131179 matches found
Adobe Commerce Cross-Site Scripting Vulnerability (CNVD-2025-24163)
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of...
Adobe Commerce Security Bypass Vulnerability (CNVD-2025-24198)
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which could be exploited by an attacker to bypass security measures and gain unauthorized read...
UTT HiPER 2620G Buffer Overflow Vulnerability
The UTT HiPER 2620G is an enterprise-class router from Atech Technology UTT designed for small and medium-sized businesses, schools, or Internet cafes in scenarios that require multi-line access and network control. The UTT HiPER 2620G suffers from a buffer overflow vulnerability that originates...
Ivanti Endpoint Manager Path Traversal Vulnerability
Ivanti Endpoint Manager is a comprehensive endpoint management solution developed by Ivanti to unify the management of all types of devices in an enterprise network, including Windows, macOS, Linux, ChromeOS, mobile devices and IoT devices. A path traversal vulnerability exists in Ivanti Endpoint...
Adobe Connect Cross-Site Scripting Vulnerability (CNVD-2025-24203)
Adobe Connect is a software for creating meeting environments from the American company Audobee Adobe. Adobe Connect suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input. An attacker could exploit the vulnerability to steal the victim's...
F5 BIG-IP TMM Module Denial of Service Vulnerability
5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. A denial-of-service vulnerability exists in the TMM module of the BIG-IP system, which arises because undisclosed traffic could...
Centreon has an unspecified vulnerability (CNVD-2025-24647)
Centreon is a set of open source system monitoring tools from France's Centreon. The product mainly provides monitoring functions for resources such as network, system and application programs. Centreon has a security vulnerability that can be exploited by attackers to execute arbitrary Web scrip...
Microsoft Excel Information Disclosure Vulnerability (CNVD-2025-24401)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. An information disclosure vulnerability exists in Microsoft Excel, which can be exploited by attackers to obtain sensitive information...
Adobe Commerce Security Bypass Vulnerability (CNVD-2025-24199)
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which could be exploited by an attacker to bypass security measures and maintain unauthorized...
F5 BIG-IP Next TMM Memory Resource Management Vulnerability
F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. A memory resource management vulnerability exists in the TMM module of BIG-IP Next. The vulnerability arises because after...
Adobe Commerce Cross-Site Scripting Vulnerability (CNVD-2025-24201)
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce suffers from a cross-site scripting vulnerability that can be exploited by an attacker to steal a victim's cookie-based authentication...
Adobe Commerce Security Bypass Vulnerability (CNVD-2025-24200)
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which could be exploited by an attacker to bypass security measures and gain unauthorized...
Microsoft Exchange Server Elevation of Privilege Vulnerability (CNVD-2025-26717)
Microsoft Exchange Server is the United States Microsoft Microsoft company's set of e-mail service program. It provides e-mail access, storage, forwarding, voice mail, e-mail filtering and screening. An elevation of privilege vulnerability exists in Microsoft Exchange Server, which can be exploit...
UTT Progressive 518G Buffer Overflow Vulnerability
The UTT Progress 518G is an enterprise-class router designed for small and medium-sized business office environments, focusing on multi-WAN port access and stable performance. UTT Enterprise 518G suffers from a buffer overflow vulnerability, which originates from the parameter Profile in the file...
Centreon has an unspecified vulnerability (CNVD-2025-24172)
Centreon is a set of open source system monitoring tools from France's Centreon. The product mainly provides monitoring functions for resources such as network, system and application programs. Centreon has a security vulnerability that can be exploited by attackers to execute arbitrary Web scrip...
Unspecified Vulnerability in Microsoft Azure (CNVD-2025-24645)
Microsoft Azure is a set of open, enterprise-grade cloud computing platforms from the U.S.-based Microsoft. Microsoft Azure has a security vulnerability that can be exploited by an attacker who can elevate privileges...
Microsoft Office Code Execution Vulnerability (CNVD-2025-24399)
Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to execute...
Ivanti Endpoint Manager Deserialization Vulnerability
Ivanti Endpoint Manager is a comprehensive endpoint management solution developed by Ivanti to unify the management of all types of devices in an enterprise network, including Windows, macOS, Linux, ChromeOS, mobile devices and IoT devices. Ivanti Endpoint Manager suffers from a deserialization...
ASUS Armoury Crate Improper Link Following Vulnerability
ASUS Armoury Crate is a utility software developed by ASUS to centrally control and manage ROG Gamerland and some ASUS gaming products. ASUS Armoury Crate suffers from a link following improper vulnerability that can be exploited by an attacker to cause a local elevation of privilege...
F5 BIG-IP Elevation of Privilege Vulnerability
F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. An elevation of privilege vulnerability exists in the BIG-IP's iControl REST and TMOS Shell tmsh modules. The vulnerability...
F5 BIG-IP ePVA Denial of Service Vulnerability
F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. A denial-of-service vulnerability exists in the ePVA module of BIG-IP. The vulnerability arises due to undisclosed traffic tha...
Microsoft Office Visio Code Execution Vulnerability (CNVD-2026-00030)
Microsoft Office Visio is a U.S. Microsoft Microsoft Office software series responsible for drawing flowcharts and schematic diagrams in the software. A code execution vulnerability exists in Microsoft Office Visio, which can be exploited by an attacker to execute arbitrary code on a system...
Microsoft SharePoint Remote Code Execution Vulnerability (CNVD-2025-24451)
Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A remote code executi...
Microsoft Windows File Explorer Spoofing Vulnerability (CNVD-2026-10676)
Microsoft Windows File Explorer is a file manager application from Microsoft USA. A spoofing vulnerability exists in Microsoft Windows File Explorer that is caused by the exposure of sensitive information to unauthorized participants in File Explorer. An attacker could exploit the vulnerability t...
Microsoft Excel Code Execution Vulnerability (CNVD-2025-24449)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute code...
Adobe Illustrator Out-of-Bounds Write Vulnerability (CNVD-2025-24393)
Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. An out-of-bounds write vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...
Adobe Substance3D Modeler Buffer Overflow Vulnerability
Adobe Substance3D Modeler is a 3D modeling software from the American company Audobee Adobe. A security vulnerability exists in Adobe Substance3D Modeler 1.22.3 and prior versions, which can be exploited by an attacker to cause code execution in the current user environment...
Unspecified Vulnerability in Microsoft Azure (CNVD-2025-24170)
Microsoft Azure is a set of open, enterprise-grade cloud computing platforms from the U.S.-based Microsoft. Microsoft Azure has a security vulnerability that can be exploited by an attacker who can elevate privileges...
Microsoft Azure Elevation of Privilege Vulnerability (CNVD-2025-29349)
Microsoft Azure is a suite of open, enterprise-grade cloud computing platforms from the U.S.-based Microsoft. A security vulnerability exists in Microsoft Azure Compute Gallery, which can be exploited by an attacker to elevate privileges...
Unspecified Vulnerability in Rockwell Automation Comms-1783-NATR
Rockwell Automation Comms-1783-NATR is an industrial Ethernet address translation device from Rockwell Automation. A security vulnerability exists in the Rockwell Automation Comms-1783-NATR that stems from a lack of authentication checks for critical functions and can be exploited by an attacker ...
Rockwell Automation FactoryTalk Linx Elevation of Privilege Vulnerability
Rockwell Automation FactoryTalk Linx is a set of industrial communication solutions from Rockwell Rockwell Automation. It is used to communicate between small applications and large automation systems. An elevation of privilege vulnerability exists in Rockwell Automation FactoryTalk Linx due to a...
Rockwell Automation FactoryTalk View Machine Edition Path Traversal Vulnerability
Rockwell Automation FactoryTalk View Machine Edition is a versatile HMI application from Rockwell Automation. A path traversal vulnerability exists in Rockwell Automation FactoryTalk View Machine Edition, which can be exploited by an attacker to delete any file in the panel's operating system...
Rockwell Automation FactoryTalk Linx Elevation of Privilege Vulnerability (CNVD-2026-10857)
Rockwell Automation FactoryTalk Linx is a set of industrial communication solutions from Rockwell Rockwell Automation. The product is primarily used for small applications to communicate with large automation systems and more. An elevation of privilege vulnerability exists in Rockwell Automation...
Rockwell Automation Compact GuardLogix 5370 Denial of Service Vulnerability
Rockwell Automation Compact GuardLogix 5370 is a safety programmable logic controller from Rockwell Automation. The Rockwell Automation Compact GuardLogix 5370 suffers from a denial of service vulnerability that originates from a failure when sending a specially crafted CIP unconnected explicit...
Rockwell Automation FactoryTalk ViewPoint Denial of Service Vulnerability
Rockwell Automation FactoryTalk ViewPoint is a web-based client application from Rockwell Automation. A denial of service vulnerability exists in Rockwell Automation FactoryTalk ViewPoint, which can be exploited by an attacker to cause a denial of service...
Rockwell Automation ArmorStart AOP Denial of Service Vulnerability
Rockwell Automation ArmorStart AOP is a distributed motor controller from Rockwell Automation. The Rockwell Automation ArmorStart AOP suffers from a denial of service vulnerability that originates from entering an invalid value into a COM method, which can be exploited by an attacker to cause a...
Microsoft Excel Code Execution Vulnerability (CNVD-2025-24394)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...
WordPress Pz-LinkCard plugin server-side request forgery vulnerability
WordPress Pz-LinkCard plugin is a WordPress plugin that is mainly used to display links in the form of cards, support custom display of external and internal links, and optimize social sharing and other features. WordPress Pz-LinkCard plugin suffers from a server-side request forgery vulnerabilit...
Centreon cross-site scripting vulnerability (CNVD-2025-24648)
Centreon is a set of open source system monitoring tools from France's Centreon. The product mainly provides monitoring functions for resources such as network, system and application programs. Centreon has a security vulnerability that can be exploited by attackers to execute arbitrary Web scrip...
Adobe Framemaker Code Execution Vulnerability
Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A security vulnerability exists in Adobe Framemaker version 2020.9, 2022.7, and prior versions, which can be...
Adobe Framemaker Memory Misreference Vulnerability (CNVD-2025-24391)
Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A memory misreference vulnerability exists in Adobe Framemaker, which can be exploited by an attacker to cause...
Centreon cross-site scripting vulnerability (CNVD-2025-24649)
Centreon is a set of open source system monitoring tools from France's Centreon. The product mainly provides monitoring functions for resources such as network, system and application programs. Centreon cross-site scripting vulnerability , the vulnerability stems from the lack of effective...
Adobe Illustrator Out-of-Bounds Write Vulnerability (CNVD-2025-24392)
Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. An out-of-bounds write vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...
Microsoft PowerPoint Code Execution Vulnerability (CNVD-2025-26719)
Microsoft PowerPoint is a document presentation tool in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft PowerPoint, which can be exploited by an attacker to execute arbitrary code on a system...
Microsoft Excel Code Execution Vulnerability (CNVD-2025-24400)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...
Microsoft Excel Code Execution Vulnerability (CNVD-2025-24402)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...
Microsoft Office Code Execution Vulnerability (CNVD-2025-24419)
Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to execute...
Adobe Dimension Input Validation Error Vulnerability (CNVD-2025-24213)
Adobe Dimension is the United States of America Odo than Adobe company is a set of 2D and 3D composite design tools. An input validation error vulnerability exists in Adobe Dimension, which can be exploited by an attacker to cause arbitrary code execution in the current user environment...
Unspecified Vulnerability in Microsoft Defender (CNVD-2025-24169)
Microsoft Defender is a threat protection software from Microsoft USA. Microsoft Defender for Linux has a security vulnerability that can be exploited by attackers to cause a denial of service on the system...
Adobe Dimension Out-of-Bounds Read Vulnerability (CNVD-2025-24204)
Adobe Dimension is the United States of America Odo than Adobe company is a set of 2D and 3D composite design tools. Adobe Dimension suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute code in the context of the current user...