131179 matches found
IBM Concert Information Disclosure Vulnerability (CNVD-2026-07114)
IBM Concert is a generative artificial intelligence-driven automated application management and monitoring tool based on the watsonx platform, announced by IBM in May 2024 at the IBMThink conference in Boston, USA. IBM Concert suffers from an information disclosure vulnerability that stems from t...
IBM Concert Encryption Problem Vulnerability (CNVD-2025-29669)
IBM Concert is a generative artificial intelligence-driven automated application management and monitoring tool based on the watsonx platform released in May 2024 by IBM. IBM Concert suffers from a cryptographic issue vulnerability that stems from not properly enabling HTTP Strict Transport...
IBM Concert Output Neutralization Malpractice Vulnerability
IBM Concert is a generative artificial intelligence-driven automated application management and monitoring tool based on the watsonx platform released in May 2024 by IBM. IBM Concert suffers from an improper output neutralization vulnerability that can be exploited by an attacker to cause a forge...
Tenda AC21 saveParentControlInfo File Buffer Overflow Vulnerability
Tenda AC21 is a dual-band Gigabit wireless router launched by Tenda Technology, designed for home high-speed Internet needs, supporting 802.11acwave2 technology, dual-band concurrent rate up to 2033Mbps, of which the 5GHz band rate up to 1733Mbps, to meet the high-bandwidth applications, such as ...
Revive Adserver Cross-Site Scripting Vulnerability
Revive Adserver is an open source ad serving system that allows advertisers, publishers, and networks to place ads on multiple platforms e.g., websites, apps, video players and supports ad effectiveness tracking, campaign management, and placement rule definition. Revive Adserver suffers from a...
Tenda AC21 SetSysAutoRebbotCfg File Buffer Overflow Vulnerability
Tenda AC21 is a dual-band Gigabit wireless router launched by Tenda Technology, designed for home high-speed Internet needs, supporting 802.11acwave2 technology, dual-band concurrent rate up to 2033Mbps, of which the 5GHz band rate up to 1733Mbps, to meet the high-bandwidth applications, such as ...
Revive Adserver Cross-Site Scripting Vulnerability (CNVD-2025-29421)
Revive Adserver is an open source ad serving system that allows advertisers, publishers, and networks to place ads on multiple platforms e.g., websites, apps, video players and supports ad effectiveness tracking, campaign management, and placement rule definition. Revive Adserver suffers from a...
Revive Adserver Uncontrolled Resource Consumption Vulnerability
Revive Adserver is an open source ad serving system that allows advertisers, publishers, and networks to place ads on multiple platforms e.g., websites, apps, video players and supports ad effectiveness tracking, campaign management, and placement rule definition. Revive Adserver suffers from an...
Tenda AC21 SetSysTimeCfg File Stack Buffer Overflow Vulnerability
Tenda AC21 is a dual-band Gigabit wireless router launched by Tenda Technology, designed for home high-speed Internet needs, supporting 802.11acwave2 technology, dual-band concurrent rate up to 2033Mbps, of which the 5GHz band rate up to 1733Mbps, to meet the high-bandwidth applications, such as ...
Complete Online Beauty Parlor Management System /customer-list.php file cross-site scripting vulnerability
Complete Online Beauty Parlor Management System is an online beauty parlor management system. Complete Online Beauty Parlor Management System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter Name ...
Revive Adserver Format Character Neutralization Malpractice Vulnerability
Revive Adserver is an open source ad serving system that allows advertisers, publishers, and networks to place ads on multiple platforms e.g., websites, apps, video players and supports ad effectiveness tracking, campaign management, and placement rule definition. Revive Adserver suffers from a...
Revive Adserver Authorization Bypass Vulnerability
Revive Adserver is an open source ad serving system that allows advertisers, publishers, and networks to place ads on multiple platforms e.g., websites, apps, video players and supports ad effectiveness tracking, campaign management, and placement rule definition. Revive Adserver suffers from an...
IBM Concert Cross-Site Scripting Vulnerability
IBM Concert is a generative artificial intelligence-driven automated application management and monitoring tool based on the watsonx platform released in May 2024 by IBM. IBM Concert suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering an...
Revive Adserver Username In-Blank Neutralization and Improper Vulnerability
Revive Adserver is an open source ad serving system that allows advertisers, publishers, and networks to place ads on multiple platforms e.g., websites, apps, video players and supports ad effectiveness tracking, campaign management, and placement rule definition. Revive Adserver suffers from a...
Tenda AC21 SetIpMacBind File Stack Buffer Overflow Vulnerability
Tenda AC21 is a dual-band Gigabit wireless router launched by Tenda Technology, designed for home high-speed Internet needs, supporting 802.11acwave2 technology, dual-band concurrent rate up to 2033Mbps, of which the 5GHz band rate up to 1733Mbps, to meet the high-bandwidth applications, such as ...
Microsoft Application Gateway Elevation of Privilege Vulnerability
Microsoft Application Gateway is an application gateway from Microsoft Corporation in the United States. An elevation of privilege vulnerability exists in Microsoft Application Gateway, which can be exploited by an attacker to elevate privileges...
D-Link DWR-M920 sub_41C7FC function buffer overflow vulnerability
The D-Link DWR-M920 is a 4GLTE wireless router manufactured by Youxun D-Link. The D-Link DWR-M920 suffers from a buffer overflow vulnerability that originates from malicious manipulation of the submit-url parameter of the sub41C7FC function in the /boafrm/formPinManageSetup file. An attacker can...
Apache Causeway Deserialization Vulnerability
Apache Causeway is the Apache Foundation of a Java rapid application development framework . Apache Causeway suffers from a deserialization vulnerability that originates from unsafe deserialization of user-controllable URL parameters in the receipt of serialized data submitted by the user, which...
Revive Adserver Cross-Site Scripting Vulnerability (CNVD-2025-29419)
Revive Adserver is an open source ad serving system that allows advertisers, publishers, and networks to place ads on multiple platforms e.g., websites, apps, video players and supports ad effectiveness tracking, campaign management, and placement rule definition. Revive Adserver suffers from a...
Revive Adserver banner-zone.php script cross-site scripting vulnerability
Revive Adserver is an open source ad serving system that allows advertisers, publishers, and networks to place ads on multiple platforms e.g., websites, apps, video players and supports ad effectiveness tracking, campaign management, and placement rule definition. Revive Adserver suffers from a...
IBM Concert Information Disclosure Vulnerability
IBM Concert is a generative artificial intelligence-driven automated application management and monitoring tool based on the watsonx platform released in May 2024 by IBM. IBM Concert suffers from an information disclosure vulnerability that stems from uncontrolled recursive directory replication,...
UFIDA U9 Multi-Organization Enterprise Internet Application Platform of UFIDA Network Technology Co.
UFIDA is a leading provider of management software, ERP software, group management software, human resource management software, customer relationship management software, small business management software, financial and administrative institution management software, automotive industry...
COVID Tracking System SQL Injection Vulnerability
The COVID Tracking System is a new crown pneumonia tracking system. The COVID Tracking System suffers from a SQL injection vulnerability that stems from the /admin/?page=state file not securely filtering the ID parameter. The vulnerability can be exploited by an attacker to illegally obtain...
Tenda AC21 saveParentControlInfo File Buffer Overflow Vulnerability
Tenda AC21 is a dual-band Gigabit wireless router launched by Tenda Technology, designed for home high-speed Internet needs, supporting 802.11acwave2 technology, dual-band concurrent rate up to 2033Mbps, of which the 5GHz band rate up to 1733Mbps, to meet the high-bandwidth applications, such as ...
Revive Adserver stats-conversions.php script cross-site scripting vulnerability
Revive Adserver is an open source ad serving system that allows advertisers, publishers, and networks to place ads on multiple platforms e.g., websites, apps, video players and supports ad effectiveness tracking, campaign management, and placement rule definition. Revive Adserver suffers from a...
Revive Adserver Missing Authorization Vulnerability
Revive Adserver is an open source ad serving system that allows advertisers, publishers, and networks to place ads on multiple platforms e.g., websites, apps, video players and supports ad effectiveness tracking, campaign management, and placement rule definition. Revive Adserver suffers from a...
Tenda AC21 setPptpUserList Buffer Overflow Vulnerability
Tenda AC21 is a dual-band Gigabit wireless router launched by Tenda Technology, designed for home high-speed Internet needs, supporting 802.11acwave2 technology, dual-band concurrent rate up to 2033Mbps, of which the 5GHz band rate up to 1733Mbps, to meet the high-bandwidth applications, such as ...
Revive Adserver User Management System Design Insecurity Vulnerability
Revive Adserver is an open source ad serving system that allows advertisers, publishers, and networks to place ads on multiple platforms e.g., websites, apps, video players and supports ad effectiveness tracking, campaign management, and placement rule definition. Revive Adserver has a user...
Revive Adserver Information Disclosure Vulnerability
Revive Adserver is an open source ad serving system that allows advertisers, publishers, and networks to place ads on multiple platforms e.g., websites, apps, video players and supports ad effectiveness tracking, campaign management, and placement rule definition. Revive Adserver suffers from an...
WordPress Plugin New User Approve Information Disclosure Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin New User Approve, which...
WordPress Booking for Appointments plugin input validation error vulnerability
WordPress Booking for Appointments plugin is a tool for implementing appointment management on WordPress websites. The WordPress Booking for Appointments plugin suffers from an input validation error vulnerability that stems from a lack of validation for the tslotapptemail AJAX action, which can ...
WordPress Community Events plugin SQL Injection Vulnerability
WordPress Community Events plugin is an event management plugin on the WordPress platform , mainly used to create and display the event calendar , support for AJAX dynamic loading and event submission form features . WordPress Community Events plugin suffers from a SQL injection vulnerability tha...
Tenda CH22 Buffer Overflow Vulnerability
Tenda CH22 is a network device from Tenda, China. Tenda CH22 version 1.0.0.1 suffers from a buffer overflow vulnerability, which originates from the parameter chkHz in the file /goform/WrlExtraGet that fails to correctly validate the length of the input data, and can be exploited by an attacker t...
Command Execution Vulnerability in DH2100+ NAS of Shenzhen Greenlink Technology Co.
The DH2100+ NAS is a two-drive network attached storage device designed for home and personal users. A command execution vulnerability exists in the Shenzhen Greenlink DH2100+ NAS, which can be exploited by attackers to remotely execute commands...
WordPress Plugin Quiz Maker Information Disclosure Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Quiz Maker, which stems...
Google Chrome Code Problem Vulnerability (CNVD-2025-29234)
Google Chrome is a web browser developed by Google. A security vulnerability exists in Google Chrome prior to version 142.0.7444.59, which stems from a flaw in the V8 engine's handling of object types. The vulnerability can be exploited by an attacker to trigger heap corruption via a specially...
Google Chrome Code Problem Vulnerability (CNVD-2025-29236)
Google Chrome is a web browser developed by Google. A security vulnerability exists in Google Chrome prior to version 142.0.7444.59, which stems from a flaw in the V8 engine's handling of object types. The vulnerability can be exploited by an attacker to trigger heap corruption via a specially...
Google Chrome Code Problem Vulnerability (CNVD-2025-29235)
Google Chrome is a web browser developed by Google. A security vulnerability exists in Google Chrome versions prior to 142.0.7444.59, which stems from a flaw in the V8 engine's handling of object types. The vulnerability can be exploited by an attacker to trigger heap corruption via a specially...
Google Chrome Code Problem Vulnerability (CNVD-2025-29232)
Google Chrome is a web browser developed by Google. A security vulnerability exists in Google Chrome versions prior to 142.0.7444.59, which stems from a flaw in the V8 engine's handling of object types. The vulnerability can be exploited by an attacker to trigger heap corruption via a specially...
Google Chrome code issue vulnerability (CNVD-2025-29233)
Google Chrome is a web browser developed by Google. A security vulnerability exists in Google Chrome versions prior to 142.0.7444.59, which stems from a flaw in the V8 engine's handling of object types. The vulnerability can be exploited by an attacker to trigger heap corruption via specially...
WordPress Code Snippets plugin code injection vulnerability
WordPress Code Snippets plugin is a plugin designed for WordPress to conveniently add and manage custom code snippets without having to directly modify the theme files. The WordPress Code Snippets plugin suffers from a code injection vulnerability that stems from the evaluateshortcodefromflatfile...
Fortinet FortiExtender Buffer Overflow Vulnerability
Fortinet FortiExtender is a wireless WAN wide area network extender device from Fortinet. The Fortinet FortiExtender suffers from a buffer overflow vulnerability that originates from buffer copying without checking the input size, which can be exploited by an attacker to cause an authenticated us...
School Fees Payment Management System /ajax.php?action=save_student file SQL injection vulnerability
School Fees Payment Management System is a tuition payment management system. The School Fees Payment Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter ID of the file...
Dell SmartFabric OS10 Software Code Injection Vulnerability
Dell SmartFabric OS10 Software is a Debian Linux-based operating system from Dell, USA. Dell SmartFabric OS10 Software suffers from a code injection vulnerability that can be exploited by an attacker to cause code execution...
Online Voting System /index.php File Code Problem Vulnerability
Online Voting System is an online voting system. Online Voting System has a code issue vulnerability that stems from a lack of validation of uploaded files in the page parameter of file /index.php. An attacker can exploit this vulnerability to upload malicious files...
Apache OpenOffice Security Bypass Vulnerability (CNVD-2025-29167)
Apache OpenOffice is an open source office software suite from the U.S. Apache Apache Foundation. The suite contains text documents , spreadsheets , presentations , drawings , databases and so on. A security bypass vulnerability exists in Apache OpenOffice, which can be exploited by an attacker t...
Apache OpenOffice Security Bypass Vulnerability
Apache OpenOffice is an open source office software suite from the U.S. Apache Apache Foundation. The suite contains text documents , spreadsheets , presentations , drawings , databases and so on. A security bypass vulnerability exists in Apache OpenOffice, which can be exploited by an attacker t...
Fortinet FortiClientWindows Access Control Error Vulnerability
Fortinet FortiClientWindows is a Windows-based mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. An Access Control Error vulnerabili...
WordPress Live sales notification for WooCommerce plugin missing authorization vulnerability
WordPress Live sales notification for WooCommerce plugin is a real-time sales notification tool designed for WooCommerce e-commerce platform, which displays recent purchases through pop-ups, and utilizes social proof to boost user trust and conversion rates. The WordPress Live sales notification...
WordPress Category and Product Woocommerce Tabs plugin file inclusion vulnerability
WordPress Category and Product Woocommerce Tabs plugin is a plugin for WordPress websites, the main function is to add custom tabs Tabs to WooCommerce product pages to organize and display product information, categories and other content. A file inclusion vulnerability exists in the WordPress...