131179 matches found
Online Bidding System bidlist.php File SQL Injection Vulnerability
Online Bidding System is an online bidding system. Online Bidding System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter ID of the file /administrator/bidlist.php. An attacker can exploit this vulnerability...
E-Commerce Website admin_index_search.php file SQL injection vulnerability
E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Search in the file /pages/adminindexsearch.php. An attacker can exploit this vulnerability t...
Employee Record Management System myprofile.php File Cross-Site Scripting Vulnerability
Employee Record Management System is an employee record management system. The Employee Record Management System suffers from a cross-site scripting vulnerability that arises from insufficient filtering of the First name parameter in the /myprofile.php file. An attacker can exploit this...
WordPress plugin Authorsy cross-site scripting vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress plugin Authorsy, which stems from...
WordPress Plugin Permalink Manager Lite Information Disclosure Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Permalink Manager Lite.T...
IBM Storage TS4500 Library Cross-Site Request Forgery Vulnerability
IBM Storage TS4500 Library is a next-generation tape storage solution from IBM designed to help mid-sized and large enterprises meet the challenges of cloud storage, enabling high-density data storage and flexible scaling through LTO technology. The IBM Storage TS4500 Library suffers from a...
D-Link DIR-823X Command Injection Vulnerability (CNVD-2025-23367)
The D-Link DIR-823X is a wireless router from China's AUO D-Link. The D-Link DIR-823X suffers from a command injection vulnerability that can be exploited by an attacker to cause remote command execution...
WordPress Plugin AllInOne - Banner Rotator SQL Injection Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin AllInOne - Banner Rotator suffers from a SQL injection vulnerability, no detai...
D-Link DIR-823X Command Injection Vulnerability (CNVD-2025-23467)
The D-Link DIR-823X is a wireless router from China's AUO D-Link. The D-Link DIR-823X suffers from a command injection vulnerability, which is a result of incorrect manipulation of the parameter port of the function sub412E7C in the file /goform/setswitchsettings, which can be exploited by an...
Project Monitoring System login.php File SQL Injection Vulnerability
Project Monitoring System is a project monitoring system. Project Monitoring System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameters username/password in the file /login.php. An attacker can exploit this...
E-Commerce Website admin_account_update.php file SQL injection vulnerability
E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter userid in the file /pages/adminaccountupdate.php. An attacker can exploit this vulnerabili...
Simple Scheduling System addroom.php File SQL Injection Vulnerability
Simple Scheduling System is a simple scheduling system. Simple Scheduling System suffers from a SQL injection vulnerability that stems from the failure of the /schedulingsystem/addroom.php file to effectively filter the room parameter. No details of the vulnerability are available at this time...
WordPress Plugin Acclectic Media Organizer Authorization Missing Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An authorization missing vulnerability exists in the WordPress plugin Acclectic Media Organizer...
E-Commerce Website pages/admin_product_details.php file SQL Injection Vulnerability
E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from the pages/adminproductdetails.php file that does not perform security filtering on the prodid parameter. An attacker can exploit this vulnerability by manipulating the...
D-Link DIR-823X Command Execution Vulnerability
The D-Link DIR-823X is a wireless router from China's AUO D-Link. The D-Link DIR-823X suffers from a command execution vulnerability that can be exploited by an attacker to cause code execution due to the setcassword settings interface not filtering special characters in the httpcasswd parameter...
D-Link DIR-823X Command Injection Vulnerability (CNVD-2025-23370)
The D-Link DIR-823X is a wireless router from China's AUO D-Link. The D-Link DIR-823X suffers from a command injection vulnerability that stems from a misuse of the parameter mac in the file /goform/setdevicename, which can be exploited by an attacker to cause remote command injection...
D-Link DIR-823X Command Injection Vulnerability (CNVD-2025-23369)
The D-Link DIR-823X is a wireless router from China's AUO D-Link. The D-Link DIR-823X suffers from a command injection vulnerability that originates from the misuse of the parameter macList in the file /goform/setwifiblacklists, which can be exploited by an attacker to cause remote command...
Small CRM SQL Injection Vulnerability
Small CRM is a customer relationship management system. Small CRM suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter email in the file /forgot-password.php. An attacker can exploit this vulnerability to...
IBM Watsonx.data Log Information Disclosure Vulnerability
IBM Watsonx.data is an open data lake warehouse platform from International Business Machines IBM. IBM Watsonx.data suffers from a log information disclosure vulnerability that stems from storing potentially sensitive information in log files, which can be exploited by an attacker to cause it to ...
Hostel Management System mod_users/index.php File SQL Injection Vulnerability
Hostel Management System is a hostel management system. Hostel Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in parameter ID in file /justines/admin/modusers/index.php. An attacker can exploit this...
Simple Scheduling System addtime.php File SQL Injection Vulnerability
Simple Scheduling System is a simple scheduling system. Simple Scheduling System has a SQL injection vulnerability that originates from the starttime/endtime parameters in the /addtime.php file not being securely filtered. An attacker can exploit this vulnerability to execute malicious SQL comman...
PyTorch has an unspecified vulnerability
PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a security vulnerability that stems from a name error when compiling a model containing torch.cummin using Inductor, which can be exploited by an attacker to cause a denial of service...
NVIDIA CUDA Toolkit Heap Buffer Overflow Vulnerability (CNVD-2025-23251)
NVIDIA CUDA Toolkit is a development software application for creating high-performance GPU-accelerated applications from NVIDIA. NVIDIA CUDA Toolkit suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause arbitrary code execution...
NVIDIA Megatron-LM ensemble_classifer script code injection vulnerability
NVIDIA Megatron-LM is a PyTorch-based distributed training framework from NVIDIA that specializes in training large Transformer language models. A code injection vulnerability exists in the NVIDIA Megatron-LM ensembleclassifer script, which can be exploited by attackers to cause code execution,...
NVIDIA CUDA toolkit buffer overflow vulnerability
NVIDIA CUDA Toolkit is a development software application for creating high-performance GPU-accelerated applications from NVIDIA. NVIDIA CUDA Toolkit suffers from a buffer overflow vulnerability that can be exploited by an attacker to cause a partial denial of service...
NVIDIA CUDA toolkit buffer overflow vulnerability (CNVD-2025-23248)
NVIDIA CUDA Toolkit is a development software application for creating high-performance GPU-accelerated applications from NVIDIA. NVIDIA CUDA Toolkit suffers from a buffer overflow vulnerability that can be exploited by an attacker to cause a partial denial of service...
NVIDIA Megatron-LM Code Injection Vulnerability
NVIDIA Megatron-LM is a PyTorch-based distributed training framework from NVIDIA that specializes in training large Transformer language models. NVIDIA Megatron-LM suffers from a code injection vulnerability that stems from the possibility that the pretraingpt script may process malicious data,...
Delta Electronics CNCSoft-G2 Stack Buffer Overflow Vulnerability
Delta Electronics CNCSoft-G2 is a human-machine interface HMI software from Delta Electronics, China. The Delta Electronics CNCSoft-G2 suffers from a stack buffer overflow vulnerability that originates from improperly restricted memory buffer operations and can be exploited by an attacker to...
NVIDIA CUDA toolkit and NVIDIA nvJPEG buffer overflow vulnerability
NVIDIA CUDA Toolkit is a development software application for creating high-performance GPU-accelerated applications from NVIDIA. nVIDIA nvJPEG is an image codec library. A buffer overflow vulnerability exists in NVIDIA CUDA toolkit and NVIDIA nvJPEG, which can be exploited by an attacker to caus...
NVIDIA CUDA toolkit input validation error vulnerability
NVIDIA CUDA Toolkit is a development software application for creating high-performance GPU-accelerated applications from NVIDIA. The NVIDIA CUDA Toolkit suffers from an input validation error vulnerability that could be exploited by an attacker to cause a denial of service...
NVIDIA CUDA Toolkit Heap Buffer Overflow Vulnerability (CNVD-2025-23250)
NVIDIA CUDA Toolkit is a development software application for creating high-performance GPU-accelerated applications from NVIDIA. NVIDIA CUDA Toolkit suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause arbitrary code execution...
DELL Cloud Disaster Recovery OS Command Injection Vulnerability
DELL Cloud Disaster Recovery is a cloud disaster recovery solution provided by Dell Technologies. DELL Cloud Disaster Recovery suffers from an OS command injection vulnerability that stems from improper neutralization of special elements in OS commands, which can be exploited by an attacker to...
Cisco IOS XE Software Cross-Site Scripting Vulnerability
Cisco IOS XE Software is a network operating system from the American company Cisco Cisco. A cross-site scripting vulnerability exists in Cisco IOS XE Software that originates from improper user input cleanup and can be exploited by an attacker to cause a reflective cross-site scripting attack...
DELL BSAFE Micro Edition Suite Out-of-Bounds Write Vulnerability
DELL BSAFE Micro Edition Suite is an encryption development kit developed by Dell. DELL BSAFE Micro Edition Suite has an out-of-bounds write vulnerability that can be exploited by an attacker to cause a denial of service...
PyTorch Information Disclosure Vulnerability (CNVD-2025-23285)
PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from an information disclosure vulnerability that stems from nn.PairwiseDistancep=2 producing incorrect results in eager mode, no details of the vulnerability are provided at this time...
NVIDIA Megatron-LM msdp preprocessing script code injection vulnerability
NVIDIA Megatron-LM is a PyTorch-based distributed training framework from NVIDIA that specializes in training large Transformer language models. A code injection vulnerability exists in the NVIDIA Megatron-LM msdp preprocessing script, which can be exploited by attackers to cause code execution,...
NVIDIA CUDA Toolkit Code Issue Vulnerability
NVIDIA CUDA Toolkit is a development software application for creating high-performance GPU-accelerated applications from NVIDIA. A code issue vulnerability exists in NVIDIA CUDA Toolkit that stems from a null pointer dereference in cuobjdump, which can be exploited by an attacker to cause a...
JeecgBoot Authorization Issues Vulnerability (CNVD-2025-23073)
JeecgBoot is an open source low-code development platform based on the code generator of Beijing National Torch Information Technology Co. A security vulnerability exists in JeecgBoot 3.8.2 and earlier versions, which stems from improper authorization of the ids parameter in the...
Unspecified Vulnerability in PyTorch (CNVD-2025-23283)
PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a security vulnerability that stems from unexpected behavior when the torch.rot90 and torch.randnlike components are used together, no details of the vulnerability are provided at this time...
PyTorch Buffer Overflow Vulnerability (CNVD-2025-23287)
PyTorch is a Python package open-sourced by PyTorch. PyTorch= suffers from a buffer overflow vulnerability that stems from a boundary error in the PyTorch model compilation when handling untrusted input, which can be exploited by an attacker to cause a denial of service...
Unspecified vulnerability in PyTorch torch.linalg.lu component
PyTorch is a Python package open-sourced by PyTorch. An unspecified vulnerability exists in the PyTorch torch.linalg.lu component, which can be exploited by an attacker to cause a denial of service...
Delta Electronics CNCSoft-G2 Stack Buffer Overflow Vulnerability (CNVD-2025-22945)
Delta Electronics CNCSoft-G2 is a human-machine interface HMI software from Delta Electronics, China. The Delta Electronics CNCSoft-G2 suffers from a stack buffer overflow vulnerability that originates from improperly restricted memory buffer operations and can be exploited by an attacker to...
DELL PowerScale OneFS Information Disclosure Vulnerability
DELL PowerScale OneFS is a horizontally scalable NAS Network Attached Storage operating system from Dell Technologies that is primarily used to manage massive amounts of unstructured data. An information disclosure vulnerability exists in DELL PowerScale OneFS that originates from unauthorized...
Unspecified Vulnerability in PyTorch (CNVD-2025-23284)
PyTorch is a Python package open-sourced by PyTorch. PyTorch has a security vulnerability that stems from an assertion error in nn.Fold when using inductor, no details of the vulnerability are provided at this time...
PyTorch torch.nan_to_num-.long component integer overflow vulnerability
PyTorch is a Python package open-sourced by PyTorch. An integer overflow vulnerability exists in the PyTorch torch.nantonum-.long component, no details of the vulnerability are available at this time...
Unspecified Vulnerability in PyTorch (CNVD-2025-23279)
PyTorch is a Python package open-sourced by PyTorch. PyTorch has a security vulnerability that stems from a syntax error in the component proxytensor.py, which can be exploited by an attacker to cause a denial of service...
Unspecified Vulnerability in PyTorch (CNVD-2025-23278)
PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a security vulnerability that stems from mishandling when compiling models containing torch.Tensor.tosparse and torch.Tensor.todense, which can be exploited by an attacker to cause a denial of service...
DELL BSAFE Crypto-J Information Disclosure Vulnerability
DELL BSAFE Crypto-J is a cryptographic toolkit developed by Dell to help developers add privacy and authentication features to applications. An information disclosure vulnerability exists in DELL BSAFE Crypto-J, which stems from an error message that contains sensitive environmental information a...
NVIDIA CUDA toolkit and NVIDIA nvJPEG buffer overflow vulnerability (CNVD-2025-23253)
NVIDIA CUDA Toolkit is a development software application for creating high-performance GPU-accelerated applications from NVIDIA. nVIDIA nvJPEG is an image codec library. A buffer overflow vulnerability exists in NVIDIA CUDA toolkit and NVIDIA nvJPEG, which could be exploited by an attacker to...
NVIDIA CUDA toolkit and NVIDIA nvJPEG numeric error vulnerability
NVIDIA CUDA Toolkit is a development software application for creating high-performance GPU-accelerated applications from NVIDIA. nVIDIA nvJPEG is an image codec library. A numeric error vulnerability exists in NVIDIA CUDA toolkit and NVIDIA nvJPEG, which arises from a divide-by-zero error in the...