131179 matches found
Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13963)
Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...
Microsoft SharePoint Server Remote Code Execution Vulnerability (CNVD-2026-16162)
Microsoft SharePoint Server is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A remote code...
Adobe Substance3D Painter Out-of-Bounds Read Vulnerability (CNVD-2026-16598)
Adobe Substance3D Painter is a 3D scene building software from the American company Audobee Adobe. Adobe Substance3D Painter suffers from an out-of-bounds read vulnerability that can be exploited by attackers to obtain sensitive information...
Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13973)
Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...
Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13958)
Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...
Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13949)
Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...
Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13974)
Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...
Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13955)
Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...
Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13969)
Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...
Adobe Substance3D Painter Out-of-Bounds Read Vulnerability (CNVD-2026-16599)
Adobe Substance3D Painter is a 3D scene building software from the American company Audobee Adobe. Adobe Substance3D Painter suffers from an out-of-bounds read vulnerability that can be exploited by attackers to obtain sensitive information...
OliveTin Path Traversal Vulnerability
OliveTin is OliveTin open source a Web application . OliveTin has a path traversal vulnerability, which is caused by an unsafe resolution of UniqueTrackingId, and can be exploited by an attacker to traverse directories on the system...
iccDEV Buffer Overflow Vulnerability
iccDEV is a color configuration code base. A buffer overflow vulnerability exists in iccDEV that can be exploited by an attacker to cause a memory leak or crash...
Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13960)
Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...
Mozilla Firefox Security Bypass Vulnerability (CNVD-2026-16601)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a security bypass vulnerability caused by an error in the CSS parsing and calculation component. An attacker can exploit the vulnerability to bypass security restrictions...
Adobe DNG SDK Out-of-Bounds Write Vulnerability
Adobe DNG SDK is the United States of America Audobee Adobe company's a software development kit to provide the ability to read and write DNG files. An out-of-bounds write vulnerability exists in Adobe DNG SDK, which can be exploited by an attacker to cause arbitrary code to be executed in the...
Delta Electronics COMMGR2 Denial of Service Vulnerability
Delta Electronics COMMGR2 is an automation equipment communication management software from Delta Electronics China. A denial of service vulnerability exists in Delta Electronics COMMGR2, which can be exploited by an attacker to cause a denial of service...
Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13962)
Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...
Huawei HarmonyOS cellular_data module privilege control vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in the Huawei HarmonyOS cellulardata module, which can be exploited by an attacker to compromise availability...
Huawei HarmonyOS Scanning Module Access to Uninitialized Pointers Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An access to uninitialized pointers vulnerability exists in the Huawei HarmonyOS scanning module, which can be exploited by an attacker to cause availability...
OpenClaw Data Forgery Problem Vulnerability (CNVD-2026-13591)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a Data Forgery Issue vulnerability that stems from an unverified webhook key in Telegram webhook mode, which can be exploited by an attacker to forge Telegram updates to bypass the sender permission li...
OpenClaw Information Disclosure Vulnerability (CNVD-2026-13601)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an information disclosure vulnerability that originates when the MS Teams attachment downloader, when retrying to download after receiving a 401 or 403 response, sends an authorization bearer token to ...
OpenClaw Parameter Injection Vulnerability
OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a parameter injection vulnerability that can be exploited by an attacker to execute arbitrary commands by injecting command substitution syntax...
OpenClaw Access Control Error Vulnerability (CNVD-2026-13588)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an Access Control Error vulnerability that stems from the fact that Browser Relay's /cdp WebSocket endpoint does not require an authentication token, which can be exploited by an attacker to connect in...
OpenClaw has an unspecified vulnerability (CNVD-2026-13589)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that stems from the use of non-constant time string comparisons for hook token validation, which can be exploited by an attacker to infer a token via a timed side channel...
OpenClaw code issue vulnerability (CNVD-2026-13590)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw there is a code problem vulnerability , the vulnerability stems from the attachment and media URL hydration exists server-side request forgery , an attacker can use the vulnerability to obtain arbitrary HTTPS URL...
OpenClaw Identity Forgery Vulnerability
OpenClaw is an open source framework for Telegram bot rights management. OpenClaw suffers from an identity forgery vulnerability. An attacker can exploit this vulnerability to illegally manipulate bots by recycling usernames to disguise their identities and bypass privilege restrictions...
OpenClaw Encryption Problem Vulnerability
OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a cryptographic issue vulnerability that stems from the use of SHA-1 hashed Docker and browser sandbox configurations of the sandbox identifier cache key, which can be exploited by an attacker to enable...
OpenClaw Denial of Service Vulnerability (CNVD-2026-13543)
OpenClaw is a tool for working with archived files. A denial of service vulnerability exists in OpenClaw. An attacker can exploit this vulnerability to exhaust CPU, memory, and disk resources via a highly inflated ZIP/TAR archive file, resulting in service degradation or system unavailability...
OpenClaw Arbitrary File Read Vulnerability (CNVD-2026-13555)
OpenClaw is a tool for configuration management that supports loading external configuration files via the include directive. An arbitrary file read vulnerability exists in OpenClaw. An attacker can use this vulnerability to read sensitive files, such as API keys and credentials, outside of the...
OpenClaw Path Traversal Vulnerability
OpenClaw is a tool for installing skills, plugins and hooks. OpenClaw suffers from a path traversal vulnerability. An attacker can exploit this vulnerability to achieve persistence or code execution by constructing a malicious archive file that writes to an arbitrary location file...
OpenClaw Denial of Service Vulnerability (CNVD-2026-13800)
OpenClaw is used to handle Webhook events open source framework . A denial of service vulnerability exists in OpenClaw. An attacker can exploit this vulnerability to cause the service to become unavailable by sending an oversized JSON load or slow uploads that trigger memory pressure...
Huawei HarmonyOS Bluetooth Character Out-of-Bounds Reading Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A character out-of-bounds read vulnerability exists in Huawei HarmonyOS Bluetooth, which can be exploited by an attacker to compromise confidentiality...
OpenClaw Security Bypass Vulnerability
OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a security bypass vulnerability that stems from the fact that Webhook signature verification in the Voice Call extension can be bypassed, which can be exploited by an attacker to cause unauthenticated...
OpenClaw File Inclusion Vulnerability
OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a file inclusion vulnerability. An attacker can exploit this vulnerability to read arbitrary files in the local file system...
OpenClaw has an unspecified vulnerability (CNVD-2026-13596)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that stems from a Webhook routing issue in the Google Chat monitor component, which can be exploited by an attacker to cause cross-account policy context misrouting that bypass...
OpenClaw Denial of Service Vulnerability (CNVD-2026-13832)
OpenClaw is an open source framework for data acquisition. A denial of service vulnerability exists in OpenClaw. An attacker can exploit this vulnerability by triggering a memory exhaustion via an oversized response with no content-length, resulting in service unavailability...
OpenClaw Access Control Error Vulnerability (CNVD-2026-13595)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an Access Control Error vulnerability that stems from the gateway WebSocket connection handshake allowing device identity checks to be skipped when auth.token is present but not verified, which can be...
Huawei HarmonyOS Privilege Management Service Conditional Competition Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A conditional contention vulnerability exists in the Huawei HarmonyOS privilege management service, which can be exploited by an attacker to cause availabili...
Huawei HarmonyOS Dimension Test Module Conditional Competition Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A conditional contention vulnerability exists in the Huawei HarmonyOS dimensioning module, which can be exploited by an attacker to cause availability to be...
Huawei HarmonyOS Scanning Module Buffer Overflow Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A buffer overflow vulnerability exists in the Huawei HarmonyOS scanning module, which can be exploited by an attacker to cause availability to be compromised...
Huawei HarmonyOS Print Module Competitive Conditions Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A competitive condition vulnerability exists in the Huawei HarmonyOS Printing Module, which can be exploited by an attacker to cause availability to be...
OpenClaw Access Control Error Vulnerability (CNVD-2026-14395)
OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from an Access Control Error vulnerability that stems from the BlueBubbles Webhook handler authenticating based only on the loopback remoteAddress, which can be exploited by an attacker to cause bypass of the...
Huawei HarmonyOS Certificate Management Module Path Traversal Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A path traversal vulnerability exists in the Huawei HarmonyOS certificate management module, which can be exploited by an attacker to cause availability to b...
Huawei HarmonyOS Certificate Management Module Data Handling Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A data handling vulnerability exists in the Huawei HarmonyOS certificate management module, which can be exploited by an attacker to compromise confidentiali...
Huawei HarmonyOS Device Authentication Module Authentication Bypass Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An authentication bypass vulnerability exists in the Huawei HarmonyOS device authentication module, which can be exploited by an attacker to compromise...
OpenClaw has an unspecified vulnerability (CNVD-2026-13593)
OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw has a security vulnerability that stems from an OAuth stateful authentication bypass issue in the manual Chutes login process, which can be exploited by an attacker to bypass CSRF protections for credential replacement...
Huawei HarmonyOS Security Control Conditional Competition Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A conditional contention vulnerability exists in the Huawei HarmonyOS security control, which can be exploited by an attacker to cause availability to be...
OpenClaw path traversal vulnerability (CNVD-2026-13592)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a path traversal vulnerability that stems from not validating the path of an entry when extracting a TAR archive, which can be exploited by an attacker to write a file outside the expected directory vi...
OpenClaw path traversal vulnerability (CNVD-2026-13551)
OpenClaw is an agent tool for managing session logs. OpenClaw suffers from a path traversal vulnerability. An attacker can exploit this vulnerability by... /... /etc/passwd, etc. to read and write arbitrary files outside of the agent's session directory...
OpenClaw Denial of Service Vulnerability (CNVD-2026-13554)
OpenClaw is a gateway tool for network data acquisition. A denial of service vulnerability exists in OpenClaw. An attacker can exploit this vulnerability to crash the gateway process by parsing oversized or deeply nested HTML responses to exhaust memory and trick users into visiting a malicious U...