131179 matches found
OpenClaw Data Forgery Issue Vulnerability
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw is vulnerable to a data forgery issue. The vulnerability stems from an unverified Telegram key token header and can be exploited by an attacker to process forged updates and perform unexpected actions...
Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14274)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial-of-service vulnerability exists in several Apple products, which can be exploited by attackers to...
OpenClaw Command Injection Vulnerability
OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a command injection vulnerability that stems from improper cleanup of workspace paths when embedded in system prompts, which can be exploited by an attacker to cause command injection...
Denial of Service Vulnerability in IBM Db2
IBM Db2 is a set of relational database management system developed by the United States International Business Machines IBM Corporation, and its main operating environments are UNIX including IBM's own AIX, Linux, IBM i formerly known as OS/400, z/OS, as well as Windows server versions. A denial...
OpenClaw has an unspecified vulnerability (CNVD-2026-13378)
OpenClaw is openclaw open source an intelligent artificial assistant. A security vulnerability exists in OpenClaw that stems from the normalizeForHash function mishandling array sorting, which can be exploited by an attacker to cause a compromise in the integrity of a sandboxed configuration...
WordPress Plugin Simple Ajax Chat Information Disclosure Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Simple Ajax Chat. The...
OpenClaw has an unspecified vulnerability (CNVD-2026-13379)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that stems from local helper scripts following symbolic links when packaging skills, which can be exploited by an attacker to cause unintentional disclosure of local files...
OpenClaw path traversal vulnerability (CNVD-2026-13427)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a path traversal vulnerability. The vulnerability stems from the Feishu extension that allows sendMediaFeishu to treat an attacker-controlled mediaUrl value as a local file system path and read it...
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14290)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express has a cross-site scripting vulnerability , the vulnerability stems from the iptools.cgi endpoint IP parameters of the user-supplied data lack of effective filtering and escaping , an...
Security Bypass Vulnerability in Multiple Apple Products (CNVD-2026-14479)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A security bypass vulnerability exists in multiple Apple products, which is caused by a permissions issue i...
OpenClaw Cross-Site Scripting Vulnerability
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. A cross-site scripting vulnerability exists in OpenClaw. The vulnerability stems from improper escaping of assistant identity information when rendered by Control UI and can be exploited by an attacker to compromise...
Microsoft Excel Buffer Overflow Vulnerability (CNVD-2026-12553)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A buffer overflow vulnerability exists in Microsoft Excel. The vulnerability stems from the program's failure to properly validate the length and size of input data, which can be exploited by an attacker ...
Adobe After Effects has a Memory Free After Use Vulnerability
Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. Adobe After Effects 25.6 and earlier versions suffer from a Memory Free Aft...
OpenClaw OS Command Injection Vulnerability (CNVD-2026-13373)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an operating system command injection vulnerability that stems from the failure of maintainer/developer scripts/update-clawtributors.ts to properly filter construct command special characters, commands...
OpenClaw Path Traversal Vulnerability
OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a path traversal vulnerability that can be exploited by an attacker to read arbitrary files from a gateway host by supplying an absolute path or path traversal sequence to the upload operation of a browser...
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14286)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express has a cross-site scripting vulnerability , the vulnerability stems from the apcupsd.cgi script multiple POST parameters on the user-supplied data lack of effective filtering and escaping ...
Unspecified Vulnerability in Multiple Apple Products (CNVD-2026-14494)
Apple iOS is an operating system developed for mobile devices. apple tvOS is an operating system for smart TVs. apple macOS is a specialized operating system developed for Mac computers. A security vulnerability exists in several Apple products that could be exploited by an attacker to disclose...
D-Link DWR-M960 formDdns File Buffer Overflow Vulnerability
The D-Link DWR-M960 is a router from China-based AUO D-Link. A buffer overflow vulnerability exists in the D-Link DWR-M960 formDdns file. The vulnerability stems from a misbehavior of the function sub4648F0 in the file /boafrm/formDdns in the DDNS Settings Handler component with respect to the...
Google Chrome Buffer Overflow Vulnerability (CNVD-2026-12763)
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a buffer overflow vulnerability that originates from a media out-of-bounds read, which can be exploited by a remote attacker to perform an out-of-bounds memory read via a crafted HTML page...
Adobe After Effects has an out-of-bounds write vulnerability
Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. An out-of-bounds write vulnerability exists in Adobe After Effects 25.6 and...
Microsoft Windows Notepad Command Injection Vulnerability
Microsoft Windows Notepad is a text editor program from Microsoft USA. A command injection vulnerability exists in Microsoft Windows Notepad. The vulnerability stems from the application failing to properly filter constructed command special characters, commands, etc. An attacker could exploit th...
Adobe InDesign Desktop suffers from an out-of-bounds read vulnerability
Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. A security vulnerability exists in Adobe InDesign Desktop version 21.1, version 20.5.1, and prior versions, which can be exploited by attackers to obtain sensitive information...
Memory Free After Use Vulnerability in Adobe After Effects 25.6 and Prior Versions
Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. Adobe After Effects 25.6 and earlier versions suffer from a Memory Free Aft...
HTML Injection Vulnerability in IBM webMethods Integration Server
IBM webMethods Integration Server is an application connector from International Business Machines IBM. An HTML injection vulnerability exists in IBM webMethods Integration Server version 12.0. An attacker could exploit this vulnerability to execute arbitrary Web script or HTML...
OpenClaw Data Forgery Problem Vulnerability (CNVD-2026-13430)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw is vulnerable to a data forgery issue. The vulnerability stems from unauthenticated TXT records in discovery beacons, where certain clients treat the TXT values as authoritative routing/fixed inputs. An attacker...
Adobe After Effects has an out-of-bounds read vulnerability
Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. An out-of-bounds read vulnerability exists in Adobe After Effects 25.6 and...
Multiple Apple Products Information Disclosure Vulnerability (CNVD-2026-14488)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. An information disclosure vulnerability exists in multiple Apple products. The vulnerability is caused due ...
Adobe After Effects suffers from an out-of-bounds read vulnerability (CNVD-2026-12689)
Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. An out-of-bounds read vulnerability exists in Adobe After Effects 25.6 and...
Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14280)
Apple iOS is an operating system developed for mobile devices. apple tvOS is a smart TV operating system. apple watchOS is a smart watch operating system. A denial of service vulnerability exists in multiple Apple products, which can be exploited by attackers to cause a denial of service or...
Multiple Apple Products Information Disclosure Vulnerability (CNVD-2026-14495)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. An information disclosure vulnerability exists in multiple Apple products and is caused due to an issue in...
Multiple Apple Products Information Disclosure Vulnerability (CNVD-2026-14490)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. An information disclosure vulnerability exists in multiple Apple products and is caused due to a logic issu...
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14285)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express has a cross-site scripting vulnerability. The vulnerability stems from the lack of effective filtering and escaping of user-supplied data in the NTPSERVER parameter of the time.cgi...
Multiple Apple Products Information Disclosure Vulnerability (CNVD-2026-14485)
Apple iOS is an operating system developed for mobile devices. apple tvOS is a smart TV operating system. apple watchOS is a smart watch operating system. An information disclosure vulnerability exists in multiple Apple products and is caused due to a logging issue in the Game Center component wh...
OpenClaw Server-Side Request Forgery Vulnerability
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a server-side request forgery vulnerability. The vulnerability stems from the fact that SSRF protection can be bypassed using a full form IPv4 mapping IPv6 literal, which can be exploited by an attacke...
Code execution vulnerability in multiple Apple products (CNVD-2026-14497)
Apple iOS is an operating system developed for mobile devices. apple tvOS is a smart TV operating system. apple watchOS is a smart watch operating system. A code execution vulnerability exists in several Apple products, which can be exploited by an attacker to execute arbitrary code...
Unspecified Vulnerability in Multiple Apple Products (CNVD-2026-14483)
Apple iOS is an operating system developed for mobile devices. apple tvOS is a smart TV operating system. apple watchOS is a smart watch operating system. A security vulnerability exists in several Apple products that can be exploited by an attacker to cause an app to recognize other apps install...
Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14275)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial-of-service vulnerability exists in several Apple products, which can be exploited by attackers to...
Multiple Apple Products Information Disclosure Vulnerability (CNVD-2026-14496)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. An information disclosure vulnerability exists in multiple Apple products, which can be exploited by an...
Apple macOS Tahoe Information Disclosure Vulnerability (CNVD-2026-14995)
Apple macOS Tahoe is an operating system from the American company Apple. Apple macOS Tahoe suffers from an information disclosure vulnerability that can be exploited by attackers to access sensitive user data...
Multiple Apple Products Information Disclosure Vulnerability (CNVD-2026-14478)
Apple watchOS is a smartwatch operating system. apple macOS is a dedicated operating system developed for Mac computers. apple visionOS is an operating system for AR glasses. An information disclosure vulnerability exists in multiple Apple products and is caused due to an issue with the handling ...
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14345)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express suffers from a cross-site scripting vulnerability that originates from the interfaces.cgi script to GREENADDRESS, GREENNETMASK, REDDHCPHOSTNAME, REDADDRESS, DNS1OVERRIDE, DNS2 OVERRIDE,...
Elevation of Privilege Vulnerability in Multiple Apple Products (CNVD-2026-14476)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. An elevation of privilege vulnerability exists in several Apple products, which can be exploited by an...
Unspecified Vulnerability in Mozilla Firefox for iOS (CNVD-2026-19942)
Mozilla Firefox for iOS is a web browser designed for iOS devices by the US-based Mozilla Foundation. A security vulnerability exists in Mozilla Firefox for iOS, which can be exploited by an attacker to cause the address bar and page content to be out of sync, allowing the attacker to forge...
Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14481)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial of service vulnerability exists in multiple Apple products due to an error in the WebKit component...
Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14279)
Apple Safari is a web browser that is the default browser that comes with the Mac OS X and iOS operating systems.Apple iOS is a set of operating systems developed for mobile devices.Apple macOS is a set of specialized operating systems developed specifically for Mac computers.Apple Safari is a we...
Information Disclosure Vulnerability in IBM Sterling B2B Integrator and IBM Sterling File Gateway
IBM Sterling B2B Integrator is a flexible integration platform that simplifies complex B2B and Electronic Data Interchange EDI processes across the partner ecosystem, supports local and hybrid cloud deployments, ensures data security, and provides high availability guarantees.IBM Sterling File...
OpenClaw Access Control Error Vulnerability (CNVD-2026-13408)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an access control error vulnerability. The vulnerability stems from a mismatch between rawCommand and command in the node host system.run handler, which can be exploited by an attacker to cause the...
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14289)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express has a cross-site scripting vulnerability , the vulnerability stems from the smoothinfo.cgi endpoint WRAP or SECTIONTITLE parameter on the user-supplied data lack of effective filtering an...
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14354)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express cross-site scripting vulnerability , the vulnerability stems from the outgoing.cgi endpoint in the MACHINE and MACHINECOMMENT parameters of the user-supplied data lack of effective...
Microsoft GitHub Copilot for JetBrains Command Injection Vulnerability
Microsoft GitHub Copilot for JetBrains is an AI programming assistant plugin from Microsoft USA that can be installed in various IDEs produced by JetBrains. A command injection vulnerability exists in Microsoft GitHub Copilot for JetBrains. The vulnerability stems from the application failing to...