131179 matches found
Google Chrome buffer overflow vulnerability (CNVD-2026-27209)
Chrome is a web browser developed by Google, used for accessing and managing web pages. Google Chrome has a buffer error vulnerability. The vulnerability arises due to a memory access flaw in the ANGLE component, which leads to out-of-bounds memory reads and writes during processing graphic...
Google Chrome Permission Elevation Vulnerability (CNVD-2026-27212)
Chrome is a web browser developed by Google, used for accessing and managing web pages. Google Chrome has a permission escalation vulnerability. This vulnerability arises due to a defect in the handling of permission boundaries by the Bluetooth component when processing Bluetooth interactions wit...
Google Chrome Cross-Site Script Vulnerability (CNVD-2026-27210)
Chrome is a web browser developed by Google, used for accessing and managing web pages. Google Chrome has a cross-site scripting vulnerability. This vulnerability arises due to improper implementation of CSS components when processing page style content. Attackers can exploit this vulnerability b...
Google Chrome buffer overflow vulnerability (CNVD-2026-27213)
Chrome is a web browser developed by Google, used for accessing and managing web pages. Google Chrome has a buffer overflow vulnerability. This vulnerability arises due to memory processing defects in the V8 component, which handles JavaScript execution processes in HTML pages. Attackers can...
Google Chrome Resource Management Error Vulnerability (CNVD-2026-27211)
Chrome is a web browser developed by Google, used for accessing and managing web pages. Google Chrome has a resource management vulnerability. The vulnerability arises from the DevTools component incorrectly using released memory when handling the lifecycle of debugging objects. Attackers can...
Adobe ColdFusion input validation error vulnerability (CNVD-2026-26851)
Adobe ColdFusion is a rapid web application development platform provided by the American company Adobe. Adobe ColdFusion has a vulnerability related to input validation, and attackers can exploit this vulnerability to execute arbitrary code within the context of the current user...
Adobe ColdFusion path traversal vulnerability (CNVD-2026-26849)
Adobe ColdFusion is a rapid web application development platform provided by the American company Adobe. Adobe ColdFusion has a path traversal vulnerability; this vulnerability stems from path traversal issues, and attackers can exploit it to execute arbitrary code within the context of the curre...
Google Chrome Resource Management Error Vulnerability (CNVD-2026-27214)
Google Chrome is a web browser used for accessing web pages and running web applications. There is a resource management vulnerability in Google Chrome. The vulnerability stems from a flaw in the V8 engine, where objects continue to be used after being released. Attackers can exploit this...
Adobe ColdFusion arbitrary file upload vulnerability
Adobe ColdFusion is a rapid web application development platform provided by the American company Adobe. Adobe ColdFusion has a vulnerability related to arbitrary file uploads. This vulnerability stems from the upload of dangerous types of files without restrictions, allowing attackers to execute...
Google Chrome Resource Management Error Vulnerability (CNVD-2026-27217)
Google Chrome is a web browser used for accessing web pages and running web applications. There is a resource management vulnerability in Google Chrome. The vulnerability stems from a flaw in the ANGLE component, where objects continue to be used after being released. Attackers can exploit this...
Adobe ColdFusion path traversal vulnerability (CNVD-2026-26845)
Adobe ColdFusion is a rapid web application development platform provided by the American company Adobe. Adobe ColdFusion has a path traversal vulnerability, which stems from improper path name filtering. Attackers can exploit this vulnerability to access files and directories that are not intend...
Google Chrome Resource Management Error Vulnerability (CNVD-2026-27216)
Google Chrome is a web browser used for accessing web pages and running web applications. There is a resource management vulnerability in Google Chrome. The vulnerability stems from a flaw in the V8 engine that allows objects to be reclaimed and then reused after their release. Attackers can...
Google Chrome heap buffer overflow vulnerability (CNVD-2026-27215)
Google Chrome is a web browser used for accessing web pages and running web applications. Google Chrome has a heap buffer overflow vulnerability. This vulnerability arises due to a flaw in the Skia component that leads to heap buffer overflows. Attackers can exploit this vulnerability to escape t...
Adobe ColdFusion arbitrary file upload vulnerability (CNVD-2026-26852)
Adobe ColdFusion is a rapid web application development platform provided by Adobe, Inc. ColdFusion has a vulnerability related to arbitrary file uploads. This vulnerability stems from improper file upload restrictions, and attackers can exploit this vulnerability to execute arbitrary code within...
Google Chrome Resource Management Error Vulnerability (CNVD-2026-27218)
Google Chrome is a web browser used for accessing web pages and running web applications. There is a resource management vulnerability in Google Chrome. The vulnerability stems from a flaw in the Dawn component on the Mac platform, where objects continue to be used after being released. Attackers...
Google Chrome Input Validation Vulnerability (CNVD-2026-26945)
Google Chrome is a web browser used for accessing web pages and running web applications. There is a vulnerability in Google Chrome’s input validation mechanism. The vulnerability stems from memory processing defects in the V8 engine. Attackers can exploit this vulnerability by constructing HTML...
Adobe ColdFusion input validation error vulnerability (CNVD-2026-26850)
Adobe ColdFusion is a rapid web application development platform provided by the American company Adobe. Adobe ColdFusion has a vulnerability related to input validation, and attackers can exploit this vulnerability to execute arbitrary code within the context of the current user...
Siemens Mendix Studio Pro arbitrary code execution vulnerability
Mendix Studio Pro is a low-code IDE designed for professional developers. It is a visual model-driven development environment used to build applications on the Mendix platform. Siemens Mendix Studio Pro has a vulnerability where arbitrary code can be executed. Attackers can exploit this...
Tenda JD12L buffer overflow vulnerability
JD12L is a Tenda wireless router device, used for home and small network access. The Tenda JD12L has a buffer overflow vulnerability. This vulnerability arises due to the lack of length validation for the security5g parameter in the formWifiBasicSet function of the /goform/WifiBasicSet interface...
Dell PowerFlex Manager Access Control Vulnerability (CNVD-2026-26083)
Dell PowerFlex Manager is an open-source software-defined storage management platform developed by the American company Dell. Dell PowerFlex Manager has a vulnerability related to access control. This vulnerability stems from improper access control mechanisms, allowing attackers to exploit it to...
OpenBSD input validation error vulnerability
OpenBSD is an open-source, cross-platform BSD-based UNIX-like operating system developed by the OpenBSD Foundation in Canada. Versions of OpenBSD prior to 076e2b1 contained a vulnerability related to input validation errors. This vulnerability stemmed from the fact that the length value in the...
Apache Shiro input validation vulnerability (CNVD-2026-26205)
Apache Shiro is a security and permission framework that is open-source under the Apache Foundation in the United States. There is an input validation vulnerability in Apache Shiro. This vulnerability stems from the lack of escaping of special characters according to RFC 2253 in the...
Apple Safari path traversal vulnerability (CNVD-2026-26335)
Apple Safari is a web browser developed by Apple Inc., integrated into iOS, iPadOS, and macOS systems. It supports web browsing and rendering functions. Apple Safari has a path traversal vulnerability, which stems from an inability to correctly verify file paths. Attackers can exploit this...
Apple Safari buffer overflow vulnerability (CNVD-2026-26364)
Safari is a web browser developed by Apple Inc., whose main function is to browse web content. Apple Safari has security vulnerabilities; these vulnerabilities arise due to improper handling of maliciously constructed web content. Attackers can exploit these vulnerabilities to cause memory...
Apple Safari buffer overflow vulnerability (CNVD-2026-26339)
Apple Safari is a web browser developed by Apple Inc. It primarily runs on iOS, iPadOS, and macOS operating systems, used to display web page content. Apple Safari has a security vulnerability. This vulnerability stems from improper handling of maliciously crafted web content, resulting in memory...
Apple Safari WebKit memory corruption vulnerability (CNVD-2026-26340)
Apple Safari is a web browser developed by Apple Inc., utilizing the WebKit rendering engine. It primarily serves the function of browsing web pages. Apple Safari has a memory corruption vulnerability. This vulnerability stems from the failure to properly manage memory when processing maliciously...
Google Android Configuration Error Vulnerability
Google Android is an open-source operating system based on Linux, developed by Google Inc. Google Android has a configuration vulnerability that stems from unsafe default values in the NfcDispatcher.java file. Attackers can exploit this vulnerability to gain local privileges...
Google Android Authorization Vulnerability (CNVD-2026-26201)
Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android. Attackers can exploit these vulnerabilities to cause local information leaks...
Google Android Authorization Vulnerability (CNVD-2026-26392)
Google Android is an operating system based on Linux, open-sourced by the American company Google. Google Android has authorization-related vulnerabilities; these vulnerabilities stem from the lack of permission checks. Attackers can exploit these vulnerabilities to gain higher levels of access...
Dell PowerFlex Manager encryption vulnerability (CNVD-2026-26082)
Dell PowerFlex Manager is a software-defined storage management platform developed by the American company Dell. Versions of Dell PowerFlex Manager prior to 4.5.1.1 contained security vulnerabilities. Attackers could exploit these vulnerabilities to carry out man-in-the-middle attacks using DNS...
Dell PowerStore cross-site scripting vulnerability (CNVD-2026-26084)
Dell PowerStore is an enterprise-level network storage system developed by the American company Dell. Dell PowerStore has a cross-site scripting vulnerability. This vulnerability stems from the lack of effective filtering and escaping of data provided by users in the PowerStore Manager. Attackers...
Dell EMC VxRail Appliance permission licensing and access control issue vulnerabilities
The Dell EMC VxRail Appliance is an integrated hypervisor-enabled hyper-converged infrastructure device developed by the American company Dell. Versions of the Dell EMC VxRail Appliance prior to 7.0.520 contain security vulnerabilities. Attackers can exploit these vulnerabilities to escape from...
Google Android has an unknown vulnerability (CNVD-2026-26390)
Google Android is an operating system based on Linux, open-sourced by Google Inc. There are security vulnerabilities in Google Android, which stem from a lack of boundary checks in the mfccorenalqgetdecmetadataseinal function in mfccorenal.q. Attackers can exploit these vulnerabilities to execute...
Rockwell Automation CompactLogix 5370 suffers a denial-of-service vulnerability
Rockwell Automation CompactLogix 5370 is a programmable automation controller developed by Rockwell Automation in the United States. The CompactLogix 5370 has a denial-of-service vulnerability, which stems from the lack of verification of sequence numbers and source IP addresses in the CIP...
Apple Safari WebKit stack overflow vulnerability
Apple Safari is a cross-platform web browser product developed by Apple. It primarily provides functions for rendering and browsing web content. Apple Safari has a stack overflow vulnerability, which stems from an inability to properly validate input data. Attackers can exploit this vulnerability...
Google Android competition conditions issue vulnerability (CNVD-2026-26393)
Google Android is an open-source operating system based on Linux, developed by Google Inc. Google Android has a vulnerability known as a race condition. This vulnerability stems from a persistent synchronization issue within the createSessionInternal function in PackageInstallerService.java...
Dell PowerFlex Manager permission and access control vulnerabilities
Dell PowerFlex Manager is a software-defined storage management platform developed by the American company Dell. Dell PowerFlex has vulnerabilities related to permission licensing and access control. These vulnerabilities stem from improper access control mechanisms, and attackers can exploit the...
Cisco Identity Services Engine Software Authorization Vulnerability
Cisco Identity Services Engine Software is a identity management platform developed by the American company Cisco. There are authorization-related vulnerabilities in Cisco Identity Services Engine Software. These vulnerabilities stem from improper authorization checks during resource access...
Cisco Webex App input validation vulnerability (CNVD-2026-26204)
The Cisco Webex App is a video conferencing and collaboration software developed by Cisco, Inc. in the United States. The Cisco Webex App has a vulnerability related to input validation. This vulnerability stems from improper input validation of URL parameters in HTTP requests. Attackers can...
Apple Safari permissions vulnerability (CNVD-2026-26338)
Apple Safari is a web browser developed by Apple Inc., integrated into iOS, iPadOS, and macOS systems. It is primarily used for accessing and browsing web content. Apple Safari has a permissions vulnerability. This vulnerability stems from improper handling of permissions restrictions during...
Rockwell Automation FactoryTalk Analytics PavilionX Authorization Issues Vulnerability
Rockwell Automation FactoryTalk Analytics PavilionX is an industrial automation analysis platform developed by the Rockwell Automation Foundation in the United States. There is a vulnerability related to authorization in Rockwell Automation FactoryTalk Analytics PavilionX. This vulnerability stem...
Apple Safari buffer overflow vulnerability (CNVD-2026-26434)
Apple Safari is a web browser developed by Apple Inc., primarily used on iOS, iPadOS, and macOS systems. It provides web browsing functionality. Apple Safari has a buffer overflow vulnerability. This vulnerability stems from insufficient validation of boundary checks. Attackers can exploit this...
TP-Link TL-WR841N Web interface stack buffer overflow vulnerability
The TP-Link TL-WR841N v14 is a wireless router produced by the Chinese company TP-Link. The TP-Link TL-WR841N v14 has a stack buffer overflow vulnerability in its web interface. This vulnerability arises from improper handling of specially crafted HTTP requests, leading to a buffer overflow...
Google Android Permission Licensing and Access Control Vulnerabilities (CNVD-2026-26369)
Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android. Attackers can exploit these vulnerabilities to gain local privileges...
Apple Safari resource management error vulnerability (CNVD-2026-26365)
Apple Safari is a web browser developed by Apple Inc. It serves as the default browser for iOS, iPadOS, and macOS systems. It supports web browsing, extended features, and synchronization across multiple platforms. There is a resource management vulnerability in Apple Safari. This vulnerability...
Dell Peripheral Manager permissions and access control vulnerabilities (CNVD-2026-26537)
Dell Peripheral Manager is a peripheral device management software developed by the American company Dell. Versions of Dell Peripheral Manager prior to 1.7.3 contained security vulnerabilities. Attackers could exploit these vulnerabilities to execute arbitrary code by preloading malicious DLLs...
Google Chrome Input Validation Vulnerability (CNVD-2026-26522)
Google Chrome is a cross-platform web browser developed by Google Inc. of the United States. There is a security vulnerability in Google Chrome. This vulnerability stems from improper implementations in extensions. Attackers can exploit this vulnerability to bypass the origin policy using a...
Dell Peripheral Manager permissions and access control vulnerabilities
Dell Peripheral Manager is a peripheral device management software developed by the American company Dell. There are security vulnerabilities in Dell Peripheral Manager. Attackers can exploit these vulnerabilities to execute arbitrary code by preloading malicious executable files...
Google Chrome Authorization Vulnerability (CNVD-2026-26521)
Google Chrome is a cross-platform web browser developed by Google Inc. of the United States. There is a security vulnerability in Google Chrome. This vulnerability stems from improper handling of passwords in the Password module. Attackers can exploit this vulnerability to leak cross-source data...
Multiple Mozilla products have buffer overflow vulnerabilities (CNVD-2026-26885)
Mozilla Firefox is an open-source web browser developed by the Mozilla Foundation in the United States. Mozilla Firefox ESR is an extended support version of Firefox the web browser developed by the Mozilla Foundation. Mozilla Thunderbird is an email client software independently developed from t...