131179 matches found
D-Link DIR600L formLanSetupRouterSettings Function Buffer Overflow Vulnerability
D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...
D-Link DIR600L formAdvNetwork Function Buffer Overflow Vulnerability
D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...
D-Link DIR600L formSetEasy_Wizard Function Buffer Overflow Vulnerability
D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. A buffer overflow vulnerability exists in the D-Link DIR600L, which is caused by the...
Google Chrome Out-of-Bounds Read Vulnerability
Google Chrome is a web browser developed by Google Inc. Google Chrome suffers from an out-of-bounds read vulnerability that stems from an out-of-bounds read issue in the Media component. An attacker can exploit this vulnerability to perform out-of-bounds memory access via a carefully constructed...
Google Chrome on Android Omnibox Improperly Implemented Vulnerability
Google Chrome on Android is a mobile browser from Google, optimized for Android devices, offering fast browsing, smart search, privacy protection and cross-device syncing. Google Chrome on Android suffers from an Omnibox mal-implementation vulnerability that can be exploited by attackers to cause...
WordPress Plugin Quickcreator Information Disclosure Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Quickcreator, which stem...
JeecgBoot Path Traversal Vulnerability
JeecgBoot is a low-code development platform that fuses code generation and AI applications to help organizations rapidly achieve low-code development and build AI applications. JeecgBoot has a path traversal vulnerability that stems from a path traversal vulnerability in the interface...
Google Chrome Reuse After Release Vulnerability
Google Chrome is a web browser developed by Google Inc. Google Chrome suffers from a post-release reuse vulnerability that can be exploited by an attacker to perform out-of-bounds memory access via a carefully constructed HTML page...
D-Link DIR600L formTcpipSetup Function Buffer Overflow Vulnerability
D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...
Dell Storage Manager XML External Entity References Improperly Restricted Vulnerability
Dell Storage Manager is a centralized storage management tool from Dell that is used to manage storage devices such as SC Series, PS Series and FluidFS, providing unified monitoring, configuration and replication capabilities. An XML External Entity Reference Improper Restriction vulnerability...
Unspecified Vulnerability in ISC BIND 9 (CNVD-2025-26736)
ISC BIND 9 is a domain name system software from the ISC organization. A security vulnerability exists in ISC BIND 9, which arises from an overly lax acceptance of response records, and can be exploited by an attacker to cause forged data to be injected into the cache...
Unspecified Vulnerability in ISC BIND 9
ISC BIND 9 is a domain name system software from the ISC organization. A security vulnerability exists in ISC BIND 9 that stems from a weakness in the pseudo-random number generator, which can be exploited by an attacker to cause prediction of source ports and query IDs...
ISC BIND 9 Denial of Service Vulnerability
ISC BIND 9 is a domain name system software from the ISC organization. A denial of service vulnerability exists in ISC BIND 9, which arises from improper resource consumption when processing malformed DNSKEY records in specially crafted zones, and can be exploited by an attacker to cause CPU...
Dell Storage Manager Improper Authentication Vulnerability
Dell Storage Manager is a centralized storage management tool from Dell that is used to manage storage devices such as SC Series, PS Series and FluidFS, providing unified monitoring, configuration and replication capabilities. An improper authentication vulnerability exists in Dell Storage Manage...
Microsoft Azure Event Grid System Access Control Error Vulnerability
Microsoft Azure Event Grid System is a fully managed event routing service system from Microsoft Corporation, USA. The Microsoft Azure Event Grid System is vulnerable to an access control error vulnerability that stems from improper access control and could lead to elevation of privilege. An...
WordPress Cinza Grid plugin cross-site scripting vulnerability
WordPress Cinza Grid plugin is a lightweight WordPress plugin based on Isotope Waterfall Layout for creating responsive grid layouts that support the presentation of posts, pages or custom content types. WordPress Cinza Grid plugin suffers from a cross-site scripting vulnerability that stems from...
WordPress Clanora plugin file upload vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A file upload vulnerability exists in the WordPress Clanora plugin that stems from the application's lack of effective validation of uploaded files. The vulnerability can be...
WordPress plugin easy-post-submission information disclosure vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin easy-post-submission,...
Tenda AC6 AdvSetMacMtuWan function buffer overflow vulnerability
The Tenda AC6 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda AC6 version 15.03.06.50, which originates from the AdvSetMacMtuWan function failing to correctly validate the length of the input data, and can be exploited by an attacker to execute...
WordPress Calendar Plus plugin cross-site scripting vulnerability
WordPress Calendar Plus plugin is a calendar plugin for WordPress to create and manage event calendars. WordPress Calendar Plus plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can be...
WordPress AnyComment plugin SQL Injection Vulnerability
WordPress AnyComment plugin is a WordPress comment plugin based on React development, focusing on simplicity and speed. It provides basic commenting functionality and supports seamless migration from other plugins e.g. Jetpack, wpDiscuz, etc. and can be supported through GitHub or VK community...
WordPress Captivate Sync plugin deserialization vulnerability
WordPress Captivate Sync plugin is a WordPress plugin developed by Captivate, which belongs to RebelBaseMedia's products and is mainly used to simplify the Podcast management process. WordPress Captivate Sync plugin suffers from a deserialization vulnerability that stems from unsafe deserializati...
Tenda AC6 DhcpListClient Function Buffer Overflow Vulnerability
The Tenda AC6 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda AC6 version 15.03.06.50, which originates from the failure of the page parameter in the DhcpListClient function to correctly validate the length of the input data, and can be exploit...
WordPress All in One Time Clock Lite plugin unsafe direct object reference vulnerability
WordPress All in One Time Clock Lite plugin is a plugin for tracking employee attendance and supports employee/volunteer/contractor punch record management. The WordPress All in One Time Clock Lite plugin suffers from an insecure direct object reference vulnerability that stems from the applicati...
WordPress Advanced Coupons for WooCommerce Coupons plugin SQL Injection Vulnerability
WordPress Advanced Coupons for WooCommerce Coupons plugin is a free plugin designed for WooCommerce to enhance e-commerce marketing by extending coupon functionality. WordPress Advanced Coupons for WooCommerce Coupons plugin suffers from a SQL injection vulnerability that stems from the...
WordPress AppExperts plugin information disclosure vulnerability
WordPress AppExperts plugin is a plugin for converting WordPress websites to iOS and Android mobile apps, with support for converting WooCommerce e-commerce platform features. WordPress AppExperts plugin suffers from an information disclosure vulnerability that originates from the insertion of...
WordPress Buddypress Plugin Missing Authorization Vulnerability
WordPress Buddypress Plugin is an open source social networking plugin developed by Automattic the parent company of WordPress for converting WordPress websites into fully functional social platforms. WordPress Buddypress Plugin suffers from a lack of authorization vulnerability, no details of th...
WordPress Plugin WP Gmail SMTP Message Leakage Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin WP Gmail SMTP, which...
WordPress Plugin Accordion Missing Authorization Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A lack of authorization vulnerability exists in the WordPress plugin Accordion, which can be...
WordPress Plugin Academy LMS Elevation of Privilege Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An elevation of privilege vulnerability exists in the WordPress plugin Academy LMS due to the...
WordPress Plugin Captcha.eu Server-Side Request Forgery Attack Vulnerability
WordPress Plugin Captcha.eu is a CAPTCHA plugin for the WordPress platform, which is mainly used to prevent bots from attacking and is also compliant with GDPR General Data Protection Regulation. WordPress Plugin Captcha.eu suffers from a server-side request forgery attack vulnerability that stem...
WordPress Contact Form by Supsystic plugin cross-site scripting vulnerability
WordPress Contact Form by Supsystic plugin is a WordPress plugin for creating contact forms with drag-and-drop editing support that can be used without programming basics. The WordPress Contact Form by Supsystic plugin suffers from a cross-site scripting vulnerability that stems from the...
WordPress Plugin Simple Job Board Information Disclosure Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Simple Job Board, which...
TOTOLINK N600R setWiFiBasicConfig function stack buffer overflow vulnerability
TOTOLINK N600R is a dual-band wireless router launched by Korean brand TOTOLINK in 2013, which supports 2.4GHz and 5GHz dual-band concurrency with a maximum wireless transmission rate of 300Mbps. The TOTOLINK N600R suffers from a stack buffer overflow vulnerability, which stems from the failure o...
WordPress CF7 Auto Responder Addon plugin cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress CF7 Auto Responder Addon plugin, which stems from the application's lack of effective filtering and escaping of...
WordPress Plugin Acknowledgify Missing Authorization Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A lack of...
WordPress Blockspare plugin sensitive information insertion vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. The WordPress Blockspare plugin suffers from a sensitive information insertion vulnerability that originates from inserting sensitive information in sent data, which can be...
WordPress Boldermail plugin deserialization vulnerability
The WordPress Boldermail plugin is an email marketing and automation platform designed specifically for WordPress, allowing users to manage subscribers, design email templates and create automated workflows directly in the WordPress backend. WordPress Boldermail plugin suffers from a...
WordPress Plugin MasterStudy LMS Information Disclosure Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin MasterStudy LMS, which...
WordPress Billey plugin file inclusion vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A file inclusion vulnerability exists in the WordPress Billey plugin, which stems from improper control over the filename of include or require statements, and can be exploited ...
WordPress Breeze Checkout Plugin Missing Authorization Vulnerability
WordPress Breeze Checkout Plugin is a free and open source caching plugin developed by Cloudways, mainly used to optimize the loading speed and performance of WordPress websites. WordPress Breeze Checkout Plugin suffers from a lack of authorization vulnerability that stems from a lack of...
WordPress plugin Addison deserialization vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A deserialization vulnerability exists in the WordPress plugin Addison, which arises from unsaf...
Tenda AC6 SetClientState function buffer overflow vulnerability
The Tenda AC6 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda AC6 version 15.03.06.50, which is caused by the SetClientState function failing to properly validate the length of the input data, and can be exploited by an attacker to execute...
Tenda AC6 SetSpeedWan Function Buffer Overflow Vulnerability
The Tenda AC6 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda AC6 version 15.03.06.50, which is caused by the speeddir parameter in the SetSpeedWan function failing to properly validate the length of the input data, and can be exploited by an...
Tenda AC6 fast_setting_wifi_set function stack buffer overflow vulnerability
Tenda AC6 is a dual-band wireless router from Tenda, designed for 100 Gigabit fiber optic home users. The Tenda AC6 suffers from a stack buffer overflow vulnerability, which originates from the ssid parameter in the fastsettingwifiset function failing to properly validate the length of the input...
WordPress Child Themes plugin cross-site scripting vulnerability
WordPress Child Themes plugin is mainly used to simplify the creation and management of child themes, through automation tools to help users quickly generate child themes based on the parent theme. A cross-site scripting vulnerability exists in the WordPress Child Themes plugin, which stems from...
Tenda AC6 openSchedWifi function buffer overflow vulnerability
The Tenda AC6 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda AC6 version 15.03.06.50, which is caused by the openSchedWifi function failing to properly validate the length of the input data, and can be exploited by an attacker to execute...
Tenda AC6 addressNat function stack buffer overflow vulnerability
Tenda AC6 is a dual-band wireless router from Tenda, designed for 100 Gigabit fiber optic home users. The Tenda AC6 suffers from a stack buffer overflow vulnerability, which originates from the page parameter in the addressNat function failing to properly validate the length of the input data,...
WordPress bbPress Notify plugin cross-site scripting vulnerability
WordPress bbPress Notify plugin is a notification plugin designed for WordPress forum plugin bbPress to replace the default subscription system and provide more flexible and personalized email updates. WordPress bbPress Notify plugin suffers from a cross-site scripting vulnerability that stems fr...
TOTOLINK N600R sub_41773C function null pointer dereference vulnerability
TOTOLINK N600R is a dual-band wireless router launched by Korean brand TOTOLINK in 2013, which supports 2.4GHz and 5GHz dual-band concurrency with a maximum wireless transmission rate of 300Mbps. The TOTOLINK N600R suffers from a null pointer dereference vulnerability, which stems from the presen...