131179 matches found
WordPress StoreEngine plugin path traversal vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A path traversal vulnerability exists in the WordPress StoreEngine plugin, which stems from a path traversal issue in the filedownload function. An attacker can exploit this...
Ashlar-Vellum Cobalt Out-of-Bounds Write Vulnerability (CNVD-2025-22918)
Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. An out-of-bounds write vulnerability exists in Ashlar-Vellum...
Ashlar-Vellum Cobalt Memory Corruption Vulnerability
Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. A memory corruption vulnerability exists in Ashlar-Vellum Coba...
WordPress Memberlite Shortcodes plugin cross-site scripting vulnerability
WordPress Memberlite Shortcodes plugin is a plugin used to extend the functionality of the theme, mainly used to add additional features to the WordPress theme, such as content display controls, layout tools, etc., while allowing users to use specific features without completely replacing the...
JetBrains TeamCity Credentials Disclosure Vulnerability
JetBrains TeamCity is a Continuous Integration/Continuous Deployment CI/CD tool developed by JetBrains to automate the software build, test, and deployment process with support for multiple programming languages and tools. JetBrains TeamCity suffers from a credential disclosure vulnerability that...
Ashlar-Vellum Graphite Stack Buffer Overflow Vulnerability
Ashlar-Vellum Graphite is a CAD modeling software from Ashlar-Vellum. Ashlar-Vellum Graphite suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute code in the context of the current process...
Ashlar-Vellum Cobalt Out-of-Bounds Read Vulnerability (CNVD-2025-22912)
Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. Ashlar-Vellum Cobalt suffers from an out-of-bounds read...
NVIDIA Triton Inference Server Access Control Error Vulnerability
NVIDIA Triton Inference Server is an open source software from NVIDIA that helps standardize model deployment and deliver fast and scalable AI in production. An access control error vulnerability exists in NVIDIA Triton Inference Server, which can be exploited by attackers to cause memory...
Ashlar-Vellum Cobalt Resource Management Error Vulnerability
Ashlar-Vellum Cobalt is a parameter-based computer-aided design and 3D modeling program from Ashlar-Vellum. Ashlar-Vellum Cobalt suffers from a Resource Management Error vulnerability that originates from not verifying the existence of an object before performing an operation on it. An attacker...
Ashlar-Vellum Cobalt Out-of-Bounds Read Vulnerability (CNVD-2025-22939)
Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. Ashlar-Vellum Cobalt suffers from an out-of-bounds read...
Ashlar-Vellum Cobalt Code Execution Vulnerability
Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. A code execution vulnerability exists in Ashlar-Vellum Cobalt,...
JetBrains TeamCity Competitive Conditions Vulnerability
JetBrains TeamCity is a Continuous Integration/Continuous Deployment CI/CD tool developed by JetBrains to automate the software build, test, and deployment process with support for multiple programming languages and tools. JetBrains TeamCity suffers from a competitive condition vulnerability that...
Ashlar-Vellum Cobalt Type Obfuscation Vulnerability (CNVD-2025-22944)
Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. A type-obfuscation vulnerability exists in Ashlar-Vellum Cobal...
Security Bypass Vulnerability in Multiple Mozilla Products (CNVD-2025-24652)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the U.S.A. Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is email client software that supports the IMAP and POP mail protocols as well as the HTML mail format. A...
Denial of Service Vulnerability in Multiple Apple Products (CNVD-2025-22675)
Apple Safari is a web browser that is the default browser that comes with the Mac OS X and iOS operating systems.Apple iOS is a set of operating systems developed for mobile devices.Apple macOS is a set of specialized operating systems developed specifically for Mac computers.Apple Safari is a we...
Multiple Apple Products Information Disclosure Vulnerability (CNVD-2025-22676)
Apple Safari is a web browser that is the default browser that comes with the Mac OS X and iOS operating systems.Apple iOS is an operating system developed for mobile devices.Apple tvOS is a smart TV operating system. An information disclosure vulnerability exists in a number of Apple products,...
Code execution vulnerability in multiple Mozilla products (CNVD-2025-24651)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the U.S.A. Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is email client software that supports the IMAP and POP mail protocols as well as the HTML mail format. A code...
Apple macOS Tahoe Data Breach Vulnerability
Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...
BMC Control-M Memory Corruption Vulnerability
BMC Control-M is an application from BMC Corporation. Simplifies application and data workflow orchestration locally or as a service. A memory corruption vulnerability exists in BMC Control-M that stems from misconfiguration of SSL/TLS communication, no details of the vulnerability are provided a...
BMC Control-M Stack Buffer Overflow Vulnerability (CNVD-2025-22539)
BMC Control-M is an application from BMC Corporation. Simplifies application and data workflow orchestration locally or as a service. BMC Control-M suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to cause a local elevation of privilege...
Online Library Management System Elevation of Privilege Vulnerability
Online Library Management System is an online library management system. An elevation of privilege vulnerability exists in Online Library Management System, which stems from a mismanagement of privileges in index.php and can be exploited by an attacker to cause an elevation of privilege...
JeeWMS Cross-Site Scripting Vulnerability
JeeWMS is a JAVA-based warehouse management system . A cross-site scripting vulnerability exists in JeeWMS 3.7 and earlier versions, which stems from the lack of effective filtering and escaping of user-supplied data by the logController.do component, and can be exploited by an attacker to disclo...
ZTE T5400 Information Disclosure Vulnerability
The ZTE T5400 is a router from China's ZTE Corporation ZTE. The ZTE T5400 suffers from an information disclosure vulnerability that originates from an improperly configured access control mechanism, which can be exploited by an attacker to cause information disclosure...
Adobe Substance3D Stager Buffer Overflow Vulnerability
Adobe Substance3D Stager is a set and rendering software for 3D scenes from the American company Audobee Adobe. A security vulnerability exists in Adobe Substance3D Stager 3.1.3 and prior versions, which can be exploited by attackers to cause memory exposure and information disclosure...
Out-of-bounds read vulnerability in multiple Apple products (CNVD-2025-22686)
Apple iOS is an operating system developed for mobile devices.Apple tvOS is a smart TV operating system.Apple watchOS is a smart watch operating system.Apple watchOS is a smart watch operating system.Apple watchOS is a smart watch operating system.Apple watchOS is a smart watch operating...
Unspecified vulnerability in Apple macOS Tahoe (CNVD-2025-22390)
Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...
Denial of Service Vulnerability in Multiple Apple Products (CNVD-2025-22679)
Apple Safari is a web browser that is the default browser that comes with the Mac OS X and iOS operating systems. apple iOS is an operating system developed for mobile devices. apple macOS is a specialized operating system developed for Mac computers. Apple macOS is a specialized operating system...
Unspecified Vulnerability in Multiple Apple Products (CNVD-2025-22674)
Apple Safari is a web browser that is the default browser that comes with the Mac OS X and iOS operating systems.Apple iOS is a suite of operating systems developed for mobile devices.Apple iPadOS is a suite of operating systems for the iPad tablet computer. A security vulnerability exists in...
TOTOLINK X6000R sub_417D74 function command injection vulnerability
TOTOLINK X6000R is a wireless router supporting Wi-Fi 6 technology from China's Gion Electronics TOTOLINK, focusing on high concurrent connections and dual-band transmission capabilities. The TOTOLINK X6000R suffers from a command injection vulnerability that stems from the failure to properly...
Apple macOS Tahoe Privilege Mismanagement Vulnerability
Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...
Unspecified Vulnerability in BMC Control-M (CNVD-2025-22540)
BMC Control-M is an application from BMC Corporation. Simplifies application and data workflow orchestration locally or as a service. A security vulnerability exists in BMC Control-M that stems from the default use of the kdb or PKCS12 keystore with a known password, which can be exploited by an...
Apple macOS Tahoe Memory Corruption Vulnerability
Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...
Apple macOS Tahoe Symbolic Link Mishandling Vulnerability
Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...
Mozilla Firefox and Mozilla Thunderbird Security Bypass Vulnerability (CNVD-2025-24639)
Mozilla Firefox is an open source web browser.Mozilla Thunderbird is a set of e-mail client software separate from the Mozilla Application Suite. The software supports IMAP, POP mail protocols and HTML mail format. A security bypass vulnerability exists in Mozilla Firefox and Mozilla Thunderbird,...
Code execution vulnerability in multiple Mozilla products (CNVD-2025-24638)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the U.S.A. Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is email client software that supports the IMAP and POP mail protocols as well as the HTML mail format. A code...
Apple macOS Tahoe Underchecked Vulnerability
Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...
Apple macOS Tahoe Permission Check Insufficiency Vulnerability
Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...
Apple macOS Tahoe Permission Issues Vulnerability
Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...
Apple macOS Tahoe has an unspecified vulnerability
Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...
Apple macOS Tahoe Sandboxing Insufficient Restrictions Vulnerability
Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...
Beauty Parlour Management System admin/all-appointment.php File SQL Injection Vulnerability
Beauty Parlour Management System is an application system. Beauty Parlour Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter delid in the file /admin/all-appointment.php. An attacker can...
Denial of Service Vulnerability in Multiple Apple Products (CNVD-2025-22688)
Apple macOS Sequoia and others are an operating system of the American company Apple. A security vulnerability exists in several Apple products that stems from insufficient authentication and can be exploited by an attacker to cause a denial of service...
Human Resource Integrated System Childs Name Field Cross-Site Scripting Vulnerability
Human Resource Integrated System is a human resource management system. A cross-site scripting vulnerability exists in the Human Resource Integrated System, which stems from an incorrectly filtered input in the Childs Name field and can be exploited by an attacker to cause a cross-site scripting...
Mozilla Focus for iOS Spoofing Vulnerability (CNVD-2025-24634)
Mozilla Focus is a browser for iOS devices from the Mozilla Foundation. Mozilla Focus for iOS suffers from a spoofing vulnerability that is caused by an error in the address bar component. An attacker can exploit the vulnerability to conduct spoofing attacks...
Unspecified vulnerability in Apple macOS Tahoe (CNVD-2025-22385)
Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...
Unspecified Vulnerability in Multiple Apple Products (CNVD-2025-22684)
Apple iOS is an operating system developed for mobile devices.Apple tvOS is an operating system for smart TVs.Apple iPadOS is an operating system for iPad tablets.Apple iOS is an operating system for mobile devices.Apple tvOS is an operating system for smart TVs.Apple tvOS is an operating system...
Unspecified Vulnerability in Multiple Apple Products (CNVD-2025-22685)
Apple watchOS is an operating system for smartwatches.Apple iPadOS is an operating system for iPad tablets.Apple visionOS is an operating system for AR glasses. A security vulnerability exists in several Apple products that stems from a logging issue that can be exploited by an attacker to cause ...
Apple macOS Tahoe sandbox under-limit vulnerability (CNVD-2025-22593)
Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...
Unspecified Vulnerability in Multiple Apple Products (CNVD-2025-22682)
Apple iOS is an operating system developed for mobile devices.Apple watchOS is a smartwatch operating system.Apple macOS is a specialized operating system developed for Mac computers. Several Apple products contain security vulnerabilities that can be exploited by attackers to cause unexpected...
Apple macOS Tahoe Out-of-Bounds Read Vulnerability
Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...