130931 matches found
GFI MailEssentials AI Anti-Spoofing Configuration Page Cross-Site Scripting Vulnerability
GFI MailEssentials AI is a U.S. GFI open source anti-spam and data leakage protection software. A cross-site scripting vulnerability exists in the GFI MailEssentials AI Anti-Spoofing configuration page, which can be exploited by an attacker to execute scripts in the context of a logged-in user...
Apple macOS Tahoe Information Disclosure Vulnerability (CNVD-2026-14994)
Apple macOS Tahoe is an operating system from the American company Apple. Apple macOS Tahoe suffers from an information disclosure vulnerability that can be exploited by attackers to cause an application to access protected user data...
XML External Entity Injection Vulnerability in IBM Db2
IBM Db2 is the United States International Business Machines IBM company developed a set of relational database management system, it is the main operating environment for UNIX including IBM's own AIX, Linux, IBM i formerly known as OS/400, z/OS, and Windows server versions. An XML external entit...
WordPress plugin Aardvark cross-site scripting vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. The WordPress plugin Aardvark cross-site scripting vulnerability can be exploited by an attacke...
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14367)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express has a cross-site scripting vulnerability , the vulnerability stems from the xtaccess.cgi endpoint EXT, DESTPORT or COMMENT parameter on the user-supplied data lack of effective filtering...
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14374)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express has a cross-site scripting vulnerability , the vulnerability stems from the preferences.cgi script on the HOSTNAME, KEYMAP and OPENNESS parameters of the user-supplied data lack of...
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14349)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express cross-site scripting vulnerability , the vulnerability stems from the portfw.cgi script multiple parameters of the user-supplied data lack of effective filtering and escaping , an attacke...
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14354)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express cross-site scripting vulnerability , the vulnerability stems from the outgoing.cgi endpoint in the MACHINE and MACHINECOMMENT parameters of the user-supplied data lack of effective...
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14290)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express has a cross-site scripting vulnerability , the vulnerability stems from the iptools.cgi endpoint IP parameters of the user-supplied data lack of effective filtering and escaping , an...
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14286)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express has a cross-site scripting vulnerability , the vulnerability stems from the apcupsd.cgi script multiple POST parameters on the user-supplied data lack of effective filtering and escaping ...
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14283)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express cross-site scripting vulnerability , the vulnerability stems from the hosts.cgi script in the IP, HOSTNAME or COMMENT parameter on the user-supplied data lack of effective filtering and...
Smoothwall Express Cross-Site Scripting Vulnerability
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express cross-site scripting vulnerability , the vulnerability stems from the modem.cgi script for INIT, HANGUP, SPEAKERON, SPEAKEROFF, TONEDIAL and PULSEDIAL parameters of the user-supplied data...
Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14276)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial-of-service vulnerability exists in several Apple products, which can be exploited by attackers to...
Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14275)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial-of-service vulnerability exists in several Apple products, which can be exploited by attackers to...
Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14274)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial-of-service vulnerability exists in several Apple products, which can be exploited by attackers to...
Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14272)
Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for iPad tablets.Apple macOS Sequoia is an operating system.... A denial-of-service vulnerability exists in multiple Apple products, which can be exploited by an attacker to cause a malicious HID...
Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14271)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial-of-service vulnerability exists in several Apple products, which can be exploited by attackers to...
Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14280)
Apple iOS is an operating system developed for mobile devices. apple tvOS is a smart TV operating system. apple watchOS is a smart watch operating system. A denial of service vulnerability exists in multiple Apple products, which can be exploited by attackers to cause a denial of service or...
Apple macOS out-of-bounds read vulnerability (CNVD-2026-14975)
Apple macOS is a specialized operating system developed by Apple for Mac computers. An out-of-bounds read vulnerability exists in Apple macOS, which can be exploited by an attacker to cause the system to unexpectedly terminate or read kernel memory...
Apple macOS Information Disclosure Vulnerability (CNVD-2026-14974)
Apple macOS is a specialized operating system developed by Apple for Mac computers. Apple macOS has an information disclosure vulnerability that can be exploited by attackers to access sensitive user data...
Multiple Apple Products Information Disclosure Vulnerability (CNVD-2026-14496)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. An information disclosure vulnerability exists in multiple Apple products, which can be exploited by an...
Security Bypass Vulnerability in Multiple Apple Products (CNVD-2026-14493)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A security bypass vulnerability exists in multiple Apple products and is caused due to a logic issue in the...
Multiple Apple Products Path Traversal Vulnerability
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A path traversal vulnerability exists in several Apple products. The vulnerability stems from a program's...
Code execution vulnerability in multiple Apple products (CNVD-2026-14497)
Apple iOS is an operating system developed for mobile devices. apple tvOS is a smart TV operating system. apple watchOS is a smart watch operating system. A code execution vulnerability exists in several Apple products, which can be exploited by an attacker to execute arbitrary code...
Multiple Apple Products Information Disclosure Vulnerability (CNVD-2026-14490)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. An information disclosure vulnerability exists in multiple Apple products and is caused due to a logic issu...
Security Bypass Vulnerability in Multiple Apple Products (CNVD-2026-14491)
Apple iOS is an operating system developed for mobile devices. apple watchOS is an operating system for smartwatches. apple macOS is a specialized operating system developed for Mac computers. A security bypass vulnerability exists in multiple Apple products and is due to a logic issue in the...
Multiple Apple Products Information Disclosure Vulnerability (CNVD-2026-14488)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. An information disclosure vulnerability exists in multiple Apple products. The vulnerability is caused due ...
Multiple Apple Products Information Disclosure Vulnerability (CNVD-2026-14478)
Apple watchOS is a smartwatch operating system. apple macOS is a dedicated operating system developed for Mac computers. apple visionOS is an operating system for AR glasses. An information disclosure vulnerability exists in multiple Apple products and is caused due to an issue with the handling ...
Elevation of Privilege Vulnerability in Multiple Apple Products (CNVD-2026-14476)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. An elevation of privilege vulnerability exists in several Apple products, which can be exploited by an...
Security Bypass Vulnerability in Multiple Apple Products (CNVD-2026-14479)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A security bypass vulnerability exists in multiple Apple products, which is caused by a permissions issue i...
Unspecified Vulnerability in Multiple Apple Products (CNVD-2026-14477)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in several Apple products. An attacker could exploit this vulnerability to...
OpenClaw Data Forgery Issue Vulnerability
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw is vulnerable to a data forgery issue. The vulnerability stems from an unverified Telegram key token header and can be exploited by an attacker to process forged updates and perform unexpected actions...
OpenClaw Command Injection Vulnerability
OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a command injection vulnerability that stems from improper cleanup of workspace paths when embedded in system prompts, which can be exploited by an attacker to cause command injection...
OpenClaw Path Traversal Vulnerability
OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a path traversal vulnerability that can be exploited by an attacker to read arbitrary files from a gateway host by supplying an absolute path or path traversal sequence to the upload operation of a browser...
OpenClaw path traversal vulnerability (CNVD-2026-13428)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a path traversal vulnerability. The vulnerability stems from the browser download assistant accepting uncleaned output paths, which can be exploited by an attacker to traverse a directory on a system t...
OpenClaw Cross-Site Scripting Vulnerability
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. A cross-site scripting vulnerability exists in OpenClaw. The vulnerability stems from improper escaping of assistant identity information when rendered by Control UI and can be exploited by an attacker to compromise...
OpenClaw Access Control Error Vulnerability (CNVD-2026-13408)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an access control error vulnerability. The vulnerability stems from a mismatch between rawCommand and command in the node host system.run handler, which can be exploited by an attacker to cause the...
OpenClaw Access Control Error Vulnerability (CNVD-2026-13392)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an Access Control Error vulnerability that can be exploited by an attacker to cause session content disclosure in a multi-user environment...
OpenClaw Access Control Error Vulnerability
OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from an Access Control Error vulnerability that stems from the @openclaw/voice-call plugin Telnyx webhook handler accepting unsigned inbound webhook requests when telnyx.publicKey is not configured, which can b...
OpenClaw has an unspecified vulnerability (CNVD-2026-13389)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that stems from process cleanup using system-wide process enumeration and pattern matching without verifying ownership, which can be exploited by an attacker to terminate...
OpenClaw code issue vulnerability (CNVD-2026-13388)
OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a code issue vulnerability that stems from a Cron webhook delivery using fetch direct call, which can be exploited by an attacker to cause the webhook target to access private or internal endpoints...
OpenClaw Code Issues Vulnerabilities
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a code issue vulnerability that stems from the Gateway tool being under-restricted when accepting a gatewayUrl provided by the tool, which can be exploited by an attacker to cause an OpenClaw host to...
OpenClaw has an unspecified vulnerability (CNVD-2026-13380)
OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a security vulnerability that stems from a Docker tool sandbox configuration injection issue that can be exploited by an attacker to cause container escape or host data access...
OpenClaw has an unspecified vulnerability (CNVD-2026-13382)
OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw has a security vulnerability that originates in the Discord audit operation processing using the sender's identity in the request parameters, which can be exploited by an attacker to request an audit operation by...
OpenClaw has an unspecified vulnerability (CNVD-2026-13379)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that stems from local helper scripts following symbolic links when packaging skills, which can be exploited by an attacker to cause unintentional disclosure of local files...
OpenClaw has an unspecified vulnerability (CNVD-2026-13378)
OpenClaw is openclaw open source an intelligent artificial assistant. A security vulnerability exists in OpenClaw that stems from the normalizeForHash function mishandling array sorting, which can be exploited by an attacker to cause a compromise in the integrity of a sandboxed configuration...
OpenClaw has an unspecified vulnerability (CNVD-2026-13381)
OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw has a security vulnerability that originates from the BlueBubbles iMessage channel plugin accepting webhook requests as authenticated based only on the TCP peer address as the loopback address i.e., when a missing or...
OpenClaw Resource Management Error Vulnerability (CNVD-2026-13374)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a Resource Management Error vulnerability that stems from an ACP bridge accepting too large a block of prompt text, which can be exploited by an attacker to cause problems with the processing of abnorm...
OpenClaw OS Command Injection Vulnerability (CNVD-2026-13372)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an operating system command injection vulnerability. The vulnerability stems from a keychain credential refresh shell command constructed on macOS failing to properly filter constructed command special...
OpenClaw has an unspecified vulnerability (CNVD-2026-13375)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that stems from the fact that the confirmation dialog box for openclaw://agent deep links only displays the first 240 characters of the message but executes the full message,...