131179 matches found
Tenda AC21 Buffer Overflow Vulnerability (CNVD-2025-30948)
The Tenda AC21 is a wireless router from the Chinese company Tenda. The Tenda AC21 suffers from a buffer overflow vulnerability, which originates from the parameter wpapskcrypto of the function sub45BB10 in the file /goform/WifiExtraSet that fails to correctly validate the length of the input dat...
D-Link DI-7100G Buffer Overflow Vulnerability
D-Link DI-7100G is an Internet Behavior Management router for SMBs, supporting Gigabit network transfer rate some models are labeled as 100 Gigabit, equipped with 4 WAN interfaces and 1 LAN interface, built-in USB2.0 ports, and compliant with IEEE802.11n/g/b wireless standard and IEEE802.3 wired...
Park Ticketing Management System normal-bwdates-reports-details.php file SQL injection vulnerability
Park Ticketing Management System is a park ticketing management system. Park Ticketing Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements in the parameter fromdate in the file normal-bwdates-reports-details.php. A...
Hostel Management System log_email Parameter SQL Injection Vulnerability
Hostel Management System is a hostel management system. Hostel Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter logemail in the file /justines/index.php. An attacker can exploit this...
Park Ticketing Management System foreigner-bwdates-reports-details.php file SQL injection vulnerability
Park Ticketing Management System is a park ticketing management system. Park Ticketing Management System suffers from a SQL injection vulnerability that stems from a lack of validation of the fromdate parameter in the file foreigner-bwdates-reports-details.php against an externally entered SQL...
Online Bidding System weweee.php File SQL Injection Vulnerability
Online Bidding System is an online bidding system. Online Bidding System suffers from a SQL injection vulnerability that originates from insufficient validation of the parameter ID in the file /administrator/weweee.php. An attacker can use this vulnerability to obtain sensitive information from t...
Post-release reuse vulnerability in Google Chrome Dawn
Google Chrome is a web browser developed by Google, known for being fast, secure and personalized, with support for multi-device synchronization and smart tool integration. Google Chrome suffers from a post-release reuse vulnerability that originates from memory reuse after release in Dawn. An...
Google Chrome V8 Type Obfuscation Vulnerability
Google Chrome is a web browser developed by Google, known for being fast, secure and personalized, with support for multi-device synchronization and smart tool integration. Google Chrome suffers from a type obfuscation vulnerability that stems from type obfuscation in V8, which can be exploited b...
Google Chrome Heap Buffer Overflow Vulnerability
Google Chrome is a web browser developed by Google, known for being fast, secure and personalized, with support for multi-device synchronization and smart tool integration. Google Chrome suffers from a heap buffer overflow vulnerability that originates from a heap buffer overflow in ANGLE, which...
Google Chrome WebRTC Post-Release Reuse Vulnerability
Google Chrome is a web browser developed by Google, known for being fast, secure and personalized, with support for multi-device synchronization and smart tool integration. Google Chrome suffers from a post-release reuse vulnerability that originates from post-release reuse in WebRTC, which can b...
D-Link DIR-852 cgibin file command injection vulnerability
D-Link DIR-852 is a dual-band Gigabit wireless router from Youxun Technology, focusing on home networking solutions and supporting Xunlei remote download function. The D-Link DIR-852 suffers from a command injection vulnerability that originates from the parameter ST of the component Simple Servi...
IBM Copy Services Manager Cross-Site Scripting Vulnerability
IBM Copy Services Manager is IBM's data replication management software for simplifying and automating data replication operations in enterprise storage environments. A cross-site scripting vulnerability exists in IBM Copy Services Manager 6.3.13, which stems from insufficient filtering and...
D-Link DIR-825 Buffer Overflow Vulnerability
D-Link DIR-825 is a dual-band wireless router for SMB and SOHO environments from AUO D-Link, supporting 2.4GHz and 5GHz bands at the same time to meet the demand for multi-device HD video transmission. The D-Link DIR-825 suffers from a buffer overflow vulnerability, which originates from the...
Small CRM /create-ticket.php File SQL Injection Vulnerability
Small CRM is a customer relationship management system. Small CRM suffers from a SQL injection vulnerability, which originates from the lack of validation of externally-entered SQL statements in the parameter subject in the file /create-ticket.php. An attacker can exploit this vulnerability to...
D-Link DIR-852 hedwig.cgi File Command Injection Vulnerability
D-Link DIR-852 is a dual-band Gigabit wireless router from Youxun Technology, focusing on home networking solutions and supporting Xunlei remote download function. The D-Link DIR-852 suffers from a command injection vulnerability that stems from the Web Management Interface component...
Online Course Registration my-profile.php File SQL Injection Vulnerability
Online Course Registration is an online course registration system. Online Course Registration suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter cgpa in the file /my-profile.php. An attacker can exploit thi...
IBM Watsonx.data OS Command Injection Vulnerability
IBM Watsonx.data is an open data lake warehouse platform from International Business Machines IBM. An operating system command injection vulnerability exists in IBM Watsonx.data version 2.2 that stems from not properly validating user input and can be exploited by an attacker to cause a privilege...
IBM Watsonx.data Cross-Site Scripting Vulnerability
IBM Watsonx.data is an open data lake warehouse platform from International Business Machines IBM. A cross-site scripting vulnerability exists in IBM Watsonx.data version 2.2, which stems from the application's lack of effective filtering and escaping of user-supplied data, and can be exploited b...
D-Link DIR-645 service parameter command injection vulnerability
D-Link DIR-645 is a Gigabit wireless router launched by D-Link in 2012, designed for home and SMB users. The D-Link DIR-645 suffers from a command injection vulnerability that stems from the parameter service in the file /soap.cgi failing to properly filter constructed command special characters,...
D-Link DIR-823X Command Injection Vulnerability (CNVD-2025-23470)
The D-Link DIR-823X is a wireless router from China's AUO D-Link. The D-Link DIR-823X suffers from a command injection vulnerability that originates from a misuse of the parameters terminaladdr/serverip/serverport in the file /usr/sbin/goahead, which can be exploited by an attacker to cause...
Ashlar-Vellum Cobalt Memory Corruption Vulnerability
Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. A memory corruption vulnerability exists in Ashlar-Vellum Coba...
Ashlar-Vellum Cobalt Out-of-Bounds Read Vulnerability (CNVD-2025-22915)
Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. Ashlar-Vellum Cobalt suffers from an out-of-bounds read...
Ashlar-Vellum Cobalt Out-of-Bounds Write Vulnerability (CNVD-2025-22918)
Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. An out-of-bounds write vulnerability exists in Ashlar-Vellum...
Ashlar-Vellum Cobalt Type Obfuscation Vulnerability (CNVD-2025-23022)
Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. A type confusion vulnerability exists in Ashlar-Vellum Cobalt,...
Ashlar-Vellum Cobalt Type Obfuscation Vulnerability (NVD-C-2025-543225)
Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. Ashlar-Vellum Cobalt suffers from a type confusion vulnerabili...
JetBrains Junie Command Injection Vulnerability
JetBrains Junie is a coding agent of the Czech company JetBrains. JetBrains Junie suffers from a command injection vulnerability that stems from improper command validation, which can be exploited by an attacker to cause code execution...
WordPress Social Media Shortcodes plugin cross-site scripting vulnerability
WordPress Social Media Shortcodes plugin is a shortcode Shortcodes to quickly embed social media features into the WordPress website plugin, mainly used to simplify the implementation of social media sharing, login, comments and other features. A cross-site scripting vulnerability exists in the...
NVIDIA Triton Inference Server Input Validation Error Vulnerability
NVIDIA Triton Inference Server is an open source software from NVIDIA that helps standardize model deployment and deliver fast and scalable AI in production. NVIDIA Triton Inference Server suffers from an input validation error vulnerability that originates from loading a misconfigured model, whi...
Online Discussion Forum search_result.php File SQL Injection Vulnerability
Online Discussion Forum is an online forum. Online Discussion Forum suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Search in the file /admin/adminforum/searchresult.php. An attacker can exploit this...
WordPress Productive Style plugin cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. The WordPress Productive Style plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-suppli...
NVIDIA Triton Inference Server Out-of-Bounds Write Vulnerability
NVIDIA Triton Inference Server is an open source software from NVIDIA that helps standardize model deployment and deliver fast and scalable AI in production. NVIDIA Triton Inference Server suffers from an out-of-bounds write vulnerability that can be exploited by attackers to cause a denial of...
Ashlar-Vellum Cobalt Out-of-Bounds Write Vulnerability
Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. Ashlar-Vellum Cobalt suffers from an out-of-bounds write...
Ashlar-Vellum Cobalt Out-of-Bounds Read Vulnerability
Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. Ashlar-Vellum Cobalt suffers from an out-of-bounds read...
Ashlar-Vellum Cobalt Out-of-Bounds Read Vulnerability (CNVD-2025-22914)
Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. Ashlar-Vellum Cobalt suffers from an out-of-bounds read...
JetBrains TeamCity Path Traversal Vulnerability
JetBrains TeamCity is a Continuous Integration/Continuous Deployment CI/CD tool developed by JetBrains to automate the software build, test, and deployment process with support for multiple programming languages and tools. JetBrains TeamCity suffers from a path traversal vulnerability that stems...
WordPress Quiz Maker plugin SQL Injection Vulnerability
WordPress Quiz Maker plugin is a WordPress plugin for creating online quizzes, exams and questionnaires with multiple question types and customization support. WordPress Quiz Maker plugin suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally...
Ashlar-Vellum Cobalt Type Obfuscation Vulnerability
Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. A type confusion vulnerability exists in Ashlar-Vellum Cobalt,...
WordPress Media Player Addons for Elementor plugin cross-site scripting vulnerability
WordPress Media Player Addons for Elementor plugin is a plugin designed for Elementor page builder, mainly used to extend the media playback functionality. A cross-site scripting vulnerability exists in the WordPress Media Player Addons for Elementor plugin, which stems from insufficient input...
WordPress Catch Dark Mode plugin file inclusion vulnerability
WordPress Catch Dark Mode plugin is an official plugin for enabling dark mode in WordPress websites, offering a wide range of customization options and pre-built theme solutions. The WordPress Catch Dark Mode plugin suffers from a file inclusion vulnerability that stems from a local file inclusio...
WordPress Blocksy Companion Plugin Cross-Site Scripting Vulnerability
WordPress Blocksy Companion Plugin is a plugin designed to enhance the functionality of WordPress themes. WordPress Blocksy Companion Plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which ca...
WordPress Developer Loggers for Simple History plugin file inclusion vulnerability
WordPress Developer Loggers for Simple History plugin is a logging plugin designed for developers, mainly used to record operational changes in the process of website development or maintenance, to help track issues and optimize site functionality. A file inclusion vulnerability exists in the...
Ashlar-Vellum Cobalt Code Execution Vulnerability
Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. A code execution vulnerability exists in Ashlar-Vellum Cobalt,...
NVIDIA Triton Inference Server Access Control Error Vulnerability
NVIDIA Triton Inference Server is an open source software from NVIDIA that helps standardize model deployment and deliver fast and scalable AI in production. An access control error vulnerability exists in NVIDIA Triton Inference Server, which can be exploited by attackers to cause memory...
NVIDIA Triton Inference Server Operating System Command Injection Vulnerability
NVIDIA Triton Inference Server is an open source software from NVIDIA that helps standardize model deployment and deliver fast and scalable AI in production. NVIDIA Triton Inference Server suffers from an operating system command injection vulnerability that stems from the Python backend not...
Ashlar-Vellum Cobalt Out-of-Bounds Read Vulnerability (CNVD-2025-22913)
Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. Ashlar-Vellum Cobalt suffers from an out-of-bounds read...
Ashlar-Vellum Cobalt integer overflow vulnerability (CNVD-2025-22942)
Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. An integer overflow vulnerability exists in Ashlar-Vellum...
Ashlar-Vellum Cobalt Out-of-Bounds Read Vulnerability (CNVD-2025-23023)
Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. Ashlar-Vellum Cobalt suffers from an out-of-bounds read...
WordPress Appointmind plugin cross-site scripting vulnerability
WordPress Appointmind plugin is an online appointment management plugin for WordPress, mainly used to embed the online appointment scheduling feature into posts or sidebars. WordPress Appointmind plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of...
Ashlar-Vellum Cobalt Out-of-Bounds Read Vulnerability (CNVD-2025-22939)
Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. Ashlar-Vellum Cobalt suffers from an out-of-bounds read...
NVIDIA Triton Inference Server Input Validation Error Vulnerability (CNVD-2025-23136)
NVIDIA Triton Inference Server is an open source software from NVIDIA that helps standardize model deployment and deliver fast and scalable AI in production. NVIDIA Triton Inference Server suffers from an input validation error vulnerability that stems from an improper input validation issue in t...