131179 matches found
OpenClaw Command Injection Vulnerability (CNVD-2026-13801)
OpenClaw is a tool for executing restricted commands that supports controlling command execution through a whitelisting mechanism. A command injection vulnerability exists in OpenClaw. An attacker could use this vulnerability to execute unauthorized commands bypassing command restrictions...
Huawei HarmonyOS Print Module Competitive Conditions Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A competitive condition vulnerability exists in the Huawei HarmonyOS Printing Module, which can be exploited by an attacker to cause availability to be...
Security Bypass Vulnerability in Multiple Mozilla Products (CNVD-2026-13442)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A security bypass vulnerability exists in several Mozilla products, whic...
Mozilla Firefox and Mozilla Thunderbird Code Execution Vulnerability
Mozilla Firefox is an open source web browser.Mozilla Thunderbird is a set of e-mail client software separate from the Mozilla Application Suite. The software supports IMAP, POP mail protocols and HTML mail format. A code execution vulnerability exists in Mozilla Firefox and Mozilla Thunderbird,...
SPIP SQL Injection Vulnerability
SPIP is SPIP open source a free software for creating Internet sites. A SQL injection vulnerability exists in versions of SPIP prior to 4.4.10. The vulnerability stems from the application's lack of validation of externally entered SQL statements, which can be exploited by an attacker to achieve...
Tenda AC15 goform/formSetIptv File Command Injection Vulnerability
The Tenda AC15 is a wireless router from the Chinese company Tenda. A command injection vulnerability exists in the Tenda AC15V1.0 V15.03.05.18multi version. The vulnerability stems from the unvalidated s11 parameter in goform/formSetIptv, which can be exploited by an attacker to cause a command...
Microsoft Excel Information Disclosure Vulnerability (CNVD-2026-16157)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. An information leakage vulnerability exists in Microsoft Excel, which can be exploited by attackers to obtain sensitive information...
Integer Overflow Vulnerability in Multiple Mozilla Products (CNVD-2026-15384)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An integer overflow vulnerability exists in multiple Mozilla products,...
Security Bypass Vulnerability in Multiple Mozilla Products (CNVD-2026-15387)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A security bypass vulnerability exists in multiple Mozilla products, whi...
Security Bypass Vulnerability in Multiple Mozilla Products (CNVD-2026-13441)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A security bypass vulnerability exists in multiple Mozilla products that...
Information Disclosure Vulnerability in Multiple Mozilla Products (CNVD-2026-13443)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An information disclosure vulnerability exists in several Mozilla produc...
Code execution vulnerability in multiple Mozilla products (CNVD-2026-15388)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in several Mozilla products, which...
Elevation of Privilege Vulnerability in Multiple Mozilla Products (CNVD-2026-13447)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An elevation of privilege vulnerability exists in several Mozilla produc...
Code execution vulnerability in multiple Mozilla products (CNVD-2026-13444)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in several Mozilla products that...
Security Bypass Vulnerability in Multiple Mozilla Products (CNVD-2026-13450)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A security bypass vulnerability exists in several Mozilla products, whic...
Security Bypass Vulnerability in Multiple Mozilla Products (CNVD-2026-13446)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A security bypass vulnerability exists in several Mozilla products, whic...
SonicWALL SonicOS Buffer Overflow Vulnerability
SonicWALL SonicOS is a set of operating systems designed for SonicWall firewall appliances from SonicWALL, Inc. A buffer overflow vulnerability exists in SonicWALL SonicOS. The vulnerability stems from improper API endpoint boundary checking and can be exploited by an attacker to execute arbitrar...
Security Bypass Vulnerability in Multiple Mozilla Products (CNVD-2026-15383)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A security bypass vulnerability exists in several Mozilla products, whic...
Security Bypass Vulnerability in Multiple Mozilla Products (CNVD-2026-15385)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A security bypass vulnerability exists in several Mozilla products, whic...
Security Bypass Vulnerability in Multiple Mozilla Products (CNVD-2026-13440)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A security bypass vulnerability exists in several Mozilla products that...
Code execution vulnerability in multiple Mozilla products (CNVD-2026-13445)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in multiple Mozilla products due t...
Elevation of Privilege Vulnerability in Multiple Mozilla Products (CNVD-2026-13448)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An elevation of privilege vulnerability exists in several Mozilla...
Elevation of Privilege Vulnerability in Multiple Mozilla Products (CNVD-2026-13449)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An elevation of privilege vulnerability exists in several Mozilla...
Code execution vulnerability in multiple Mozilla products (CNVD-2026-15386)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in several Mozilla products, which...
SPIP interface_traduction_objets SQL Injection Vulnerability
SPIP interfacetraductionobjets is an extension plugin from SPIP. A SQL injection vulnerability exists in versions of SPIP interfacetraductionobjets prior to 2.2.2. The vulnerability stems from interfacetraductionobjetspipelines.php directly concatenating the idparent parameter to the SQL WHERE...
WordPress Plugin wpForo Forum Information Disclosure Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin wpForo Forum, which stem...
Security Bypass Vulnerability in Multiple Mozilla Products (CNVD-2026-15389)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A security bypass vulnerability exists in several Mozilla products, whic...
Apache Tomcat Client Certificate Validation Flaw Vulnerability
Apache Tomcat is the United States Apache Apache Foundation of a lightweight Web application server for the implementation of Servlet and JavaServer Page JSP support. Apache Tomcat client certificate has a validation flaw vulnerability, the vulnerability is due to allow revoked certificate/test...
D-Link DIR-513 stack buffer overflow vulnerability (CNVD-2026-26092)
The D-Link DIR-513 is a wireless router product developed by D-Link Corporation. The DIR-513 has a stack buffer overflow vulnerability. This vulnerability arises from the formTcpipSetup function not properly verifying the length of the input data. Attackers can exploit this vulnerability to execu...
Siemens SIMATIC S7-1500 Device Stored Cross-Site Scripting Vulnerability
SIMATIC S7-1500 is an industrial controller from Siemens. A stored cross-site scripting vulnerability exists in the Siemens SIMATIC S7-1500, which can be exploited by an attacker to inject code by tricking a legitimate user into importing a specially crafted trace file in a web interface...
Siemens SIDIS Prime has multiple vulnerabilities
SIDIS is a commissioning and testing system for vehicle production that meets the needs of digital assembly and testing of vehicle ECUs. Multiple vulnerabilities exist in Siemens SIDIS Prime versions prior to V4.0.800, which can be exploited by attackers to compromise the confidentiality, integri...
NocoDB Access Control Error Vulnerability
NocoDB is nocodb open source an Airtable alternative . Convert any MySql, PostgreSql, Sql Server, Sqlite and MariaDb to a smart spreadsheet . An access control error vulnerability exists in versions prior to NocoDB 0.301.3. The vulnerability stems from the password reset process not undoing an...
Multiple Vulnerabilities in Siemens RUGGEDCOM APE1808 Device Fortigate NGFW V7.4.7 Prior Versions
The RUGGEDCOM APE1808 is a powerful industrial-grade application hosting platform that allows you to deploy a wide range of commercial edge computing and cybersecurity applications in harsh industrial environments. Siemens RUGGEDCOM APE1808 appliance Fortigate NGFW V7.4.7 prior version has multip...
Multiple Vulnerabilities in Siemens RUGGEDCOM APE1808 Device Fortigate NGFW
The RUGGEDCOM APE1808 is a powerful utility-grade application hosting platform that allows you to deploy a wide range of commercial applications for edge computing and cybersecurity in demanding industrial environments. Siemens RUGGEDCOM APE1808 appliance Fortigate NGFW has multiple vulnerabiliti...
Siemens Heliox EV Chargers Access Control Vulnerability
The Heliox Flex 180 kW EV Charging Station is a modular DC fast charging device in the Heliox series from Siemens.Heliox Mobile DC 40 kW EV Charging Station is a portable, plug-and-play fast charging device for electric vehicles from the Heliox brand of Siemens. The Heliox Mobile DC 40 kW EV...
Siemens SICAM SIAPP SDK has multiple vulnerabilities
The SICAM SIAPP SDK is a specialized toolkit designed to help developers build and simulate application containers that run on Siemens-specific hardware platforms. The Siemens SICAM SIAPP SDK contains multiple vulnerabilities that can be exploited by an attacker to compromise a customer-developed...
Siemens Mendix Application Authorization Misconfiguration Vulnerability
Siemens Mendix is a low-code application development platform from Siemens. An authorization misconfiguration vulnerability exists in the Siemens Mendix application, which can be exploited by an attacker to obtain sensitive information...
Siemens SINEC Security Monitor Information Disclosure Vulnerability
SINEC Security Monitor is a modular network security software for passive, non-intrusive, continuous network security monitoring during production at customer premises. Siemens SINEC Security Monitor suffers from an information disclosure vulnerability that can be exploited by attackers to obtain...
Multiple vulnerabilities exist in the Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP add-on GNU/Linux subsystem.
The SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP is the central processing unit CPU of the Siemens S7-1500 series for high-performance, communication-demanding and complex automation tasks. Multiple vulnerabilities exist in the Siemens SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP add-on GNU/Linux subsystem,...
D-Link DIR-513 stack buffer overflow vulnerability (CNVD-2026-26094)
The D-Link DIR-513 is a wireless router product from D-Link Corporation. The DIR-513 has a stack buffer overflow vulnerability. This vulnerability arises from the goform/formDeviceReboot file failing to correctly verify the length of the input data. Attackers can exploit this vulnerability to...
Siemens COMOS has multiple vulnerabilities
COMOS is a unified data platform for collaborative plant design, operations and management that supports the collection, processing, retention and distribution of information throughout the plant lifecycle. Siemens COMOS has multiple vulnerabilities that can be exploited by attackers to execute...
D-Link DIR-513 goform/formAdvFirewall File Buffer Overflow Vulnerability
D-Link DIR-513 is a wireless router product from China's AUO D-Link. A buffer overflow vulnerability exists in the D-Link DIR-513 v1.10 version. The vulnerability stems from the goform/formAdvFirewall component failing to properly validate the length and size of input data, which can be exploited...
Google Chrome Skia integer overflow vulnerability (CNVD-2026-13797)
Google Chrome is a free web browser developed by Google Inc. Google Chrome Skia suffers from an integer overflow vulnerability that stems from improper handling of integer values and can be exploited by remote attackers to execute arbitrary code...
Huawei HarmonyOS Print Module Competitive Conditions Vulnerability (CNVD-2026-18800)
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A competitive condition vulnerability exists in the Huawei HarmonyOS Printing Module, which can be exploited by an attacker to cause availability to be...
D-Link DIR-513 goform/formSetDomainFilter File Buffer Overflow Vulnerability
D-Link DIR-513 is a wireless router product from China's AUO D-Link. A buffer overflow vulnerability exists in the D-Link DIR-513 goform/formSetDomainFilter file, which originates from the parameter curTime in the goform/formSetDomainFilter file that fails to correctly validate the length of the...
Delta Electronics CNCSoft-G2 Code Execution Vulnerability
Delta Electronics CNCSoft-G2 is a human-machine interface HMI software from Delta Electronics, China. The Delta Electronics CNCSoft-G2 suffers from a code execution vulnerability that originates from insufficient user-supplied file validation, which can be exploited by an attacker to execute code...
D-Link DIR-513 Stack Buffer Overflow Vulnerability
D-Link DIR-513 is a wireless router product from China's AUO D-Link. The D-Link DIR-513 suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause a denial of service...
Google Android suffers from unspecified vulnerability (CNVD-2026-14646)
Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android, which originates from a logic error in the jumptopayload function of payload.rs, which can be exploited by an attacker to cause a local information disclosure...
Google Android elevation of privilege vulnerability (CNVD-2026-13144)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that is caused by a lock screen bypass due to competing conditions in multiple functions of KeyguardViewMediator.java. An attacker can exploit the...
Google Android suffers from unspecified vulnerability (CNVD-2026-13143)
Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android, which stems from a lack of permission checking in validateAddingWindowLw of DisplayPolicy.java, and can be exploited by an attacker to cause an application to intercept...