131179 matches found
OpenClaw OS Command Injection Vulnerability (CNVD-2026-13372)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an operating system command injection vulnerability. The vulnerability stems from a keychain credential refresh shell command constructed on macOS failing to properly filter constructed command special...
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14367)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express has a cross-site scripting vulnerability , the vulnerability stems from the xtaccess.cgi endpoint EXT, DESTPORT or COMMENT parameter on the user-supplied data lack of effective filtering...
Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14277)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial-of-service vulnerability exists in several Apple products, which can be exploited by an attacker t...
Microsoft Hyper-V Access Control Error Vulnerability
Microsoft Hyper-V is an application from Microsoft Corporation USA. A system hypervisor virtualization technology that enables desktop virtualization. An access control error vulnerability exists in Microsoft Hyper-V. The vulnerability stems from a flaw in the access control mechanism and can be...
Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14486)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial of service vulnerability exists in multiple Apple products, which is caused due to an issue in the...
Zyxel EX3510-B0 UPnP command injection vulnerability
The Zyxel EX3510-B0 is a Gigabit Ethernet switch produced by Zyxel Technology. The Zyxel EX3510-B0 UPnP device has a command injection vulnerability related to UPnP SOAP requests. This vulnerability stems from incorrect filtering of input parameters, allowing remote attackers to execute arbitrary...
Adobe Substance 3D Stager suffers from an out-of-bounds write vulnerability
Substance 3D Stager is the United States of America Ordoby Adobe company launched a dedicated to the 3D scene set, lighting settings and high-quality rendering of professional software. An out-of-bounds write vulnerability exists in Adobe Substance 3D Stager 3.1.6 and earlier versions, which can ...
OpenClaw has an unspecified vulnerability (CNVD-2026-13380)
OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a security vulnerability that stems from a Docker tool sandbox configuration injection issue that can be exploited by an attacker to cause container escape or host data access...
Multiple Apple products have service denial vulnerabilities (CNVD-2026-26097)
Apple iOS is an operating system developed for mobile devices. Apple macOS is a dedicated operating system designed specifically for Mac computers. Apple iPadOS is an operating system used for iPad tablets. Several Apple products have service denial vulnerabilities, and attackers can exploit thes...
Apple macOS Sonoma information leakage vulnerability
Apple macOS Sequoia is an operating system developed by the American company Apple. Apple macOS Sonoma has a vulnerability where attackers can exploit it to access sensitive user data...
OpenClaw has an unspecified vulnerability (CNVD-2026-13383)
OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw has a security vulnerability that stems from the fact that under iMessage groupPolicy=allowlist, the identity of the sender from the DM pairing store can satisfy the group authorization, which can be exploited by an...
Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14489)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial of service vulnerability exists in multiple Apple products, which is caused due to an issue in the...
Unspecified Vulnerability in Multiple Apple Products (CNVD-2026-14477)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in several Apple products. An attacker could exploit this vulnerability to...
Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14481)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial of service vulnerability exists in multiple Apple products due to an error in the WebKit component...
IBM Concert Cross-Site Scripting Vulnerability (CNVD-2026-13785)
IBM Concert is IBM for the Z platform integrated Web services framework. A cross-site scripting vulnerability exists in IBM Concert. An attacker can exploit this vulnerability to inject arbitrary JavaScript code to tamper with the functionality of the web interface, resulting in the disclosure of...
IBM Concert Information Disclosure Vulnerability (CNVD-2026-13786)
IBM Concert is IBM's software platform for orchestrating and managing enterprise-class applications. An information disclosure vulnerability exists in IBM Concert. An attacker could exploit this vulnerability to steal sensitive information via a man-in-the-middle attack...
Apache Superset Input Validation Vulnerability
Apache Superset is a modern big data exploration and visualization platform from the Apache Foundation that allows users to easily and quickly build dashboards using a simple no-code visualization builder and a state-of-the-art SQL editor. Apache Superset has an input validation vulnerability in...
Advantech WISE-6610 OS Command Injection Vulnerability
Advantech WISE-6610 is a core gateway device from Advantech, Taiwan, China. The Advantech WISE-6610 suffers from an operating system command injection vulnerability that originates from a misuse of the parameter deletefile in the file /cgi-bin/luci/admin/openvpnapply, which can be exploited by an...
Adobe After Effects Input Validation Error Vulnerability (CNVD-2026-12866)
Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. An input validation error vulnerability exists in Adobe After Effects, whic...
Adobe After Effects Type Obfuscation Vulnerability
Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. A type confusion vulnerability exists in Adobe After Effects, which can be...
Adobe After Effects Resource Management Error Vulnerability
Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. Adobe After Effects suffers from a resource management error vulnerability...
Adobe DNG SDK Buffer Overflow Vulnerability
Adobe DNG SDK is the United States of America Audobee Adobe company's a software development kit to provide the ability to read and write DNG files. A buffer overflow vulnerability exists in Adobe DNG SDK, which can be exploited by an attacker to execute arbitrary code on a system or cause an...
Adobe After Effects Resource Management Error Vulnerability (CNVD-2026-12869)
Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. Adobe After Effects suffers from a resource management error vulnerability...
Microsoft Defender for Linux Code Execution Vulnerability
Microsoft Defender for Linux is Microsoft's own antivirus security software. A security vulnerability exists in Microsoft Defender for Linux that originates from improper input validation and can be exploited by remote attackers to execute arbitrary code...
Adobe After Effects Resource Management Error Vulnerability (CNVD-2026-12868)
Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. Adobe After Effects suffers from a resource management error vulnerability...
Adobe After Effects Buffer Overflow Vulnerability (CNVD-2026-12870)
Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. A buffer overflow vulnerability exists in Adobe After Effects, which can be...
Adobe Audition Denial of Service Vulnerability
Adobe Audition is a set of multi-track editing tools from the American company Audobee Adobe. The product mainly uses a comprehensive toolset that includes multi-track, waveform and spectral display to mix, edit and create audio content. Adobe Audition suffers from a denial of service vulnerabili...
Adobe Audition out-of-bounds write vulnerability (CNVD-2026-14508)
Adobe Audition is a set of multi-track editing tools from the American company Audobee Adobe. The product mainly uses a comprehensive toolset that includes multi-track, waveform and spectral display to mix, edit and create audio content. Adobe Audition suffers from an out-of-bounds write...
Adobe Substance3D Designer Buffer Overflow Vulnerability (CNVD-2026-12872)
Adobe Substance3D Designer is a texture and material creation software from the American company Audobee Adobe. A buffer error vulnerability exists in Adobe Substance3D Designer, which can be exploited by attackers to cause memory exposure and sensitive information disclosure...
Adobe Audition Out-of-Bounds Read Vulnerability (CNVD-2026-14506)
Adobe Audition is a set of multi-track editing tools from the American company Audobee Adobe. The product mainly uses a comprehensive toolset that includes multi-track, waveform and spectral display to mix, edit and create audio content. Adobe Audition suffers from an out-of-bounds read...
Adobe Substance3D Designer Out-of-Bounds Write Vulnerability
Adobe Substance3D Designer is a texture and material creation software from the American company Audobee Adobe. Adobe Substance3D Designer suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code in the current user's context...
Adobe Substance3D Designer Out-of-Bounds Read Vulnerability (CNVD-2026-17719)
Adobe Substance3D Designer is a texture and material creation software from the American company Audobee Adobe. An out-of-bounds read vulnerability exists in Adobe Substance3D Designer, which can be exploited by attackers to cause memory exposure and sensitive information disclosure...
Adobe Audition Buffer Overflow Vulnerability (CNVD-2026-14505)
Adobe Audition is a set of multi-track editing tools from the American company Audobee Adobe. The product is mainly used to include multi-track, waveforms and spectral display of the perfect toolset for audio content mixing, editing and creation. A buffer overflow vulnerability exists in Adobe...
Adobe Substance3D Designer Code Issue Vulnerability
Adobe Substance3D Designer is a texture and material creation software from the American company Audobee Adobe. A code issue vulnerability exists in Adobe Substance3D Designer, which can be exploited by attackers to cause a denial of service in the application...
Adobe Substance3D Designer Buffer Overflow Vulnerability (CNVD-2026-14504)
Adobe Substance3D Designer is a texture and material creation software from the American company Audobee Adobe. A buffer overflow vulnerability exists in Adobe Substance3D Designer, which can be exploited by an attacker to execute arbitrary code in the current user environment...
Adobe Substance3D Designer Buffer Overflow Vulnerability (CNVD-2026-12875)
Adobe Substance3D Designer is a texture and material creation software from the American company Audobee Adobe. A buffer overflow vulnerability exists in Adobe Substance3D Designer, which can be exploited by attackers to cause memory exposure and sensitive information disclosure...
Adobe Audition Buffer Overflow Vulnerability
Adobe Audition is a set of multi-track editing tools from the American company Audobee Adobe. The product mainly uses a comprehensive toolset that includes multi-track, waveform and spectral display to mix, edit and create audio content. A buffer overflow vulnerability exists in Adobe Audition,...
Apache Druid Authentication Bypass Vulnerability
Apache Druid is the United States Apache Apache Foundation of a use of the Java language , written in column-oriented open source distributed database . Apache Druid has a security vulnerability that originates from improper validation of LDAP authentication responses, which could lead to...
Adobe Substance3D Stager Out-of-Bounds Read Vulnerability (CNVD-2026-18674)
Adobe Substance3D Stager is a set and rendering software for 3D scenes from the American company Audobee Adobe. Adobe Substance3D Stager suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute code in the context of the current user...
Adobe Substance3D Modeler Out-of-Bounds Read Vulnerability (CNVD-2026-18673)
Adobe Substance3D Modeler is a 3D modeling software from the American company Audobee Adobe. An out-of-bounds read vulnerability exists in Adobe Substance3D Modeler, which can be exploited by attackers to disclose sensitive information stored in memory...
Adobe InDesign Desktop Heap Buffer Overflow Vulnerability (CNVD-2026-17790)
Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause the application to crash...
Adobe InDesign Desktop Heap Buffer Overflow Vulnerability (CNVD-2026-17791)
Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause the application to crash...
Adobe Lightroom Desktop Out-of-Bounds Write Vulnerability
Adobe Lightroom Desktop is a professional photo management and editing software from the American company Audobee Adobe, designed to provide photographers and image editors with powerful workflow and editing tools. Adobe Lightroom Desktop suffers from an out-of-bounds write vulnerability that can...
XML external entity injection vulnerability in IBM Business Automation Workflow containers and IBM Business Automation Workflow traditional
IBM Business Automation Workflow is a suite of workflow automation solutions from International Business Machines IBM. The product is primarily used for workflow management, compliance management, and features workflow visibility and scalability. IBM Business Automation Workflow containers V25.0....
Unspecified Vulnerability in HCL AION (CNVD-2026-16402)
HCL AION is an AI lifecycle management platform from HCL India. HCL AION suffers from a security vulnerability that stems from a missing or insecure HTTP Strict Transport Security header, which can be exploited by an attacker to cause a man-in-the-middle attack...
IBM Db2 Denial of Service Vulnerability (CNVD-2026-14674)
IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from a denial of service vulnerability that originates from improper neutralization of...
Huawei EMUI and Huawei HarmonyOS DFX Module Out-of-Bounds Write Vulnerability
Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. An out-of-bounds write vulnerability exists in the Huawei EMUI and Huawei HarmonyOS DFX module, which can be...
OpenClaw OS Command Injection Vulnerability
OpenClaw is openclaw open source an intelligent artificial assistant. An operating system command injection vulnerability exists in versions prior to OpenClaw 2026.1.29, which stems from the sshNodeCommand function failing to properly filter construct command special characters, commands, etc. An...
WeKan has an unspecified vulnerability
WeKan is a Kanban application from WeKan open source. WeKan suffers from a security vulnerability that can be exploited by an attacker to spoof the author of a recorded comment by providing another user's identifier...
Unspecified vulnerability in WeKan (CNVD-2026-11748)
WeKan is a Kanban application from WeKan open source. WeKan has a security vulnerability that can be exploited by an attacker to cause a user with a read-only role to perform card updates that require write access...