Lucene search
+L

131179 matches found

CNVD
CNVD
•added 2025/09/12 12:0 a.m.•5 views

Tenda F3 goform/setWifi file buffer overflow vulnerability

Tenda F3 is a 300M wireless router launched on May 15, 2015 by Shenzhen Jixiang Tenda Technology Co. Tenda F3 suffers from a buffer overflow vulnerability that originates from the goform/setWifi file failing to properly validate the length size of the input data, which can be exploited by an...

5.6CVSS7.3AI score0.00205EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/12 12:0 a.m.•4 views

IBM Security Verify Information Queue Denial of Service Vulnerability

IBM Security Verify Information Queue is a microservices architecture integration platform that leverages Kafka technology and a publish/subscribe model to integrate data between IBMSecurity products, acting as a cross-product data exchange hub. A denial of service vulnerability exists in IBM...

6.5CVSS6.8AI score0.0034EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/12 12:0 a.m.•4 views

Tenda F3 macFilterList Parameter Buffer Overflow Vulnerability

Tenda F3 is a 300M wireless router launched on May 15, 2015 by Shenzhen Jixiang Tenda Technology Co. Tenda F3 suffers from a buffer overflow vulnerability, which stems from the goform/setNAT file macFilterList parameter failing to properly validate the length size of the input data, which can be...

5.6CVSS7.3AI score0.0019EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/12 12:0 a.m.•4 views

Dell PowerProtect Data Manager Log Information Disclosure Vulnerability

Dell PowerProtect Data Manager PPDM is a data protection solution from Dell USA. The product supports features such as data backup, virtual machine backup and database protection. A log information disclosure vulnerability exists in Dell PowerProtect Data Manager versions 19.19 and 19.20, which...

8.8CVSS6.1AI score0.00133EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/12 12:0 a.m.•5 views

Tenda F3 goform/setNAT file portList parameter buffer overflow vulnerability

Tenda F3 is a 300M wireless router launched on May 15, 2015 by Shenzhen Jixiang Tenda Technology Co. Tenda F3 suffers from a buffer overflow vulnerability, which stems from the /goform/setNAT file portList parameter failing to properly validate the length size of the input data, which can be...

5.6CVSS7.3AI score0.0019EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/12 12:0 a.m.•4 views

WordPress Maspik - Ultimate Spam Protection plugin Cross-Site Request Forgery Vulnerability

WordPress Heateor Maspik - Ultimate Spam Protection plugin is an anti-spam plugin designed specifically for WordPress that protects contact forms, comment areas and signup forms from spam through a variety of technical means. The WordPress Maspik - Ultimate Spam Protection plugin suffers from a...

4.3CVSS6.7AI score0.00156EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/12 12:0 a.m.•8 views

JEPaaS Access Control Error Vulnerability

JEPaaS is a low-code rapid development platform for building enterprise-class applications. A security vulnerability exists in JEPaaS 7.2.8, which stems from the doFilterInternal function of the Filter Handler component not properly enforcing access control. The vulnerability can be exploited by ...

6.5CVSS6.6AI score0.00305EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/12 12:0 a.m.•4 views

ChanCMS SQL Injection Vulnerability

ChanCMS is a content management system. ChanCMS 3.3.0 and earlier versions suffer from a SQL injection vulnerability, which originates from the lack of validation of the Search parameter key in the app/modules/api/service/Api.js function against external input SQL statements. An attacker can...

8.8CVSS7AI score0.01195EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/12 12:0 a.m.•9 views

Tenda F3 goform/setQoS file buffer overflow vulnerability

Tenda F3 is a 300M wireless router launched on May 15, 2015 by Shenzhen Jixiang Tenda Technology Co. Tenda F3 suffers from a buffer overflow vulnerability that originates from the QosList parameter of the goform/setQoS file failing to properly validate the length size of the input data, which can...

5.6CVSS7.3AI score0.0019EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/12 12:0 a.m.•3 views

WordPress Duplicate Page and Post plugin SQL Injection Vulnerability

WordPress Duplicate Page and Post plugin is a plugin for quickly duplicating pages or posts, supporting one-click cloning of existing content and saving it to draft, private or public status, for users who need to batch process website content. WordPress Duplicate Page and Post plugin suffers fro...

6.5CVSS7.9AI score0.00278EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•3 views

Adobe Dreamweaver Desktop Cross-Site Request Forgery Vulnerability

Adobe Dreamweaver Desktop is a web design and development software from the American company Audobee Adobe. Adobe Dreamweaver Desktop suffers from a cross-site request forgery vulnerability that can be exploited by an attacker to cause arbitrary code to be executed in the current user's environme...

8.6CVSS7.3AI score0.00166EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•4 views

WordPress AI ChatBot for WordPress plugin cross-site scripting vulnerability

WordPress AI ChatBot for WordPress plugin is an Artificial Intelligence ChatBot plugin designed for WordPress websites, which is mainly used to provide 24/7 automated customer service support, generate leads, collect user information and other features. The WordPress AI ChatBot for WordPress plug...

3.5CVSS5.8AI score0.00241EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•3 views

Adobe Experience Manager server-side request forgery vulnerability (CNVD-2025-21154)

Adobe Experience Manager is a content management solution from Adobe designed to help organizations efficiently create, manage and deliver cross-channel content while integrating business solutions to enhance the customer experience. A server-side request forgery vulnerability exists in Adobe...

6.5CVSS6.3AI score0.01811EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•6 views

Ivanti Endpoint Manager Code Execution Vulnerability (CNVD-2025-21272)

Ivanti Endpoint Manager is a unified endpoint management solution for multiple operating systems such as Windows, macOS, Linux, Chrome OS and supports IoT devices. A code execution vulnerability exists in Ivanti Endpoint Manager that stems from a lack of adequate validation of filenames of upload...

8.8CVSS8.3AI score0.20461EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•6 views

Tenda G3 formSetDebugCfg function stack buffer overflow vulnerability

Tenda G3 is a Qos Vpn router from Tenda China. A stack buffer overflow vulnerability exists in the Tenda G3 formSetDebugCfg function, which can be exploited by an attacker to cause a denial of service DoS via a specially crafted request...

7.5CVSS7.3AI score0.00456EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•4 views

Microsoft Sharepoint Remote Code Execution Vulnerability (CNVD-2025-26724)

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A remote code executi...

8.8CVSS8.3AI score0.18084EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•4 views

Tenda W30E formDeleteMeshNode function buffer overflow vulnerability

Tenda W30E is an enterprise-grade wireless router from Tenda Technology designed for SOHO, small and micro businesses and small stores. The Tenda W30E suffers from a buffer overflow vulnerability that originates from the failure of the String parameter in the formDeleteMeshNode function to...

7.5CVSS7.4AI score0.0037EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•5 views

UTT 1200GW Buffer Overflow Vulnerability

The UTT 1200GW is an enterprise-grade wireless router from Atech Technology UTT designed to meet the networking needs of small to medium-sized businesses or large space office environments. The UTT 1200GW suffers from a buffer overflow vulnerability that stems from insufficient boundary validatio...

9CVSS8.1AI score0.06013EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•5 views

Tenda G3 modifyDhcpRule function buffer overflow vulnerability

Tenda G3 is a micro-enterprise all-in-one gateway from Tenda, designed for small and medium-sized businesses to provide an integrated network solution. Tenda G3 has a buffer overflow vulnerability, the vulnerability stems from the bindDhcpIndex parameter in the modifyDhcpRule function fails to...

7.5CVSS7.4AI score0.00456EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•5 views

TP-LINK AX10 Information Disclosure Vulnerability

The TP-LINK AX10 is a router. The TP-LINK AX10 suffers from an information disclosure vulnerability that is caused by a flaw in the explicit transmission of sensitive information. An attacker can exploit the vulnerability to obtain sensitive information...

7.5CVSS6.2AI score0.00463EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•4 views

Tenda G3 formDelDhcpRule function buffer overflow vulnerability

Tenda G3 is a Qos Vpn router from Tenda China. A buffer overflow vulnerability exists in Tenda G3 v3.0brV15.11.0.17, which originates from the delDhcpIndex parameter in the formDelDhcpRule function that fails to properly validate the length of the input data, and can be exploited by an attacker t...

7.5CVSS8.3AI score0.00456EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•4 views

Microsoft Office Code Execution Vulnerability (CNVD-2025-26728)

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, and so on. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to...

7.8CVSS8.1AI score0.00686EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•3 views

SAP NetWeaver ABAP Platform Cross-Site Scripting Vulnerability

SAP NetWeaver ABAP Platform is an all-in-one technology platform from SAP. SAP NetWeaver ABAP Platform suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to execu...

6.1CVSS6AI score0.00205EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•2 views

UTT 1250GW Buffer Overflow Vulnerability

The UTT 1250GW is an enterprise-grade wireless router from Atech Technology Limited UTT designed for small and medium-sized office environments SOHO, focusing on network performance, stability and management features. The UTT 1250GW suffers from a buffer overflow vulnerability that originates fro...

9CVSS8.2AI score0.00995EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•5 views

Tenda AC20 Buffer Overflow Vulnerability

Tenda AC20 is a wireless router product from Tenda. A buffer overflow vulnerability exists in Tenda AC20 16.03.08.12 and earlier versions, which originates from the improper handling of the mac parameter in the strcpy function in the /goform/GetParentControlInfo file. The vulnerability can be...

9CVSS9.2AI score0.00765EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•2 views

Unspecified Vulnerability in SAP NetWeaver Application Server (CNVD-2025-21159)

SAP NetWeaver Application Server is an application server from SAP, Germany. A security vulnerability in SAP NetWeaver Application Server can be exploited by an attacker to potentially cause sensitive information to be read, modified, or deleted...

9.1CVSS6.7AI score0.00663EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•8 views

UTT 1200GW Buffer Overflow Vulnerability

The UTT 1200GW is an enterprise-grade wireless router from Atech Technology UTT designed to meet the networking needs of small to medium-sized businesses or large space office environments. The UTT 1200GW suffers from a buffer overflow vulnerability that originates from the sub4B48F8 function in...

9CVSS8.2AI score0.00995EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•6 views

Small CRM /profile.php File SQL Injection Vulnerability

Small CRM is a customer relationship management system. Small CRM suffers from an SQL injection vulnerability that stems from the /profile.php file not having a secure filter for the Name parameter. No details of the vulnerability are available at this time...

9.8CVSS7.9AI score0.00384EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•5 views

Tenda G3 formIPMacBindModify function stack buffer overflow vulnerability

Tenda G3 is a Qos Vpn router from Tenda China. A stack buffer overflow vulnerability exists in the Tenda G3 formIPMacBindModify function, which can be exploited by an attacker to cause a denial of service DoS via a specially crafted request...

7.5CVSS7.3AI score0.00456EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•5 views

Adobe Experience Manager Input Validation Error Vulnerability (CNVD-2025-21165)

Adobe Experience Manager is a content management solution from Adobe designed to help organizations efficiently create, manage and deliver cross-channel content while integrating business solutions to enhance the customer experience. An input validation error vulnerability exists in Adobe...

4.9CVSS6.6AI score0.00404EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•5 views

Fortinet FortiDDoS-F Operating System Command Injection Vulnerability

Fortinet FortiDDoS-F is a distributed denial-of-service protection system from the U.S. company Fiat Fortinet. Fortinet FortiDDoS-F suffers from an operating system command injection vulnerability that stems from improper neutralization of special elements, which can be exploited by an attacker t...

6.7CVSS8.2AI score0.00479EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•2 views

Microsoft Office Code Execution Vulnerability (CNVD-2025-26726)

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A code execution vulnerability exists in Microsoft Office, which is caused due to improper boundary checkin...

8.4CVSS8AI score0.00534EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•4 views

Microsoft PowerPoint Code Execution Vulnerability (CNVD-2025-26723)

Microsoft PowerPoint is a document presentation tool in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft PowerPoint, which can be exploited by an attacker to execute arbitrary code on a system...

7.8CVSS8.1AI score0.00558EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•2 views

Adobe Premiere Pro Memory Misreference Vulnerability

Adobe Premiere Pro is a set of non-linear editing video editing software from the American company Audobee Adobe. A memory misreference vulnerability exists in Adobe Premiere Pro, which can be exploited by an attacker to cause arbitrary code to be executed in the current user environment...

7.8CVSS7.2AI score0.00201EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•2 views

Microsoft Graphics Kernel Code Execution Vulnerability

Microsoft Graphics Kernel is a kernel-mode graphics driver subsystem from Microsoft. A code execution vulnerability exists in Microsoft Graphics Kernel, which can be exploited by an attacker to execute arbitrary code on a system...

7.8CVSS8.1AI score0.00393EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•4 views

Tenda G3 getsinglepppuser function buffer overflow vulnerability

Tenda G3 is a micro-enterprise all-in-one gateway from Tenda, designed for small and medium-sized businesses to provide an integrated network solution. Tenda G3 has a buffer overflow vulnerability, the vulnerability stems from the pPppUser parameter in the getsinglepppuser function fails to...

7.5CVSS7.4AI score0.00456EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•3 views

Tenda G3 ipMacBindListStore function buffer overflow vulnerability

Tenda G3 is a micro-enterprise all-in-one gateway from Tenda, designed for small and medium-sized businesses to provide an integrated network solution. Tenda G3 has a buffer overflow vulnerability, the vulnerability stems from the listStr parameter in the ipMacBindListStore function fails to...

7.5CVSS7.4AI score0.00456EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•7 views

Adobe Commerce Security Bypass Vulnerability (CNVD-2025-21417)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce that can be exploited by an attacker to bypass security restrictions...

9.1CVSS6.9AI score0.96742EPSS
Exploits9References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•2 views

Adobe Substance3D Modeler Code Execution Vulnerability

Adobe Substance3D Modeler is a 3D modeling software from the American company Audobee Adobe. A code execution vulnerability exists in Adobe Substance3D Modeler, which is caused due to an integer overflow error. An attacker can exploit this vulnerability to execute code on the system or cause the...

7.8CVSS7.7AI score0.00197EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•6 views

Microsoft Excel Code Execution Vulnerability (CNVD-2025-21391)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which is caused due to incorrect boundary checking. An attacker can exploit the vulnerability to overflow a buffer and execute arbitrary code on t...

7.8CVSS8AI score0.0054EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•4 views

Microsoft Excel Information Disclosure Vulnerability (CNVD-2025-21393)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. An information disclosure vulnerability exists in Microsoft Excel. An attacker could exploit this vulnerability to obtain sensitive information...

5.5CVSS5.7AI score0.00601EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•3 views

Microsoft Excel Code Execution Vulnerability (CNVD-2025-21395)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

7.8CVSS7.8AI score0.0054EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•3 views

Microsoft Excel Code Execution Vulnerability (CNVD-2025-21396)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

7.8CVSS7.8AI score0.0054EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•4 views

Microsoft Excel Code Execution Vulnerability (CNVD-2025-21397)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

7.8CVSS7.8AI score0.0054EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•4 views

Tenda G3 formModifyPppAuthWhiteMac function stack buffer overflow vulnerability

Tenda G3 is a Qos Vpn router from Tenda China. A stack buffer overflow vulnerability exists in the Tenda G3 formModifyPppAuthWhiteMac function, which can be exploited by an attacker to cause a denial of service DoS via a specially crafted request...

7.5CVSS7.3AI score0.0037EPSS
Exploits1References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•5 views

Adobe After Effects Out-of-Bounds Read Vulnerability (CNVD-2025-21151)

Adobe After Effects AE for short is a professional film and television post-effects software launched by Adobe in 1993, support for Windows and MacOS dual-platform, mainly for film and television special effects, motion graphics design and video synthesis. Adobe After Effects has an out-of-bounds...

5.5CVSS6.5AI score0.00203EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•3 views

Microsoft Office Visio Code Execution Vulnerability

Microsoft Office Visio is a U.S. Microsoft Microsoft Office software series responsible for drawing flowcharts and schematic diagrams in the software. A code execution vulnerability exists in Microsoft Office Visio, which is caused due to improper boundary checking. An attacker could exploit the...

7.8CVSS8AI score0.00477EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•2 views

Adobe ColdFusion Path Traversal Vulnerability (CNVD-2025-21409)

Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. Adobe ColdFusion suffers from a path traversal vulnerability that can be exploited by an attacker to...

10CVSS7.4AI score0.19934EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•3 views

Adobe Substance3D Modeler Out-of-Bounds Read Vulnerability (CNVD-2025-21418)

Adobe Substance3D Modeler is a 3D modeling software from the American company Audobee Adobe. An out-of-bounds read vulnerability exists in Adobe Substance3D Modeler, which can be exploited by an attacker to execute code on a system or cause the application to crash...

7.8CVSS7AI score0.00197EPSS
Exploits0References1
CNVD
CNVD
•added 2025/09/11 12:0 a.m.•3 views

Adobe Substance3D Modeler Memory Misreference Vulnerability

Adobe Substance3D Modeler is a 3D modeling software from the American company Audobee Adobe. A code execution vulnerability exists in Adobe Substance3D Modeler, which can be exploited by an attacker to execute arbitrary code in the context of the current user...

7.8CVSS7.8AI score0.00205EPSS
Exploits0References1
Total number of security vulnerabilities131179