131179 matches found
IBM InfoSphere Information Server Log Information Disclosure Vulnerability
IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A log information disclosure vulnerability exists in IBM InfoSphere Information Server that...
Google Android Access Control Error Vulnerability (CNVD-2026-14643)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an Access Control Error vulnerability that originates from a logic error in multiple functions of ContentProvider.java, which can be exploited by an attacker to cause an application with read-onl...
Google Android suffers from unspecified vulnerability (CNVD-2026-14645)
Google Android is a Linux-based open source operating system from Google. Google Android has a security vulnerability that can be exploited by attackers to cause local elevation of privilege...
Chamilo add_users_to_session.php file cross-site scripting vulnerability
Chamilo is a learning management system open source by Chamilo. A cross-site scripting vulnerability exists in the Chamilo adduserstosession.php file, which can be exploited by an attacker to execute arbitrary Web script or HTML by injecting a crafted payload...
Google Android Privilege Bypass Vulnerability
Google Android is a Linux-based open source operating system from Google. Google Android suffers from a privilege bypass vulnerability that can be exploited by an attacker to cause a local elevation of privilege...
ChurchCRM Cross-Site Scripting Vulnerability (CNVD-2026-16683)
ChurchCRM is ChurchCRM open source an open source CRM system for churches. ChurchCRM suffers from a cross-site scripting vulnerability that originates from an authenticated user being able to store a JavaScript payload, no details of the vulnerability are provided at this time...
Microsoft Azure Front Door Access Control Error Vulnerability
Microsoft Azure Front Door is a cloud-based content delivery network from Microsoft Corporation in the United States. An access control error vulnerability exists in Microsoft Azure Front Door, which can be exploited by an attacker to elevate privileges...
Microsoft Azure Arc Access Control Error Vulnerability
Microsoft Azure Arc is a storage system from Microsoft USA. that extends the Azure platform into your environment. Microsoft Azure Arc has an Access Control Error vulnerability that can be exploited by an attacker to elevate privileges...
FunAdmin Access Control Error Vulnerability
FunAdmin is a lightweight and highly colorful backend development system based on ThinkPHP6+Layui. An access control error vulnerability exists in funadmin. The vulnerability stems from the lack of validation of user privileges in the function getMember in the file...
IBM Cloud Pak System Access Control Error Vulnerability
IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from International Business Machines IBM. The product supports deploying, managing and moving application environments across hybrid clouds. An access control error vulnerability exists in IB...
Google Android elevation of privilege vulnerability (CNVD-2026-18786)
Google Android is a Linux-based open source operating system from Google. An elevation of privilege vulnerability exists in Google Android, which can be exploited by an attacker to cause an application to gain read and write access to non-existent files and local elevation of privilege...
FreeRDP Buffer Overflow Vulnerability (CNVD-2026-12777)
FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. FreeRDP suffers from a buffer overflow vulnerability that stems from unvalidated target rectangle boundaries in the GDI surface pipeline, which can be exploited by an attacker to cause a heap buffer...
Textream Resource Management Error Vulnerability
Textream is a teleprompter application. A resource management error vulnerability exists in Textream that stems from the DirectorServer WebSocket server not limiting concurrent connections, which can be exploited by an attacker to cause CPU and memory exhaustion, freezing and crashing the...
Microsoft Semantic Kernel Code Injection Vulnerability
Microsoft Semantic Kernel is a large model orchestration framework from Microsoft Corporation, USA. A code injection vulnerability exists in Microsoft Semantic Kernel versions prior to 1.39.4. The vulnerability stems from the InMemoryVectorStore filtering feature failing to properly filter specia...
Google Android Permission Mismanagement Vulnerability
Google Android is a Linux-based open source operating system from Google. Google Android suffers from a mismanagement of privileges vulnerability that can be exploited by attackers to cause memory corruption and local elevation of privileges...
IBM Cloud Pak System Information Disclosure Vulnerability (CNVD-2026-13784)
IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from International Business Machines IBM. The product supports deploying, managing and moving application environments across hybrid clouds. An information disclosure vulnerability exists in...
Google Android Out-of-Bounds Write Vulnerability (CNVD-2026-18788)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an out-of-bounds write vulnerability that can be exploited by attackers to cause memory corruption and local elevation of privilege...
Google Android elevation of privilege vulnerability (CNVD-2026-19056)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability caused by an out-of-bounds write due to an integer overflow in multiple functions of memprotect.c. The vulnerability is caused by an integer overflow in th...
Microsoft Azure Functions Information Disclosure Vulnerability
Microsoft Azure Functions is a hosted Platform-as-a-Service PaaS provider from Microsoft Corporation USA that delivers event-driven and scheduled compute resources for Azure cloud services. An information disclosure vulnerability exists in Microsoft Azure Functions, which can be exploited by an...
OpenClaw Information Disclosure Vulnerability (CNVD-2026-13370)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an information disclosure vulnerability. The vulnerability stems from the fact that skills.status may return raw parsed configuration values for the skills.config path via configChecks, which can be...
Google Android Information Disclosure Vulnerability (CNVD-2026-18787)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that stems from a lack of privilege checking, which can be exploited by attackers to obtain sensitive information...
Google Android suffers from unspecified vulnerability (CNVD-2026-18789)
Google Android is a Linux-based open source operating system from Google. Google Android has a security vulnerability that can be exploited by attackers to cause local elevation of privilege...
OpenClaw has an unspecified vulnerability (CNVD-2026-13371)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability, which stems from tools.exec.safeBins authentication can be bypassed and can be exploited by an attacker to cause unapproved code execution...
Google Chrome Security Bypass Vulnerability (CNVD-2026-18794)
Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome, which can be exploited by attackers to bypass security restrictions...
Google Chrome Code Execution Vulnerability (CNVD-2026-18791)
Google Chrome is a web browser from Google, an American company. A code execution vulnerability exists in Google Chrome, which can be exploited by an attacker to execute arbitrary code on a system...
Microsoft Teams Access Control Error Vulnerability
Microsoft Teams is an American Microsoft Microsoft software for online meetings, chat, and cloud storage capabilities. Microsoft Teams suffers from an Access Control Error vulnerability that stems from improper access control and can be exploited by an attacker to cause an unauthorized attacker t...
Fiber Security Feature Issue Vulnerability
Fiber is Fiber open source an open source Web framework written in Go language . Fiber suffers from a security signature issue vulnerability. The vulnerability stems from an error not returned by the UUID function and can be exploited by an attacker to use predictable or low entropy identifiers i...
NVIDIA Delegated Licensing Service Authorization Issues Vulnerability
NVIDIA Delegated Licensing Service is a licensing service of NVIDIA Corporation. NVIDIA Delegated Licensing suffers from an authorization issue vulnerability that stems from improper authentication, which can be exploited by an attacker to cause information disclosure...
Google Chrome Security Bypass Vulnerability (CNVD-2026-18792)
Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome, which can be exploited by attackers to bypass security restrictions...
Google Chrome Security Bypass Vulnerability (CNVD-2026-18793)
Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome, which can be exploited by attackers to bypass security restrictions...
Microsoft Windows Admin Center Authorization Issues Vulnerability
Microsoft Windows Admin Center is a locally deployed browser-based application from Microsoft USA. The program is mainly used for managing servers, clusters, etc. An authorization issue vulnerability exists in Microsoft Windows Admin Center that stems from improper authentication and can be...
Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14482)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial of service vulnerability exists in multiple Apple products due to an error in the WebKit component...
Microsoft Outlook Information Disclosure Vulnerability (CNVD-2026-12557)
Microsoft Outlook is a suite of e-mail applications from the American company Microsoft. An information disclosure vulnerability exists in Microsoft Outlook. The vulnerability stems from the application's inadequate protection of sensitive information and can be exploited by an attacker to conduc...
Microsoft Hyper-V Code Execution Vulnerability (CNVD-2026-17151)
Microsoft Hyper-V is an application from Microsoft Corporation USA. A system hypervisor virtualization technology that enables desktop virtualization. A code execution vulnerability exists in Microsoft Hyper-V, which can be exploited by an attacker to execute arbitrary code on a system...
GFI MailEssentials AI Anti-Spoofing Configuration Page Cross-Site Scripting Vulnerability
GFI MailEssentials AI is a U.S. GFI open source anti-spam and data leakage protection software. A cross-site scripting vulnerability exists in the GFI MailEssentials AI Anti-Spoofing configuration page, which can be exploited by an attacker to execute scripts in the context of a logged-in user...
Apple macOS Information Leakage Vulnerability (CNVD-2026-26096)
Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Apple macOS has a vulnerability that allows attackers to access sensitive user data...
OpenClaw code issue vulnerability (CNVD-2026-13388)
OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a code issue vulnerability that stems from a Cron webhook delivery using fetch direct call, which can be exploited by an attacker to cause the webhook target to access private or internal endpoints...
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14288)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express cross-site scripting vulnerability , the vulnerability stems from the urlfilter.cgi endpoint in the REDIRECTPAGE or CHILDREN parameter on the user-supplied data lack of effective filterin...
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14338)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . A cross-site scripting vulnerability exists in Smoothwall Express. The vulnerability stems from the lack of effective filtering and escaping of user-supplied data in the SRCIP, DESTIP, or COMMENT parameters...
Security Bypass Vulnerability in Multiple Apple Products (CNVD-2026-14491)
Apple iOS is an operating system developed for mobile devices. apple watchOS is an operating system for smartwatches. apple macOS is a specialized operating system developed for Mac computers. A security bypass vulnerability exists in multiple Apple products and is due to a logic issue in the...
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14349)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express cross-site scripting vulnerability , the vulnerability stems from the portfw.cgi script multiple parameters of the user-supplied data lack of effective filtering and escaping , an attacke...
Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14487)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial of service vulnerability exists in multiple Apple products and is caused due to an error in the...
Multiple Mozilla products have memory error-related vulnerabilities (CNVD-2026-23778)
Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that was separated from the Mozilla Application Suite. Several Mozilla products have memory error exploitation...
OpenClaw has an unspecified vulnerability (CNVD-2026-13389)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that stems from process cleanup using system-wide process enumeration and pattern matching without verifying ownership, which can be exploited by an attacker to terminate...
Smoothwall Express proxy.cgi Endpoint Cross-Site Scripting Vulnerability
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express proxy.cgi endpoint cross-site scripting vulnerability , the vulnerability stems from the proxy.cgi endpoint in a number of parameters of the user-supplied data lack of effective filtering...
OpenClaw has an unspecified vulnerability (CNVD-2026-13382)
OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw has a security vulnerability that originates in the Discord audit operation processing using the sender's identity in the request parameters, which can be exploited by an attacker to request an audit operation by...
Security Bypass Vulnerability in Multiple Apple Products (CNVD-2026-14493)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A security bypass vulnerability exists in multiple Apple products and is caused due to a logic issue in the...
Adobe After Effects suffers from an out-of-bounds read vulnerability (CNVD-2026-12688)
Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. An out-of-bounds read vulnerability exists in Adobe After Effects 25.6 and...
Microsoft Windows Resource Management Error Vulnerability (CNVD-2026-12560)
Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. A resource management error vulnerability exists in Microsoft Windows. The vulnerability stems from uncontrolled resource consumption by an application and can be exploited by an...
WordPress Plugin Web Accessibility by accessiBe Information Disclosure Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Web Accessibility by...