PyTorch torch.nan_to_num-.long component integer overflow vulnerability

PyTorch is a Python package open-sourced by PyTorch. An integer overflow vulnerability exists in the PyTorch torch.nantonum-.long component, no details of the vulnerability are available at this time...

PyTorch has an unspecified vulnerability

PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a security vulnerability that stems from a name error when compiling a model containing torch.cummin using Inductor, which can be exploited by an attacker to cause a denial of service...

Unspecified Vulnerability in PyTorch (CNVD-2025-23279)

PyTorch is a Python package open-sourced by PyTorch. PyTorch has a security vulnerability that stems from a syntax error in the component proxytensor.py, which can be exploited by an attacker to cause a denial of service...

Unspecified vulnerability in PyTorch torch.linalg.lu component

PyTorch is a Python package open-sourced by PyTorch. An unspecified vulnerability exists in the PyTorch torch.linalg.lu component, which can be exploited by an attacker to cause a denial of service...

DELL BSAFE Crypto-J Information Disclosure Vulnerability

DELL BSAFE Crypto-J is a cryptographic toolkit developed by Dell to help developers add privacy and authentication features to applications. An information disclosure vulnerability exists in DELL BSAFE Crypto-J, which stems from an error message that contains sensitive environmental information a...

DELL PowerScale OneFS Information Disclosure Vulnerability

DELL PowerScale OneFS is a horizontally scalable NAS Network Attached Storage operating system from Dell Technologies that is primarily used to manage massive amounts of unstructured data. An information disclosure vulnerability exists in DELL PowerScale OneFS that originates from unauthorized...

NVIDIA Megatron-LM msdp preprocessing script code injection vulnerability

NVIDIA Megatron-LM is a PyTorch-based distributed training framework from NVIDIA that specializes in training large Transformer language models. A code injection vulnerability exists in the NVIDIA Megatron-LM msdp preprocessing script, which can be exploited by attackers to cause code execution,...

Unspecified Vulnerability in PyTorch (CNVD-2025-23283)

PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a security vulnerability that stems from unexpected behavior when the torch.rot90 and torch.randnlike components are used together, no details of the vulnerability are provided at this time...

NVIDIA CUDA toolkit and NVIDIA nvJPEG buffer overflow vulnerability (CNVD-2025-23253)

NVIDIA CUDA Toolkit is a development software application for creating high-performance GPU-accelerated applications from NVIDIA. nVIDIA nvJPEG is an image codec library. A buffer overflow vulnerability exists in NVIDIA CUDA toolkit and NVIDIA nvJPEG, which could be exploited by an attacker to...

Cisco IOS XE Software Cross-Site Scripting Vulnerability

Cisco IOS XE Software is a network operating system from the American company Cisco Cisco. A cross-site scripting vulnerability exists in Cisco IOS XE Software that originates from improper user input cleanup and can be exploited by an attacker to cause a reflective cross-site scripting attack...

NVIDIA CUDA toolkit buffer overflow vulnerability

NVIDIA CUDA Toolkit is a development software application for creating high-performance GPU-accelerated applications from NVIDIA. NVIDIA CUDA Toolkit suffers from a buffer overflow vulnerability that can be exploited by an attacker to cause a partial denial of service...

NVIDIA CUDA toolkit and NVIDIA nvJPEG numeric error vulnerability

NVIDIA CUDA Toolkit is a development software application for creating high-performance GPU-accelerated applications from NVIDIA. nVIDIA nvJPEG is an image codec library. A numeric error vulnerability exists in NVIDIA CUDA toolkit and NVIDIA nvJPEG, which arises from a divide-by-zero error in the...

NVIDIA CUDA toolkit and NVIDIA nvJPEG buffer overflow vulnerability

NVIDIA CUDA Toolkit is a development software application for creating high-performance GPU-accelerated applications from NVIDIA. nVIDIA nvJPEG is an image codec library. A buffer overflow vulnerability exists in NVIDIA CUDA toolkit and NVIDIA nvJPEG, which can be exploited by an attacker to caus...

PyTorch Information Disclosure Vulnerability

PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from an information disclosure vulnerability that stems from FractionalMaxPool2d producing inconsistent results when using torch.compile, no details of the vulnerability are provided at this time...

JeecgBoot Authorization Issues Vulnerability (CNVD-2025-23073)

JeecgBoot is an open source low-code development platform based on the code generator of Beijing National Torch Information Technology Co. A security vulnerability exists in JeecgBoot 3.8.2 and earlier versions, which stems from improper authorization of the ids parameter in the...

PyTorch Information Disclosure Vulnerability (CNVD-2025-23285)

PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from an information disclosure vulnerability that stems from nn.PairwiseDistancep=2 producing incorrect results in eager mode, no details of the vulnerability are provided at this time...

Apache IoTDB Resource Management Error Vulnerability

Apache IoTDB is a time-series database management system from the Apache Software Foundation, designed for storing and analyzing massive time-series data in IoT scenarios. Apache IoTDB suffers from a security vulnerability that originates from an unauthorized access flaw in a system component. An...

TOTOLINK X6000R Improper Input Validation Vulnerability

TOTOLINK X6000R is a Wi-Fi 6 technology-enabled wireless router from China's Gion Electronics TOTOLINK, featuring high concurrent connections and dual-band transmission. The TOTOLINK X6000R suffers from an improper input validation vulnerability that originates from the program's failure to...

Google Chrome Integer Overflow Vulnerability (CNVD-2025-22922)

Google Chrome is a web browser developed by Google, known for being fast, secure and personalized, with support for multi-device synchronization and smart tool integration. Google Chrome suffers from an integer overflow vulnerability that stems from the program's failure to properly handle numeri...

Google Chrome Integer Overflow Vulnerability

Google Chrome is a web browser developed by Google, known for being fast, secure and personalized, with support for multi-device synchronization and smart tool integration. Google Chrome suffers from an integer overflow vulnerability that stems from the program failing to properly check for integ...

Google Chrome Information Disclosure Vulnerability

Google Chrome is a web browser developed by Google, known for being fast, secure and personalized, with support for multi-device synchronization and smart tool integration. Google Chrome suffers from an information disclosure vulnerability that originates from the V8 presence of side channel...

Microsoft Edge Remote Code Execution Vulnerability (CNVD-2025-23074)

Microsoft Edge is a web browser developed by Microsoft based on the Chromium kernel. A remote code execution vulnerability exists in Microsoft Edge. The vulnerability arises because the browser fails to properly handle objects in memory and can be exploited by an attacker to remotely execute code...

IBM Watson Studio Cross-Site Scripting Vulnerability

IBM Watson Studio is a data science and machine learning platform from IBM, integrated into Cloud Pak for Data, for building, training and deploying AI models. A cross-site scripting vulnerability exists in IBM Watson Studio versions 4.0 through 5.2.0 that stems from not adequately filtering user...

TOTOLINK X6000R OS Command Injection Vulnerability

TOTOLINK X6000R is a Wi-Fi 6 technology-enabled wireless router from China's Gion Electronics TOTOLINK, featuring high concurrent connections and dual-band transmission. The TOTOLINK X6000R suffers from an OS command injection vulnerability that stems from a failure to properly filter special...

Artifex Ghostscript pdfmark_coerce_dest function stack buffer overflow vulnerability

Artifex Ghostscript is the United States Artifex company's set of Adobe-based, PostScript and portable document format page description language and compiled into the free software. Artifex Ghostscript pdfmarkcoercedest function has a stack buffer overflow vulnerability, there is no detailed...

Tenda AC6 formSetIptv Function Command Injection Vulnerability

Tenda AC6 is a dual-band wireless router from Tenda that supports 2.4GHz and 5GHz bands with a maximum transmission rate of 1167Mbps. The Tenda AC6 suffers from a command injection vulnerability that stems from the formSetIptv function not validating or cleaning up special characters when handlin...

Hostel Management System login.php File SQL Injection Vulnerability

Hostel Management System is a hostel management system. Hostel Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter email in the file /justines/admin/login.php. An attacker can use this...

Park Ticketing Management System normal-bwdates-reports-details.php file SQL injection vulnerability

Park Ticketing Management System is a park ticketing management system. Park Ticketing Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements in the parameter fromdate in the file normal-bwdates-reports-details.php. A...

Hostel Management System ID Parameter SQL Injection Vulnerability

Hostel Management System is a hostel management system. Hostel Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in parameter ID in file /justines/admin/modreservation/index.php?view=view. An attacker can...

Hostel Management System mod_roomtype/index.php File SQL Injection Vulnerability

Hostel Management System is a hostel management system. Hostel Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in parameter ID in file /justines/admin/modroomtype/index.php. An attacker can exploit this...

Car Rental Project carrental/search.php file cross-site scripting vulnerability

Car Rental Project is a car rental program. Car Rental Project suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter autofocus in the file /carrental/search.php, which can be exploited by an attacker t...

Tenda AC6 Improper Input Validation Vulnerability

Tenda AC6 is a dual-band wireless router from Tenda that supports 2.4GHz and 5GHz bands with a maximum transmission rate of 1167Mbps. The Tenda AC6 suffers from an improper input validation vulnerability that stems from improper handling of the funcname, funcpara1, and funcpara2 parameters in the...

D-Link DCS-935L Buffer Overflow Vulnerability

The D-Link DCS-935L is a router from China's AUO D-Link. A buffer overflow vulnerability exists in D-Link DCS-935L version 1.13.01 and earlier, which originates from the parameter HNAPAUTH/SOAPAction in file /HNAP1/ that fails to correctly validate the length and size of the input data, and can b...

WordPress Plugin Advance Portfolio Grid Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin Advance Portfolio Grid has a cross-site scripting vulnerability that stems fro...

WordPress Plugin Accordion Missing Authorization Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A lack of authorization vulnerability exists in the WordPress plugin Accordion, which can be...

Unspecified Vulnerability in WordPress Plugin Academy LMS

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin Academy LMS, which can be exploited by ...

Artifex Ghostscript ocr_begin_page function heap buffer overflow vulnerability

Artifex Ghostscript is the United States Artifex company's set of Adobe-based, PostScript and portable document format page description language and compiled into the free software. A heap buffer overflow vulnerability exists in the Artifex Ghostscript ocrbeginpage function, which can be exploite...

WordPress Plugin CP Multi View Event Calendar Authorization Missing Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An authorization missing vulnerability exists in the WordPress plugin CP Multi View Event...

Artifex Ghostscript pdf_write_cmap function stack buffer overflow vulnerability

Artifex Ghostscript is the United States Artifex company's set of Adobe-based, PostScript and portable document format page description language and compiled into the free software. Artifex Ghostscript pdfwritecmap function has a stack buffer overflow vulnerability, there is no detailed...

Flowise Cross-Site Scripting Vulnerability

Flowise is a FlowiseAI open source tool for easily building LLM applications. A cross-site scripting vulnerability exists in Flowise version 3.0.5, which originates from a CustomMCP node directly executing user-entered JavaScript code and can be exploited by an attacker to cause remote code...

Tenda AC20 strcpy function buffer overflow vulnerability

Tenda AC20 is a home router from Tenda. The Tenda AC20 suffers from a buffer overflow vulnerability that originates from the failure of startIp, a parameter in the strcpy function of the /goform/SetPptpServerCfg file in the HTTP POST request processing component, to correctly validate the length ...

D-Link DIR-513 Buffer Overflow Vulnerability (CNVD-2025-23468)

D-Link DIR-513 is a wireless router product from China's AUO D-Link. The D-Link DIR-513 suffers from a buffer overflow vulnerability due to incorrect manipulation of the parameter webpage in the file /goform/formWPS, no details of the vulnerability are provided at this time...

Simple Food Ordering System order.php File Cross-Site Scripting Vulnerability

Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the parameter ID in the file /ordersimple/order.php, which can be...

WordPress Plugin Ads by WPQuads Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin Ads by WPQuads has a cross-site scripting vulnerability that stems from the...

D-Link DIR-823X Command Injection Vulnerability (CNVD-2025-23469)

The D-Link DIR-823X is a wireless router from China's AUO D-Link. The D-Link DIR-823X suffers from a command injection vulnerability due to a flaw in the /usr/sbin/goahead file. An attacker can exploit this vulnerability to execute arbitrary commands on the system...

E-Commerce Website Website /pages/admin_account_delete.php File SQL Injection Vulnerability

E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from the lack of validation of the userid parameter in the file /pages/adminaccountdelete.php for externally entered SQL statements. An attacker can exploit this vulnerabilit...

Online Bidding System remove.php File SQL Injection Vulnerability

Online Bidding System is an online bidding system. Online Bidding System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter ID of the file /administrator/remove.php. An attacker can exploit this vulnerability ...

Hostel Management System index.php File SQL Injection Vulnerability

Hostel Management System is a hostel management system. Hostel Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in parameter ID in file /justines/admin/modamenities/index.php. An attacker can exploit this...

Hostel Management System Home Parameter SQL Injection Vulnerability

Hostel Management System is a hostel management system. Hostel Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Home in the file /justines/admin/modreports/index.php. An attacker can...

Tenda AC23 SetPptpServerCfg File sscanf Function Buffer Overflow Vulnerability

Tenda AC23 is a dual-band wireless router from Tenda that supports 802.11acWave2 technology with dual-band concurrent transmission rates up to 2033Mbps, including up to 1733Mbps in the 5GHz band, which is suitable for high-bandwidth applications such as 4K video and online live streaming. Tenda...