130931 matches found
Newforma Project Center Server Open Redirect Vulnerability
Newforma Project Center Server is a project information management solution for the Architecture, Engineering and Construction AEC industry from Newforma for centralized storage and management of project documents and collaboration. An open redirection vulnerability exists in Newforma Project...
Newforma Project Center Server Information Disclosure Vulnerability (CNVD-2025-25476)
Newforma Project Center Server is a project information management solution for the Architecture, Engineering and Construction AEC industry from Newforma for centralized storage and management of project documents and collaboration. An information disclosure vulnerability exists in Newforma Proje...
LibreNMS Cross-Site Scripting Vulnerability
LibreNMS is an open source network monitoring system based on PHP and MySQL from the LibreNMS community. The system features customizable alerts, auto-discovery of the network environment and automatic updates. A cross-site scripting vulnerability exists in LibreNMS that stems from insufficient...
Newforma Project Center Server Cross-Site Scripting Vulnerability
Newforma Project Center Server is a project information management solution for the Architecture, Engineering and Construction AEC industry from Newforma for centralized storage and management of project documents and collaboration. Newforma Project Center suffers from a cross-site scripting...
Newforma Project Center Server Information Disclosure Vulnerability (CNVD-2025-25862)
Newforma Project Center Server is a project information management solution for the Architecture, Engineering and Construction AEC industry from Newforma for centralized storage and management of project documents and collaboration. An information IELTS vulnerability exists in Newforma Project...
Newforma Project Center Server Code Execution Vulnerability (CNVD-2025-25871)
Newforma Project Center Server is a project information management solution for the Architecture, Engineering and Construction AEC industry from Newforma for centralized storage and management of project documents and collaboration. A code execution vulnerability exists in Newforma Project Center...
Newforma Project Center Server Information Disclosure Vulnerability (CNVD-2025-25888)
Newforma Project Center Server is a project information management solution for the Architecture, Engineering and Construction AEC industry from Newforma for centralized storage and management of project documents and collaboration. An information disclosure vulnerability exists in Newforma Proje...
Delta Electronics ASDA-Soft Stack Buffer Overflow Vulnerability
Delta Electronics ASDA-Soft is an AC servo motor from Delta Electronics China. The Delta Electronics ASDA-Soft suffers from a stack buffer overflow vulnerability that is caused by incorrect boundary checking. An attacker could exploit the vulnerability to execute arbitrary code on the system or...
Delta Electronics ASDA-Soft Stack Buffer Overflow Vulnerability (CNVD-2025-26912)
Delta Electronics ASDA-Soft is an AC servo motor from Delta Electronics China. The Delta Electronics ASDA-Soft suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on a system or cause an application to crash...
Delta Electronics DIAScreen Out-of-Bounds Write Vulnerability (CNVD-2025-26898)
Delta Electronics DIAScreen is an intelligent desktop builder from Delta Electronics in China. An out-of-bounds write vulnerability exists in Delta Electronics DIAScreen, which can be exploited by an attacker to execute arbitrary code on the system or cause a system crash...
Delta Electronics DIAScreen Out-of-Bounds Write Vulnerability
Delta Electronics DIAScreen is an intelligent desktop builder from Delta Electronics in China. An out-of-bounds write vulnerability exists in Delta Electronics DIAScreen, which can be exploited by an attacker to execute code in the context of the current process...
IBM Transformation Extender Advanced Improper Access Control Vulnerability
IBM Transformation Extender Advanced A data transformation, validation and standardization tool software from International Business Machines Corporation. IBM Transformation Extender Advanced suffers from an Improper Access Control Vulnerability, no details of the vulnerability are available at...
IBM Transformation Extender Advanced Logout Without Disabling Session Vulnerability
IBM Transformation Extender Advanced A data transformation, validation and standardization tool software from International Business Machines Corporation. IBM Transformation Extender Advanced suffers from a Logout Without Disabling Session vulnerability, which can be exploited by an attacker to...
IBM Transformation Extender Advanced Weak Password Vulnerability
IBM Transformation Extender Advanced A data transformation, validation and standardization tool software from International Business Machines Corporation. IBM Transformation Extender Advanced suffers from a weak password vulnerability that stems from not requiring users to use strong passwords by...
Delta Electronics DIAScreen Out-of-Bounds Write Vulnerability (CNVD-2025-26897)
Delta Electronics DIAScreen is an intelligent desktop builder from Delta Electronics in China. An out-of-bounds write vulnerability exists in Delta Electronics DIAScreen, which can be exploited by an attacker to execute arbitrary code on the system or cause a system crash...
D-Link DIR-816A2 Buffer Overflow Vulnerability
The D-Link DIR-816A2 is a router from China's AUO D-Link. A buffer overflow vulnerability exists in the D-Link DIR-816A2 FWv1.10CNB05 version, which originates from the statuscheckpppoeuser parameter in the dirsetWanWifi function that fails to correctly validate the length and size of the input...
Newforma Project Center Server Information Disclosure Vulnerability
Newforma Project Center Server is a project information management solution for the Architecture, Engineering and Construction AEC industry from Newforma for centralized storage and management of project documents and collaboration. An information disclosure vulnerability exists in Newforma Proje...
Unspecified Vulnerability in HCL AION
HCL AION is an AI lifecycle management platform from HCL India. HCL AION has a security vulnerability which is caused due to missing security attributes in the encrypted session SSL cookie. No details of the vulnerability are provided at this time...
Unspecified Vulnerability in Newforma Project Center Server
Newforma Project Center Server is a project information management solution for the Architecture, Engineering and Construction AEC industry from Newforma for centralized storage and management of project documents and collaboration. A security vulnerability exists in Newforma Project Center Serve...
ZenML Input Validation Error Vulnerability
ZenML is an extensible open source MLOps framework from ZenML Open Source for creating portable, production-ready machine learning pipelines. An input validation error vulnerability exists in ZenML version 0.83.1, which stems from the failure of the PathMaterializer class to effectively detect...
Emlog Cross-Site Scripting Vulnerability (CNVD-2025-24787)
Emlog is a PHP and MySQL based CMS builder. Emlog 2.5.21 and previous versions of cross-site scripting vulnerability, the vulnerability stems from the lack of effective filtering and escaping of user-supplied data in the email template settings, an attacker can exploit this vulnerability by...
Newforma Project Center Server Code Execution Vulnerability
Newforma Project Center Server is a project information management solution for the Architecture, Engineering and Construction AEC industry from Newforma for centralized storage and management of project documents and collaboration. A code execution vulnerability exists in Newforma Project Center...
D-Link Nuclias Connect Directory Traversal Vulnerability
D-Link Nuclias Connect is a network management software from D-Link for centralized management of wireless access points APs, supporting multi-device remote control and reporting capabilities. A directory traversal vulnerability exists in D-Link Nuclias Connect, which stems from improper cleanup ...
Newforma Project Center Server Information Disclosure Vulnerability (CNVD-2025-25886)
Newforma Project Center Server is a project information management solution for the Architecture, Engineering and Construction AEC industry from Newforma for centralized storage and management of project documents and collaboration. Newforma Project Center Server suffers from an information...
OpenEXR has an unspecified vulnerability (CNVD-2025-24790)
OpenEXR is an open standard for high dynamic range image HDR file formats. A security vulnerability exists in versions prior to OpenEXR 8.0, which can be exploited by an attacker to cause heap memory corruption...
D-Link DI-7100G C1 Command Injection Vulnerability
The D-Link DI-7100G C1 is an enterprise-class router from D-Link, designed for small and medium-sized businesses. The D-Link DI-7100G C1 suffers from a command injection vulnerability that originates from the parameter iface in the file /mspinfo.htm?flag=qos that fails to correctly filter...
Unspecified Vulnerability in HCL AION (CNVD-2025-25409)
HCL AION is an AI lifecycle management platform from HCL India. HCL AION suffers from a security vulnerability that stems from a script whitelist configuration bypass and a misconfigured Content-Security-Policy header, which can be exploited by an attacker to cause cross-site scripting and other...
Opencast Cross-Site Scripting Vulnerability
Opencast is a live video support software for large-scale automated video capture, management and distribution from the Opencast organization. Opencast suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied dat...
SAMSUNG Notes out-of-bounds read vulnerability (CNVD-2025-24706)
SAMSUNG Notes is a software application from Samsung South Korea. It is used to provide a record function. SAMSUNG Notes suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to access out-of-bounds memory...
Unspecified Vulnerability in HCL MyXalytics
HCL MyXalytics is an analytics software product from HCL India. It is used for performing data analysis and other related tasks. A security vulnerability exists in HCL MyXalytics, which arises from loading third-party scripts without integrity checking or validation, and can be exploited by an...
Microsoft Azure Cache for Redis Enterprise Elevation of Privilege Vulnerability
Microsoft Azure Cache for Redis Enterprise is an in-memory caching service from Microsoft Corporation, USA. An elevation of privilege vulnerability exists in Microsoft Azure Cache for Redis Enterprise, which can be exploited by an attacker to gain elevated privileges on the system...
WordPress onOffice for WP-Websites plugin SQL Injection Vulnerability
WordPress onOffice for WP-Websites plugin is a WordPress plugin developed by onOfficeGmbH that is mainly used to integrate listings, addresses or forms from real estate management software such as onOffice into a WordPress website, supports shortcode flexible design and allows for Generate...
NVIDIA Display Driver Code Issue Vulnerability
NVIDIA Display Driver is a graphics card driver from NVIDIA. A security vulnerability exists in NVIDIA Display Driver, which can be exploited by attackers to cause denial of service, elevation of privilege, code execution, and data manipulation...
IBM Standards Processing Engine Deserialization Vulnerability
IBM Standards Processing Engine Ibm Transformation Extender Advanced is a document conversion software from International Business Machines IBM. Used to automatically convert and validate large amounts of data. IBM Standards Processing Engine suffers from a deserialization vulnerability that stem...
Newforma Project Center Server Security Bypass Vulnerability
Newforma Project Center Server is a project information management solution for the Architecture, Engineering and Construction AEC industry from Newforma for centralized storage and management of project documents and collaboration. A security bypass vulnerability exists in Newforma Project Cente...
SAMSUNG Notes Information Disclosure Vulnerability
SAMSUNG Notes is a software application from Samsung South Korea. It is used to provide a record function. SAMSUNG Notes has an information disclosure vulnerability that can be exploited by an attacker to access shared notes...
Devolutions Server Improper Certificate Validation Vulnerability
Devolutions Server is a security solution for managing privileged accounts and sessions, designed to help organizations centrally store and manage sensitive information such as passwords and credentials. Devolutions Server has an improper certificate validation vulnerability that originates from...
Adobe Animate heap buffer overflow vulnerability (CNVD-2025-24421)
Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. Adobe Animate suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause arbitrary code execution in the current user environment...
Delta Electronics DIAScreen Out-of-Bounds Write Vulnerability (CNVD-2025-26899)
Delta Electronics DIAScreen is an intelligent desktop builder from Delta Electronics in China. An out-of-bounds write vulnerability exists in Delta Electronics DIAScreen, which can be exploited by an attacker to execute arbitrary code on the system or cause a system crash...
WordPress External Login plugin Information Disclosure Vulnerability
The WordPress External Login plugin is mainly used to integrate WordPress login functionality with an external database system, allowing users to log in to the site directly through an external account. An information disclosure vulnerability exists in the WordPress External Login plugin, which...
WordPress Task Scheduler plugin server-side request forgery vulnerability
WordPress Task Scheduler plugin is mainly used to manage and optimize the timed tasks in WordPress such as update checking, cache cleaning, etc., common plugins include WP-Crontrol and WPCron. WordPress Task Scheduler plugin has a server-side request forgery vulnerability, the vulnerability stems...
SAMSUNG Notes Out-of-Bounds Write Vulnerability
SAMSUNG Notes is a software application from Samsung South Korea. It is used to provide a record function. SAMSUNG Notes suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to write to out-of-bounds memory...
WordPress Quick Featured Images plugin unsafe direct object reference vulnerability
WordPress Quick Featured Images plugin is a plugin for bulk editing and replacing featured images in WordPress. WordPress Quick Featured Images plugin suffers from an insecure direct object reference vulnerability that stems from the lack of validation of user control keys in the qfisetthumbnail...
IBM Planning Analytics Local Cross-Site Scripting Vulnerability
IBM Planning Analytics Local is a web-based local architecture from International Business Machines IBM. IBM Planning Analytics Local suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can be...
Newforma Project Center Server Code Execution Vulnerability
Newforma Project Center Server is a project information management solution for the Architecture, Engineering and Construction AEC industry from Newforma for centralized storage and management of project documents and collaboration. A code execution vulnerability exists in Newforma Project Center...
Newforma Project Center Server Directory Traversal Vulnerability
Newforma Project Center Server is a project information management solution for the Architecture, Engineering and Construction AEC industry from Newforma for centralized storage and management of project documents and collaboration. A directory traversal vulnerability exists in Newforma Project...
IBM Aspera Faspex Input Validation Error Vulnerability
IBM Aspera Faspex is an International Business Machines IBM solution for rapid global person-to-person document delivery and collaboration. IBM Aspera Faspex has an input validation error vulnerability that stems from improper API input validation, which can be exploited by an attacker to cause a...
SAMSUNG Notes out-of-bounds read vulnerability (CNVD-2025-24703)
SAMSUNG Notes is a software application from Samsung South Korea. It is used to provide a record function. SAMSUNG Notes suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to access out-of-bounds memory...
Unspecified Vulnerability in Mattermost (CNVD-2025-24795)
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a security vulnerability that can be exploited by an attacker to cause guest users to add arbitrary team members to their private channels via the...
HCL AION Information Disclosure Vulnerability (CNVD-2025-25461)
HCL AION is an AI lifecycle management platform from HCL India. HCL AION has an information disclosure vulnerability that can be exploited by attackers to cause unauthorized access...