Dell PowerProtect Data Manager Log Information Disclosure Vulnerability

Dell PowerProtect Data Manager PPDM is a data protection solution from Dell USA. The product supports features such as data backup, virtual machine backup and database protection. A log information disclosure vulnerability exists in Dell PowerProtect Data Manager versions 19.19 and 19.20, which...

Dell PowerProtect Data Manager Elevation of Privilege Vulnerability

Dell PowerProtect Data Manager PPDM is a data protection solution from Dell USA. The product supports features such as data backup, virtual machine backup and database protection. An elevation of privilege vulnerability exists in Dell PowerProtect Data Manager versions 19.19 and 19.20, which stem...

Unspecified Vulnerability in Dell PowerProtect Data Manager (CNVD-2025-22168)

Dell PowerProtect Data Manager PPDM is a data protection solution from Dell USA. The product supports features such as data backup, virtual machine backup and database protection. A security vulnerability exists in Dell PowerProtect Data Manager versions 19.19 and 19.20, which can be exploited by...

Unspecified Vulnerability in Dell PowerProtect Data Manager (CNVD-2025-22167)

Dell PowerProtect Data Manager PPDM is a set of data protection solutions from Dell USA. The product supports features such as data backup, virtual machine backup and database protection. A security vulnerability exists in Dell PowerProtect Data Manager versions 19.19 and 19.20, which can be...

ChanCMS Server-Side Request Forgery Vulnerability

ChanCMS is a content management system. ChanCMS 3.3.0 version of the existence of server-side request forgery vulnerability, the vulnerability stems from the file / cms/collect/getArticle in the function CollectController parameter taskUrl does not implement a sufficient validation mechanism to...

FoxCMS SQL Injection Vulnerability

FoxCMS is a PHP-based content management system that provides web content management and publishing functions. A SQL injection vulnerability exists in FoxCMS 1.24 and earlier versions, which originates from the batchCope function in the /app/admin/controller/Images.php file that does not securely...

WordPress Certifica Cross-Site Scripting Vulnerability

Certifica is a certificate generation and management plugin for the WordPress platform. A stored XSS vulnerability exists in Certifica 3.1 and earlier versions, which stems from insufficient input filtering and output escaping of evento parameters. The vulnerability can be exploited to inject a...

WordPress AutoCatSet Cross-Site Request Forgery Vulnerability

AutoCatSet is an automatic post categorization plugin for the WordPress platform. A cross-site request forgery vulnerability exists in AutoCatSet 2.1.4 and earlier versions, which stems from the autocatsetajax function not properly implementing a random number validation mechanism. An attacker ca...

WordPress Evenium plugin cross-site scripting vulnerability

The Evenium plugin is an event management tool for the WordPress platform for creating and integrating Evenium meeting management features. Evenium plugin version 1.3.11 and prior versions suffer from a stored XSS vulnerability that stems from insufficient filtering of shortcode user input...

Google Chrome post-release reuse vulnerability (CNVD-2025-22931)

Google Chrome is a web browser developed by Google, known for being fast, secure and personalized, with support for multi-device synchronization and smart tool integration. Google Chrome suffers from a post-release reuse vulnerability that stems from the presence of post-release reuse in...

DELL PowerProtect Data Manager Path Traversal Vulnerability

DELL PowerProtect Data Manager is a data protection solution from Dell Technologies designed for modern multi-cloud environments, supporting data protection and compliance management for physical, virtual and cloud workloads. A path traversal vulnerability exists in DELL PowerProtect Data Manager...

Tenda F3 goform/setParentControl file buffer overflow vulnerability

Tenda F3 is a 300M wireless router launched on May 15, 2015 by Shenzhen Jixiang Tenda Technology Co. Tenda F3 suffers from a buffer overflow vulnerability, which stems from the goform/setParentControl file failing to properly validate the length size of input data, which can be exploited by an...

IBM Security Verify Information Queue Elevation of Privilege Vulnerability

IBM Security Verify Information Queue is a microservices architecture integration platform that leverages Kafka technology and a publish/subscribe model to integrate data between IBMSecurity products, acting as a cross-product data exchange hub. An elevation of privilege vulnerability exists in I...

IBM Security Verify Information Queue Denial of Service Vulnerability

IBM Security Verify Information Queue is a microservices architecture integration platform that leverages Kafka technology and a publish/subscribe model to integrate data between IBMSecurity products, acting as a cross-product data exchange hub. A denial of service vulnerability exists in IBM...

Tenda F3 goform/setNAT file portList parameter buffer overflow vulnerability

Tenda F3 is a 300M wireless router launched on May 15, 2015 by Shenzhen Jixiang Tenda Technology Co. Tenda F3 suffers from a buffer overflow vulnerability, which stems from the /goform/setNAT file portList parameter failing to properly validate the length size of the input data, which can be...

InstantCMS Code Issues Vulnerabilities

InstantCMS is a free and open source content management system. A security vulnerability exists in InstantCMS 2.17.3 and earlier versions, which stems from the package parameter in the installer function not effectively filtering user input. The vulnerability can be exploited by an attacker to sc...

Dell PowerProtect Data Manager Operating System Command Injection Vulnerability

Dell PowerProtect Data Manager PPDM is a data protection solution from Dell USA. The product supports features such as data backup, virtual machine backup and database protection. A security vulnerability exists in Dell PowerProtect Data Manager versions 19.19 and 19.20, which can be exploited by...

Dell PowerProtect Data Manager OS Command Injection Vulnerability (CNVD-2025-22166)

Dell PowerProtect Data Manager PPDM is a data protection solution from Dell USA. The product supports features such as data backup, virtual machine backup and database protection. An operating system command injection vulnerability exists in Dell PowerProtect Data Manager versions 19.19 and 19.20...

Tenda G3 formDelPortMapping function stack buffer overflow vulnerability

Tenda G3 is a Qos Vpn router from Tenda China. A stack buffer overflow vulnerability exists in the Tenda G3 formDelPortMapping function, which can be exploited by an attacker to cause a denial of service DoS via a specially crafted request...

Microsoft OfficePlus Spoofing Vulnerability

Microsoft Office is an office software suite product of Microsoft Corporation, USA.OfficePLUS is the official Office plug-in from Microsoft. A spoofing vulnerability exists in Microsoft OfficePlus, which can be exploited by attackers to spoof and obtain sensitive information over the network...

Microsoft Office Code Execution Vulnerability (CNVD-2025-26728)

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, and so on. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to...

Microsoft Office Code Execution Vulnerability (CNVD-2025-26726)

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A code execution vulnerability exists in Microsoft Office, which is caused due to improper boundary checkin...

Adobe Experience Manager Input Validation Error Vulnerability (CNVD-C-2025-521942)

Adobe Experience Manager is a content management solution from Adobe designed to help organizations efficiently create, manage and deliver cross-channel content while integrating business solutions to enhance the customer experience. An input validation error vulnerability exists in Adobe...

Microsoft PowerPoint Code Execution Vulnerability (CNVD-2025-26723)

Microsoft PowerPoint is a document presentation tool in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft PowerPoint, which can be exploited by an attacker to execute arbitrary code on a system...

Microsoft Excel Code Execution Vulnerability (CNVD-2025-21397)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

Microsoft Excel Code Execution Vulnerability (CNVD-2025-21396)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

Microsoft Excel Code Execution Vulnerability (CNVD-2025-21391)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which is caused due to incorrect boundary checking. An attacker can exploit the vulnerability to overflow a buffer and execute arbitrary code on t...

Microsoft Excel Code Execution Vulnerability (CNVD-2025-21394)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

Microsoft Excel Code Execution Vulnerability (CNVD-2025-21392)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. Microsoft Excel Code Execution Vulnerability, the vulnerability is caused due to failure to free memory on the heap. An attacker can exploit this vulnerability to execute arbitrary code on the system...

Microsoft Excel Information Disclosure Vulnerability (CNVD-2025-21393)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. An information disclosure vulnerability exists in Microsoft Excel. An attacker could exploit this vulnerability to obtain sensitive information...

Microsoft Excel Code Execution Vulnerability (CNVD-2025-21398)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

Microsoft Excel Code Execution Vulnerability (CNVD-2025-21395)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

Tenda G3 modifyDhcpRule function buffer overflow vulnerability

Tenda G3 is a micro-enterprise all-in-one gateway from Tenda, designed for small and medium-sized businesses to provide an integrated network solution. Tenda G3 has a buffer overflow vulnerability, the vulnerability stems from the bindDhcpIndex parameter in the modifyDhcpRule function fails to...

Siemens SINAMICS G220, SINAMICS S210 and SINAMICS S200 Elevation of Privilege Vulnerability

SINAMICS G220 is a high-performance, single-axis variable-frequency drive from Siemens.SINAMICS S210 is a high-performance, single-axis servo drive from Siemens.SINAMICS S200 is a high-performance, cost-effective, single-axis AC servo drive from Siemens for standard automation applications...

Tenda G3 formIPMacBindModify function stack buffer overflow vulnerability

Tenda G3 is a Qos Vpn router from Tenda China. A stack buffer overflow vulnerability exists in the Tenda G3 formIPMacBindModify function, which can be exploited by an attacker to cause a denial of service DoS via a specially crafted request...

Adobe Dreamweaver Desktop Cross-Site Request Forgery Vulnerability

Adobe Dreamweaver Desktop is a web design and development software from the American company Audobee Adobe. Adobe Dreamweaver Desktop suffers from a cross-site request forgery vulnerability that can be exploited by an attacker to cause arbitrary code to be executed in the current user's environme...

Microsoft Sharepoint Remote Code Execution Vulnerability (CNVD-2025-26724)

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A remote code executi...

UTT 1250GW Buffer Overflow Vulnerability

The UTT 1250GW is an enterprise-grade wireless router from Atech Technology Limited UTT designed for small and medium-sized office environments SOHO, focusing on network performance, stability and management features. The UTT 1250GW suffers from a buffer overflow vulnerability that originates fro...

UTT 1200GW Buffer Overflow Vulnerability

The UTT 1200GW is an enterprise-grade wireless router from Atech Technology UTT designed to meet the networking needs of small to medium-sized businesses or large space office environments. The UTT 1200GW suffers from a buffer overflow vulnerability that originates from the sub4B48F8 function in...

UTT 1200GW Buffer Overflow Vulnerability

The UTT 1200GW is an enterprise-grade wireless router from Atech Technology UTT designed to meet the networking needs of small to medium-sized businesses or large space office environments. The UTT 1200GW suffers from a buffer overflow vulnerability that stems from insufficient boundary validatio...

D-Link DIR-823X Command Injection Vulnerability (CNVD-2025-23471)

The D-Link DIR-823X is a wireless router from China's AUO D-Link. The D-Link DIR-823X suffers from a command injection vulnerability due to a flaw in the sub415028 function in the goform/setsticleases file. An attacker can exploit the vulnerability to execute arbitrary commands on the system...

Tenda G3 formSetDebugCfg function stack buffer overflow vulnerability

Tenda G3 is a Qos Vpn router from Tenda China. A stack buffer overflow vulnerability exists in the Tenda G3 formSetDebugCfg function, which can be exploited by an attacker to cause a denial of service DoS via a specially crafted request...

Tenda AC20 Buffer Overflow Vulnerability

Tenda AC20 is a wireless router product from Tenda. A buffer overflow vulnerability exists in Tenda AC20 16.03.08.12 and earlier versions, which originates from the improper handling of the mac parameter in the strcpy function in the /goform/GetParentControlInfo file. The vulnerability can be...

Tenda W30E werlessAdvancedSet Function Buffer Overflow Vulnerability

Tenda W30E is an enterprise-grade wireless router from Tenda Technology designed for SOHO, small and micro businesses and small stores. The Tenda W30E suffers from a buffer overflow vulnerability that originates from the failure of the countryCode parameter in the werlessAdvancedSet function to...

Fortinet FortiDDoS-F Operating System Command Injection Vulnerability

Fortinet FortiDDoS-F is a distributed denial-of-service protection system from the U.S. company Fiat Fortinet. Fortinet FortiDDoS-F suffers from an operating system command injection vulnerability that stems from improper neutralization of special elements, which can be exploited by an attacker t...

Adobe Experience Manager Input Validation Error Vulnerability (CNVD-2025-21165)

Adobe Experience Manager is a content management solution from Adobe designed to help organizations efficiently create, manage and deliver cross-channel content while integrating business solutions to enhance the customer experience. An input validation error vulnerability exists in Adobe...

Adobe Experience Manager server-side request forgery vulnerability (CNVD-2025-21154)

Adobe Experience Manager is a content management solution from Adobe designed to help organizations efficiently create, manage and deliver cross-channel content while integrating business solutions to enhance the customer experience. A server-side request forgery vulnerability exists in Adobe...

Adobe After Effects Out-of-Bounds Read Vulnerability (CNVD-2025-21150)

Adobe After Effects AE for short is a professional film and television post-effects software launched by Adobe in 1993, support for Windows and MacOS dual-platform, mainly for film and television special effects, motion graphics design and video synthesis. Adobe After Effects has an out-of-bounds...

Adobe After Effects Out-of-Bounds Read Vulnerability

Adobe After Effects AE for short is a professional film and television post-effects software launched by Adobe in 1993, support for Windows and MacOS dual-platform, mainly for film and television special effects, motion graphics design and video synthesis. Adobe After Effects has an out-of-bounds...

Tenda G3 formSetStaticRoute function stack buffer overflow vulnerability

Tenda G3 is a Qos Vpn router from Tenda China. A stack buffer overflow vulnerability exists in the Tenda G3 formSetStaticRoute function, which can be exploited by an attacker to cause a denial of service DoS via a specially crafted request...