131179 matches found
Ivanti Endpoint Manager Privilege Issues Vulnerability
Ivanti Endpoint Manager is a comprehensive endpoint management solution developed by Ivanti to unify the management of all types of devices in an enterprise network, including Windows, macOS, Linux, ChromeOS, mobile devices and IoT devices. Ivanti Endpoint Manager suffers from a privilege issue...
Tenda AC18 ssid parameter cross-site scripting vulnerability
Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 suffers from a cross-site scripting vulnerability, which stems from the lack of effective filtering and escaping of user-supplied data by th...
Tenda AX-1803 SetSysTimeCfg function stack buffer overflow vulnerability
Tenda AX-1803 is a dual-band Gigabit WiFi6 wireless router from Tenda that supports dual bands of 2.4GHz and 5GHz with a maximum transmission rate of 1774Mbps for home or small office scenarios. The Tenda AX-1803 suffers from a stack buffer overflow vulnerability that originates from the time...
TOTOLINK A7000R Stack Buffer Overflow Vulnerability
TOTOLINK A7000R is a wireless router from China's Gion Electronics TOTOLINK that supports WiFi7 technology for home or small business network environments. The TOTOLINK A7000R suffers from a stack buffer overflow vulnerability that originates from the urldecode function's addEffect parameter...
TOTOLINK A7000R urldecode function stack buffer overflow vulnerability
TOTOLINK A7000R is a wireless router from China's Gion Electronics TOTOLINK that supports WiFi7 technology for home or small business network environments. The TOTOLINK A7000R suffers from a stack buffer overflow vulnerability, which stems from the ssid parameter of the urldecode function failing...
Adobe Format Plugins Out-of-Bounds Read Vulnerability (CNVD-2025-28641)
Adobe Format Plugins is a format plug-in from the American company Audobee Adobe. Adobe Format Plugins suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to disclose sensitive information stored in memory...
WordPress Asgaros Forum plugin cross-site request forgery vulnerability
WordPress Asgaros Forum plugin is a lightweight forum plugin designed for WordPress that supports the rapid creation and management of forum pages, providing basic posting, replying, user management and other functions. The WordPress Asgaros Forum plugin suffers from a cross-site request forgery...
SAP Business Connector Path Traversal Vulnerability
SAP Business Connector is a middleware from SAP, Germany. SAP Business Connector suffers from a path traversal vulnerability that can be exploited by an attacker to traverse directories on the system to read, write, overwrite, and delete arbitrary files on the host system...
Adobe InCopy Heap Buffer Overflow Vulnerability
Adobe InCopy is a text editing software for creative writing from the American company Audobee Adobe. Adobe InCopy suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause arbitrary code execution in the current user environment...
Intel CIP Input Validation Error Vulnerability
Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an input validation error vulnerability that stems from improper input validation, which can be exploited by an attacker to cause information...
Adobe Illustrator Out-of-Bounds Write Vulnerability (CNVD-2025-28652)
Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. An out-of-bounds write vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...
Intel CIP Input Validation Error Vulnerability (CNVD-2025-28678)
Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an input validation error vulnerability that stems from improper input validation, which can be exploited by an attacker to cause elevation of...
Mozilla Firefox Code Execution Vulnerability (CNVD-2025-28720)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a code execution vulnerability that originates from a compilation error in the JIT component of the JavaScript Engine, which can be exploited by an attacker to execute...
Adobe Format Plugins Heap Buffer Overflow Vulnerability (CNVD-2025-28639)
Adobe Format Plugins is a format plug-in from the American company Audobee Adobe. Adobe Format Plugins suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...
Adobe InDesign Memory Misreference Vulnerability (CNVD-2025-29698)
Adobe InDesign is a set of layout and editing applications from the American company Audobee Adobe. Adobe InDesign suffers from a memory misreference vulnerability that can be exploited by an attacker to cause arbitrary code to be executed in the context of the current user...
Intel CIP Information Disclosure Vulnerability (CNVD-2025-28673)
Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an information disclosure vulnerability that stems from mismanagement of privileges, which can be exploited by an attacker to cause information...
WordPress age-restriction plugin missing authorization vulnerability
The WordPress age-restriction plugin is a plugin used to add age verification functionality to a WordPress website, the main purpose of which is to restrict access to certain content or features to users who have not reached a specific age. The WordPress age-restriction plugin suffers from a lack...
Adobe Format Plugins Out-of-Bounds Read Vulnerability (CNVD-2025-28645)
Adobe Format Plugins is a format plug-in from the American company Audobee Adobe. Adobe Format Plugins suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to cause a memory information disclosure...
Unauthorized Access Vulnerability in Ruiyou Tianyi Application Virtualization System of Xi'an Ruiyou Information Technology Information Co.
Ruiyou Tianyi Application Virtualization System is a domestic application virtualization platform with independent intellectual property rights, which is based on Server-based Computing. Xi'an Ruiyou Information Technology Co., Ltd. Ruiyou Tianyi Application Virtualization System has an...
WordPress Coon Maps plugin cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress Coon Maps plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data,...
Intel CIP Improper Access Control Vulnerability (CNVD-2025-28482)
Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an Improper Access Control vulnerability that can be exploited by an attacker to cause information disclosure...
Logic flaw vulnerability in the multimedia integrated business display system of Beijing Shenzhou Vision Han Technology Co., Ltd. (CNVD-C-2025-852060)
Ltd. is a deep-rooted enterprise in the field of visualization. A logic flaw vulnerability exists in the multimedia integrated business display system of Beijing Divine Vision Han Technology Co. Ltd, which can be exploited by attackers to delete server files...
Adobe Illustrator on iPads Heap Buffer Overflow Vulnerability
Adobe Illustrator on iPad is a set of vector-based image creation software from the American company Audobee Adobe. A heap buffer overflow vulnerability exists in Adobe Illustrator on iPads, which can be exploited by an attacker to cause arbitrary code to be executed in the context of the current...
Unspecified Vulnerability in Rockwell Automation DataMosaix Private Cloud
Rockwell Automation DataMosaix Private Cloud is an industrial DataOps solution from Rockwell Automation, Inc. It is used to simplify and control access to relevant, reliable and contextualized data. A security vulnerability exists in Rockwell Automation DataMosaix Private Cloud that can be...
Adobe Photoshop Heap Buffer Overflow Vulnerability (CNVD-2025-29701)
Adobe Photoshop is a set of image processing software from the American company Audobee Adobe. Adobe Photoshop suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause arbitrary code to be executed in the context of the current user...
Tenda AX-1803 sub_4F55C function stack buffer overflow vulnerability
Tenda AX-1803 is a dual-band Gigabit WiFi6 wireless router from Tenda that supports dual bands of 2.4GHz and 5GHz with a maximum transmission rate of 1774Mbps for home or small office scenarios. The Tenda AX-1803 suffers from a stack buffer overflow vulnerability that originates from the wanMTU...
Adobe InDesign Desktop Heap Buffer Overflow Vulnerability (CNVD-2025-28657)
Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...
Adobe InCopy Memory Misreference Vulnerability (CNVD-2025-28655)
Adobe InCopy is a text editing software for creative writing from the American company Audobee Adobe. A memory misreference vulnerability exists in Adobe InCopy, which can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...
Adobe Illustrator on iPad Integer Dive Vulnerability
Adobe Illustrator on iPad is a set of vector-based image creation software from the American company Audobee Adobe. Adobe Illustrator on iPad suffers from an integer sneak vulnerability that can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...
Adobe Illustrator on iPad Out-of-Bounds Write Vulnerability
Adobe Illustrator on iPad is a set of vector-based image creation software from the American company Audobee Adobe. An out-of-bounds write vulnerability exists in Adobe Illustrator on iPad, which can be exploited by an attacker to cause arbitrary code execution in the current user environment...
Intel Gaudi Resource Management Error Vulnerability
Intel Gaudi is a family of AI gas pedal chips developed by Intel subsidiary HabanaLabs and designed for deep learning training and inference tasks. Intel Gaudi suffers from a resource management error vulnerability that stems from uncontrolled resource consumption, which can be exploited by an...
Intel CIP elevation of privilege vulnerability (CNVD-2025-28674)
Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an elevation of privilege vulnerability that stems from a protection mechanism failure, which can be exploited by an attacker to cause an elevation...
Adobe Substance3D Stager Memory Misreference Vulnerability (CNVD-2025-29692)
Adobe Substance3D Stager is a set and rendering software for 3D scenes from the American company Audobee Adobe. A memory misreference vulnerability exists in Adobe Substance3D Stager, which can be exploited by an attacker to cause arbitrary code to be executed in the current user's context...
Adobe Format Plugins Out-of-Bounds Read Vulnerability (CNVD-2025-28644)
Adobe Format Plugins is a format plug-in from the American company Audobee Adobe. Adobe Format Plugins suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to cause the disclosure of sensitive information in memory...
Rockwell Automation Studio 5000 Simulation Interface Code Execution Vulnerability
Rockwell Automation Studio 5000 Simulation Interface is a simulation modeling tool from Rockwell Automation. A code execution vulnerability exists in Rockwell Automation Studio 5000 Simulation Interface, which can be exploited by an attacker to cause scripts to be executed with administrator...
Mozilla Firefox and Firefox ESR Buffer Overflow Vulnerability (CNVD-2025-28717)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser. Mozilla Firefox and Firefox ESR suffer from a buffer overflow vulnerability that stems from an incorrect boundary condition in a JavaScript WebAssembly component, which can be...
Mozilla Firefox Buffer Overflow Vulnerability (CNVD-2025-28721)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a buffer overflow vulnerability caused by an incorrect boundary condition in the Graphics:WebGPU component, which can be exploited by an attacker to execute arbitrary code ...
Adobe Illustrator on iPad Integer Dive Vulnerability (CNVD-2025-28650)
Adobe Illustrator on iPad is a set of vector-based image creation software from the American company Audobee Adobe. Adobe Illustrator on iPad suffers from an integer sneak vulnerability that can be exploited by an attacker to cause arbitrary code execution in the current user environment...
Microsoft Visual Studio Remote Code Execution Vulnerability (CNVD-2025-29343)
Microsoft Visual Studio is a family of development toolkits from Microsoft Corporation in the United States and is a fundamentally complete set of development tools. A remote code execution vulnerability exists in Microsoft Visual Studio, which can be exploited by an attacker to execute code on t...
SQL Injection Vulnerability in Remote Medical Comprehensive Service Platform of Beijing Divine Vision Han Technology Co. Ltd (CNVD-C-2025-848882)
Ltd. is a deep-rooted enterprise in the field of visualization. A SQL injection vulnerability exists in the remote medical integrated service platform of Beijing Shenzhou Vision Han Technology Co. Ltd, which can be exploited by attackers to obtain sensitive information from the database...
WordPress Asgaros Forum plugin SQL Injection Vulnerability
WordPress Asgaros Forum plugin is a lightweight forum plugin designed specifically for WordPress to support the rapid creation and management of forum pages, providing basic posting, replying, user management and other functions. WordPress Asgaros Forum plugin suffers from a SQL injection...
WordPress Mang Board plugin cross-site scripting vulnerability
WordPress Mang Board plugin is a WordPress plugin that is mainly used to create and manage forum boards or discussion boards. WordPress Mang Board plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied...
IBM Db2 Denial of Service Vulnerability (CNVD-2025-29177)
IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM Db2, which can be exploited by an attacker to cause a...
Google Chrome Input Validation Error Vulnerability
Google Chrome is a free web browser developed by Google Inc. Google Chrome suffers from an input validation error vulnerability that stems from insufficient validation of untrustworthy input in Devtools, which can be exploited by an attacker to execute arbitrary code...
WordPress LC Wizard plugin elevation of privilege vulnerability
WordPress LC Wizard plugin is a plugin with security vulnerabilities. WordPress LC Wizard plugin has an elevation of privilege vulnerability that stems from a missing capability check in the ghl-wizard/inc/wpuser.php file, which can be exploited by an attacker to cause an elevation of privilege...
QNAP File Station 5 Unlimited or Unthrottled Resource Allocation Vulnerability (CNVD-2025-30284)
QNAP File Station 5 is a core file management application developed by Qualcomm Technologies QNAP for its networked storage NAS devices. QNAP File Station 5 suffers from an Unlimited Resource Allocation or Throttling vulnerability, which can be exploited by an attacker to prevent other systems,...
QNAP File Station 5 Unlimited or Unthrottled Resource Allocation Vulnerability
QNAP File Station 5 is a core file management application developed by Qualcomm Technologies QNAP for its networked storage NAS devices. QNAP File Station 5 suffers from an Unlimited Resource Allocation or Throttling vulnerability that can be exploited by an attacker to cause resource access to b...
Google Chrome Permissions Improperly Implemented Vulnerability
Google Chrome is a free web browser developed by Google Inc. Google Chrome suffers from a Permission Misimplementation Vulnerability, no details of the vulnerability are provided at this time...
QNAP File Station 5 Unlimited or Unthrottled Resource Allocation Vulnerability (CNVD-2025-30286)
QNAP File Station 5 is a core file management application developed by Qualcomm Technologies QNAP for its networked storage NAS devices. QNAP File Station 5 suffers from an Unlimited or Unthrottled Resource Allocation vulnerability, which can be exploited by an attacker to prevent other systems,...
Unspecified Vulnerability in IBM Db2 (CNVD-2025-29179)
IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A security vulnerability exists in IBM Db2 that can be exploited by an attacker to regain access after ...