131179 matches found
Fuji Electric V-SFT Out-of-Bounds Read Vulnerability
Fuji Electric V-SFT is a human-machine interface HMI configuration software developed by Fuji Electric FujiElectric, which is mainly used for touch-screen interface design, PDF document viewing, video playback, alarm message management and other functions in the field of industrial automation. Fu...
Tenda W12 Null Pointer Dereference Vulnerability
Tenda W12 is a dual-band Gigabit wireless panelized access point AP from Tenda Technology, designed for hotels, villas, large homes and other scenarios, supporting the IEEE802.11ac protocol and the Wave2 standard with 1167Mbps dual-band concurrent rate. A null pointer dereference vulnerability...
QNAP QTS and QuTS hero null pointer dereference vulnerability (CNVD-2025-27744)
QNAP QTS is a NAS operating system developed by QNAPSystems, Inc. designed for network attached storage devices, providing data management, backup, multimedia entertainment, etc. QNAP QuTS hero is an enterprise-grade operating system developed by QNAP for its networked storage devices NAS, which ...
UTT 1250GW Buffer Overflow Vulnerability (CNVD-2026-00805)
The UTT 1250GW is an enterprise-grade wireless router from Atech Technology Ltd. designed for SOHO Small Office/Home Office environments, focusing on wireless coverage and network management features. The UTT 1250GW suffers from a buffer overflow vulnerability, which originates from the parameter...
Hospital Management System session function hard-coded key vulnerability
Hospital Management System a hospital management system. Hospital Management System has a hard-coded key vulnerability that arises from the incorrect manipulation of the secret parameter by the session function in the express-session component, for which no detailed vulnerability details are...
E-Commerce Website user_index_search.php File SQL Injection Vulnerability
E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Search in the file /pages/userindexsearch.php. An attacker can exploit this vulnerability to...
Bold Workplanner Insecure Direct Object Reference Vulnerability (CNVD-2025-24042)
Bold Workplanner is an enterprise software for human resource management from the Spanish company Bold Workplanner. Bold Workplanner suffers from an insecure direct object reference vulnerability that stems from the misuse of the Generic Query Web Service, no details of the vulnerability are...
Bold Workplanner Insecure Direct Object Reference Vulnerability (CNVD-2025-24045)
Bold Workplanner is an enterprise software for human resource management from the Spanish company Bold Workplanner. Bold Workplanner suffers from an insecure direct object reference vulnerability that can be exploited by an attacker to access the date of current contract details using an...
Huawei HarmonyOS package management module data handling error vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A data handling error vulnerability exists in the Huawei HarmonyOS package management module, which can be exploited by attackers to affect availability...
Online Job Search Engine registration.php File SQL Injection Vulnerability
Online Job Search Engine is an online job search engine. Online Job Search Engine suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter txtusername in the file /registration.php. An attacker can exploit this...
QNAP Qsync Central SQL Injection Vulnerability
QNAP Qsync Central is a private cloud synchronization service launched by Weilian QNAP, which is mainly used to achieve real-time synchronization and backup of files between devices, with functions similar to GoogleDrive, Dropbox and other cloud storage services, but with the data stored in the...
Client Details System update-profile.php File SQL Injection Vulnerability
Client Details System is a client information system. Client Details System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter uid in the file /admin/update-profile.php. An attacker can exploit this...
Online Complaint Site register-complaint.php File SQL Injection Vulnerability
Online Complaint Site is an online complaint site. Online Complaint Site suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter cid in the file /cms/users/register-complaint.php. An attacker can exploit this...
QNAP Qsync Central Unlimited Resource Allocation Vulnerability
QNAP Qsync Central is the official private cloud synchronization service developed by QNAP for its Network Attached Storage NAS devices. QNAP Qsync Central suffers from an unrestricted resource allocation vulnerability that can be exploited by attackers to cause a denial of service...
QNAP QTS and QuTS hero null pointer dereference vulnerability (CNVD-2025-27738)
QNAP QTS is a NAS operating system developed by QNAPSystems, Inc. designed for network attached storage devices, providing data management, backup, multimedia entertainment, etc. QNAP QuTS hero is an enterprise-grade operating system developed by QNAP for its networked storage devices NAS, which ...
QNAP QTS and QuTS hero null pointer dereference vulnerability (CNVD-2025-27561)
QNAP QTS is a NAS operating system developed by QNAPSystems, Inc. designed for network attached storage devices, providing data management, backup, multimedia entertainment, etc. QNAP QuTS hero is an enterprise-grade operating system developed by QNAP for its networked storage devices NAS, which ...
QNAP QTS and QuTS hero formatting string error vulnerability
QNAP QTS is a NAS operating system developed by QNAPSystems, Inc. designed for network attached storage devices, providing data management, backup, multimedia entertainment, etc. QNAP QuTS hero is an enterprise-grade operating system developed by QNAP for its networked storage devices NAS, which ...
QNAP QTS and QuTS hero null pointer dereference vulnerability (CNVD-2025-27745)
QNAP QTS is a NAS operating system developed by QNAPSystems, Inc. designed for network attached storage devices, providing data management, backup, multimedia entertainment, etc. QNAP QuTS hero is an enterprise-grade operating system developed by QNAP for its networked storage devices NAS, which ...
QNAP QTS and QuTS hero null pointer dereference vulnerability (CNVD-2025-27743)
QNAP QTS is a NAS operating system developed by QNAPSystems, Inc. designed for network attached storage devices, providing data management, backup, multimedia entertainment, etc. QNAP QuTS hero is an enterprise-grade operating system developed by QNAP for its networked storage devices NAS, which ...
QNAP QTS and QuTS hero null pointer dereference vulnerability (CNVD-2025-27558)
QNAP QTS is a NAS operating system developed by QNAPSystems, Inc. designed for network attached storage devices, providing data management, backup, multimedia entertainment, etc. QNAP QuTS hero is an enterprise-grade operating system developed by QNAP for its networked storage devices NAS, which ...
QNAP QTS and QuTS hero null pointer dereference vulnerability (CNVD-2025-27560)
QNAP QTS is a NAS operating system developed by QNAPSystems, Inc. designed for network attached storage devices, providing data management, backup, multimedia entertainment, etc. QNAP QuTS hero is an enterprise-grade operating system developed by QNAP for its networked storage devices NAS, which ...
QNAP QTS and QuTS hero null pointer dereference vulnerability
QNAP QTS is a NAS operating system developed by QNAPSystems, Inc. designed for network attached storage devices, providing data management, backup, multimedia entertainment, etc. QNAP QuTS hero is an enterprise-grade operating system developed by QNAP for its networked storage devices NAS, which ...
QNAP QTS and QuTS hero null pointer dereference vulnerability (CNVD-2025-27741)
QNAP QTS is a NAS operating system developed by QNAPSystems, Inc. designed for network attached storage devices, providing data management, backup, multimedia entertainment, etc. QNAP QuTS hero is an enterprise-grade operating system developed by QNAP for its networked storage devices NAS, which ...
QNAP QTS and QuTS hero null pointer dereference vulnerability (CNVD-2025-27737)
QNAP QTS is a NAS operating system developed by QNAPSystems, Inc. designed for network attached storage devices, providing data management, backup, multimedia entertainment, etc. QNAP QuTS hero is an enterprise-grade operating system developed by QNAP for its networked storage devices NAS, which ...
QNAP QTS and QuTS hero null pointer dereference vulnerability (CNVD-2025-27563)
QNAP QTS is a NAS operating system developed by QNAPSystems, Inc. designed for network attached storage devices, providing data management, backup, multimedia entertainment, etc. QNAP QuTS hero is an enterprise-grade operating system developed by QNAP for its networked storage devices NAS, which ...
QNAP QTS and QuTS hero null pointer dereference vulnerability (CNVD-2025-27566)
QNAP QTS is a NAS operating system developed by QNAPSystems, Inc. designed for network attached storage devices, providing data management, backup, multimedia entertainment, etc. QNAP QuTS hero is an enterprise-grade operating system developed by QNAP for its networked storage devices NAS, which ...
QNAP QTS and QuTS hero null pointer dereference vulnerability (CNVD-2025-27564)
QNAP QTS is a NAS operating system developed by QNAPSystems, Inc. designed for network attached storage devices, providing data management, backup, multimedia entertainment, etc. QNAP QuTS hero is an enterprise-grade operating system developed by QNAP for its networked storage devices NAS, which ...
QNAP QTS and QuTS hero null pointer dereference vulnerability (CNVD-2025-27562)
QNAP QTS is a NAS operating system developed by QNAPSystems, Inc. designed for network attached storage devices, providing data management, backup, multimedia entertainment, etc. QNAP QuTS hero is an enterprise-grade operating system developed by QNAP for its networked storage devices NAS, which ...
QNAP QTS and QuTS hero null pointer dereference vulnerability (CNVD-2025-27559)
QNAP QTS is a NAS operating system developed by QNAPSystems, Inc. designed for network attached storage devices, providing data management, backup, multimedia entertainment, etc. QNAP QuTS hero is an enterprise-grade operating system developed by QNAP for its networked storage devices NAS, which ...
Huawei HarmonyOS print module exception mishandling vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An exception mishandling vulnerability exists in the Huawei HarmonyOS print module, which can be exploited by attackers to affect availability...
Tenda AC7 Command Injection Vulnerability
Tenda AC7 is a wireless router from Tenda, a Chinese company. A command injection vulnerability exists in Tenda AC7 version 15.03.06.44, which originates from the failure to properly filter the parameter lanIp in the file /goform/AdvSetLanip to construct command special characters, commands, etc...
QNAP QTS and QuTS hero null pointer dereference vulnerability (CNVD-2025-27565)
QNAP QTS is a NAS operating system developed by QNAPSystems, Inc. designed for network attached storage devices, providing data management, backup, multimedia entertainment, etc. QNAP QuTS hero is an enterprise-grade operating system developed by QNAP for its networked storage devices NAS, which ...
Courier Management System add-courier.php File SQL Injection Vulnerability
Courier Management System is a courier management system. The Courier Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Shippername in the file /add-courier.php. An attacker can exploit th...
Tenda AC7 /goform/WifiMacFilterSet File Buffer Overflow Vulnerability
Tenda AC7 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC7 version 15.03.06.44, which originates from the parameter wifichkHz in the file /goform/WifiMacFilterSet that fails to correctly validate the length of the input data, and can be...
WordPress Community Events plugin SQL Injection Vulnerability
The WordPress Community Events plugin is a plugin that allows users to publish event information independently through a website form, while administrators can retain the right to final review of calendar content. WordPress Community Events plugin suffers from a SQL injection vulnerability that...
WordPress Betheme plugin cross-site scripting vulnerability
WordPress Betheme plugin is a WordPress multipurpose theme that is mainly used to quickly build different types of websites such as corporate, blog, e-commerce and so on. WordPress Betheme plugin suffers from a cross-site scripting vulnerability that stems from insufficient input cleanup and outp...
Tenda AC7 /goform/saveAutoQos File Buffer Overflow Vulnerability
Tenda AC7 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC7 version 15.03.06.44, which originates from the parameter enable in the file /goform/saveAutoQos that fails to correctly validate the length of the input data, and can be exploited by ...
Computer Laboratory System SQL Injection Vulnerability
Computer Laboratory System is a computer laboratory system. The Computer Laboratory System suffers from a SQL injection vulnerability that originates from a lack of validation of an externally entered SQL statement in the password field of the login page, which can be exploited by an attacker to...
QNAP Qsync Central Uncontrolled Resource Consumption Vulnerability
QNAP Qsync Central is the official private cloud synchronization service developed by QNAP for its Network Attached Storage NAS devices. QNAP Qsync Central suffers from an uncontrolled resource consumption vulnerability that can be exploited by attackers to cause a denial of service...
WordPress Postie Plugin Cross-Site Scripting Vulnerability
WordPress Postie Plugin is a plugin that is mainly used for publishing posts via email. WordPress Postie Plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker...
Tenda AC7 /goform/setNotUpgrade File Buffer Overflow Vulnerability
Tenda AC7 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC7 version 15.03.06.44, which originates from the parameter newVersion in the file /goform/setNotUpgrade that fails to correctly validate the length and size of the input data, and can b...
QNAP Qsync Central SQL Injection Vulnerability (CNVD-2025-27801)
QNAP Qsync Central is a private cloud synchronization service launched by Weilian QNAP, which is mainly used to achieve real-time synchronization and backup of files between devices, with functions similar to GoogleDrive, Dropbox and other cloud storage services, but with the data stored in the...
Tenda W12 Buffer Overflow Vulnerability
The W12 is a high-performance wireless access point from Tenda China. Ltd. W12 3.0.0.6 version of the existence of buffer overflow vulnerability, the vulnerability stems from the HTTP Request Handler component / goform/modules file wifiMacFilterSet function parameter mac failed to correctly...
Tenda AC7 /goform/SetUpnpCfg File Buffer Overflow Vulnerability
Tenda AC7 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC7 version 15.03.06.44, which originates from the parameter upnpEn in the file /goform/SetUpnpCfg that fails to correctly validate the length of the input data, and can be exploited by a...
Bold Workplanner Insecure Direct Object Reference Vulnerability (CNVD-2025-24048)
Bold Workplanner is an enterprise software for human resource management from the Spanish company Bold Workplanner. Bold Workplanner suffers from an insecure direct object reference vulnerability that can be exploited by an attacker to access functional contract details using an unauthorized...
Simple Online Hotel Reservation System Cross-Site Scripting Vulnerability
Simple Online Hotel Reservation System is a simple online hotel reservation system. A cross-site scripting vulnerability exists in Simple Online Hotel Reservation System, which arises from unvalidated input to the Description field in the Add Room function, no details of the vulnerability are...
E-Commerce Website product_add_qty.php file SQL injection vulnerability
E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter prodid in file /pages/productaddqty.php. An attacker can exploit this vulnerability to execu...
UTT HiPER 840G Buffer Overflow Vulnerability
The UTT HiPER 840G is a full Gigabit Internet behavior management router from Atech UTT, which is aimed at small businesses, community networks, hotels, and other scenarios, providing high-speed network access and intelligent management features. The UTT HiPER 840G suffers from a buffer overflow...
Huawei HarmonyOS camera module privilege control vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in the Huawei HarmonyOS camera module, which can be exploited by an attacker to compromise service confidentiality...
Bold Workplanner Insecure Direct Object Reference Vulnerability (CNVD-2025-24043)
Bold Workplanner is an enterprise software for human resource management from the Spanish company Bold Workplanner. Bold Workplanner suffers from an insecure direct object reference vulnerability that can be exploited by an attacker to access basic employee details using an unauthorized internal...