Intel QAT Windows software out-of-bounds write vulnerability

Intel QAT Windows software refers to the collection of Intel® Data Protection and Compression Acceleration Technology software components that provide support for the Windows operating system. An out-of-bounds write vulnerability exists in Intel QAT Windows software that originates from an...

DELL PowerScale OneFS Encryption Issue Vulnerability

DELL PowerScale OneFS is Dell's horizontally scalable clustered file system designed to manage unstructured data and support enterprise-class storage capabilities. DELL PowerScale OneFS suffers from an encryption issue vulnerability that stems from the use of an insecure encryption algorithm, whi...

Adobe Pass Authentication Android SDK Incorrect Authorization Vulnerability

Adobe Pass Authentication Android SDK is a Java library for Android applications from the American company Audobee Adobe. The Adobe Pass Authentication Android SDK suffers from an incorrect authorization vulnerability that can be exploited by attackers to bypass security measures and gain...

Adobe Substance3D Stager Out-of-Bounds Read Vulnerability

Adobe Substance3D Stager is a set and rendering software for 3D scenes from the American company Audobee Adobe. Adobe Substance3D Stager suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute code in the context of the current user...

Adobe Substance3D Stager Integer Underflow Vulnerability

Adobe Substance3D Stager is a set and rendering software for 3D scenes from the American company Audobee Adobe. Adobe Substance3D Stager suffers from an integer underflow vulnerability that can be exploited by an attacker to cause arbitrary code to be executed in the current user's context...

Adobe Substance3D Stager Memory Misreference Vulnerability (CNVD-2025-29692)

Adobe Substance3D Stager is a set and rendering software for 3D scenes from the American company Audobee Adobe. A memory misreference vulnerability exists in Adobe Substance3D Stager, which can be exploited by an attacker to cause arbitrary code to be executed in the current user's context...

Adobe Photoshop Heap Buffer Overflow Vulnerability (CNVD-2025-29701)

Adobe Photoshop is a set of image processing software from the American company Audobee Adobe. Adobe Photoshop suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause arbitrary code to be executed in the context of the current user...

Adobe Illustrator on iPads Heap Buffer Overflow Vulnerability

Adobe Illustrator on iPad is a set of vector-based image creation software from the American company Audobee Adobe. A heap buffer overflow vulnerability exists in Adobe Illustrator on iPads, which can be exploited by an attacker to cause arbitrary code to be executed in the context of the current...

TOTOLINK A7000R Stack Buffer Overflow Vulnerability

TOTOLINK A7000R is a wireless router from China's Gion Electronics TOTOLINK that supports WiFi7 technology for home or small business network environments. The TOTOLINK A7000R suffers from a stack buffer overflow vulnerability that originates from the urldecode function's addEffect parameter...

ZOHO ManageEngine Applications Manager Command Injection Vulnerability

ZOHO ManageEngine Applications Manager is a set of IT operation and maintenance management solutions of the United States ZhuoHao ZOHO company. The product has application performance management, fault management, report generation and SLA management and other functions. A command injection...

ZOHO ManageEngine Exchange reporter Plus Cross-Site Scripting Vulnerability

ZOHO ManageEngine Exchange reporter Plus is a Web-based Microsoft Exchange reporting, auditing and monitoring software from ZOHO. A cross-site scripting vulnerability exists in ZOHO ManageEngine Exchange reporter Plus, which can be exploited by an attacker to create privileged accounts and gain...

ZOHO ManageEngine Exchange reporter Plus cross-site scripting vulnerability (CNVD-2025-29920)

ZOHO ManageEngine Exchange reporter Plus is a Web-based Microsoft Exchange reporting, auditing and monitoring software from ZOHO. A cross-site scripting vulnerability exists in Zoho ManageEngine Exchange Reporter Plus, which can be exploited by an attacker to create privileged accounts and gain...

ZOHO ManageEngine Exchange reporter Plus cross-site scripting vulnerability (CNVD-2025-29921)

ZOHO ManageEngine Exchange reporter Plus is a Web-based Microsoft Exchange reporting, auditing and monitoring software from ZOHO. A cross-site scripting vulnerability exists in ZOHO ManageEngine Exchange reporter Plus, which can be exploited by an attacker to create privileged accounts within the...

ZOHO ManageEngine OpManager Cross-Site Scripting Vulnerability (CNVD-2025-29925)

ZOHO ManageEngine OpManager is a comprehensive network monitoring software from ZOHO. It is used to manage routers, firewalls, servers, switches and printers. A cross-site scripting vulnerability exists in ZOHO ManageEngine OpManager, no detailed vulnerability details are available at this time...

Microsoft Excel Code Execution Vulnerability (CNVD-2025-29932)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

Microsoft Office Code Execution Vulnerability (CNVD-2025-29929)

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to execute...

Microsoft Excel Information Disclosure Vulnerability (CNVD-2025-29961)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. An information disclosure vulnerability exists in Microsoft Excel, which can be exploited by attackers to obtain sensitive information...

TOTOLINK A7000R urldecode function stack buffer overflow vulnerability

TOTOLINK A7000R is a wireless router from China's Gion Electronics TOTOLINK that supports WiFi7 technology for home or small business network environments. The TOTOLINK A7000R suffers from a stack buffer overflow vulnerability, which stems from the ssid parameter of the urldecode function failing...

Adobe Format Plugins Memory Misreference Vulnerability

Adobe Format Plugins is a format plug-in from the American company Audobee Adobe. Adobe Format Plugins suffers from a memory misreference vulnerability that can be exploited by attackers to cause memory exposure and information disclosure...

Mozilla Firefox and Firefox ESR Spoofing Vulnerability (CNVD-2025-28714)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser. A spoofing vulnerability exists in Mozilla Firefox and Firefox ESR, which can be exploited by attackers to conduct spoofing attacks...

Mozilla Firefox Buffer Overflow Vulnerability (CNVD-2025-28721)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a buffer overflow vulnerability caused by an incorrect boundary condition in the Graphics:WebGPU component, which can be exploited by an attacker to execute arbitrary code ...

ZOHO ManageEngine Exchange reporter Plus cross-site scripting vulnerability (CNVD-2025-29922)

ZOHO ManageEngine Exchange reporter Plus is a Web-based Microsoft Exchange reporting, auditing and monitoring software from ZOHO. A cross-site scripting vulnerability exists in ZOHO ManageEngine Exchange reporter Plus, which can be exploited by an attacker to create privileged accounts and gain...

Intel CIP Information Disclosure Vulnerability

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an information disclosure vulnerability that stems from a protection mechanism failure, which can be exploited by an attacker to cause information...

Mozilla Firefox and Firefox ESR Security Bypass Vulnerability (CNVD-2025-28668)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser. A security bypass vulnerability exists in Mozilla Firefox and Firefox ESR, which can be exploited by attackers to bypass security restrictions...

Logic flaw vulnerability in the multimedia integrated business display system of Beijing Shenzhou Vision Han Technology Co., Ltd. (CNVD-C-2025-852060)

Ltd. is a deep-rooted enterprise in the field of visualization. A logic flaw vulnerability exists in the multimedia integrated business display system of Beijing Divine Vision Han Technology Co. Ltd, which can be exploited by attackers to delete server files...

WordPress Plugin Add Multiple Marker Has Unspecified Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin Add Multiple Marker, which stems from a...

Intel CIP Improper Access Control Vulnerability (CNVD-2025-28482)

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an Improper Access Control vulnerability that can be exploited by an attacker to cause information disclosure...

Adobe Format Plugins Out-of-Bounds Read Vulnerability (CNVD-2025-28645)

Adobe Format Plugins is a format plug-in from the American company Audobee Adobe. Adobe Format Plugins suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to cause a memory information disclosure...

Tenda AC18 guestSsid Parameter Stack Buffer Overflow Vulnerability

Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 has a stack buffer overflow vulnerability, which originates from the /goform/WifiGuestSet interface guestSsid parameter fails to correctly...

Adobe Illustrator Heap Buffer Overflow Vulnerability (CNVD-2025-28651)

Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. A heap buffer overflow vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to cause arbitrary code execution in the current user environment...

WordPress Plugin Auto Amazon Links - Amazon Associates Affiliate Arbitrary File Read Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An arbitrary file read vulnerability exists in the WordPress plugin Auto Amazon Links - Amazon...

Adobe InCopy Memory Misreference Vulnerability (CNVD-2025-28655)

Adobe InCopy is a text editing software for creative writing from the American company Audobee Adobe. A memory misreference vulnerability exists in Adobe InCopy, which can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...

Intel Gaudi Resource Management Error Vulnerability

Intel Gaudi is a family of AI gas pedal chips developed by Intel subsidiary HabanaLabs and designed for deep learning training and inference tasks. Intel Gaudi suffers from a resource management error vulnerability that stems from uncontrolled resource consumption, which can be exploited by an...

Microsoft Excel Information Disclosure Vulnerability (CNVD-2025-29965)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. An information disclosure vulnerability exists in Microsoft Excel, which can be exploited by attackers to obtain sensitive information...

Intel CIP elevation of privilege vulnerability (CNVD-2025-28675)

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an elevation of privilege vulnerability that stems from an uncontrolled search path, which can be exploited by an attacker to cause elevation of...

Intel CIP Code Issue Vulnerability

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP has a code issue vulnerability that stems from an unrestricted upload of dangerous types of files, which can be exploited by attackers to cause data tampering...

WordPress Plugin Chart Expert Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress plugin Chart Expert, which stems...

Adobe Illustrator on iPad Integer Dive Vulnerability

Adobe Illustrator on iPad is a set of vector-based image creation software from the American company Audobee Adobe. Adobe Illustrator on iPad suffers from an integer sneak vulnerability that can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...

Adobe InDesign Desktop Heap Buffer Overflow Vulnerability

Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...

Adobe Format Plugins Heap Buffer Overflow Vulnerability

Adobe Format Plugins is a format plug-in from the American company Audobee Adobe. Adobe Format Plugins suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...

Adobe Format Plugins Heap Buffer Overflow Vulnerability (CNVD-2025-28639)

Adobe Format Plugins is a format plug-in from the American company Audobee Adobe. Adobe Format Plugins suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...

Adobe Format Plugins Out-of-Bounds Read Vulnerability

Adobe Format Plugins is a format plug-in from the American company Audobee Adobe. Adobe Format Plugins suffers from an out-of-bounds read vulnerability that could be exploited by an attacker to cause code execution in the current user's environment...

Adobe Format Plugins Out-of-Bounds Read Vulnerability (CNVD-2025-28641)

Adobe Format Plugins is a format plug-in from the American company Audobee Adobe. Adobe Format Plugins suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to disclose sensitive information stored in memory...

Adobe Format Plugins Out-of-Bounds Read Vulnerability (CNVD-2025-28642)

Adobe Format Plugins is a format plug-in from the American company Audobee Adobe. Adobe Format Plugins suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to cause the disclosure of sensitive information in memory...

Adobe Format Plugins Out-of-Bounds Read Vulnerability (CNVD-2025-28643)

Adobe Format Plugins is a format plug-in from the American company Audobee Adobe. Adobe Format Plugins suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to cause the disclosure of sensitive information in memory...

Adobe Format Plugins Out-of-Bounds Read Vulnerability (CNVD-2025-28644)

Adobe Format Plugins is a format plug-in from the American company Audobee Adobe. Adobe Format Plugins suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to cause the disclosure of sensitive information in memory...

Adobe Illustrator on iPad Heap Buffer Overflow Vulnerability

Adobe Illustrator on iPad is a set of vector-based image creation software from the American company Audobee Adobe. A heap buffer overflow vulnerability exists in Adobe Illustrator on iPad, which can be exploited by an attacker to cause arbitrary code execution in the current user environment...

WordPress age-restriction plugin missing authorization vulnerability

The WordPress age-restriction plugin is a plugin used to add age verification functionality to a WordPress website, the main purpose of which is to restrict access to certain content or features to users who have not reached a specific age. The WordPress age-restriction plugin suffers from a lack...

Intel CIP elevation of privilege vulnerability (CNVD-2025-28672)

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an elevation of privilege vulnerability that stems from improper external control of filenames or paths, and no details of the vulnerability are...

Intel CIP elevation of privilege vulnerability (CNVD-2025-28674)

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an elevation of privilege vulnerability that stems from a protection mechanism failure, which can be exploited by an attacker to cause an elevation...