130931 matches found
appRain CMF cross-site scripting vulnerability (CNVD-2025-21119)
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input in the /apprain/developer/addons/update/cycle endpoint. An attacker could use this vulnerability to steal a victim's cookie-based authentication...
appRain CMF cross-site scripting vulnerability (CNVD-2025-21118)
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input on the /apprain/developer/addons/update/commonresource endpoint. An attacker could use this vulnerability to steal the victim's cookie-based...
appRain CMF cross-site scripting vulnerability (CNVD-2025-21117)
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input in the /apprain/developer/addons/update/canvasjs endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication...
appRain CMF cross-site scripting vulnerability (CNVD-2025-21116)
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input on the /apprain/developer/addons/update/bootstrap endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication...
appRain CMF cross-site scripting vulnerability (CNVD-2025-21114)
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF, which is caused by improper validation of user input in the /apprain/developer/addons/update/appform endpoint. An attacker could use this vulnerability to steal the victim's cookie-based...
appRain CMF cross-site scripting vulnerability (CNVD-2025-21113)
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input on the /apprain/developer/addons/update/admin endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication...
appRain CMF cross-site scripting vulnerability (CNVD-2025-21112)
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF, which is caused by improper validation of user input by the /apprain/developer/addons/update/ace endpoint. An attacker could use this vulnerability to steal the victim's cookie-based...
appRain CMF cross-site scripting vulnerability (CNVD-2025-21111)
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF, which is caused by improper validation of user input on the /apprain/developer/addons/update/960grid endpoint. An attacker could use this vulnerability to steal the victim's cookie-based...
appRain CMF cross-site scripting vulnerability (CNVD-2025-21110)
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF, which is caused by improper validation of user input in /apprain/appreport/manage/endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication...
appRain CMF cross-site scripting vulnerability (CNVD-2025-21109)
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input in the apprain/admin/managegroup/add/ endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials...
appRain CMF SQL Injection Vulnerability (CNVD-2025-21108)
appRain CMF is a content management framework. appRain CMF suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the data%5BAdmin%5D%5Busername%5D parameter of /apprain/admin/manage/add. An attacker could use this vulnerability t...
appRain CMF cross-site scripting vulnerability (CNVD-2025-20912)
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user-supplied input on the /appain/admin/filemanager endpoint, which can be exploited by an attacker to steal a victim's cookie-based authentication credentials...
appRain CMF cross-site scripting vulnerability (CNVD-2025-20911)
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user-supplied input on the /apvain/admin/config/opts endpoint. The vulnerability can be exploited by an attacker to steal a victim's cookie-based authentication...
appRain CMF Cross-Site Scripting Vulnerability
appRain CMF is a content management framework from appRain Canada. The appRain CMF suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input on the /appain/admin/account/edit endpoint. An attacker could use the vulnerability to steal the victim...
Google Android elevation of privilege vulnerability (CNVD-2025-21369)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to elevate privileges...
Google Android elevation of privilege vulnerability (CNVD-2025-21368)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to elevate privileges...
Google Android elevation of privilege vulnerability (CNVD-2025-23043)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to gain higher privileges on the system...
Google Android elevation of privilege vulnerability (CNVD-2025-23042)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to gain higher privileges on the system...
Google Android Denial of Service Vulnerability (CNVD-2025-23041)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from a denial of service vulnerability that can be exploited by attackers to cause a local denial of service...
Google Android elevation of privilege vulnerability (CNVD-2025-23040)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability caused by a clickjacking/overwriting attack in the maybeShowDialog function in ControlsSettingsDialogManager.kt that results in ControlsSettingsTialog...
Google Android Information Disclosure Vulnerability (CNVD-2025-23045)
Google Android is a Linux-based open source operating system from Google. Google Android has an information disclosure vulnerability that can be exploited by attackers to obtain sensitive information...
Google Android elevation of privilege vulnerability (CNVD-2025-23038)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is caused due to memory corruption after free usage in multiple locations. The vulnerability can be exploited by an attacker to gain elevated...
Google Android Code Execution Vulnerability (CNVD-2025-23036)
Google Android is a Linux-based open source operating system from Google. Google Android has a code execution vulnerability that can be exploited by an attacker to execute arbitrary code on the system...
Google Android elevation of privilege vulnerability (CNVD-2025-23035)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to gain higher privileges on the system...
Google Android elevation of privilege vulnerability (CNVD-2025-23034)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability caused by an out-of-bounds write due to a heap-based buffer overflow in the appendFrom function in Parcel.cpp. An attacker can exploit the vulnerability to...
Google Android Information Disclosure Vulnerability (CNVD-2025-23033)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that is caused by improper input validation in multiple locations. The vulnerability can be exploited by an attacker to obtain sensitive information...
Google Android Code Execution Vulnerability (CNVD-2025-23031)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from a code execution vulnerability that is caused by out-of-bounds access due to incorrect boundary checking in multiple locations. An attacker can exploit the vulnerability to execute arbitrary code...
Google Android Denial of Service Vulnerability (CNVD-2025-23030)
Google Android is a Linux-based open source operating system from Google. A denial of service vulnerability exists in Google Android, which is caused due to incorrect input validation of multiple functions in AppOpsService.java. An attacker can exploit this vulnerability to cause a denial of...
Google Android elevation of privilege vulnerability (CNVD-2025-23026)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that is caused by a logic error in the setDisplayName function in AssociationRequest.java that causes the application to retain the CDM association. An...
Google Chrome Extension Improperly Implemented Vulnerability
Google Chrome is a web browser developed by Google, known for being fast, secure and personalized, with support for multi-device synchronization and smart tool integration. Google Chrome suffers from an Extension Misimplementation vulnerability that stems from an inadequate validation mechanism f...
Google Android Denial of Service Vulnerability
Google Android is a free and open source mobile operating system based on the Linux kernel, developed by Google Inc. and the Open Handset Alliance, and is mainly used for smartphones, tablets and other devices. Google Android suffers from a denial-of-service vulnerability that stems from resource...
Unspecified Vulnerability in Google Android (CNVD-2025-23039)
Google Android is a Linux-based open source operating system from Google. Google Android has a security vulnerability that can be exploited by attackers to cause local elevation of privilege...
appRain CMF Cross-Site Scripting Vulnerability (CNVD-2025-20910)
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user-supplied input on the /appain/admin/config/electrical endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication...
Google Android elevation of privilege vulnerability (CNVD-2025-28659)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to cause a local elevation of privilege...
Google Android Information Disclosure Vulnerability (CNVD-2025-28667)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability due to a logic error in the onCreate function in NotificationAccessConfirmationActivity.java that results in incorrect validation of the Correct Intent...
Unspecified Vulnerability in Google Android (CNVD-2025-26733)
Google Android is a Linux-based open source operating system from Google. Google Android has a security vulnerability that can be exploited by attackers to cause a permanent denial of service...
Google Android Denial of Service Vulnerability (CNVD-2025-23032)
Google Android is a Linux-based open source operating system from Google. A denial of service vulnerability exists in Google Android, which can be exploited by an attacker to cause a persistent local denial of service...
Google Android Missing Privilege Check Vulnerability
Google Android is a free and open source mobile operating system based on the Linux kernel, developed by Google Inc. and the Open Handset Alliance, and is mainly used for smartphones, tablets and other devices. Google Android suffers from a missing privilege check vulnerability, which can be...
Google Android elevation of privilege vulnerability (CNVD-2025-28661)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to cause a local elevation of privilege...
Google Android Elevation of Privilege Vulnerability
Google Android is a free and open source mobile operating system based on the Linux kernel, developed by Google Inc. and the Open Handset Alliance, and is mainly used for smartphones, tablets and other devices. Google Android suffers from an elevation of privilege vulnerability that stems from...
appRain CMF cross-site scripting vulnerability (CNVD-2025-21126)
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input on the /apprain/developer/addons/update/uploadify endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication...
Google Android elevation of privilege vulnerability (CNVD-2025-23025)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is caused by a way to bypass intent security checks due to proxy obfuscation in multiple functions in AppRestrictions Fragment.java. An attacker can...
Unspecified Vulnerability in NVIDIA DOCA
NVIDIA DOCA is a software framework from NVIDIA. NVIDIA DOCA has a security vulnerability that can be exploited by attackers to potentially cause elevation of privilege...
Online Shopping Portal /admin/updateorder.php Cross-Site Scripting Vulnerability
Online Shopping Portal is an online store. Online Shopping Portal suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in /admin/updateorder.php, which can be exploited by an attacker to execute arbitrary web script o...
Google Android elevation of privilege vulnerability (CNVD-2025-24497)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability caused by a logic error in the handlePackagesChanged function in DevicePolicyManagerService.java. An attacker can exploit the vulnerability to gain elevate...
Google Android Denial of Service Vulnerability (CNVD-2025-26881)
Google Android is a Linux-based open source operating system from Google. A denial of service vulnerability exists in Google Android due to a resource exhaustion flaw in multiple functions in AccountManagerService.java. An attacker can exploit this vulnerability to cause a denial of service...
Google Android path traversal vulnerability (CNVD-2025-21374)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from a path traversal vulnerability that can be exploited by an attacker to cause a local denial of service...
Unspecified Vulnerability in NVIDIA BlueField (CNVD-2025-21178)
NVIDIA BlueField is a series of data processing units from NVIDIA. NVIDIA BlueField has a security vulnerability that can be exploited by attackers to potentially cause a denial of service, elevation of privilege, and information disclosure...
Google Android elevation of privilege vulnerability (CNVD-2026-10644)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to a logic error in the Pixel Sim Lock component. An attacker can exploit the vulnerability to elevate privileges...
Google Android elevation of privilege vulnerability (CNVD-2025-26882)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability caused by a logic error in the VerifyNoToverlapInSessions function in apexd.cpp that results in the blocking of security updates via mainline installation...