
The Schneider Electric EcoStruxure Foxboro DCS is an innovative fault-tolerant, highly available control component from Schneider Electric, France. A code issue vulnerability exists in the Schneider Electric EcoStruxure Foxboro DCS, which can be exploited by an attacker to cause compromise of...
Siemens SICAM SIAPP SDK Out-of-Bounds Write Vulnerability
Siemens SICAM SIAPP SDK is a software development kit from Siemens, Germany. The Siemens SICAM SIAPP SDK contains an out-of-bounds write vulnerability that can be exploited by an attacker to cause a denial of service or execute arbitrary code...
Microsoft Excel Code Execution Vulnerability (CNVD-2026-16153)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute code...
Microsoft Excel Code Execution Vulnerability (CNVD-2026-16152)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...
Google Chrome Extensions Resource Management Error Vulnerability (CNVD-2026-14595)
Google Chrome is a free web browser developed by Google Inc. A security vulnerability exists in Google Chrome Extensions, which originates from re-referencing or using freed memory and can be exploited by remote attackers to execute arbitrary code...
Fortinet FortiSandbox Cloud OS Command Injection Vulnerability
Fortinet FortiSandbox Cloud is a malware sandbox analysis platform from US-based Fiat Fortinet. Fortinet FortiSandbox Cloud version 5.0.4 suffers from an OS command injection vulnerability. The vulnerability stems from improper neutralization of special elements in os commands and can be exploite...
Huawei EMUI and Huawei HarmonyOS IMS Module Out-of-Bounds Write Vulnerability
Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. An out-of-bounds write vulnerability exists in the Huawei EMUI and Huawei HarmonyOS IMS modules, which can be...
Adobe Commerce License Issues Vulnerability (CNVD-2026-15169)
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce has an authorization issue vulnerability that can be exploited by an attacker to bypass security measures and gain unauthorized viewing...
Google Chrome Agents Resource Management Error Vulnerability
Google Chrome is a free web browser developed by Google Inc. A security vulnerability exists in Google Chrome Agents, which originates from re-referencing or using freed memory and can be exploited by remote attackers to execute arbitrary code...
Fortinet FortiSandbox Cross-Site Scripting Vulnerability (CNVD-2026-14601)
Fortinet FortiSandbox is an APT Advanced Persistent Threat protection appliance from Fortinet. The appliance offers dual sandboxing technology, dynamic threat intelligence system, real-time control panel and reporting. A cross-site scripting vulnerability exists in Fortinet FortiSandbox. The...
WordPress Plugin Classified Listing Information Disclosure Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Classified Listing, whic...
Fortinet FortiWeb OS Command Injection Vulnerability (CNVD-2026-14602)
Fortinet FortiWeb is a Web application layer firewall from the U.S. company Fita Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks to ensure the security of Web applications and protect sensitive database content. A...
Siemens SICAM SIAPP SDK Command Execution Vulnerability
Siemens SICAM SIAPP SDK is a software development kit from Siemens, Germany. The Siemens SICAM SIAPP SDK suffers from a command execution vulnerability that can be exploited by attackers to cause command injection and full system cracking...
WordPress Plugin My Tickets Information Disclosure Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin My Tickets, which can be...
Huawei EMUI and Huawei HarmonyOS System Service Framework Privilege Bypass Vulnerability
Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. A privilege bypass vulnerability exists in the Huawei EMUI and Huawei HarmonyOS system service framework, which c...
Adobe Commerce License Issues Vulnerability (CNVD-2026-15168)
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce has an authorization issue vulnerability that could be exploited by an attacker to bypass security measures and have a limited impact on...
Adobe Illustrator Stack Buffer Overflow Vulnerability (CNVD-2026-14501)
Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. Adobe Illustrator suffers from a stack buffer overflow vulnerability vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause the application to...
IBM WebSphere Application Server Security Feature Issue Vulnerability (CNVD-2026-19182)
IBM WebSphere Application Server WAS is an application server product from International Business Machines IBM. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. IBM WebSphere Application Server WAS suffers from a...
Siemens SICAM SIAPP SDK Path Traversal Vulnerability
Siemens SICAM SIAPP SDK is a software development kit from Siemens, Germany. A path traversal vulnerability exists in the Siemens SICAM SIAPP SDK that originates from performing file deletion without properly validating the file path or destination, which can be exploited by an attacker to cause ...
Siemens SICAM SIAPP SDK Stack Buffer Overflow Vulnerability
Siemens SICAM SIAPP SDK is a software development kit from Siemens, Germany. The Siemens SICAM SIAPP SDK suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to cause a stack overflow, which can be exploited for code execution and denial of service...
Google Chrome WebMIDI Memory Misreference Vulnerability
Google Chrome is a free web browser developed by Google Inc. Google Chrome WebMIDI suffers from a use-after-free vulnerability that originates from re-referencing or using freed memory, which can be exploited by remote attackers to execute arbitrary code...
Microsoft Office Code Execution Vulnerability (CNVD-2026-16160)
Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to execute...
Adobe Commerce Security Bypass Vulnerability (CNVD-2026-16579)
Adobe Commerce is the United States of America Odobie Adobe company's a kind of merchants and brands for the world's leading digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause a security feature bypass...
OpenClaw Directory Traversal Vulnerability (CNVD-2026-14392)
OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a directory traversal vulnerability that can be exploited by an attacker to write files outside of the expected temporary directory via path traversal...
Adobe Commerce Security Bypass Vulnerability (CNVD-2026-16581)
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce has a security vulnerability that can be exploited by an attacker to cause a security feature bypass...
Huawei HarmonyOS Resource Scheduling Module Privilege Control Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in the Huawei HarmonyOS resource scheduling module, which can be exploited by an attacker to compromise integrity...
Huawei EMUI and Huawei HarmonyOS email app improper checksum vulnerability
Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. A checksum misuse vulnerability exists in the Huawei EMUI and Huawei HarmonyOS email applications, which can be...
Adobe Illustrator Heap Buffer Overflow Vulnerability (CNVD-2026-14502)
Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. A heap buffer overflow vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to execute arbitrary code on the system or cause the application to crash...
Unspecified Vulnerability in StudioCMS (CNVD-2026-18150)
StudioCMS is StudioCMS open source a content management system . A security vulnerability exists in StudioCMS that can be exploited by an attacker to cause an authenticated user to perform arbitrary file operations on S3 storage buckets...
OpenAkita Operating System Command Injection Vulnerability
OpenAkita is a multi-platform, multi-intelligence collaborative AI assistant. An operating system command injection vulnerability exists in OpenAkita 1.24.3 and earlier versions. The vulnerability stems from the component Chat API Endpoint in the file src/openakita/tools/shell.py function run...
Unspecified Vulnerability in StudioCMS (CNVD-2026-18153)
StudioCMS is StudioCMS open source a content management system . StudioCMS has an authorization issue vulnerability that originates from improper authorization of the /studiocmsapi/dashboard/api-tokens endpoint, which can be exploited by an attacker to cause elevation of privilege...
Adobe Commerce Server-Side Request Forgery Vulnerability
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce suffers from a server-side request forgery vulnerability that can be exploited by an attacker to read arbitrary file systems...
WordPress Plugin Eagle Booking SQL Injection Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A SQL injection vulnerability exists in the WordPress plugin Eagle Booking. The vulnerability...
WordPress Plugin Chaty Information Disclosure Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin Chaty suffers from an information disclosure vulnerability that can be exploit...
WordPress Plugin Easy Post Submission Has Unspecified Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin Easy Post Submission, which stems from ...
Microsoft Excel Code Execution Vulnerability (CNVD-2026-14408)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute code...
Adobe Commerce License Issue Vulnerability (CNVD-2026-15170)
Adobe Commerce is the United States of America Odobie Adobe company's a kind of merchants and brands for the world's leading digital commerce solutions. Adobe Commerce has an authorization issue vulnerability that can be exploited by an attacker to bypass security measures and gain limited...