130931 matches found
Adobe Lightroom Desktop Out-of-Bounds Write Vulnerability
Adobe Lightroom Desktop is a professional photo management and editing software from the American company Audobee Adobe, designed to provide photographers and image editors with powerful workflow and editing tools. Adobe Lightroom Desktop suffers from an out-of-bounds write vulnerability that can...
Adobe InDesign Desktop Heap Buffer Overflow Vulnerability (CNVD-2026-17791)
Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause the application to crash...
Adobe InDesign Desktop Heap Buffer Overflow Vulnerability (CNVD-2026-17790)
Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause the application to crash...
Adobe Substance3D Stager Out-of-Bounds Read Vulnerability (CNVD-2026-18674)
Adobe Substance3D Stager is a set and rendering software for 3D scenes from the American company Audobee Adobe. Adobe Substance3D Stager suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute code in the context of the current user...
Adobe Substance3D Modeler Out-of-Bounds Read Vulnerability (CNVD-2026-18673)
Adobe Substance3D Modeler is a 3D modeling software from the American company Audobee Adobe. An out-of-bounds read vulnerability exists in Adobe Substance3D Modeler, which can be exploited by attackers to disclose sensitive information stored in memory...
UTT 520W goform/formIpGroupConfig file buffer overflow vulnerability
The UTT 520W is a wireless router from China Aitai UTT. A buffer overflow vulnerability exists in the UTT 520W goform/formIpGroupConfig file, which originates from the failure of the parameter groupName in the file /goform/formIpGroupConfig to correctly validate the length of the input data, and...
IBM Db2 Denial of Service Vulnerability (CNVD-2026-14679)
IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from a denial of service vulnerability that originates from a possible server crash whe...
IBM Db2 Denial of Service Vulnerability (CNVD-2026-14676)
IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from a denial of service vulnerability that originates from improper neutralization of...
IBM Db2 Denial of Service Vulnerability (CNVD-2026-14675)
IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from a denial of service vulnerability that originates from improper neutralization of...
IBM Db2 Denial of Service Vulnerability (CNVD-2026-14672)
IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from a denial of service vulnerability that originates from improper neutralization of...
IBM Db2 Denial of Service Vulnerability (CNVD-2026-14670)
IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM Db2, which originates from an improper allocation of...
IBM Db2 Denial of Service Vulnerability (CNVD-2026-14667)
IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM Db2, which can be exploited by an attacker to cause a...
IBM Db2 Denial of Service Vulnerability (CNVD-2026-14671)
IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from a denial of service vulnerability that originates from improper neutralization of...
IBM Db2 Denial of Service Vulnerability (CNVD-2026-14666)
IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM Db2, which can be exploited by an attacker to cause a...
IBM Db2 Denial of Service Vulnerability (CNVD-2026-14668)
IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM Db2, which can be exploited by an attacker to cause a...
Unspecified Vulnerability in WordPress Plugin ELEX WordPress HelpDesk & Customer Ticketing System
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin ELEX WordPress HelpDesk & Customer...
OpenClaw Access Control Error Vulnerability (CNVD-2026-13431)
OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from an Access Control Error vulnerability that originates from the fact that an unauthenticated local client can use the Gateway WebSocket API to write a configuration via config.apply and set insecure cliPath...
IBM Concert Cross-Site Scripting Vulnerability (CNVD-2026-13788)
IBM Concert is a new tool from International Business Machines IBM Inc. that uses generative AI to help manage complex cloud-native applications. IBM Concert suffers from a cross-site scripting vulnerability that stems from improper input validation of the HOST header, which can be exploited by a...
Huawei HarmonyOS camera module out-of-bounds write vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An out-of-bounds write vulnerability exists in the Huawei HarmonyOS camera module, which stems from a lack of proper validation of user-supplied data by the...
Huawei HarmonyOS Window Module Authentication Bypass Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An authentication bypass vulnerability exists in the Huawei HarmonyOS window module, which can be exploited by an attacker to compromise confidentiality...
Unspecified vulnerability in WeKan (CNVD-2026-11748)
WeKan is a Kanban application from WeKan open source. WeKan has a security vulnerability that can be exploited by an attacker to cause a user with a read-only role to perform card updates that require write access...
Tenda TX9 goform/SetStaticRouteCfg File Buffer Overflow Vulnerability
The Tenda TX9 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in the Tenda TX9 goform/SetStaticRouteCfg file, which originates from the parameter list of the function sub42D03C within the file /goform/SetStaticRouteCfg that fails to correctly validate t...
IBM Db2 Denial of Service Vulnerability (CNVD-2026-14669)
IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from a denial of service vulnerability that originates from a possible trap when...
IBM Db2 Denial of Service Vulnerability (CNVD-2026-14678)
IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM Db2, which arises from improper neutralization of speci...
Rockwell Automation Studio 5000 Logix Designer Code Issue Vulnerability
Rockwell Automation Studio 5000 Logix Designer is a Windows-based application from Rockwell Automation, Inc. It is used to build programs for PLCs. A code issue vulnerability exists in Rockwell Automation Studio 5000 Logix Designer, which stems from an unquoted service path in FactoryTalk...
Huawei HarmonyOS HDC module buffer overflow vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a buffer overflow vulnerability that stems from the HDC module failing to properly validate the length and size of input data,...
Huawei EMUI and Huawei HarmonyOS Communication Module Address Reading Vulnerability
Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. An address reading vulnerability exists in the Huawei EMUI and Huawei HarmonyOS communication module, which can b...
IBM Concert has an information disclosure vulnerability
IBM Concert is a new tool from International Business Machines IBM Inc. that uses generative AI to help manage complex cloud-native applications. An information disclosure vulnerability exists in IBM Concert versions 1.0.0 through 2.1.0, which can be exploited by an attacker to obtain sensitive...
XSS Vulnerability in IBM Cloud Pak for Business Automation
IBM Cloud Pak for Business AutomationAn integrated software component that delivers design, build, run, and automation services to quickly scale your programs and fully execute and implement automation strategies. An XSS vulnerability exists in IBM Cloud Pak for Business Automation, which can be...
Unspecified Vulnerability in IBM PowerVM Hypervisor
The IBM PowerVM Hypervisor is a Type 1 bare metal virtualization hypervisor Hypervisor developed by IBM for its Power Systems server platform. An information disclosure vulnerability exists in IBM PowerVM Hypervisor versions FW1110.00 through FW1110.03, FW1060.00 through FW1060.51, and FW950.00...
Denial of Service Vulnerability in IBM Cloud Pak for Business Automation
IBM Cloud Pak for Business Automation is a modular set of integrated software components from International Business Machines IBM, built for any hybrid cloud, designed to automate work and accelerate business growth. A denial of service vulnerability exists in IBM Cloud Pak for Business Automatio...
Huawei EMUI and Huawei HarmonyOS DFX Module Out-of-Bounds Write Vulnerability
Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. An out-of-bounds write vulnerability exists in the Huawei EMUI and Huawei HarmonyOS DFX module, which can be...
Huawei HarmonyOS HDC Module Privilege Control Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in the Huawei HarmonyOS HDC module, which can be exploited by an attacker to compromise confidentiality...
IBM Concert has a weak cryptographic algorithm vulnerability
IBM Concert is a new tool from International Business Machines IBM Inc. that uses generative AI to help manage complex cloud-native applications. A weak cryptographic algorithm vulnerability exists in IBM Concert versions 1.0.0 through 2.1.0, which could be exploited by an attacker to decrypt...
XML external entity injection vulnerability in IBM Business Automation Workflow containers and IBM Business Automation Workflow traditional
IBM Business Automation Workflow is a suite of workflow automation solutions from International Business Machines IBM. The product is primarily used for workflow management, compliance management, and features workflow visibility and scalability. IBM Business Automation Workflow containers V25.0....
IBM Db2 Denial of Service Vulnerability (CNVD-2026-14673)
IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from a denial of service vulnerability that originates from improper neutralization of...
IBM Concert Access Control Error Vulnerability (CNVD-2026-13787)
IBM Concert is a new tool from International Business Machines IBM Inc. that uses generative AI to help manage complex cloud-native applications. An Access Control Error vulnerability exists in IBM Concert that stems from a failure to disable a session after logging out, which could be exploited ...
HCL AION Information Disclosure Vulnerability (CNVD-2026-16403)
HCL AION is an AI lifecycle management platform from HCL India. HCL AION suffers from an information disclosure vulnerability that stems from the password field not disabling autocomplete, which can be exploited by an attacker to cause sensitive credentials to be stored or disclosed...
Unspecified Vulnerability in HCL AION (CNVD-2026-16402)
HCL AION is an AI lifecycle management platform from HCL India. HCL AION suffers from a security vulnerability that stems from a missing or insecure HTTP Strict Transport Security header, which can be exploited by an attacker to cause a man-in-the-middle attack...
Unspecified vulnerability in HCL AION (CNVD-2026-16399)
HCL AION is an AI lifecycle management platform from HCL India. HCL AION has a security vulnerability that can be exploited by an attacker to cause modification of critical system files...
HCL AION Information Disclosure Vulnerability (CNVD-2026-16397)
HCL AION is an AI lifecycle management platform from HCL India. HCL AION suffers from an information disclosure vulnerability which is caused due to lack of content security policy. An attacker can exploit the vulnerability to cause unauthorized access...
TOTOLINK WA300 OS Command Injection Vulnerability
TOTOLINK WA300 is a wireless access point from China Gion Electronics TOTOLINK. The TOTOLINK WA300 suffers from an operating system command injection vulnerability that originates from the parameter Ipaddr in the file /cgi-bin/cstecgi.cgi failing to correctly filter constructed command special...
HCL AION Cross-Site Request Forgery Vulnerability
HCL AION is an AI lifecycle management platform from HCL India. HCL AION suffers from a cross-site request forgery vulnerability that stems from a missing or insecure SameSite attribute of a cookie, and no detailed vulnerability details are provided at this time...
Unspecified Vulnerability in IBM Db2 (CNVD-2026-14677)
IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A security vulnerability exists in IBM Db2 that originates from improper neutralization of special...
OpenClaw OS Command Injection Vulnerability
OpenClaw is openclaw open source an intelligent artificial assistant. An operating system command injection vulnerability exists in versions prior to OpenClaw 2026.1.29, which stems from the sshNodeCommand function failing to properly filter construct command special characters, commands, etc. An...
IBM Db2 Big SQL on Cloud Pak for Data Resource Management Error Vulnerability
IBM Db2 Big SQL on Cloud Pak for Data is a massively parallel processing SQL engine from International Business Machines IBM. A resource management error vulnerability exists in IBM Db2 Big SQL on Cloud Pak for Data, which stems from not properly limiting system resource allocation and can be...
D-Link DIR-600 Command Injection Vulnerability
The D-Link DIR-600 is a wireless router from China's AUO D-Link. A command injection vulnerability exists in D-Link DIR-600 2.15WWb02 and earlier versions, which stems from the failure to properly filter constructed command special characters, commands, etc. in the parameter...
Huawei HarmonyOS Image Module Buffer Overflow Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A buffer overflow vulnerability exists in the Huawei HarmonyOS Image Module, which stems from the Image Module failing to properly validate the length and si...
Huawei EMUI and Huawei HarmonyOS AMS Module Privilege Control Class Vulnerability
Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. A privilege control type vulnerability exists in the Huawei EMUI and Huawei HarmonyOS AMS module, which can be...
TOTOLINK A3600R Buffer Overflow Vulnerability
TOTOLINK A3600R is a 6-antenna 1200M wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3600R suffers from a buffer overflow vulnerability that originates from the failure of apcliSsid, a parameter of the setAppEasyWizardConfig function in the /lib/cstemodules/app.so library, t...